# interface definitions
################################
-# external interfaces
-define EXTERNAL_ACE_IF = eth2
-define EXTERNAL_INVITECH_IF = eth1
+# external interface
+define EXTERNAL_IF = eth1
# loopback interface
define LOOPBACK_IF = lo
define LOOPBACK_IPV4 = 127.0.0.1
# public addresses
-define PUBLIC_INVITECH_NET_IPV4 = 213.253.216.160
-define PUBLIC_INVITECH_GW_IPV4 = 213.253.216.161
-define PUBLIC_INVITECH_EFG_IPV4 = 213.253.216.162
-define PUBLIC_INVITECH_MX_IPV4 = 213.253.216.163
-define PUBLIC_INVITECH_NS_IPV4 = 213.253.216.164
-define PUBLIC_INVITECH_STORE_IPV4 = 213.253.216.165
-define PUBLIC_INVITECH_VPN_IPV4 = 213.253.216.166
-define PUBLIC_INVITECH_WS_IPV4 = 213.253.216.167
-define PUBLIC_INVITECH_IPV4_168 = 213.253.216.168
-define PUBLIC_INVITECH_IPV4_169 = 213.253.216.169
-define PUBLIC_INVITECH_IPV4_170 = 213.253.216.170
-define PUBLIC_INVITECH_IPV4_171 = 213.253.216.171
-define PUBLIC_INVITECH_IPV4_172 = 213.253.216.172
-define PUBLIC_INVITECH_ZFDL360E_IPV4 = 213.253.216.173
-define PUBLIC_INVITECH_ZFDL380E_IPV4 = 213.253.216.174
-define PUBLIC_INVITECH_BROADCAST_IPV4 = 213.253.216.175
+define PUBLIC_NET_IPV4 = 213.253.216.160
+define PUBLIC_GW_IPV4 = 213.253.216.161
+define PUBLIC_GW_IPV6 = 2001:1aa1:000a:0000:0000:0000:0000:0001
+define PUBLIC_EFG_IPV4 = 213.253.216.162
+define PUBLIC_EFG_IPV6 = 2001:1aa1:000a:0000:000c:18ff:fe03:d8a2
+define PUBLIC_MX_IPV4 = 213.253.216.163
+define PUBLIC_NS_IPV4 = 213.253.216.164
+define PUBLIC_STORE_IPV4 = 213.253.216.165
+define PUBLIC_VPN_IPV4 = 213.253.216.166
+define PUBLIC_WS_IPV4 = 213.253.216.167
+define PUBLIC_IPV4_168 = 213.253.216.168
+define PUBLIC_IPV4_169 = 213.253.216.169
+define PUBLIC_IPV4_170 = 213.253.216.170
+define PUBLIC_IPV4_171 = 213.253.216.171
+define PUBLIC_IPV4_172 = 213.253.216.172
+define PUBLIC_ZFDL360E_IPV4 = 213.253.216.173
+define PUBLIC_ZFDL380E_IPV4 = 213.253.216.174
+define PUBLIC_BROADCAST_IPV4 = 213.253.216.175
# efg address (perimeter network)
define EFG_PERIMETER_IPV4 = 192.168.173.254
-define EFG_PERIMETER_IPV6 = 2a02:d400:0000:f2ad:000c:18ff:fe03:adfe
+define EFG_PERIMETER_IPV6 = 2001:1aa1:000a:00ad:000c:18ff:fe03:adfe
# transfer web server address (perimeter network)
define XFR_PERIMETER_IPV4 = 192.168.173.251
# perimeter name server address (perimeter network)
define PNS_PERIMETER_IPV4 = 192.168.173.174
-define PNS_PERIMETER_IPV6 = 2a02:d400:0000:f2ad:000c:18ff:fe03:adae
+define PNS_PERIMETER_IPV6 = 2001:1aa1:000a:00ad:000c:18ff:fe03:adae
# external name server address (perimeter network)
define ENS_PERIMETER_IPV4 = 192.168.173.64
-define ENS_PERIMETER_IPV6 = 2a02:d400:0000:f2ad:000c:18ff:fe03:ad40
+define ENS_PERIMETER_IPV6 = 2001:1aa1:000a:00ad:000c:18ff:fe03:ad40
# ifg address (perimeter network)
define IFG_PERIMETER_IPV4 = 192.168.173.1
-define IFG_PERIMETER_IPV6 = 2a02:d400:0000:f2ad:000c:18ff:fe03:ad01
+define IFG_PERIMETER_IPV6 = 2001:1aa1:000a:00ad:000c:18ff:fe03:ad01
# dvredmine address (internal network)
define DVREDMINE_INTERNAL_IPV4 = 10.228.62.193
define SR_IPV4_NET = 192.168.42.0/24
define IN_IPV4_NET = 192.168.43.0/24
define INTERNAL_IPV4_NETS = { $USR_IPV4_NET, $SR_IPV4_NET, $IN_IPV4_NET }
-define INTERNAL_IPV6_NET = 2a02:d400:0000:f268::/64
+define INTERNAL_IPV6_NET = 2001:1aa1:000a:0424::/64
# perimeter network
define PERIMETER_IPV4_NET = 192.168.173.0/24
-define PERIMETER_IPV6_NET = 2a02:d400:0000:f2ad::/64
+define PERIMETER_IPV6_NET = 2001:1aa1:000a:00ad::/64
# vpn client network
define VPN_IPV4_NET = 172.24.232.0/24
################################
add rule ip efg-nat prerouting \
- iifname $EXTERNAL_INVITECH_IF \
- ip daddr $PUBLIC_INVITECH_VPN_IPV4 udp dport $VPN_PORT \
+ iifname $EXTERNAL_IF \
+ ip daddr $PUBLIC_VPN_IPV4 udp dport $VPN_PORT \
counter dnat $VPN_INTERNAL_IPV4 comment "Incoming VPN traffic"
#add rule ip efg-nat prerouting \
-# iifname $EXTERNAL_INVITECH_IF \
-# ip daddr $PUBLIC_INVITECH_MX_IPV4 tcp dport $MX_PORTS \
+# iifname $EXTERNAL_IF \
+# ip daddr $PUBLIC_MX_IPV4 tcp dport $MX_PORTS \
# counter dnat $MX_PERIMETER_IPV4 comment "Incoming MX traffic"
add rule ip efg-nat prerouting \
- iifname $EXTERNAL_INVITECH_IF udp sport 1024-65535 \
- ip daddr $PUBLIC_INVITECH_NS_IPV4 udp dport domain \
+ iifname $EXTERNAL_IF udp sport 1024-65535 \
+ ip daddr $PUBLIC_NS_IPV4 udp dport domain \
counter dnat $ENS_PERIMETER_IPV4 comment "Incoming DNS requests (udp)"
add rule ip efg-nat prerouting \
- iifname $EXTERNAL_INVITECH_IF tcp sport 1024-65535 \
- ip daddr $PUBLIC_INVITECH_NS_IPV4 tcp dport domain \
+ iifname $EXTERNAL_IF tcp sport 1024-65535 \
+ ip daddr $PUBLIC_NS_IPV4 tcp dport domain \
counter dnat $ENS_PERIMETER_IPV4 comment "Incoming DNS requests (tcp)"
add rule ip efg-nat prerouting \
- iifname $EXTERNAL_INVITECH_IF tcp sport 1024-65535 \
- ip daddr $PUBLIC_INVITECH_WS_IPV4 tcp dport { http, https } \
+ iifname $EXTERNAL_IF tcp sport 1024-65535 \
+ ip daddr $PUBLIC_WS_IPV4 tcp dport { http, https } \
counter dnat $WS_PERIMETER_IPV4 comment "Incoming http(s) requests"
# FILTER forward rules
################################
-#add rule ip efg-filter forward \
-# ct state established, related \
-# iifname $EXTERNAL_ACE_IF \
-# oifname $PERIMETER_IF ip daddr $INTERNAL_IPV4_NETS \
-# counter accept comment "Established sessions (ACE)"
#add rule ip6 efg-filter forward \
# ct state established, related \
# iifname $EXTERNAL_ACE_IF \
add rule ip efg-filter forward \
ct state established, related \
- iifname $EXTERNAL_INVITECH_IF \
+ iifname $EXTERNAL_IF \
oifname $PERIMETER_IF ip daddr $INTERNAL_IPV4_NETS \
- counter accept comment "Established sessions (INVITECH)"
+ counter accept comment "Established sessions"
-#add rule ip efg-filter forward \
-# iifname $PERIMETER_IF ip saddr $INTERNAL_IPV4_NETS \
-# oifname $EXTERNAL_ACE_IF \
-# counter accept comment "Internet access (ACE)"
#add rule ip6 efg-filter forward \
# iifname $PERIMETER_IF ip6 saddr $INTERNAL_IPV6_NET \
# oifname $EXTERNAL_ACE_IF \
add rule ip efg-filter forward \
iifname $PERIMETER_IF ip saddr $INTERNAL_IPV4_NETS \
- oifname $EXTERNAL_INVITECH_IF \
- counter accept comment "Internet access (INVITECH)"
-
-#add rule ip efg-filter forward \
-# iifname $EXTERNAL_ACE_IF \
-# oifname $PERIMETER_IF ip daddr $VPN_INTERNAL_IPV4 udp dport $VPN_PORT \
-# counter accept comment "Incoming VPN traffic (ACE)"
+ oifname $EXTERNAL_IF \
+ counter accept comment "Internet access"
add rule ip efg-filter forward \
- iifname $EXTERNAL_INVITECH_IF \
+ iifname $EXTERNAL_IF \
oifname $PERIMETER_IF ip daddr $VPN_INTERNAL_IPV4 udp dport $VPN_PORT \
- counter accept comment "Incoming VPN traffic (INVITECH)"
-
-#add rule ip efg-filter forward \
-# iifname $EXTERNAL_ACE_IF tcp sport 1024-65535 \
-# oifname $PERIMETER_IF ip daddr $WS_PERIMETER_IPV4 tcp dport { http, https } \
-# counter accept comment "Incoming http(s) requests (ACE)"
+ counter accept comment "Incoming VPN traffic"
add rule ip efg-filter forward \
- iifname $EXTERNAL_INVITECH_IF tcp sport 1024-65535 \
+ iifname $EXTERNAL_IF tcp sport 1024-65535 \
oifname $PERIMETER_IF ip daddr $WS_PERIMETER_IPV4 tcp dport { http, https } \
- counter accept comment "Incoming http(s) requests (INVITECH)"
-
-#add rule ip efg-filter forward \
-# ct state established \
-# iifname $PERIMETER_IF ip saddr $WS_PERIMETER_IPV4 tcp sport { http, https } \
-# oifname $EXTERNAL_ACE_IF tcp dport 1024-65535 \
-# counter accept comment "Outgoing http(s) replies (ACE)"
+ counter accept comment "Incoming http(s) requests"
add rule ip efg-filter forward \
ct state established \
iifname $PERIMETER_IF ip saddr $WS_PERIMETER_IPV4 tcp sport { http, https } \
- oifname $EXTERNAL_INVITECH_IF tcp dport 1024-65535 \
- counter accept comment "Outgoing http(s) replies (INVITECH)"
-
-#add rule ip efg-filter forward \
-# iifname $EXTERNAL_ACE_IF udp sport 1024-65535 \
-# oifname $PERIMETER_IF ip daddr $ENS_PERIMETER_IPV4 udp dport domain \
-# counter accept comment "Incoming DNS requests/notifications (udp) (ACE)"
+ oifname $EXTERNAL_IF tcp dport 1024-65535 \
+ counter accept comment "Outgoing http(s) replies"
add rule ip efg-filter forward \
- iifname $EXTERNAL_INVITECH_IF udp sport 1024-65535 \
+ iifname $EXTERNAL_IF udp sport 1024-65535 \
oifname $PERIMETER_IF ip daddr $ENS_PERIMETER_IPV4 udp dport domain \
- counter accept comment "Incoming DNS requests/notifications (udp) (INVITECH)"
-
-#add rule ip efg-filter forward \
-# ct state established, related \
-# iifname $PERIMETER_IF ip saddr $ENS_PERIMETER_IPV4 udp sport domain \
-# oifname $EXTERNAL_ACE_IF udp dport 1024-65535 \
-# counter accept comment "Outgoing DNS replies (udp) (ACE)"
+ counter accept comment "Incoming DNS requests/notifications (udp)"
add rule ip efg-filter forward \
ct state established, related \
iifname $PERIMETER_IF ip saddr $ENS_PERIMETER_IPV4 udp sport domain \
- oifname $EXTERNAL_INVITECH_IF udp dport 1024-65535 \
- counter accept comment "Outgoing DNS replies (udp) (INVITECH)"
-
-#add rule ip efg-filter forward \
-# iifname $EXTERNAL_ACE_IF tcp sport 1024-65535 \
-# oifname $PERIMETER_IF ip daddr $ENS_PERIMETER_IPV4 tcp dport domain \
-# counter accept comment "Incoming DNS requests (tcp) (ACE)"
+ oifname $EXTERNAL_IF udp dport 1024-65535 \
+ counter accept comment "Outgoing DNS replies (udp)"
add rule ip efg-filter forward \
- iifname $EXTERNAL_INVITECH_IF tcp sport 1024-65535 \
+ iifname $EXTERNAL_IF tcp sport 1024-65535 \
oifname $PERIMETER_IF ip daddr $ENS_PERIMETER_IPV4 tcp dport domain \
- counter accept comment "Incoming DNS requests (tcp) (INVITECH)"
-
-#add rule ip efg-filter forward \
-# ct state established, related \
-# iifname $PERIMETER_IF ip saddr $ENS_PERIMETER_IPV4 tcp sport domain \
-# oifname $EXTERNAL_ACE_IF tcp dport 1024-65535 \
-# counter accept comment "Outgoing DNS replies (tcp) (ACE)"
+ counter accept comment "Incoming DNS requests (tcp)"
add rule ip efg-filter forward \
ct state established, related \
iifname $PERIMETER_IF ip saddr $ENS_PERIMETER_IPV4 tcp sport domain \
- oifname $EXTERNAL_INVITECH_IF tcp dport 1024-65535 \
- counter accept comment "Outgoing DNS replies (tcp) (INVITECH)"
-
-#add rule ip efg-filter forward \
-# iifname $PERIMETER_IF ip saddr { $ENS_PERIMETER_IPV4, $PNS_PERIMETER_IPV4 } udp sport 1024-65535 \
-# oifname $EXTERNAL_ACE_IF udp dport domain \
-# counter accept comment "Outgoing DNS requests/notifications (udp) (ACE)"
+ oifname $EXTERNAL_IF tcp dport 1024-65535 \
+ counter accept comment "Outgoing DNS replies (tcp)"
add rule ip efg-filter forward \
iifname $PERIMETER_IF ip saddr { $ENS_PERIMETER_IPV4, $PNS_PERIMETER_IPV4 } udp sport 1024-65535 \
- oifname $EXTERNAL_INVITECH_IF udp dport domain \
- counter accept comment "Outgoing DNS requests/notifications (udp) (INVITECH)"
-
-#add rule ip efg-filter forward \
-# ct state established, related \
-# iifname $EXTERNAL_ACE_IF udp sport domain \
-# oifname $PERIMETER_IF ip daddr { $ENS_PERIMETER_IPV4, $PNS_PERIMETER_IPV4 } udp dport 1024-65535 \
-# counter accept comment "Incoming DNS replies (udp) (ACE)"
+ oifname $EXTERNAL_IF udp dport domain \
+ counter accept comment "Outgoing DNS requests/notifications (udp)"
add rule ip efg-filter forward \
ct state established, related \
- iifname $EXTERNAL_INVITECH_IF udp sport domain \
+ iifname $EXTERNAL_IF udp sport domain \
oifname $PERIMETER_IF ip daddr { $ENS_PERIMETER_IPV4, $PNS_PERIMETER_IPV4 } udp dport 1024-65535 \
- counter accept comment "Incoming DNS replies (udp) (INVITECH)"
-
-#add rule ip efg-filter forward \
-# iifname $PERIMETER_IF ip saddr { $ENS_PERIMETER_IPV4, $PNS_PERIMETER_IPV4 } tcp sport 1024-65535 \
-# oifname $EXTERNAL_ACE_IF tcp dport domain \
-# counter accept comment "Outgoing DNS requests (tcp) (ACE)"
+ counter accept comment "Incoming DNS replies (udp)"
add rule ip efg-filter forward \
iifname $PERIMETER_IF ip saddr { $ENS_PERIMETER_IPV4, $PNS_PERIMETER_IPV4 } tcp sport 1024-65535 \
- oifname $EXTERNAL_INVITECH_IF tcp dport domain \
- counter accept comment "Outgoing DNS requests (tcp) (INVITECH)"
-
-#add rule ip efg-filter forward \
-# ct state established, related \
-# iifname $EXTERNAL_ACE_IF tcp sport domain \
-# oifname $PERIMETER_IF ip daddr { $ENS_PERIMETER_IPV4, $PNS_PERIMETER_IPV4 } tcp dport 1024-65535 \
-# counter accept comment "Incoming DNS replies (tcp) (ACE)"
+ oifname $EXTERNAL_IF tcp dport domain \
+ counter accept comment "Outgoing DNS requests (tcp)"
add rule ip efg-filter forward \
ct state established, related \
- iifname $EXTERNAL_INVITECH_IF tcp sport domain \
+ iifname $EXTERNAL_IF tcp sport domain \
oifname $PERIMETER_IF ip daddr { $ENS_PERIMETER_IPV4, $PNS_PERIMETER_IPV4 } tcp dport 1024-65535 \
- counter accept comment "Incoming DNS replies (tcp) (INVITECH)"
+ counter accept comment "Incoming DNS replies (tcp)"
add rule ip efg-filter forward \
ip protocol icmp \
################################
add rule ip efg-nat postrouting \
- oifname $EXTERNAL_INVITECH_IF ip saddr $VPN_INTERNAL_IPV4 \
- counter snat $PUBLIC_INVITECH_VPN_IPV4 comment "Outgoing VPN traffic"
-
-#add rule ip efg-nat postrouting \
-# oifname $EXTERNAL_ACE_IF ip saddr $INTERNAL_IPV4_NETS \
-# counter snat $PUBLIC_ACE_EFG_IPV4 comment "Outgoing internal traffic"
+ oifname $EXTERNAL_IF ip saddr $VPN_INTERNAL_IPV4 \
+ counter snat $PUBLIC_VPN_IPV4 comment "Outgoing VPN traffic"
add rule ip efg-nat postrouting \
- oifname $EXTERNAL_INVITECH_IF ip saddr $INTERNAL_IPV4_NETS \
- counter snat $PUBLIC_INVITECH_EFG_IPV4 comment "Outgoing internal traffic (INVITECH)"
+ oifname $EXTERNAL_IF ip saddr $INTERNAL_IPV4_NETS \
+ counter snat $PUBLIC_EFG_IPV4 comment "Outgoing internal traffic"
#add rule ip efg-nat postrouting \
-# oifname $EXTERNAL_ACE_IF ip saddr $MX_PERIMETER_IPV4 \
-# counter snat $PUBLIC_INVITECH_MX_IPV4 comment "Outgoing MX traffic"
+# oifname $EXTERNAL_IF ip saddr $MX_PERIMETER_IPV4 \
+# counter snat $PUBLIC_MX_IPV4 comment "Outgoing MX traffic"
add rule ip efg-nat postrouting \
- oifname $EXTERNAL_INVITECH_IF ip saddr $ENS_PERIMETER_IPV4 \
- counter snat $PUBLIC_INVITECH_NS_IPV4 comment "Outgoing external DNS traffic"
+ oifname $EXTERNAL_IF ip saddr $ENS_PERIMETER_IPV4 \
+ counter snat $PUBLIC_NS_IPV4 comment "Outgoing external DNS traffic"
add rule ip efg-nat postrouting \
- oifname $EXTERNAL_INVITECH_IF ip saddr $PNS_PERIMETER_IPV4 \
- counter snat $PUBLIC_INVITECH_EFG_IPV4 comment "Outgoing perimeter DNS traffic"
+ oifname $EXTERNAL_IF ip saddr $PNS_PERIMETER_IPV4 \
+ counter snat $PUBLIC_EFG_IPV4 comment "Outgoing perimeter DNS traffic"
add rule ip efg-nat postrouting \
- oifname $EXTERNAL_INVITECH_IF ip saddr $WS_PERIMETER_IPV4 \
- counter snat $PUBLIC_INVITECH_WS_IPV4 comment "Outgoing WS traffic"
+ oifname $EXTERNAL_IF ip saddr $WS_PERIMETER_IPV4 \
+ counter snat $PUBLIC_WS_IPV4 comment "Outgoing WS traffic"
sleep 1
systemctl --quiet is-active NetworkManager.service
NM_RC=$?
-WAITED=0
+CYCLES_WAITED=0
while [ $NM_RC -ne 0 ]
do
+ if [ $CYCLES_WAITED -ge 10 ]
+ then
+ exit 1
+ fi
+ if [ $CYCLES_WAITED -eq 0 ]
+ then
+ echo -n "Waiting for NetworkManager"
+ fi
echo -n .
sleep 1
- WAITED=1
+ CYCLES_WAITED=$(( $CYCLES_WAITED + 1 ))
systemctl --quiet is-active NetworkManager.service
NM_RC=$?
done
-[ $WAITED -eq 1 ] && echo
+[ $CYCLES_WAITED -gt 0 ] && echo
-CONNECTION_DEVICES_UP=$(nmcli --terse connection show | grep -v ':$' | wc -l)
-while [ $CONNECTION_DEVICES_UP -lt 2 ]
+# wait for the three network connections to come up
+CONNECTION_DEVICES_UP=$(nmcli --terse connection show \
+ | grep --invert-match ':$' | wc -l)
+CYCLES_WAITED=0
+while [ $CONNECTION_DEVICES_UP -lt 3 ]
do
+ if [ $CYCLES_WAITED -ge 10 ]
+ then
+ nmcli connection show
+ exit 1
+ fi
+ if [ $CYCLES_WAITED -eq 0 ]
+ then
+ echo -n "Waiting for the network connections"
+ fi
+ echo -n .
sleep 1
- nmcli --terse connection show
- CONNECTION_DEVICES_UP=$(nmcli --terse connection show | grep -v ':$' | wc -l)
+ CYCLES_WAITED=$(( $CYCLES_WAITED + 1 ))
+ CONNECTION_DEVICES_UP=$(nmcli --terse connection show \
+ | grep --invert-match ':$' | wc -l)
done
-
-#EXTERNAL_ACE_DEVICE=eth2
-EXTERNAL_INVITECH_DEVICE=eth1
-PERIMETER_DEVICE=eth0
+[ $CYCLES_WAITED -gt 0 ] && echo
CONNECTIONS=$(nmcli --terse connection show | wc -l)
-while [ $CONNECTIONS -gt 0 ]
-do
- CONNECTION_LINE=$(nmcli --terse connection show | head -n 1)
- CONNECTION_UUID=$(echo $CONNECTION_LINE | cut -f 2 -d ':')
- nmcli connection delete uuid "$CONNECTION_UUID"
- CONNECTIONS=$(nmcli --terse connection show | wc -l)
-done
+if [ $CONNECTIONS -ne 3 ]
+then
+ echo "Number of connections: $CONNECTIONS instead of 3" >&2
+ exit 1
+fi
-nmcli connection show
+CONNECTION_LINE_PM=$(nmcli --terse connection show | grep ':eth0$')
+CONNECTION_LINE_EX=$(nmcli --terse connection show | grep ':eth1$')
+CONNECTION_UUID_PM=$(echo $CONNECTION_LINE_PM | cut -f 2 -d ':')
+CONNECTION_DEVICE_PM=$(echo $CONNECTION_LINE_PM | cut -f 4 -d ':')
+CONNECTION_UUID_EX=$(echo $CONNECTION_LINE_EX | cut -f 2 -d ':')
+CONNECTION_DEVICE_EX=$(echo $CONNECTION_LINE_EX | cut -f 4 -d ':')
+
+nmcli connection delete uuid "$CONNECTION_UUID_PM"
+nmcli connection delete uuid "$CONNECTION_UUID_EX"
-# ipv6.addresses "2a02:d400:0000:f2ad:000c:18ff:fe03:adfe/64" \
-# ipv6.dns "2a02:d400:0000:f2ad:000c:18ff:fe03:adae" \
-# ipv6.dns-search "pm.useribm.hu" \
-# ipv6.method "manual" \
-# ipv6.routes "2a02:d400:0000:f268::/64 2a02:d400:0000:f2ad:000c:18ff:fe03:ad01" \
nmcli connection add \
connection.autoconnect yes \
connection.id perimeter \
- connection.interface-name $PERIMETER_DEVICE \
+ connection.interface-name $CONNECTION_DEVICE_PM \
connection.type 802-3-ethernet \
ipv4.addresses "192.168.173.254/24" \
ipv4.dns "192.168.173.174" \
ipv4.dns-search "pm.user.hu" \
ipv4.method "manual" \
ipv4.routes "10.228.0.0/16 192.168.173.1, 192.168.42.0/24 192.168.173.1, 192.168.43.0/24 192.168.173.1" \
- ipv6.method "disabled" \
+ ipv6.addresses "2001:1aa1:000a:00ad:000c:18ff:fe03:adfe/64" \
+ ipv6.dns "2001:1aa1:000a:00ad:000c:18ff:fe03:adae" \
+ ipv6.dns-search "pm.useribm.hu" \
+ ipv6.method "manual" \
+ ipv6.routes "2001:1aa1:000a:0424::/64 2001:1aa1:000a:00ad:000c:18ff:fe03:ad01" \
save yes
-nmcli connection show
-
nmcli connection add \
connection.autoconnect yes \
connection.id invitech \
- connection.interface-name $EXTERNAL_INVITECH_DEVICE \
+ connection.interface-name $CONNECTION_DEVICE_EX \
connection.type 802-3-ethernet \
ipv4.addresses "213.253.216.162/28, 213.253.216.163/28, 213.253.216.164/28, 213.253.216.166/28, 213.253.216.167/28" \
ipv4.gateway "213.253.216.161" \
ipv4.method "manual" \
ipv4.route-metric 100 \
- ipv6.method "disabled" \
+ ipv6.addresses "2001:1aa1:000a:0000:000c:18ff:fe03:d8a2/64" \
+ ipv6.gateway "2001:1aa1:000a::1" \
+ ipv6.method "manual" \
+ ipv6.route-metric 100 \
save yes
nmcli connection show
-#nmcli connection add \
-# connection.autoconnect yes \
-# connection.id ace \
-# connection.interface-name $EXTERNAL_ACE_DEVICE \
-# connection.type 802-3-ethernet \
-# ipv4.addresses "1.2.3.4/31" \
-# ipv4.gateway "1.2.3.5" \
-# ipv4.method "manual" \
-# ipv4.route-metric 100 \
-# ipv4.route-table 30 \
-# ipv4.routes "10.228.0.0/16 192.168.173.1, 192.168.42.0/24 192.168.173.1, 192.168.43.0/24 192.168.173.1" \
-# ipv6.addresses "2a02:d400:0000:f200:000c:18ff:fe03:8961/64" \
-# ipv6.gateway "2a02:d400:0000:f200::1" \
-# ipv6.method "manual" \
-# ipv6.route-metric 100 \
-# save yes
-# # ace telekom -> at (1 * 10 + 20)
-
-#nmcli connection show
+hostnamectl hostname efg.pm.useribm.hu
+hostnamectl
#echo "@reboot root /usr/local/bin/setuprouting.sh" >>/etc/crontab
#/usr/local/bin/setuprouting.sh
https://git.useribm.hu / user-lxc.git / commitdiff