#!/usr/bin/env bash DESC="Configuration de passerelle." run() { . $VDN_PATH/bin/functions-scripts.sh setErrorHandler echoStart name="passerelle" requireSshGuests $name #setIpv6WorkAround $name setHostname $name cat << EOF | setHosts $name 127.0.0.1 localhost $($VDN_PATH/bin/vdn-infos darkside PUBLIC_IP) darkside $($VDN_PATH/bin/vdn-infos brightside PUBLIC_IP) brightside 192.168.2.1 passerelle 192.168.2.2 distributeur 192.168.2.3 client 192.168.2.4 comanche 192.168.3.2 appolo 192.168.3.3 castafiore EOF # Fixe la route par défaut cat << EOF | setFile $name /etc/network/if-up.d/default-interface #!/bin/sh [ "\$IFACE" = "eth0" ] && { . /etc/vdn/config /sbin/ifconfig eth0 \$PUBLIC_IP /sbin/route add default dev eth0 } || : EOF vdn-ssh root@$name chmod 755 /etc/network/if-up.d/default-interface cat << EOF | setInterfaces $name # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback auto eth0 iface eth0 inet static address $($VDN_PATH/bin/vdn-infos $name PUBLIC_IP) netmask 255.0.0.0 auto eth1 iface eth1 inet static address 192.168.2.1 netmask 255.255.255.0 auto eth2 iface eth2 inet static address 192.168.3.1 netmask 255.255.255.0 EOF echo "Post instalations." setForwarding $name cat << EOF | setFile $name /etc/vdn/00-firewall #!/bin/sh iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD iptables -F POSTROUTING -t nat iptables -F PREROUTING -t nat default=ACCEPT iptables -P FORWARD ACCEPT iptables -P INPUT \$default iptables -P OUTPUT \$default iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # spécifique à VDN (Début) iptables -A INPUT -i eth3 -j ACCEPT iptables -A OUTPUT -o eth3 -j ACCEPT # spécifique à VDN (Fin) EOF vdn-ssh root@passerelle "sh /etc/vdn/00-firewall" unsetErrorHandler echoDone }