SantaSpeen/KKEPPraktic2022
1
0
Fork 0
mirror of https://github.com/SantaSpeen/kkep-praktic-2022.git synced 2026-05-20 00:20:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

l-*.sh update; r-*.sh add

Browse Source
This commit is contained in:
Maxim Khomutov
2022-04-20 23:57:02 +03:00
parent d5423b8f4d
commit 37fdf5e568
7 changed files with 184 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
configs/l-/l-fw.sh
+16 -12
View File
@@ -1,4 +1,4 @@
HS="/etc/hostsname"
HS="/etc/hostname"
rm $HS; touch $HS
echo "L-FW" >> $HS
H="/etc/hosts"; rm $H; touch $H
@@ -10,7 +10,7 @@ echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
iptables -F
apt-cdrom add
apt install frr iptables-persistent tcpdump bind9 ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils zsh git -y
apt install frr iptables-persistent tcpdump ssh nfs-common network-manager curl lynx net-tools vim bind9utils cifs-utils -y
sed -ie "s/^hosts:\t*/hosts:\t\tdns files [NOTFOUND=return] # old:/" /etc/nsswitch.conf
SSHC="/etc/ssh/sshd_config"
@@ -20,31 +20,36 @@ echo "AllowUsers ssh_p root ssh_c" >> $SSHC
iptables -t nat -A POSTROUTING -o ens256 -j MASQUERADE
iptables -t nat -A PREROUTING -i ens256 -p udp --dport 53 -j DNAT --to-destination 172.16.20.10
systemctl start NetworkManager
nmcli con del id ens192
nmcli con del id ens224
nmcli con del id ens256
nmcli con del id ens160
nmcli con del id gre1
nmcli con add con-name ens192 ifname ens192 autoconnect yes type ethernet ip4 "172.16.50.1/30"
nmcli con mod ens192 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
nmcli con up ens192 ifname ens192
nmcli con add con-name ens224 ifname ens224 autoconnect yes type ethernet ip4 "172.16.55.1/30"
nmcli con mod ens224 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
nmcli con up ens224 ifname ens224
nmcli con add con-name ens256 ifname ens256 autoconnect yes type ethernet ip4 "172.16.20.1/24"
nmcli con mod ens256 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
nmcli con up ens256 ifname ens256
nmcli con add con-name ens160 ifname ens160 autoconnect yes type ethernet ip4 "10.10.10.1/24" gw4 10.10.10.10
nmcli con mod ens160 +ipv4.dns 172.16.20.10 +ipv4.dns 192.168.20.10 +ipv4.dns-search "skill39.wsr"
nmcli con up ens160 ifname ens160
nmcli con add type ip-tunnel ip-tunnel.mode gre con-name gre1 ifname gre1 autoconnect yes remote 20.20.20.100 local 10.10.10.1
nmcli con mod gre1 ipv4.method manual +ipv4.addresses 10.5.5.1
nmcli con mod gre1 ipv4.method manual ip-tunnel.ttl 64 +ipv4.addresses "10.5.5.1/30"
nmcli con up ens192 ifname ens192
nmcli con up ens224 ifname ens224
nmcli con up ens256 ifname ens256
nmcli con up ens160 ifname ens160
nmcli con up gre1 ifname gre1
systemctl stop frr; systemctl disable frr;
sed -ie 's/ospfd=no/ospfd=yes/' /etc/frr/daemons;
sed -ie 's/zebra=no/zebra=yes/' /etc/frr/daemons;
systemctl start frr; systemctl enable frr;
vtysh
conf t
vtysh
conf t
ip forw
router ospf
network 172.16.20.0/24 area 0
@@ -58,9 +63,8 @@ conf t
exit
write
exit
useradd ssh_p -p p_hss
useradd ssh_c -p c_hss
systemctl disable chronyd ; systemctl stop chronyd
shutdown -r 0