From e4e9be507ed7d43ac6b761947e518b41fcd444f2 Mon Sep 17 00:00:00 2001 From: Daniel Flanagan Date: Thu, 31 Aug 2023 02:34:05 +0000 Subject: [PATCH] updates --- dhcpcd.conf | 5 +++-- dnsmasq.conf | 50 +++++++++++++++++++++++++------------------------- etc-hosts | 8 ++++---- lan0.link | 1 - makefile | 7 +++++-- nftables.conf | 11 +++++++---- 6 files changed, 44 insertions(+), 38 deletions(-) diff --git a/dhcpcd.conf b/dhcpcd.conf index f55489e..71eff18 100755 --- a/dhcpcd.conf +++ b/dhcpcd.conf @@ -1,4 +1,5 @@ duid +noarp persistent vendorclassid @@ -13,7 +14,7 @@ slaac private noipv4ll noipv6rs -static domain_name_servers=10.0.0.1 1.1.1.1 1.0.0.1 +static domain_name_servers=10.0.0.1 interface wan0 gateway @@ -26,4 +27,4 @@ interface wan0 interface lan0 static ip_address=10.0.0.1/8 static routers=10.0.0.1 - static domain_name_servers=10.0.0.1 1.1.1.1 1.0.0.1 + static domain_name_servers=10.0.0.1 diff --git a/dnsmasq.conf b/dnsmasq.conf index efaa25a..27b2d3f 100755 --- a/dnsmasq.conf +++ b/dnsmasq.conf @@ -1,5 +1,22 @@ +# server endpoints +listen-address=::1,127.0.0.1,10.0.0.1 +port=53 + +# DNS cache entries +cache-size=10000 + +# local domain entries +local=/lan/ +domain=lan +expand-hosts + +dhcp-authoritative + +conf-file=/usr/share/dnsmasq/trust-anchors.conf +dnssec + except-interface=wan0 -bogus-priv +interface=lan0 enable-ra @@ -8,7 +25,6 @@ enable-ra dhcp-range=lan,10.0.0.5,10.0.0.250,255.255.255.0,10m dhcp-range=tag:lan0,::1,constructor:lan0,ra-names,12h -local=/h.lyte.dev/ dhcp-host=dragon,10.0.0.10,12h dhcp-host=beefcake,10.0.0.9,12h @@ -16,37 +32,21 @@ dhcp-host=chromebox,10.0.0.5,12h dhcp-host=mnemonic,10.0.0.248,ea:1b:7a:fb:8b:b8,12h # dhcp-host=frontdoorcam,10.0.0.89,9c:8e:cd:2b:71:e9,120m -address=/video.lyte.dev/10.0.0.5 -address=/git.lyte.dev/10.0.0.5 -address=/bw.lyte.dev/10.0.0.5 -address=/files.lyte.dev/10.0.0.5 +address=/video.lyte.dev/10.0.0.9 +address=/git.lyte.dev/10.0.0.9 +address=/bw.lyte.dev/10.0.0.9 +address=/files.lyte.dev/10.0.0.9 address=/vpn.h.lyte.dev/10.0.0.9 -address=/.h.lyte.dev/10.0.0.5 +address=/.h.lyte.dev/10.0.0.9 dhcp-host=AMC058BA_A75F1E,10.0.0.150,12h dhcp-host=AMC0587F_A2969A,10.0.0.151,12h -# dhcp-host=kubeworker3,d0:50:99:26:89:86,ourcraft,10.0.0.244,120m - -# address=/dragon.h.lyte.dev/10.0.0.10 -address=/git.lyte.dev/10.0.0.5 -address=/h.lyte.dev/10.0.0.5 -address=/a.lyte.dev/10.0.0.5 -address=/bw.lyte.dev/10.0.0.5 -address=/files.lyte.dev/10.0.0.5 -# address=/grafana.h.lyte.dev/10.0.0.5 -# address=/ourcraft.lyte.dev/10.0.0.244 - server=10.0.0.1 +server=8.8.8.8 +server=8.8.4.4 server=1.1.1.1 server=1.0.0.1 -expand-hosts -port=53 -interface=lan0 - -domain=h.lyte.dev - -dhcp-authoritative diff --git a/etc-hosts b/etc-hosts index aac0098..da93ad7 100755 --- a/etc-hosts +++ b/etc-hosts @@ -8,8 +8,8 @@ ff02::1 ip6-allnodes ff02::2 ip6-allrouters -10.0.0.5 git.lyte.dev -10.0.0.5 video.lyte.dev -10.0.0.5 files.lyte.dev -10.0.0.5 bw.lyte.dev +10.0.0.9 git.lyte.dev +10.0.0.9 video.lyte.dev +10.0.0.9 files.lyte.dev +10.0.0.9 bw.lyte.dev 10.0.0.9 vpn.h.lyte.dev diff --git a/lan0.link b/lan0.link index cb4934f..f010fe6 100755 --- a/lan0.link +++ b/lan0.link @@ -3,4 +3,3 @@ MACAddress=00:01:2e:82:73:5a [Link] Name=lan0 - diff --git a/makefile b/makefile index 97ae526..8b9f66a 100644 --- a/makefile +++ b/makefile @@ -83,8 +83,11 @@ copy-configuration-files: /etc/dnsmasq.conf /etc/systemd/resolved.conf /etc/sysc cp $^ $@ /etc/hosts: ./etc-hosts - rm -f $@ - cp $^ $@ + rm -f $@ /tmp/etc-hosts + printf "%s\n" "# DO NOT EDIT DIRECTLY - See router config for details" >> /tmp/etc-hosts + cat $^ >> /tmp/etc-hosts + printf "\n\n%s\n" "# DO NOT EDIT DIRECTLY - See router config for details" >> /tmp/etc-hosts + cp /tmp/etc-hosts $@ /etc/nftables.conf: nftables.conf rm -f $@ diff --git a/nftables.conf b/nftables.conf index 2433677..e773c68 100755 --- a/nftables.conf +++ b/nftables.conf @@ -48,7 +48,7 @@ table ip nat { fib daddr type local dnat ip addr . port to meta l4proto . th dport map @map_port_ipport # chromebox - iifname $WAN tcp dport { 443, 80, 22, 8008, 8448, 7777 } dnat to 10.0.0.5 + iifname $WAN tcp dport { 8008, 8448, 7777 } dnat to 10.0.0.5 iifname $WAN udp dport { 7777 } dnat to 10.0.0.5 iifname $WAN udp dport 60010-60019 dnat to 10.0.0.5 @@ -69,12 +69,15 @@ table ip nat { iifname $WAN tcp dport { 64022 } dnat to 10.0.0.9 iifname $WAN udp dport { 64020 } dnat to 10.0.0.9 + # beefcake services + iifname $WAN tcp dport { 443, 80, 22 } dnat to 10.0.0.9 + # mnemonic iifname $WAN tcp dport { 8022 } dnat to 10.0.0.248 # ourcraft - iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.100 - iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.100 + iifname $WAN tcp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.244 + iifname $WAN udp dport { 2456, 2457, 25565, 34197 } dnat to 10.0.0.244 # router iifname $WAN tcp dport { 2201 } dnat to 10.0.0.1 @@ -106,4 +109,4 @@ table ip nat { # type filter hook forward priority 0; policy accept; # } # } -# \ No newline at end of file +#