Astro
9cebfaa70e
salt/wireguard: fix service name
2018-05-17 16:07:45 +02:00
Astro
e46894a6ba
salt/wireguard/wireguard.conf: use no DNS conf
...
this requires pkg `resolvconf'
2018-05-17 16:07:33 +02:00
Astro
7df354439d
salt/vpn/openvpn.conf: remove obsolete tun-ipv6
2018-05-17 16:04:13 +02:00
Astro
8dd79aaffe
salt/wireguard/wireguard.service: fix /etc path
2018-05-17 15:44:36 +02:00
Astro
6771506162
salt/wireguard: fix service name
2018-05-17 15:44:26 +02:00
Astro
30e72b2e72
salt/wireguard: fix .service file name
2018-05-17 15:43:15 +02:00
Astro
390607873f
salt/wireguard/wireguard.service: fix wg-quick paths
2018-05-17 15:32:37 +02:00
Astro
2a59f2cab2
salt/wireguard: replace /etc path
2018-05-17 15:29:49 +02:00
Astro
2092b2ae26
add salt/wireguard/wireguard.conf
2018-05-17 15:28:36 +02:00
Astro
f0abcb522d
prepare switching anon1 from openvpn to wireguard
2018-05-17 15:16:49 +02:00
Astro
ea35ec41d0
unbound: update dn42-zones forward-addr
2018-05-15 21:56:34 +02:00
acc4995197
give lxc containers more memory to reduce oom killings
2018-05-03 22:09:48 +02:00
Astro
562fe53936
cpe: prepare TL-Archer-C7v4 switching config
2018-04-24 21:17:59 +02:00
Astro
2a730e81c9
upstream.iptables: default to accept icmp
2018-04-15 20:42:55 +02:00
Astro
e8d76ced00
fix upstream/ipv6-tunnel-update.sh
2018-04-15 20:41:09 +02:00
Astro
14c60093cb
upstream.ipv6-tunnel: fix ipv6-tunnel-update.sh for upstream2
2018-04-14 23:51:56 +02:00
Eri -
5ef733a0d7
forgot closing "
2018-04-14 22:51:25 +02:00
Eri -
4ec750f083
different ifname prefixes for nightly
...
related to issue #39
2018-04-14 22:41:59 +02:00
Astro
bf6f4ae912
upstream.ipv6-tunnel: add ipv6-tunnel-update.sh for upstream2
2018-04-14 22:32:06 +02:00
Astro
483ae6fc9a
firewall/priv-stateful: fix rules
2018-04-14 21:50:38 +02:00
Astro
7b46fa12f1
firewall.priv-stateful: fix sh syntax
2018-04-14 21:49:28 +02:00
Astro
b75dc44dcf
add firewall.priv-stateful for priv13-gw
2018-04-14 21:43:27 +02:00
Astro
13c6405b86
upstream, mgmt-gw: ip{,6}tables -i lo -j ACCEPT
2018-01-20 18:43:19 +01:00
Astro
44861a4ba6
unbound: forward with DNS Over TLS
2018-01-20 17:49:15 +01:00
Astro
ed82a45730
unbound: forward to 9.9.9.9
2018-01-20 17:43:20 +01:00
Astro
8f63e23f1c
lxc-containers/config: fix gw6
2017-12-11 00:38:15 +01:00
Astro
d9d6c8cff0
Revert "apply mgmt-gw's firewall via lxc-hook"
...
This reverts commit 2f202d7b2f
2017-12-11 00:36:10 +01:00
Astro
7137841c96
Revert "unbound: enable forwarding to freenom.world caches"
...
This reverts commit 956c71944b
2017-11-16 17:55:36 +01:00
Astro
73b7339ac9
/etc/network/if-{pre-,}up.d/*: export PATH
2017-11-12 00:33:29 +01:00
Astro
885510e633
commit recent changes
2017-10-07 18:39:01 +02:00
Astro
372a0effd0
bird6.conf: export bgp into ospf
2017-10-03 16:44:27 +02:00
Astro
3dd3bb028b
bond-slaves: hot-fix
2017-07-18 20:17:48 +02:00
Astro
02e8b3948a
cpe: fix radius auth_secret
2017-07-13 01:24:07 +02:00
Eri -
869bfc6c56
due to required auth_server_secret
2017-07-13 01:09:53 +02:00
Astro
b7014a7018
cpe: start radio/iface numbering at 0
2017-07-13 01:08:00 +02:00
Astro
a1a247f254
cpe: fix ifnum with this one weird trick
2017-07-13 01:03:31 +02:00
Astro
9628f7d370
cpe: fix jinja syntax
2017-07-13 00:53:59 +02:00
Astro
5b6f90e4be
cpe: discriminate wifi ifnames with -eap suffix
2017-07-13 00:41:21 +02:00
Astro
87d042e102
firewall.mgmt-gw: permit radius.hq.c3d2.de
2017-07-13 00:23:59 +02:00
Eri -
2361978c55
configurable server and port
2017-07-03 23:34:45 +02:00
Eri -
131fc9c73c
noauth eap with radius.hq.c3d2
...
so a network proofs its validity to the subscriber
2017-06-24 05:09:56 +02:00
07b838a4da
Merge branch 'master' of https://github.com/zentralwerk/network
2017-05-29 19:47:45 +02:00
2f202d7b2f
apply mgmt-gw's firewall via lxc-hook
2017-05-29 19:46:45 +02:00
Astro
d52e9e6fe7
ipv6-tunnel: migrate to systemd-networkd
2017-05-18 23:52:24 +02:00
Astro
96c9a2d2f9
ipv6-tunnel: add ifupdown pkg dependency
2017-05-17 01:09:34 +02:00
Astro
5365eb116e
prepare ipv6-tunnel with he.net for upstream2
2017-05-17 01:07:06 +02:00
Astro
35da64f481
cpe: implement TL-WR740N, prepare ap22
2017-05-11 21:05:04 +02:00
Astro
0ca4e03a69
collectd: add network downstream
2017-03-28 17:31:37 +02:00
Astro
9fc6caec0d
cpe: stop dnsmasq+uhttpd on aps
2017-03-28 17:30:05 +02:00
Astro
ee98af9fa8
cpe: sensible wifi ifname in wifi-on-link.sh
2017-03-28 16:52:42 +02:00
Astro
08b1a1dd17
cpe: try configuring sensible wifi ifnames
...
fixes GH issue #32
2017-03-28 16:51:13 +02:00
Astro
163f1a57f9
cpe, switches: replace ap18 with ap21
2017-03-28 16:38:23 +02:00
Astro
82144147e8
switches/HP-procurve-2824: split bond/trunk configuration
2017-03-18 23:31:11 +01:00
Astro
956c71944b
unbound: enable forwarding to freenom.world caches
2017-03-13 22:35:59 +01:00
Astro
3ed2225040
bind: pin dyn-domain.zone serial to 1
2017-03-13 01:28:31 +01:00
Astro
a0eebbdc67
bind: fix root-domain.zone
2017-03-12 03:17:15 +01:00
Astro
e562d1e519
bind: implement dyndns
2017-03-12 03:17:15 +01:00
Astro
8f64476c2a
bind: document named.conf
2017-03-12 03:17:15 +01:00
Astro
25b5f8b9fb
remove broken nat66 upstream for upstream[12]
2017-03-12 03:17:15 +01:00
c2bfd17143
Jeder access Port ist default in vlan 1, welches wir auch als mgmt
...
belassen haben. Falls ein Port als mgmt konfiguriert werden soll, muss
das eventuell vorhandene vlan gelöscht werden. Explizit vlan 1 zu
setzen geht nicht.
2017-03-02 02:32:36 +01:00
a236e82cff
name command is illegal illegal here
2017-03-02 02:31:08 +01:00
Astro
4378dfb7bd
switches: dynamic link-aggregation for 3com-4200G
...
no more trouble with static groups
2017-02-09 21:30:45 +01:00
Astro
c2ece5fd83
switches: fix 3com bonding
2017-02-09 01:59:50 +01:00
Astro
beedab8bb3
cpe/ap_install_collectd.sh: fix plugins
2017-02-07 02:52:51 +01:00
Astro
2123639965
cpe: fix gateways
2017-02-07 02:44:38 +01:00
Astro
c87ae7784f
cpe: syntax fixes
2017-02-07 02:43:26 +01:00
Astro
5b5f86eb8a
cpe: unify ap mgmt conf
2017-02-07 02:42:04 +01:00
Astro
d05eedc42c
cpe: script fixes
2017-02-07 02:36:15 +01:00
Astro
aca557a875
prepare cpe/ap_install_collectd.sh
2017-02-07 02:28:57 +01:00
Astro
565feefd28
add ssh pubkey for cpe.ap
2017-02-07 02:11:32 +01:00
Astro
b5c20fcd6e
cpe.ap: configure mgmt ipv6
2017-02-07 02:11:06 +01:00
Astro
b34306f458
salt.unbound: allow mgmt access
2017-02-07 01:56:37 +01:00
Astro
2ea56e8e4e
firewall.mgmt-gw: fixes
2017-02-07 01:35:03 +01:00
Astro
4a578f67e6
firewall.mgmt-gw: add interface context
2017-02-07 01:30:57 +01:00
Astro
d65d64e4c0
firewall.mgmt-gw: fix path
2017-02-07 01:26:42 +01:00
Astro
c119edc278
firewall.mgmt-gw: allow downloads.lede-project.org
2017-02-07 01:24:02 +01:00
Astro
e969a9b105
ipv6ify mgmt
2017-02-07 01:22:19 +01:00
Astro
568fa2102d
prepare mgmt-gw container
2017-02-07 01:16:16 +01:00
Astro
64685f254f
shaping: introduce downstream shaping
2017-02-05 03:23:15 +01:00
Astro
ab68c6c879
collectd: fix jinja
2017-02-05 03:01:09 +01:00
Astro
0a443f6ad4
implement stats collection with collectd
2017-02-05 02:50:56 +01:00
Astro
93f45cdbf8
cpe: prepare ap20
2017-01-26 17:50:33 +01:00
Astro
e0640f84d6
bind: fix
2017-01-23 22:59:37 +01:00
Astro
7cbd9c1089
bind: add explicity slaves
2017-01-23 22:38:11 +01:00
Astro
9f2b51db1e
bind: don't use public-ns for internal reverse zones
2017-01-23 22:13:36 +01:00
Astro
dfdf2a290e
bind: add root-domain in named.conf
2017-01-23 22:00:32 +01:00
d6240d7d6c
deploy ap13 & dir-615 router template
2017-01-20 22:55:48 +01:00
Astro
412308a466
bird: tune radv intervals and lifetimes
2017-01-20 03:15:15 +01:00
Astro
ff3abbc5d3
bird: add radv
2017-01-20 02:27:04 +01:00
Astro
2e4d0e6fb0
unbound: add local & dn42 forward-zones
2017-01-20 00:52:56 +01:00
Astro
beec71f387
bind: merge reverse[46].zone
2017-01-20 00:52:56 +01:00
Astro
02663013a2
dns
2017-01-20 00:52:56 +01:00
Astro
cf6e8efddf
bird: export static routes to bgp
2017-01-20 00:30:22 +01:00
Astro
d3783f251f
replace quagga with bird
2017-01-19 23:27:29 +01:00
Astro
195c5a07d7
server1-network: disable hw offloading
...
causes warnings in hfsc and interferes with packet timing.
2017-01-18 01:12:27 +01:00
Astro
8e174cdcf5
cpe: fixed ap mcast_rate
2017-01-18 01:11:51 +01:00
Astro
ec9cc8bc8a
cpe: configure TL-WR841Nv8 ports
2017-01-17 22:02:43 +01:00
Astro
25045fc440
switches/HP-procurve-2824: enable/disable lacp
2017-01-17 19:42:44 +01:00
Astro
bd400985a4
switches: fix & deploy switch-d1
2017-01-17 16:12:24 +01:00
Astro
5b92d5db50
vpn.openvpn: route over upstream2
2017-01-16 01:16:52 +01:00
Astro
8d0bcc70dc
implement the bgp container
2017-01-12 22:58:49 +01:00
Astro
2132a4b078
switches/HP-procurve-2824: fix bond/trunk tagging
2017-01-12 18:33:14 +01:00
Astro
716e968e83
quagga update!
2017-01-02 18:26:46 +01:00
Astro
01a8115a0f
quagga update!
2017-01-02 17:35:18 +01:00
Astro
b00abb7bc8
quagga update!
2017-01-02 17:33:26 +01:00
Astro
dd9a278263
ap.sh: remove spurious reboot arg
2016-12-22 23:58:38 +01:00
Astro
ef1bdb8c3c
quagga.zebra: enable forwarding
2016-12-19 22:07:53 +01:00
Astro
9e719980b9
quagga: rm dup SLS ID 'quagga'
2016-12-19 22:07:35 +01:00
Astro
8d51221952
quagga.zebra: enable ipv6 nd
2016-12-19 03:53:05 +01:00
Astro
1fb5f05160
internal ipv6 routing
2016-12-19 03:11:26 +01:00
Astro
6d8306bc7a
ospfd: rm obsolete TODO note
2016-12-19 03:06:29 +01:00
Astro
0ceccb4746
split ospf/ into quagga/{zebra,ospfd}/
2016-12-19 01:29:38 +01:00
Astro
f233277330
ospfd: fix systemd.service ExecStart paths
...
absolute paths are required :(
2016-12-19 00:41:09 +01:00
Astro
9c6def3c00
Merge pull request #14 from zentralwerk/dhcp-adaptive-lease
...
c
2016-12-16 00:34:17 +01:00
Astro
a9142187f2
add upstream.port-forwarding
2016-12-16 00:12:46 +01:00
210ae688ce
fix intend
2016-12-16 00:01:06 +01:00
a026b6e960
if a threshold is defined, use it
2016-12-15 23:03:13 +01:00
0d551a082d
if pub has more than 50% active leases, limit max-lifetime
2016-12-15 22:41:03 +01:00
Astro
ceec7bf5db
dhcp: fix templating
2016-12-15 19:11:07 +01:00
Astro
3517219972
unbound: allow from c3d2
2016-12-13 01:52:58 +01:00
Astro
3d0f354a91
switches/3com-4200G: try resetting link-aggregation groups before setting them
2016-12-13 01:15:27 +01:00
Astro
691e3ebbc4
vlan c3d2 + 2 containers
2016-12-12 23:01:38 +01:00
Astro
3a6445c070
ospf: rm wrong paths
2016-12-11 03:40:14 +01:00
Astro
dc19d1a1f2
server1-network: remove unneeded up/priv bridges
2016-12-11 03:11:20 +01:00
Astro
f7b491b90f
cpe: fix all the shell syntax
2016-12-11 02:49:07 +01:00
Astro
94d6593659
cpe: tune wifis
2016-12-11 02:45:24 +01:00
Astro
779c583d13
cpe: implement wifi-on-link.sh
2016-12-11 02:25:48 +01:00
Astro
bdf0ef9a58
cpe: prepare TL-Archer-C7v2 config, deploy ap3
2016-12-11 01:46:25 +01:00
2e375be97b
make unbound less verbose
2016-12-10 02:44:27 +01:00
Astro
d0f108745e
more switching shit
2016-12-09 02:52:38 +01:00
Astro
4522b8612e
server1-network: extend bonding with new NIC
2016-12-09 02:52:08 +01:00
Astro
ac8d0c7ef8
switches: prettify 3com-4200G link-aggreation group numbers
2016-12-06 03:34:04 +01:00
Astro
9c7dca3423
cpe: attempt TL-WR1043ND
2016-12-06 03:33:24 +01:00
Astro
e5d25ee36e
openvpn: systemd restart
2016-12-01 19:45:55 +01:00
Astro
0104ffa55c
server1-network: load-modules
2016-12-01 19:45:55 +01:00
Astro
5c7e8139c0
add multiple ipv6 upstream mechanisms (6to4, slac)
2016-11-29 21:52:29 +01:00
Astro
420dbea8d1
cpe: use integreated manageable switch in TL-WDR4300
2016-11-29 18:14:44 +01:00
Astro
9530840265
switches/3com-4200G: fix vlan deconfiguration
2016-11-29 18:10:08 +01:00
Astro
7b7530764d
switches: deconfigure all VLANs on 3com-4200G
2016-11-29 17:41:13 +01:00
Astro
568a22b328
switches: name 3com-4200G vlans
2016-11-29 17:36:11 +01:00
Astro
4f6da292be
cpe: TL-WDR4300
2016-11-29 16:18:35 +01:00
Astro
0a078d5115
shaping: tweak, bring back #flows
2016-11-29 16:18:07 +01:00
Astro
9fee71e219
server1-network: fix dns-nameservers
2016-11-29 02:27:37 +01:00
Astro
00cebca61b
switches: attempt fixing 3com-4200G
2016-11-29 02:24:13 +01:00
Astro
4c15782650
switches: try to improve the lacp deconfiguration situation
2016-11-29 00:44:23 +01:00
Astro
d80943b491
switches: fix TL-SG3210 bonding
2016-11-29 00:30:36 +01:00
Astro
865e26b720
server1-network: core dns-nameservers
2016-11-29 00:27:57 +01:00
Astro
81813cc13f
ospf: mkdir /var/run/quagga fixes
2016-11-29 00:22:42 +01:00
Astro
0d99dc4d56
lxc-containers: allow fixed hwaddr
2016-11-29 00:19:10 +01:00
Astro
04f28303ec
ospf: mkdir /var/run/quagga fixes
2016-11-28 23:49:37 +01:00
Astro
Daniel Poelzleithner
Eri -
root
webzwo0i