From dca612a391a713cea5917ceb711250bcbf9d6f67 Mon Sep 17 00:00:00 2001 From: Daniel Flanagan Date: Wed, 11 Oct 2023 02:35:06 +0000 Subject: [PATCH] 192 --- dhcpcd.conf | 11 +++++++---- dnsmasq.conf | 37 +++++++++++++++++++------------------ etc-hosts | 10 +++++----- makefile | 2 ++ nftables.conf | 40 ++++++++++++++++++++-------------------- 5 files changed, 53 insertions(+), 47 deletions(-) diff --git a/dhcpcd.conf b/dhcpcd.conf index 71eff18..c7166a7 100755 --- a/dhcpcd.conf +++ b/dhcpcd.conf @@ -1,4 +1,7 @@ duid + +# No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644 +# issues caused by guests with oneplus devices noarp persistent vendorclassid @@ -14,7 +17,7 @@ slaac private noipv4ll noipv6rs -static domain_name_servers=10.0.0.1 +static domain_name_servers=192.168.0.1 interface wan0 gateway @@ -25,6 +28,6 @@ interface wan0 ia_pd 1 lan0 interface lan0 - static ip_address=10.0.0.1/8 - static routers=10.0.0.1 - static domain_name_servers=10.0.0.1 + static ip_address=192.168.0.1/16 + static routers=192.168.0.1 + static domain_name_servers=192.168.0.1 diff --git a/dnsmasq.conf b/dnsmasq.conf index 27b2d3f..59c4aab 100755 --- a/dnsmasq.conf +++ b/dnsmasq.conf @@ -1,5 +1,5 @@ # server endpoints -listen-address=::1,127.0.0.1,10.0.0.1 +listen-address=::1,127.0.0.1,192.168.0.1 port=53 # DNS cache entries @@ -20,29 +20,30 @@ interface=lan0 enable-ra -# dhcp-option=121,10.0.0.0/8,10.0.0.1 +# dhcp-option=121,192.168.0.0/16,192.168.0.1 -dhcp-range=lan,10.0.0.5,10.0.0.250,255.255.255.0,10m +dhcp-range=lan,192.168.0.5,192.168.0.250,255.255.255.0,10m dhcp-range=tag:lan0,::1,constructor:lan0,ra-names,12h +dhcp-host=dragon,192.168.0.10,12h +dhcp-host=beefcake,192.168.0.9,12h +dhcp-host=chromebox,192.168.0.5,12h +dhcp-host=B-C02G56VXML85,192.168.0.128,12h +dhcp-host=B-W4KNHWJ6XY,192.168.0.217,12h +dhcp-host=mnemonic,192.168.0.248,ea:1b:7a:fb:8b:b8,12h +# dhcp-host=frontdoorcam,192.168.0.89,9c:8e:cd:2b:71:e9,120m -dhcp-host=dragon,10.0.0.10,12h -dhcp-host=beefcake,10.0.0.9,12h -dhcp-host=chromebox,10.0.0.5,12h -dhcp-host=mnemonic,10.0.0.248,ea:1b:7a:fb:8b:b8,12h -# dhcp-host=frontdoorcam,10.0.0.89,9c:8e:cd:2b:71:e9,120m +address=/video.lyte.dev/192.168.0.9 +address=/git.lyte.dev/192.168.0.9 +address=/bw.lyte.dev/192.168.0.9 +address=/files.lyte.dev/192.168.0.9 +address=/vpn.h.lyte.dev/192.168.0.9 +address=/.h.lyte.dev/192.168.0.9 -address=/video.lyte.dev/10.0.0.9 -address=/git.lyte.dev/10.0.0.9 -address=/bw.lyte.dev/10.0.0.9 -address=/files.lyte.dev/10.0.0.9 -address=/vpn.h.lyte.dev/10.0.0.9 -address=/.h.lyte.dev/10.0.0.9 +dhcp-host=AMC058BA_A75F1E,192.168.0.150,12h +dhcp-host=AMC0587F_A2969A,192.168.0.151,12h -dhcp-host=AMC058BA_A75F1E,10.0.0.150,12h -dhcp-host=AMC0587F_A2969A,10.0.0.151,12h - -server=10.0.0.1 +server=192.168.0.1 server=8.8.8.8 server=8.8.4.4 server=1.1.1.1 diff --git a/etc-hosts b/etc-hosts index da93ad7..32b98c2 100755 --- a/etc-hosts +++ b/etc-hosts @@ -8,8 +8,8 @@ ff02::1 ip6-allnodes ff02::2 ip6-allrouters -10.0.0.9 git.lyte.dev -10.0.0.9 video.lyte.dev -10.0.0.9 files.lyte.dev -10.0.0.9 bw.lyte.dev -10.0.0.9 vpn.h.lyte.dev +192.168.0.9 git.lyte.dev +192.168.0.9 video.lyte.dev +192.168.0.9 files.lyte.dev +192.168.0.9 bw.lyte.dev +192.168.0.9 vpn.h.lyte.dev diff --git a/makefile b/makefile index 8b9f66a..fa82e8e 100644 --- a/makefile +++ b/makefile @@ -33,6 +33,7 @@ restart-services: # systemctl restart systemd-resolved # this seems to conflict with dnsmasq - not sure we need it? systemctl restart dhcpcd@lan0 systemctl restart dhcpcd@wan0 + systemctl restart radvd # ksystemctl restart tailscaled # is this necessary since no config lies in this repo? echo "Services restarted!" @@ -46,6 +47,7 @@ enable-and-start-services: # systemctl enable --now systemd-resolved # this seems to conflict with dnsmasq - not sure we need it? systemctl enable --now dhcpcd@lan0 systemctl enable --now dhcpcd@wan0 + systemctl enable --now radvd # systemctl enable --now tailscaled # is this necessary since no config lies in this repo? echo "Services enabled and restarted!" diff --git a/nftables.conf b/nftables.conf index e773c68..ba16e01 100755 --- a/nftables.conf +++ b/nftables.conf @@ -35,7 +35,7 @@ table ip nat { set masq_saddr { type ipv4_addr flags interval - elements = { 10.0.0.0/8 } + elements = { 192.168.0.0/16 } } map map_port_ipport { @@ -48,40 +48,40 @@ table ip nat { fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport # chromebox - iifname $WAN tcp dport { 8008, 8448, 7777 } dnat to 10.0.0.5 - iifname $WAN udp dport { 7777 } dnat to 10.0.0.5 - iifname $WAN udp dport 60010-60019 dnat to 10.0.0.5 + iifname $WAN tcp dport { 8008, 8448, 7777 } dnat to 192.168.0.5 + iifname $WAN udp dport { 7777 } dnat to 192.168.0.5 + iifname $WAN udp dport 60010-60019 dnat to 192.168.0.5 # old dragon? - # iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 10.0.0.10 - # iifname $WAN udp dport 60020-60029 dnat to 10.0.0.10 + # iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 192.168.0.10 + # iifname $WAN udp dport 60020-60029 dnat to 192.168.0.10 - iifname $WAN tcp dport { 10578, 5588, 5589 } dnat to 10.0.0.11 - iifname $WAN udp dport { 10578 } dnat to 10.0.0.11 + iifname $WAN tcp dport { 10578, 5588, 5589 } dnat to 192.168.0.11 + iifname $WAN udp dport { 10578 } dnat to 192.168.0.11 # dragon reinstall? - iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 10.0.0.10 - iifname $WAN udp dport { 2221, 5588, 5589 } dnat to 10.0.0.10 - iifname $WAN udp dport 60020-60029 dnat to 10.0.0.10 - # iifname $WAN udp dport 9876-9877 dnat to 10.0.0.10 # valheim + iifname $WAN tcp dport { 2221, 5588, 5589 } dnat to 192.168.0.10 + iifname $WAN udp dport { 2221, 5588, 5589 } dnat to 192.168.0.10 + iifname $WAN udp dport 60020-60029 dnat to 192.168.0.10 + # iifname $WAN udp dport 9876-9877 dnat to 192.168.0.10 # valheim # beefcake (ben access) - iifname $WAN tcp dport { 64022 } dnat to 10.0.0.9 - iifname $WAN udp dport { 64020 } dnat to 10.0.0.9 + iifname $WAN tcp dport { 64022 } dnat to 192.168.0.9 + iifname $WAN udp dport { 64020 } dnat to 192.168.0.9 # beefcake services - iifname $WAN tcp dport { 443, 80, 22 } dnat to 10.0.0.9 + iifname $WAN tcp dport { 443, 80, 22 } dnat to 192.168.0.9 # mnemonic - iifname $WAN tcp dport { 8022 } dnat to 10.0.0.248 + iifname $WAN tcp dport { 8022 } dnat to 192.168.0.248 # ourcraft - iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.244 - iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.244 + iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 192.168.0.244 + iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 192.168.0.244 # router - iifname $WAN tcp dport { 2201 } dnat to 10.0.0.1 - iifname $WAN udp dport { 2201 } dnat to 10.0.0.1 + iifname $WAN tcp dport { 2201 } dnat to 192.168.0.1 + iifname $WAN udp dport { 2201 } dnat to 192.168.0.1 } chain output {