forked from zentralwerk/network
hot-fixes
This commit is contained in:
parent
0b1714119c
commit
bcb2bcbbb8
|
@ -5,9 +5,10 @@ dhcp:
|
|||
time: 7776000
|
||||
max-time: 31536000
|
||||
opts:
|
||||
domain-name: serv.zentralwerk.online
|
||||
#domain-name-servers:
|
||||
routers: 172.20.73.1
|
||||
string-opts:
|
||||
domain-name: serv.zentralwerk.online
|
||||
|
||||
pub:
|
||||
start: 172.20.76.2
|
||||
|
@ -15,8 +16,9 @@ dhcp:
|
|||
time: 300
|
||||
max-time: 3600
|
||||
opts:
|
||||
domain-name: pub.zentralwerk.online
|
||||
routers: 172.20.76.1
|
||||
string-opts:
|
||||
domain-name: pub.zentralwerk.online
|
||||
|
||||
priv1:
|
||||
start: 172.20.74.2
|
||||
|
@ -24,8 +26,9 @@ dhcp:
|
|||
time: 3600
|
||||
max-time: 86400
|
||||
opts:
|
||||
domain-name: priv1.zentralwerk.online
|
||||
routers: 172.20.74.1
|
||||
string-opts:
|
||||
domain-name: priv1.zentralwerk.online
|
||||
|
||||
priv2:
|
||||
start: 172.20.75.2
|
||||
|
@ -33,5 +36,6 @@ dhcp:
|
|||
time: 3600
|
||||
max-time: 86400
|
||||
opts:
|
||||
domain-name: priv2.zentralwerk.online
|
||||
routers: 172.20.75.1
|
||||
string-opts:
|
||||
domain-name: priv2.zentralwerk.online
|
||||
|
|
|
@ -12,6 +12,9 @@ subnet {{ subnet.split('/')[0] }} netmask {{ netmasks[subnet.split('/')[1]] }} {
|
|||
{%- for name, value in conf['opts'].items() %}
|
||||
option {{ name }} {{ value }};
|
||||
{%- endfor %}
|
||||
{%- for name, value in conf['string-opts'].items() %}
|
||||
option {{ name }} "{{ value }}";
|
||||
{%- endfor %}
|
||||
}
|
||||
{%- endif %}
|
||||
{%- endfor %}
|
||||
|
|
|
@ -70,6 +70,8 @@ send "port link-aggregation group {{ group }}\r"
|
|||
expect "]"
|
||||
send "port link-type trunk\r"
|
||||
expect "]"
|
||||
send "port trunk pvid vlan 4094\r"
|
||||
expect "]"
|
||||
{%- for vlan_name in conf['vlans'] %}
|
||||
send "port trunk permit vlan {{ pillar['vlans'][vlan_name] }}\r"
|
||||
expect "]"
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#!/bin/sh
|
||||
|
||||
if [ "$IFACE" = "{{ upstream_iface }}" ]; then
|
||||
iptables -A INPUT -i "$IFACE" -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
iptables -A INPUT -i "$IFACE" -j DROP
|
||||
iptables -P INPUT ACCEPT
|
||||
fi
|
||||
|
|
Loading…
Reference in New Issue