Remove bridged network setup
This commit is contained in:
parent
1d4bb97fcf
commit
7a57636bdb
8 changed files with 65 additions and 135 deletions
|
|
@ -1,5 +0,0 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
|
||||
[NetDev]
|
||||
Name=vmbr0
|
||||
Kind=bridge
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
|
||||
[Match]
|
||||
Name=vmbr0
|
||||
|
||||
[Network]
|
||||
Address=10.4.0.1/24
|
||||
DHCP=yes
|
||||
IPForward=yes
|
||||
ConfigureWithoutCarrier=yes
|
||||
|
|
@ -1,12 +1,13 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
#
|
||||
#!/usr/bin/nft -f
|
||||
# vim:set ts=2 sw=2 et:
|
||||
|
||||
flush ruleset
|
||||
|
||||
table inet filter {
|
||||
chain input {
|
||||
type filter hook input priority 0;
|
||||
type filter hook input priority 0; policy drop;
|
||||
|
||||
# allow established/related connections
|
||||
ct state { established, related } accept
|
||||
|
|
@ -26,15 +27,6 @@ table inet filter {
|
|||
|
||||
# syncthing
|
||||
ip saddr 10.0.0.1 tcp dport 22000 accept
|
||||
|
||||
# allow remote pulse audio
|
||||
ip saddr 10.0.0.1 tcp dport 4713 accept
|
||||
|
||||
# allow dhcp requests for bridget connections
|
||||
iifname "vmbr0" udp dport { 53, 67 } accept
|
||||
|
||||
# everything else
|
||||
reject with icmpx type port-unreachable
|
||||
}
|
||||
|
||||
chain forward {
|
||||
|
|
@ -43,9 +35,6 @@ table inet filter {
|
|||
ct state { established, related } accept;
|
||||
|
||||
mark 1 accept
|
||||
|
||||
iifname "vmbr0" oifname "enp34s0" accept
|
||||
iifname "enp34s0" oifname "vmbr0" accept
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -54,16 +43,3 @@ table ip filter {
|
|||
mark set 1
|
||||
}
|
||||
}
|
||||
|
||||
table ip nat {
|
||||
chain prerouting {
|
||||
type nat hook prerouting priority 0; policy accept;
|
||||
|
||||
# iifname "enp34s0" tcp dport { http } dnat to 10.4.0.243
|
||||
}
|
||||
|
||||
chain postrouting {
|
||||
type nat hook postrouting priority 0; policy accept;
|
||||
oifname "enp34s0" masquerade
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
|
||||
[NetDev]
|
||||
Name=vmbr0
|
||||
Kind=bridge
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
|
||||
[Match]
|
||||
Name=vmbr0
|
||||
|
||||
[Network]
|
||||
Address=10.5.0.1/24
|
||||
DHCP=ipv4
|
||||
IPForward=ipv4
|
||||
ConfigureWithoutCarrier=yes
|
||||
|
|
@ -27,9 +27,6 @@ table inet filter {
|
|||
|
||||
# syncthing
|
||||
ip saddr 10.0.0.1 tcp dport 22000 accept
|
||||
|
||||
# allow dhcp requests for bridged connections
|
||||
iifname "vmbr0" udp dport { 53, 67 } accept
|
||||
}
|
||||
|
||||
chain forward {
|
||||
|
|
@ -38,9 +35,6 @@ table inet filter {
|
|||
ct state { established, related } accept;
|
||||
|
||||
mark 1 accept
|
||||
|
||||
iifname "vmbr0" oifname "wlan0" accept
|
||||
iifname "wlan0" oifname "vmbr0" accept
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -49,18 +43,3 @@ table ip filter {
|
|||
mark set 1
|
||||
}
|
||||
}
|
||||
|
||||
table ip nat {
|
||||
chain prerouting {
|
||||
type nat hook prerouting priority 0; policy accept;
|
||||
|
||||
# iifname "wlan0" tcp dport { http } dnat to 10.4.0.243
|
||||
}
|
||||
|
||||
chain postrouting {
|
||||
type nat hook postrouting priority 0; policy accept;
|
||||
|
||||
oifname "wlan0" masquerade
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
# TODO: update testing libraries according to new config
|
||||
# {{ ansible_managed }} {{ ansible_date_time.time }} {{ ansible_date_time.date }}
|
||||
#
|
||||
# /etc/pacman.conf
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue