From 7e787a9f9feae4ad593bafba1c2fd41e9a5fcc4e Mon Sep 17 00:00:00 2001 From: Daniel Flanagan Date: Sat, 10 Jul 2021 14:04:31 -0500 Subject: [PATCH] Closer... --- eth0.network | 2 -- lan0.network | 4 ++-- link.fish | 12 ++++++++++++ nftables | 2 ++ readme.md | 12 +++--------- 5 files changed, 19 insertions(+), 13 deletions(-) create mode 100755 link.fish diff --git a/eth0.network b/eth0.network index cadaa5e..15198ca 100644 --- a/eth0.network +++ b/eth0.network @@ -5,6 +5,4 @@ Name=eth0 [Network] DHCP=yes Gateway=0.0.0.0/1 -DNS=8.8.8.8 -DNS=8.8.4.4 IPForward=yes diff --git a/lan0.network b/lan0.network index bf6cc50..9d3de64 100644 --- a/lan0.network +++ b/lan0.network @@ -1,8 +1,8 @@ [Match] Name=lan0 -# MACAddress=dc:a6:32:0a:b5:84 +# MACAddress=00:e0:4c:6d:0c:74 [Network] Address=10.0.0.1/24 IPForward=yes -IPMasquerade=yes +IPMasquerade=ipv4 diff --git a/link.fish b/link.fish new file mode 100755 index 0000000..f9584da --- /dev/null +++ b/link.fish @@ -0,0 +1,12 @@ +#!/usr/bin/env fish + +function rmlink + rm -f $argv[1] + ezln $argv[1] $argv[2] +end + +rmlink dnsmasq.conf /etc/dnsmasq.conf +rmlink usb-ethernet-as-lan0.link /etc/systemd/network/10-usb-eth-adapter.link + +cp eth0.network /etc/systemd/network/eth0.network +cp lan0.network /etc/systemd/network/lan0.network diff --git a/nftables b/nftables index 2da92e5..ddffafc 100644 --- a/nftables +++ b/nftables @@ -3,6 +3,8 @@ flush ruleset table inet filter { chain input { type filter hook input priority filter; policy accept; + udp dport 546 accept + udp dport 53 accept ct state { established, related } accept ct state invalid drop iifname "lo" accept diff --git a/readme.md b/readme.md index 3c1f691..df64c51 100644 --- a/readme.md +++ b/readme.md @@ -1,9 +1,3 @@ -+ Guide: https://wiki.archlinux.org/title/router -+ Interfaces configuration: - + See `/etc/systemd/network` -+ DNS & LAN DHCP - + See `/etc/dnsmasq.conf` - + See `/etc/sysctl.d/30-ipforward.conf` -+ Firewall & NAT - + See `sudo iptables --list` - + See `cat /etc/iptables/iptables.rules` +# TODO + ++ IPv6?