diff options
| author | Niklas Yann Wettengel <niyawe@niyawe.de> | 2017-07-14 10:09:35 +0200 |
|---|---|---|
| committer | Niklas Yann Wettengel <niyawe@niyawe.de> | 2017-07-14 10:09:35 +0200 |
| commit | a72158a848349b4d56ace77ff5da78c577cfb968 (patch) | |
| tree | 7cd4b0e01c598ac917c4d59392c89c07258a6506 | |
| parent | 4136cb974eb10abfe03fdeb9f52a40032cbc9b16 (diff) | |
changed routing policy
| -rwxr-xr-x | roles/configure_static_routes/files/ffmyk-iproute.sh | 15 | ||||
| -rw-r--r-- | roles/configure_static_routes/templates/ffmyk-iproute-up.j2 | 15 |
2 files changed, 19 insertions, 11 deletions
diff --git a/roles/configure_static_routes/files/ffmyk-iproute.sh b/roles/configure_static_routes/files/ffmyk-iproute.sh index 2a653e9..13a9dea 100755 --- a/roles/configure_static_routes/files/ffmyk-iproute.sh +++ b/roles/configure_static_routes/files/ffmyk-iproute.sh @@ -1,11 +1,16 @@ #!/bin/bash -#Routingtabelle ffmyk ist per default nicht erreichbar -ip -4 route add unreachable default table ffmyk -ip -6 route add unreachable default table ffmyk +ip -4 rule add to 10.0.0.0/8 type unreachable priority 200 +ip -4 rule add from 10.0.0.0/8 type unreachable priority 200 +ip -4 rule add to 192.168.0.0/16 type unreachable priority 200 +ip -4 rule add from 192.168.0.0/16 type unreachable priority 200 +ip -4 rule add to 172.16.0.0/12 type unreachable priority 200 +ip -4 rule add from 172.16.0.0/12 type unreachable priority 200 +ip -6 rule add from fc00::/7 type unreachable priority 200 +ip -6 rule add to fc00::/7 type unreachable priority 200 #Alles, was mit 0x1 markiert wird gehört zu Tabelle ffmyk -ip -4 rule add from all fwmark 0x1 table ffmyk -ip -6 rule add from all fwmark 0x1 table ffmyk +ip -4 rule add from all fwmark 0x1 table ffmyk priority 10 +ip -6 rule add from all fwmark 0x1 table ffmyk priority 10 #Alles mit Freifunk-IP - woher auch immer - gehört zu Tabelle ffmyk #ip -4 rule add from 10.222.0.0/16 table ffmyk diff --git a/roles/configure_static_routes/templates/ffmyk-iproute-up.j2 b/roles/configure_static_routes/templates/ffmyk-iproute-up.j2 index a8275da..e97f8bc 100644 --- a/roles/configure_static_routes/templates/ffmyk-iproute-up.j2 +++ b/roles/configure_static_routes/templates/ffmyk-iproute-up.j2 @@ -1,11 +1,14 @@ #!/bin/bash -ip -4 rule add iif bat{{ item.name }} table ffmyk -ip -6 rule add iif bat{{ item.name }} table ffmyk -ip -4 rule add from {{ item.net4 }} table ffmyk -ip -6 rule add from {{ item.net6 }} table ffmyk -ip -4 rule add to {{ item.net4 }} table ffmyk -ip -6 rule add to {{ item.net6 }} table ffmyk +ip -4 rule add iif bat{{ item.name }} table ffmyk priority 10 +ip -6 rule add iif bat{{ item.name }} table ffmyk priority 10 +ip -4 rule add from {{ item.net4 }} table ffmyk priority 10 +ip -6 rule add from {{ item.net6 }} table ffmyk priority 10 +ip -4 rule add to {{ item.net4 }} table ffmyk priority 10 +ip -6 rule add to {{ item.net6 }} table ffmyk priority 10 + +ip -4 rule add from all iif bat{{ item.name }} type unreachable priority 200 +ip -6 rule add from all iif bat{{ item.name }} type unreachable priority 200 ip -4 route replace {{item.net4 }} dev bat{{ item.name }} proto static table ffmyk ip -6 route replace {{item.net6 }} dev bat{{ item.name }} proto static table ffmyk |