diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2021-08-01 15:48:22 +0200 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2021-08-01 15:48:22 +0200 |
| commit | 59fc9b891a6e3cacb834ca33e39b9c58f4e103d8 (patch) | |
| tree | cc22886b0f59cebed19fdbae931edc490617b128 /inventory/host_vars/ele-tub.yml | |
| parent | reinstall ele-mur (diff) | |
preapre ele-tub
Diffstat (limited to 'inventory/host_vars/ele-tub.yml')
| -rw-r--r-- | inventory/host_vars/ele-tub.yml | 49 |
1 files changed, 31 insertions, 18 deletions
diff --git a/inventory/host_vars/ele-tub.yml b/inventory/host_vars/ele-tub.yml index 4ab8ae70..47c06223 100644 --- a/inventory/host_vars/ele-tub.yml +++ b/inventory/host_vars/ele-tub.yml @@ -46,17 +46,35 @@ openwrt_mixin: /etc/htoprc: file: "{{ global_files_dir }}/common/htoprc" - /etc/rc.local: + /etc/rc.d/S22network-fw: + link: "../init.d/network-fw" + + /etc/rc.d/K92network-fw: + link: "../init.d/network-fw" + + /etc/init.d/network-fw: + mode: "0755" content: | - # Put your custom commands here that should be executed once - # the system init finished. By default this file does nothing. + #!/bin/sh /etc/rc.common + + START=22 + STOP=91 - ip rule add pref 42000 lookup default - ip rule del pref 32767 - ip route add default via {{ network_zones.murat_transfer.prefix | ipaddr(network_zones.murat_transfer.offsets['ele-mur']) | ipaddr('address') }} table 172 - ip rule add pref 33000 from {{ network_zones.funkfeuer.prefix }} lookup 172 + start() { + FF_IF=$(uci get network.ff.ifname) + FFSUBNET_IF=$(uci get network.ffsubnet.ifname) + FFSUBNET_IPADDR=$(uci get network.ffsubnet.ipaddr) + FFSUBNET_NETMASK=$(uci get network.ffsubnet.netmask) - exit 0 + iptables -A FORWARD -i "$FFSUBNET_IF" -o "$FF_IF" -s "$FFSUBNET_IPADDR/$FFSUBNET_IPADDR" -j ACCEPT + iptables -A FORWARD -i "$FF_IF" -o "$FFSUBNET_IF" -d "$FFSUBNET_IPADDR/$FFSUBNET_IPADDR" -j ACCEPT + iptables -P FORWARD DROP + } + + stop() { + iptables -P FORWARD ACCEPT + iptables -F FORWARD + } openwrt_uci: @@ -98,12 +116,14 @@ openwrt_uci: ipaddr: 127.0.0.1 netmask: 255.0.0.0 - - name: interface 'unused' + - name: interface 'mgmt' options: ifname: eth0 - proto: none + proto: static + ipaddr: "{{ network_zones.mgmt.prefix | ipaddr(network_zones.mgmt.offsets[inventory_hostname]) | ipaddr('address') }}" + netmask: "{{ network_zones.mgmt.prefix | ipaddr('netmask') }}" - - name: interface 'uhrturm' + - name: interface 'ffsubnet' options: ifname: eth1 proto: static @@ -118,13 +138,6 @@ openwrt_uci: netmask: 255.255.0.0 dns: "{{ network_zones.funkfeuer.dns }}" - - name: interface 'murattransfer' - options: - ifname: eth2 - proto: static - ipaddr: "{{ network_zones.murat_transfer.prefix | ipaddr(network_zones.murat_transfer.offsets[inventory_hostname]) | ipaddr('address') }}" - netmask: "{{ network_zones.murat_transfer.prefix | ipaddr('netmask') }}" - olsrd: - name: olsrd options: |