l-*.sh update; r-*.sh add

configs/config-all.sh

@@ -68,11 +68,11 @@ cat $REPO_FILE
 # Проверить устройства можно командой blkid
 # Имя образа будет указано в lable="<ISO-NAME>"
 
-# /dev/sr1 Это [datastore1] _ISO/CentOS-7-x86_64-DVD-1810.iso
 # /dev/sr0 Это [datastore1] _ISO/Additional.iso
+# /dev/sr1 Это [datastore1] _ISO/CentOS-7-x86_64-DVD-1810.iso
 
-mount /dev/sr1 /media/CentOS
-mount /dev/sr0 /media/cdrom
+mount -L "CDROM" /media/cdrom
+mount -L "CentOS 7 x86_64" /media/CentOS
 
 yum install lynx vim net-tools dhclient bash-completion tcpdump curl nfs-utils cifs-utils sshpass bind-utils libcares* -y
 

configs/l-/l-fw.sh

@@ -1,4 +1,4 @@
-HS="/etc/hostsname"
+HS="/etc/hostname"
 rm $HS; touch $HS
 echo "L-FW" >> $HS
 H="/etc/hosts"; rm $H; touch $H
@@ -10,7 +10,7 @@ echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
 iptables -F
 apt-cdrom add
 
-apt install frr iptables-persistent tcpdump bind9 ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils zsh git -y
+apt install frr iptables-persistent tcpdump ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils -y
 
 sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
 SSHC="/etc/ssh/sshd_config"
@@ -20,31 +20,36 @@ echo "AllowUsers ssh_p root ssh_c" >> $SSHC
 iptables -t nat -A POSTROUTING -o ens256 -j MASQUERADE
 iptables -t nat -A PREROUTING -i ens256 -p udp --dport 53 -j DNAT --to-destination 172.16.20.10
 
-systemctl start NetworkManager
+nmcli con del id ens192
+nmcli con del id ens224
+nmcli con del id ens256
+nmcli con del id ens160
+nmcli con del id gre1
 
 nmcli con add con-name ens192 ifname ens192 autoconnect yes type ethernet ip4 "172.16.50.1/30"
 nmcli con mod ens192 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
-nmcli con up ens192 ifname ens192
 nmcli con add con-name ens224 ifname ens224 autoconnect yes type ethernet ip4 "172.16.55.1/30"
 nmcli con mod ens224 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
-nmcli con up ens224 ifname ens224
 nmcli con add con-name ens256 ifname ens256 autoconnect yes type ethernet ip4 "172.16.20.1/24"
 nmcli con mod ens256 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
-nmcli con up ens256 ifname ens256
 nmcli con add con-name ens160 ifname ens160 autoconnect yes type ethernet ip4 "10.10.10.1/24" gw4 10.10.10.10
 nmcli con mod ens160 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
-nmcli con up ens160 ifname ens160
 nmcli con add type ip-tunnel ip-tunnel.mode gre con-name gre1 ifname gre1 autoconnect yes remote 20.20.20.100 local 10.10.10.1
-nmcli con mod gre1 ipv4.method manual +ipv4.addresses 10.5.5.1
+nmcli con mod gre1 ipv4.method manual ip-tunnel.ttl 64 +ipv4.addresses "10.5.5.1/30" 
+
+nmcli con up ens192 ifname ens192
+nmcli con up ens224 ifname ens224
+nmcli con up ens256 ifname ens256
+nmcli con up ens160 ifname ens160
 nmcli con up gre1 ifname gre1
 
 systemctl stop frr; systemctl disable frr;
 sed -ie 's/ospfd=no/ospfd=yes/' /etc/frr/daemons; 
 sed -ie 's/zebra=no/zebra=yes/' /etc/frr/daemons; 
 systemctl start frr; systemctl enable frr;
-vtysh
 
-conf t 
+vtysh
+conf t
 	ip forw
 	router ospf    
 		network 172.16.20.0/24 area 0    
@@ -58,9 +63,8 @@ conf t
 	exit
 write
 exit
-
 useradd ssh_p -p p_hss
 useradd ssh_c -p c_hss
-
+systemctl disable chronyd ; systemctl stop chronyd
 shutdown -r 0
 

configs/l-/l-rtr-a.sh

@@ -1,4 +1,4 @@
-HS="/etc/hostsname"
+HS="/etc/hostname"
 rm $HS; touch $HS
 echo "L-RTR-A" >> $HS
 H="/etc/hosts"; rm $H; touch $H
@@ -10,14 +10,13 @@ echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
 iptables -F 
 apt-cdrom add
 
-apt install frr tcpdump bind9 ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils zsh git -y
+apt install frr tcpdump ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils -y
 
 sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
 SSHC="/etc/ssh/sshd_config"
 cp $SSHC $SSHC.old
 sed -ie 's/#PermitRoot.*/PermitRootLogin yes/' $SSHC
 
-systemctl start NetworkManager
 nmcli con add con-name ens192 ifname ens192 autoconnect yes type ethernet ip4 172.16.50.2/30 gw4 172.16.50.1
 nmcli con mod ens192 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
 nmcli con up ens192 ifname ens192
@@ -29,11 +28,10 @@ systemctl stop frr; systemctl disable frr;
 sed -ie 's/ospfd=no/ospfd=yes/' /etc/frr/daemons; 
 sed -ie 's/zebra=no/zebra=yes/' /etc/frr/daemons; 
 systemctl start frr; systemctl enable frr;
-vtysh
 
-conf t 
-	ip forw
-	router ospf    
+vtysh
+conf t
+	router ospf
 		network 172.16.50.0/30 area 0
 		network 172.16.100.0/24 area 0
 		passive-interface esn224
@@ -50,5 +48,6 @@ rm $DHC; touch $DHC
 echo -e "# /etc/dhcp/dhcpd.conf file\n# L-RTR-A\ndefault-lease-time 600;\nmax-lease-time 7200;\n\nddns-update-style interim;\nupdate-static-leases on;\nzone skill39.wsr. { primary 172.16.20.10; }\nzone 16.172.in-addr.arpa. { primary 172.16.20.10; }\nauthoritative;\n\noption domain-name \"skill39.wsr\";\noption domain-name-servers 172.16.20.10, 192.168.20.10;\n\nsubnet 172.16.50.0 netmask 255.255.255.252 {}\nsubnet 172.16.100.0 netmask 255.255.255.0 {\n\trange 172.16.100.65 172.16.100.75;\n\toption routers 172.16.100.1;\n}\nsubnet 172.16.200.0 netmask 255.255.255.0 {\n\trange 172.16.200.65 172.16.200.75;\n\toption routers 172.16.200.1;\n}\nhost lclib {\n\thardware ethernet 00:0C:29:1D:2C:06;\n\tfixed-address 172.16.200.61;\n}\n" >> $DHC
 systemctl start isc-dhcp-server && systemctl enable isc-dhcp-server
 
+systemctl disable chronyd ; systemctl stop chronyd
 shutdown -r 0
 

configs/l-/l-rtr-b.sh

@@ -1,4 +1,4 @@
-HS="/etc/hostsname"
+HS="/etc/hostname"
 rm $HS; touch $HS
 echo "L-RTR-B" >> $HS
 H="/etc/hosts"; rm $H; touch $H
@@ -10,7 +10,7 @@ echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
 iptables -F 
 apt-cdrom add
 
-apt install frr tcpdump bind9 ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils zsh git -y
+apt install frr tcpdump ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils -y
 
 sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
 SSHC="/etc/ssh/sshd_config"
@@ -29,10 +29,9 @@ systemctl stop frr; systemctl disable frr;
 sed -ie 's/ospfd=no/ospfd=yes/' /etc/frr/daemons; 
 sed -ie 's/zebra=no/zebra=yes/' /etc/frr/daemons; 
 systemctl start frr; systemctl enable frr;
-vtysh
 
-conf t 
-	ip forw
+vtysh
+conf t
 	router ospf    
 		network 172.16.55.0/30 area 0    
 		network 172.16.200.0/24 area 0
@@ -47,5 +46,6 @@ apt install isc-dhcp-relay -y
 # 172.16.50.2
 # ens192 ens224
 
+systemctl disable chronyd ; systemctl stop chronyd
 shutdown -r 0
 

configs/l-/l-srv.sh

@@ -0,0 +1,19 @@
+HS="/etc/hostname"
+rm $HS; touch $HS
+echo "L-SRV" >> $HS
+H="/etc/hosts"; rm $H; touch $H
+echo -e "# ${H} file.\n# Configured by Maxim\n\n" >> $H
+echo -e "# Default values\n127.0.0.1\tlocalhost\n::1\tip6-localhots ip6-loopback\nff02::1\tip6-allnodes\nff02::2\tip6-allrouters\n" >> $H
+echo -e "# Work values\n172.16.20.10\tl-srv l-srv.skill39.wsr\n10.10.10.1\tl-fw l-fw.skill39.wsr\n172.16.50.2\tl-rtr-a l-rtr-a.skill39.wsr\n172.16.55.2\tl-rtr-b l-rtr-b.skill39.wsr\n172.16.200.61\tl-cli-b l-cli-b.skill39.wsr\n20.20.20.5\tout-cli out-cli.skill39.wsr\n20.20.20.100\tr-fw r-fw.skill39.wsr\n192.168.20.10\tr-srv r-srv.skill39.wsr\n192.168.10.2\tr-rtr r-rtr.skill39.wsr\n192.168.100.100\tr-cli r-cli.skill39.wsr">> $H 
+echo -e "10.10.10.10\tisp" >> $H
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+iptables -F 
+apt-cdrom add
+
+apt-get install tcpdump bind9 ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils -y
+
+
+
+systemctl disable chronyd ; systemctl stop chronyd
+shutdown -r 0
+

configs/r-/r-fw.sh

@@ -0,0 +1,74 @@
+HS="/etc/hostname"
+sh -c "rm $HS"; touch $HS
+echo "R-FW" >> $HS
+H="/etc/hosts"; rm $H; touch $H
+echo -e "# ${H} file.\n# Configured by Maxim\n\n" >> $H
+echo -e "# Default values\n127.0.0.1\tlocalhost\n::1\tip6-localhots ip6-loopback\nff02::1\tip6-allnodes\nff02::2\tip6-allrouters\n" >> $H
+echo -e "# Work values\n172.16.20.10\tl-srv l-srv.skill39.wsr\n10.10.10.1\tl-fw l-fw.skill39.wsr\n172.16.50.2\tl-rtr-a l-rtr-a.skill39.wsr\n172.16.55.2\tl-rtr-b l-rtr-b.skill39.wsr\n172.16.200.61\tl-cli-b l-cli-b.skill39.wsr\n20.20.20.5\tout-cli out-cli.skill39.wsr\n20.20.20.100\tr-fw r-fw.skill39.wsr\n192.168.20.10\tr-srv r-srv.skill39.wsr\n192.168.10.2\tr-rtr r-rtr.skill39.wsr\n192.168.100.100\tr-cli r-cli.skill39.wsr">> $H 
+echo -e "20.20.20.10\tisp" >> $H
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+
+setenforce 0
+sed -ie 's/SELINUX=enforcing /SELINUX=permissive/' /etc/selinux/config; 
+systemctl stop firewalld && systemctl disable firewalld
+
+cd /media/; rm -rf *
+mkdir CentOS; mkdir cdrom
+cd /etc/
+mv yum.repos.d/ yum.repos.d-default/; mkdir yum.repos.d
+REPF="/etc/yum.repos.d/CentOS-Media.repo"
+touch $REPF
+echo -e "# ${REPF} file.\n# Configured by Maxim\n\n[c7-media]\nname=CentOS-$releasever - Media\nbaseurl=file:///media/CentOS/\n\t\tfile:///media/cdrom/\ngpgcheck=1\nenabled=1\ngpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7"  >> $REPF
+mount -L "CentOS 7 x86_64" /media/CentOS
+mount -L "CDROM" /media/cdrom
+
+yum install lynx vim net-tools dhclient bash-completion tcpdump curl nfs-utils cifs-utils sshpass bind-utils -y
+
+sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
+SSHC="/etc/ssh/sshd_config"
+cp $SSHC $SSHC.old
+sed -ie 's/#PermitRoot.*/PermitRootLogin yes/' $SSHC
+
+nmcli con del id ens192
+nmcli con del id ens224
+nmcli con del id ens160
+nmcli con del id gre1
+
+nmcli con add con-name ens192 ifname ens192 autoconnect yes type ethernet ip4 "192.168.10.1/30"
+nmcli con mod ens192 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con add con-name ens224 ifname ens224 autoconnect yes type ethernet ip4 "192.168.20.1/30"
+nmcli con mod ens224 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con add con-name ens160 ifname ens160 autoconnect yes type ethernet ip4 "20.20.20.100/24" gw4 20.20.20.10
+nmcli con mod ens160 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con add type ip-tunnel ip-tunnel.mode gre con-name gre1 ifname gre1 autoconnect yes remote 10.10.10.1 local 20.20.20.100
+nmcli con mod gre1 ipv4.method manual +ipv4.addresses "10.5.5.2/30" 
+nmcli con mod gre1 ip-tunnel.ttl 64
+
+nmcli con up ens192 ifname ens192
+nmcli con up ens224 ifname ens224
+nmcli con up ens160 ifname ens160
+nmcli con up gre1 ifname gre1
+
+yum install /media/cdrom/lib* /media/cdrom/frr* -y
+
+systemctl stop frr; systemctl disable frr;
+sed -ie 's/ospfd=no/ospfd=yes/' /etc/frr/daemons; 
+sed -ie 's/zebra=no/zebra=yes/' /etc/frr/daemons; 
+systemctl start frr; systemctl enable frr;
+
+vtysh
+conf t
+	router ospf
+		network 192.168.20.0/24 area 0    
+		network 192.168.10.0/30 area 0    
+		network 10.5.5.0/30 area 0    
+		network 5.5.5.0/27 area 0
+		passive-interface ens160
+		passive-interface ens224
+		exit
+	exit
+write
+exit
+systemctl disable chronyd ; systemctl stop chronyd
+shutdown -r 0
+

configs/r-/r-rtr.sh

@@ -0,0 +1,61 @@
+HS="/etc/hostname"
+sh -c "rm $HS"; touch $HS
+echo "R-RTR" >> $HS
+H="/etc/hosts"; rm $H; touch $H
+echo -e "# ${H} file.\n# Configured by Maxim\n\n" >> $H
+echo -e "# Default values\n127.0.0.1\tlocalhost\n::1\tip6-localhots ip6-loopback\nff02::1\tip6-allnodes\nff02::2\tip6-allrouters\n" >> $H
+echo -e "# Work values\n172.16.20.10\tl-srv l-srv.skill39.wsr\n10.10.10.1\tl-fw l-fw.skill39.wsr\n172.16.50.2\tl-rtr-a l-rtr-a.skill39.wsr\n172.16.55.2\tl-rtr-b l-rtr-b.skill39.wsr\n172.16.200.61\tl-cli-b l-cli-b.skill39.wsr\n20.20.20.5\tout-cli out-cli.skill39.wsr\n20.20.20.100\tr-fw r-fw.skill39.wsr\n192.168.20.10\tr-srv r-srv.skill39.wsr\n192.168.10.2\tr-rtr r-rtr.skill39.wsr\n192.168.100.100\tr-cli r-cli.skill39.wsr">> $H 
+echo -e "20.20.20.10\tisp" >> $H
+echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
+setenforce 0
+sed -ie 's/SELINUX=enforcing /SELINUX=permissive/' /etc/selinux/config; 
+systemctl stop firewalld && systemctl disable firewalld
+
+cd /media/; rm -rf *
+mkdir CentOS; mkdir cdrom
+cd /etc/
+mv yum.repos.d/ yum.repos.d-default/; mkdir yum.repos.d
+REPF="/etc/yum.repos.d/CentOS-Media.repo"
+touch $REPF
+echo -e "# ${REPF} file.\n# Configured by Maxim\n\n[c7-media]\nname=CentOS-$releasever - Media\nbaseurl=file:///media/CentOS/\n\t\tfile:///media/cdrom/\ngpgcheck=1\nenabled=1\ngpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7"  >> $REPF
+mount -L "CentOS 7 x86_64" /media/CentOS
+mount -L "CDROM" /media/cdrom
+
+yum install lynx vim net-tools dhclient bash-completion tcpdump curl nfs-utils cifs-utils sshpass bind-utils -y
+
+sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
+SSHC="/etc/ssh/sshd_config"
+cp $SSHC $SSHC.old
+sed -ie 's/#PermitRoot.*/PermitRootLogin yes/' $SSHC
+
+nmcli con del id ens192
+nmcli con del id ens160
+
+nmcli con add con-name ens160 ifname ens160 autoconnect yes type ethernet ip4 192.168.10.2/30 
+nmcli con mod ens160 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+nmcli con add con-name ens192 ifname ens192 autoconnect yes type ethernet ip4 192.168.100.1/24 gw4 192.168.10.1
+nmcli con mod ens192 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
+
+nmcli con up ens160 ifname ens160
+nmcli con up ens192 ifname ens192
+
+yum install /media/cdrom/lib* /media/cdrom/frr* -y
+
+systemctl stop frr; systemctl disable frr;
+sed -ie 's/ospfd=no/ospfd=yes/' /etc/frr/daemons; 
+sed -ie 's/zebra=no/zebra=yes/' /etc/frr/daemons; 
+systemctl start frr; systemctl enable frr;
+
+vtysh
+conf t
+	router ospf
+		network 192.168.10.0/30 area 0
+		network 192.168.100.0/24 area 0
+		passive-interface ens192
+		exit
+	exit
+write
+exit
+systemctl disable chronyd ; systemctl stop chronyd
+shutdown -r 0
+