Merge pull request #15 from Freifunk-Troisdorf/new-new-net

New Net Merge to Master

files/bird6-troisdorf4.conf

@@ -42,7 +42,7 @@ return net ~ [ fc00::/7{48,64},
 }
 
 filter hostroute {
-        if net ~ 2a03:2260:121::/48 then accept;
+        if net ~ 2a03:2260:121:4000::/52 then accept;
         reject;
 }
 

files/bird6-troisdorf5.conf

@@ -44,7 +44,7 @@ return net ~ [ fc00::/7{48,64},
 }
 
 filter hostroute {
-        if net ~ 2a03:2260:121::/48 then accept;
+        if net ~ 2a03:2260:121:5000::/52 then accept;
         reject;
 }
 

files/bird6-troisdorf6.conf

@@ -44,7 +44,7 @@ return net ~ [ fc00::/7{48,64},
 }
 
 filter hostroute {
-        if net ~ 2a03:2260:121::/48 then accept;
+        if net ~  2a03:2260:121:6000::/52 then accept;
         reject;
 }
 

files/bird6-troisdorf7.conf

@@ -42,7 +42,7 @@ return net ~ [ fc00::/7{48,64},
 }
 
 filter hostroute {
-        if net ~ 2a03:2260:121::/48 then accept;
+        if net ~ 2a03:2260:121:7000::/52 then accept;
         reject;
 }
 

files/dhcpd.conf.j2

@@ -7,7 +7,7 @@ log-facility local7;
 subnet 10.188.0.0 netmask 255.255.0.0 {
 authoritative;
 range {{ sn_dhcp_range }};
-option domain-name-servers {{ sn_mesh_IPv4 }}, {{ sn_dhcp_dns_v4 }};
+option domain-name-servers {{ sn_mesh_IPv4 }};
 option routers {{ sn_mesh_IPv4 }};
 option interface-mtu {{ sn_mtu }};
 interface bat0;

files/dhcpd6.conf.j2

@@ -6,17 +6,10 @@ authoritative;
 default-lease-time 300;
 max-lease-time 600;
 
-#option dhcp6.name-servers {{ sn_mesh_IPv6 }};
+option dhcp6.name-servers {{ sn_mesh_IPv6 }};
-option dhcp6.name-servers {{ sn_mesh_IPv6 }}, {{ sn_dhcp_dns_v6 }};
 
 option dhcp6.domain-search "fftdf";
 
-subnet6 2a03:2260:121::/64 {
+subnet6 {{ sn_mesh_IPv6_net }} {
-#
-#       # Range for clients
-#       range6 2a03:2260:121::201 2a03:2260:121::ffff;
-#
-#       # Range for clients requesting a temporary address
-#       range6 2a03:2260:121::/64 temporary;
 }
 

files/fftdf/db.fftdf.j2

@@ -0,0 +1,25 @@
+;; db.fftdf
+;; Forwardlookupzone für .fftdf
+;;
+$TTL 600
+@       IN      SOA     fftdf. root.fftdf. (
+                        2015584543      ; Serial
+                                8H      ; Refresh
+                                2H      ; Retry
+                                4W      ; Expire
+                                3H )    ; NX (TTL Negativ Cache)
+
+@                               IN      NS      {{ sn_hostname }}.infra.fftdf.
+                                IN      A       {{ sn_mesh_IPv4 }}
+                                IN      AAAA	{{ sn_mesh_IPv6 }}
+localhost			IN	A    	127.0.0.1
+				IN  	AAAA    ::1
+nextnode			IN  	A       10.188.0.1
+				IN  	AAAA    2a03:2260:121::1
+;;This Supernode
+{{ sn_hostname }}.infra		IN	A	{{ sn_mesh_IPv4 }}
+				IN	AAAA	{{ sn_mesh_IPv6 }}
+;; Update Servers
+update1.infra			IN      AAAA    2a03:2260:121::22
+update2.infra			IN      AAAA    2a03:2260:121::23
+update3.infra			IN      AAAA    2a03:2260:121::24

files/fftdf/fftdf.conf

@@ -0,0 +1,6 @@
+// Zone declarations for Freifunk Troisdorf
+
+zone "fftdf" {
+  type master;
+  file "/etc/bind/fftdf/db.fftdf";
+};

files/interfaces-troisdorf4

@@ -9,12 +9,16 @@ iface lo inet loopback
         up ip address add 185.66.193.104/32 dev lo
 
 iface lo inet6 loopback
-        up ip address add 2a03:2260:121::104/48 dev lo
+	up ip address add 2a03:2260:121:4000::105/52 dev lo
 
 
 # The primary network interface
 allow-hotplug eth0
-iface eth0 inet dhcp
+iface eth0 inet static
+        address 212.129.50.141
+        netmask 255.255.255.255
+        gateway 163.172.210.1
+        pointopoint 163.172.210.1
         post-up iptables -P OUTPUT ACCEPT
         post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
         post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
@@ -22,8 +26,8 @@ iface eth0 inet dhcp
         post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP
         post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 auto 6to4
-	iface 6to4 inet6 6to4
+        iface 6to4 inet6 6to4
-        local 163.172.27.8
+        local 212.129.50.141
 
 # GRE Tunnel zum Rheinland Backbone
 # - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen
@@ -33,7 +37,7 @@ auto gre-bb-a.ak.ber
 iface gre-bb-a.ak.ber inet static
         address 100.64.6.13
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.195.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.195.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -50,7 +54,7 @@ auto gre-bb-b.ak.ber
 iface gre-bb-b.ak.ber inet static
         address 100.64.6.19
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.195.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.195.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -68,7 +72,7 @@ auto gre-bb-a.ix.dus
 iface gre-bb-a.ix.dus inet static
         address 100.64.6.17
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.193.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.193.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -86,7 +90,7 @@ auto gre-bb-b.ix.dus
 iface gre-bb-b.ix.dus inet static
         address 100.64.6.23
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.193.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.193.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -103,7 +107,7 @@ auto gre-bb-a.fra3.f
 iface gre-bb-a.fra3.f inet static
         address 100.64.6.15
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.194.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.194.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -121,7 +125,7 @@ auto gre-bb-b.fra3.f
 iface gre-bb-b.fra3.f inet static
         address 100.64.6.21
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 163.172.27.8 remote 185.66.194.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 212.129.50.141 remote 185.66.194.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.104
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400

files/interfaces-troisdorf5

@@ -9,12 +9,16 @@ iface lo inet loopback
         up ip address add 185.66.193.105/32 dev lo
 
 iface lo inet6 loopback
-        up ip address add 2a03:2260:121::105/48 dev lo
+        up ip address add 203:2260:121:5000::105/52 dev lo
 
 
 # The primary network interface
 allow-hotplug eth0
-iface eth0 inet dhcp
+iface eth0 inet static
+        address 62.210.5.90
+        netmask 255.255.255.255
+        gateway 163.172.210.1
+        pointopoint 163.172.210.1
         post-up iptables -P OUTPUT ACCEPT
         post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
         post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
@@ -23,7 +27,7 @@ iface eth0 inet dhcp
         post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 auto 6to4
 	iface 6to4 inet6 6to4
-        local 138.201.54.123
+        local 62.210.5.90
 
 # GRE Tunnel zum Rheinland Backbone
 # - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen
@@ -33,7 +37,7 @@ auto gre-bb-a.ak.ber
 iface gre-bb-a.ak.ber inet static
         address 100.64.2.151
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.195.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.195.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -50,7 +54,7 @@ auto gre-bb-b.ak.ber
 iface gre-bb-b.ak.ber inet static
         address 100.64.2.153
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.195.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.195.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -68,7 +72,7 @@ auto gre-bb-a.ix.dus
 iface gre-bb-a.ix.dus inet static
         address 100.64.2.155
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.193.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.193.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -86,7 +90,7 @@ auto gre-bb-b.ix.dus
 iface gre-bb-b.ix.dus inet static
         address 100.64.2.157
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 138.201.54.123 remote 185.66.193.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 62.210.5.90 remote 185.66.193.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.105
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400

files/interfaces-troisdorf6

@@ -9,17 +9,17 @@ iface lo inet loopback
         up ip address add 185.66.193.106/32 dev lo
 
 iface lo inet6 loopback
-        up ip address add 2a03:2260:121::106/48 dev lo
+	up ip address add 2a03:2260:121:6000::105/52 dev lo
 
 
 # The primary network interface
 allow-hotplug eth0
 #iface eth0 inet dhcp
 iface eth0 inet static
-        address 46.4.138.189
+        address 62.210.12.122
-        netmask 255.255.255.192
+        netmask 255.255.255.255
-        gateway 46.4.138.129
+        gateway 163.172.210.1
-        dns-nameserver 213.133.100.100 213.133.99.99 213.133.98.98
+        pointopoint 163.172.210.1
         post-up iptables -P OUTPUT ACCEPT
         post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
         post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
@@ -27,10 +27,9 @@ iface eth0 inet static
         post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP
         post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 
-iface eth0 inet6 static
+auto 6to4
-        address 2a01:4f8:11d:600::189
+        iface 6to4 inet6 6to4
-        netmask 59
+        local 62.210.12.122
-        gateway 2a01:4f8:11d:600::1
         post-up ip6tables -P OUTPUT ACCEPT
         post-up ip6tables -A OUTPUT -o eth0 -d fc00::/7 -j DROP
 
@@ -42,7 +41,7 @@ auto gre-bb-a.ak.ber
 iface gre-bb-a.ak.ber inet static
         address 100.64.2.159
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.195.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.195.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -59,7 +58,7 @@ auto gre-bb-b.ak.ber
 iface gre-bb-b.ak.ber inet static
         address 100.64.2.161
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.195.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.195.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -77,7 +76,7 @@ auto gre-bb-a.ix.dus
 iface gre-bb-a.ix.dus inet static
         address 100.64.2.163
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.193.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.193.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -95,7 +94,7 @@ auto gre-bb-b.ix.dus
 iface gre-bb-b.ix.dus inet static
         address 100.64.2.165
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 46.4.138.189 remote 185.66.193.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 62.210.12.122 remote 185.66.193.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.106
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400

files/interfaces-troisdorf7

@@ -9,12 +9,16 @@ iface lo inet loopback
         up ip address add 185.66.193.107/32 dev lo
 
 iface lo inet6 loopback
-        up ip address add 2a03:2260:121::107/48 dev lo
+	up ip address add 2a03:2260:121:7000::105/52 dev lo
 
 
 # The primary network interface
 allow-hotplug eth0
-iface eth0 inet dhcp
+iface eth0 inet static
+        address 212.83.154.70
+        netmask 255.255.255.255
+        gateway 163.172.210.1
+        pointopoint 163.172.210.1
         post-up iptables -P OUTPUT ACCEPT
         post-up iptables -A OUTPUT -o eth0 -d 10.0.0.0/8 -j DROP
         post-up iptables -A OUTPUT -o eth0 -d 172.16.0.0/12 -j DROP
@@ -22,8 +26,8 @@ iface eth0 inet dhcp
         post-up iptables -A OUTPUT -o eth0 -d 192.168.0.0/16 -j DROP
         post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
 auto 6to4
-	iface 6to4 inet6 6to4
+        iface 6to4 inet6 6to4
-        local 	163.172.28.228
+        local 163.172.194.197
 
 # GRE Tunnel zum Rheinland Backbone
 # - Die Konfigurationsdaten werden vom Rheinland Backbone vergeben und zugewiesen
@@ -33,7 +37,7 @@ auto gre-bb-a.ak.ber
 iface gre-bb-a.ak.ber inet static
         address 100.64.6.25
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 	163.172.28.228 remote 185.66.195.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.195.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -50,7 +54,7 @@ auto gre-bb-b.ak.ber
 iface gre-bb-b.ak.ber inet static
         address 100.64.6.31
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 	163.172.28.228 remote 185.66.195.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.195.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -68,7 +72,7 @@ auto gre-bb-a.ix.dus
 iface gre-bb-a.ix.dus inet static
         address 100.64.6.29
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 	163.172.28.228 remote 185.66.193.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.193.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -86,7 +90,7 @@ auto gre-bb-b.ix.dus
 iface gre-bb-b.ix.dus inet static
         address 100.64.6.35
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 	163.172.28.228 remote 185.66.193.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.193.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -103,7 +107,7 @@ auto gre-bb-a.fra3.f
 iface gre-bb-a.fra3.f inet static
         address 100.64.6.27
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 	163.172.28.228 remote 185.66.194.0 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.194.0 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400
@@ -121,7 +125,7 @@ auto gre-bb-b.fra3.f
 iface gre-bb-b.fra3.f inet static
         address 100.64.6.33
         netmask 255.255.255.254
-        pre-up ip tunnel add $IFACE mode gre local 	163.172.28.228 remote 185.66.194.1 ttl 255
+        pre-up ip tunnel add $IFACE mode gre local 163.172.194.197 remote 185.66.194.1 ttl 255
         post-up iptables -t nat -A POSTROUTING -o $IFACE -j SNAT --to-source 185.66.193.107
         post-up iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o $IFACE -j TCPMSS --set-mss 1312
         post-up ip link set $IFACE mtu 1400

files/keepalive.exit.sh.j2

@@ -6,79 +6,82 @@ while [ true ] ; do
 	iam=$(/bin/hostname)
 	day=$(date +%d)
 	BATCTL=/usr/local/sbin/batctl
-	active_SN=$iam
 	#### Settings ####
 	# Names of the 2 Supernodes #
-	loadbalance=$(cat /etc/supernode-status/loadbalancing.mode)
+	if [ $iam = "troisdorf4" ]; then
-	if [ $iam = "troisdorf5" ]; then
+		my_SN_IP=185.66.193.104
+		other_SN_IP=185.66.193.105
+		other_SN_DNS=5.fftdf.de
+		meship=10.188.0.4
+		SN1=troisdorf4
+		SN2=troisdorf5
+		slack="/usr/local/bin/slacktee.sh -u troisdorf4"
+	elif [ $iam = "troisdorf5" ]; then
 		my_SN_IP=185.66.193.105
 		other_SN_IP=185.66.193.106
-		meship=10.188.255.5
+		other_SN_DNS=6.fftdf.de
+		meship=10.188.32.5
 		SN1=troisdorf5
 		SN2=troisdorf6
+		slack="/usr/local/bin/slacktee.sh -u troisdorf5"
 	elif [ $iam = "troisdorf6" ]; then
 		my_SN_IP=185.66.193.106
-		other_SN_IP=185.66.193.105
+		other_SN_IP=185.66.193.104
-		meship=10.188.255.6
+		other_SN_DNS=4.fftdf.de
-		SN1=troisdorf5
+		meship=10.188.64.6
-		SN2=troisdorf6
+		SN1=troisdorf6
-	elif [ $iam = "troisdorf1" ]; then
+		SN2=troisdorf4
-		my_SN_IP=185.66.193.101
+		slack="/usr/local/bin/slacktee.sh -u troisdorf6"
-		other_SN_IP=185.66.193.102
+	elif [ $iam = "troisdorf7" ]; then
-		meship=10.188.255.1
+		my_SN_IP=185.66.193.107
-		SN1=troisdorf1
+		other_SN_IP=185.66.193.104
-		SN2=troisdorf2
+		other_SN_DNS=4.fftdf.de
-	elif [ $iam = "troisdorf2" ]; then
+		meship=10.188.92.7
-		my_SN_IP=185.66.193.102
+		SN1=troisdorf7
-		other_SN_IP=185.66.193.101
+		SN2=troisdorf4
-		meship=10.188.255.2
+		slack="/usr/local/bin/slacktee.sh -u troisdorf7"
-		SN1=troisdorf1
-		SN2=troisdorf2
 	fi
-	if [ $loadbalance = "1" ] && [ $mode != "0" ]; then
-		if [ $day -gt 15 ]; then
-			active_SN=$SN1
-		else
-			active_SN=$SN2
-		fi
-	fi
-
-
 ##################
 # functions #
 # Supernode off #
 	supernode_off () {
-	    $BATCTL gw off
+	    /usr/local/sbin/batctl gw off
 		/usr/sbin/service bird6 stop
 		/usr/sbin/service bird stop
 		/usr/sbin/service tunneldigger stop
+		/usr/sbin/service tunneldigger-backup stop
 		/usr/sbin/service radvd stop
 		/usr/sbin/service isc-dhcp-server stop
-		if [ $loadbalance == 1 ] && [ $mode != 0 ]; then
+		echo 0 > /etc/supernode-status/supernode.status
-			echo 3 > /etc/supernode-status/supernode.status
-		else
-			echo 0 > /etc/supernode-status/supernode.status
-		fi
 		echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003
 	}
 # Supernode on #
 	supernode_on () {
-		$BATCTL gw server 100Mbit/100Mbit
+		/usr/local/sbin/batctl gw server 100Mbit/100Mbit
 	    /usr/sbin/service bird6 start
 	    /usr/sbin/service bird start
 	    /usr/sbin/service tunneldigger start
+	    /usr/sbin/service tunneldigger-backup stop
 	    /usr/sbin/service radvd start
 	    /usr/sbin/service isc-dhcp-server start
-	    if [ $loadbalance == 1 ]; then
+	    echo 1 > /etc/supernode-status/supernode.status
-			echo 1 > /etc/supernode-status/supernode.status
+	    echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003
-		else
+	}
-			echo 2 > /etc/supernode-status/supernode.status
+# Supernode Backup Mode
-		fi
+	supernode_backup () {
+		/usr/local/sbin/batctl gw server 100Mbit/100Mbit
+	    /usr/sbin/service bird6 start
+	    /usr/sbin/service bird start
+	    /usr/sbin/service tunneldigger start
+	    /usr/sbin/service tunneldigger-backup start
+	    /usr/sbin/service radvd start
+	    /usr/sbin/service isc-dhcp-server start
+	    echo 2 > /etc/supernode-status/supernode.status
 	    echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003
 	}
 # Restart Services #
 	supernode_fail () {
-		$BATCTL gw off
+		/usr/local/sbin/batctl gw off
 		/usr/sbin/service bird6 restart
 		/usr/sbin/service bird restart
 		/usr/sbin/service tunneldigger restart
@@ -88,35 +91,33 @@ while [ true ] ; do
 		echo "collectd.gateways.$iam.sn-status $online `date +%s`" | nc -q 0 10.188.1.27 2003
 	}
 #Check other Supernode
-	if [ $iam != $active_SN ]; 
+	if [ $mode != "0" ]; then
-	then
+		if [ $mode = "1" ]; then
-		ping -q -c5 $other_SN_IP -I eth0 > /dev/null
+			/bin/nc -zvu $other_SN_DNS 53842
-		if [ $? -eq 0 ] 
+			if [ $? -eq 0 ]; then
-		then
+		    	if [ $online = 2 ]; then
-	    	if [ $online ==1 ] || [ $online = 2 ]; then
+		    		echo "Supernode wieder online. Backup Modus abgeschaltet" | $slack
-	    		curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode wieder online. Ich habe mich wieder ausgeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }}
+		    		supernode_on
-	    	fi
+		    	fi
-	    	supernode_off
-		else
-			supernode_on
-			curl -X POST --data-urlencode 'payload={"text": "Aktiver Supernode offline. Ich habe mich eingeschaltet", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }}
-			sleep 300
-		fi
-	else
-# Check this Supernode
-		if [ $mode != "0" ]; then
-			ping -q -c5 $my_SN_IP -I eth0 > /dev/null
-			if [ $? -eq 0 ] 
-			then
-			    if [ $online = 0 ] || [ $online = 3 ]; then
-			    	curl -X POST --data-urlencode 'payload={"text": "Ich bin jetzt Supernode!", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":white_check_mark:"}' https://hooks.slack.com/services/{{ slack_token }}
-			    fi
-			    supernode_on
 			else
-				supernode_fail
+				supernode_backup
-				curl -X POST --data-urlencode 'payload={"text": "Ich konnte mich selbst nicht anpingen. Ich versuche mal die Services neu zu starten", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":warning:"}' https://hooks.slack.com/services/{{ slack_token }}
+				echo "Supernode offline. Backup modus eingeschaltet" | $slack
 			fi
 		fi
+# Check this Supernode
+		/bin/ping -q -c5 $my_SN_IP -I eth0 > /dev/null
+		if [ $? -eq 0 ]; then
+		    if [ $online = 0 ]; then
+		    	echo "Ich bin jetzt Supernode!" | $slack
+		    elif [ $mode = 1 ]; then
+		    	supernode_on
+			elif [ $mode = 2 ]; then
+				supernode_backup
+			fi
+		else
+			supernode_fail
+			echo "Ich konnte mich selbst nicht anpingen. Ich versuche mal die Services neu zu starten" | $slack
+		fi
 	fi
 # Supernode off
 	if [ $mode = "0" ]; then
@@ -127,17 +128,20 @@ while [ true ] ; do
     do
         x=`pidof $service`;
         if [ "$x" = "" ]; then 
-                echo "collectd.gateways.$iam.$service 0 `date +%s`" | nc -q 0 10.188.1.27 2003
+            echo "collectd.gateways.$iam.$service 0 `date +%s`" | nc -q 0 10.188.1.27 2003
-                echo 0 > /etc/supernode-status/"$service".status
+            echo 0 > /etc/supernode-status/"$service".status
         else
-                echo "collectd.gateways.$iam.$service 1 `date +%s`" | nc -q 0 10.188.1.27 2003
+            echo "collectd.gateways.$iam.$service 1 `date +%s`" | nc -q 0 10.188.1.27 2003
-                echo 1 > /etc/supernode-status/"$service".status
+            echo 1 > /etc/supernode-status/"$service".status
         fi
     done
 # Check DNS Server
-   	host google.de $meship
+   	/usr/bin/host google.de $meship
    	if [ "$?" != "0" ]; then
    		service bind9 restart
+   		if [ $mode != "0" ]; then
+   			echo "DNS Server läuft nicht! Versuche neu zu starten!" | $slack
+   		fi
    	fi
 #Check Tunneldigger Connections
 	if ! [ -d /opt/freifunk/tunneldigger_interfaces ]; then

files/l2tp_backbone.sh.exit.j2

@@ -1,55 +1,41 @@
 #!/bin/sh
-# Version 6
+# Version 9
-# Der servername muss mit einer einstelligen Zahl aufhoeren!!!!!
+sleep 60
-communityname="troisdorf"
-server="troisdorf1 troisdorf2 troisdorf3 troisdorf4 troisdorf5 troisdorf6 troisdorf7 troisdorf8 troisdorf9"
-#server="troisdorf7 {{ sn_hostname }}"
-domain="freifunk-troisdorf.de"
-mtu={{ sn_mtu }}
-# community MAC address, without the last Byte (:)!
-communitymacaddress="a2:8c:ae:6f:f6"
-tunnelPrefix=10
-sessionPrefix=1
-# Netzwerkteil des Netzes, ohne abschliessenden Punkt
-communitynetwork="10.188"
-# IPv6 network
-#communitynetworkv6="fda0:747e:ab29:7405:255::"
-communitynetworkv6="2a03:2260:121::"
-# Drittes Octet des serverbereichs
-octet3rd="255"
-# CIDR muss /16 sein
-localserver=$(/bin/hostname)
-batadv=/usr/local/sbin/batadv-vis
 batctl=/usr/local/sbin/batctl
 ip=/sbin/ip
-dig=/usr/bin/dig
+communitymacaddress="a2:8c:ae:6f:f6"
+localserver=$(/bin/hostname)
+communityname=troisdorf
 
-for i in $server; do
+# L2tp to Map
-(
+$ip l2tp add tunnel remote 138.201.70.103 local $(/bin/hostname -I | /usr/bin/cut -f1 -d' ') tunnel_id {{ sn_number }}0 peer_tunnel_id 0{{ sn_number }} encap udp udp_sport 300{{ sn_number }}0 udp_dport 3000{{ sn_number }}
-        for j in $server; do
+$ip l2tp add session name l2tp-map tunnel_id {{ sn_number }}0 session_id 1{{ sn_number }}0 peer_session_id 2{{ sn_number }}0
-                if [ $i  != $j ]; then
+$ip link set dev l2tp-map mtu 1312
-                        if [ $i = $localserver ]; then
+$ip link set up l2tp-map
-                                 ip l2tp add tunnel remote $($dig +short $j.$domain) local $(/bin/hostname  -I | /usr/bin/cut -f1 -d' ') tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} peer_tunnel_id $tunnelPrefix${j#$communityname}${i#$communityname} encap udp udp_sport 300${i#$communityname}${j#$communityname} udp_dport 300${j#$communityname}${i#$communityname}
+$batctl if add l2tp-map
-                                 ip l2tp add session name l2tp-$j tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} session_id $sessionPrefix${i#$communityname}${j#$communityname} peer_session_id $sessionPrefix${j#$communityname}${i#$communityname}
-                                 #ip link set address $communitymacaddress:${i#$communityname}${j#$communityname} dev l2tp-$j
-                                 ip link set dev l2tp-$j mtu $mtu
-                                 ip link set up l2tp-$j
-                                 $batctl if add l2tp-$j
-                        fi
-                fi
-        done
-)
-done
 
-# Rest starten
+# Rest Starten
 $ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0
 $ip link set up dev bat0
-$ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0
+$ip addr add {{ sn_mesh_IPv4 }}/19 broadcast {{ sn_mesh_IPv4_brcast }} dev bat0
-$ip -6 addr add $communitynetworkv6$octet3rd:${localserver#$communityname}/64 dev bat0
+$ip -6 addr add {{ sn_mesh_IPv6 }}/64 dev bat0
-$ip route add {{ snx_ffrl_IPv4 }}/32 via {{ snx_mesh_IPv4 }} table 42
+$ip route add 10.188.0.0/16 via {{ sn_mesh_IPv4_xfer }} table 42
-$ip route add {{ snx_ffrl_IPv4 }}/32 via {{ snx_mesh_IPv4 }}
+$ip route add 10.188.0.0/16 via {{ sn_mesh_IPv4_xfer }}
+
+$ip -6 route add 2a03:2260:121:4000::/52 via {{ sn_mesh_IPv6_xfer }} table 42
+$ip -6 route add 2a03:2260:121:5000::/52 via {{ sn_mesh_IPv6_xfer }} table 42
+$ip -6 route add 2a03:2260:121:6000::/52 via {{ sn_mesh_IPv6_xfer }} table 42
+$ip -6 route add 2a03:2260:121:7000::/52 via {{ sn_mesh_IPv6_xfer }} table 42
 
 /usr/bin/killall batadv-vis
 /bin/sleep 15
 $batadv -i bat0 -s > /dev/null 2>&1 &
+/bin/sleep 15
+/usr/sbin/service tunneldigger restart
+/usr/sbin/service bind9 restart
+/usr/sbin/service bird restart
+/usr/sbin/service bird6 restart
+/usr/sbin/service isc-dhcp-server restart
+/usr/sbin/service radvd restart
+$batctl gw server 100Mbit/100Mbit
 

files/l2tp_broker-backup.cfg

@@ -0,0 +1,51 @@
+[broker]
+; IP address the broker will listen and accept tunnels on
+address={{ ansible_default_ipv4.address }}
+; Ports where the broker will listen on
+port={{ sn_l2tp_tb_backup_port }}
+; Interface with that IP address
+interface=eth0
+; Maximum number of cached cookies, required for establishing a
+; session with the broker
+max_cookies=1024
+; Maximum number of tunnels that will be allowed by the broker
+max_tunnels=150
+; Tunnel port base
+port_base=25000
+; Tunnel id base
+tunnel_id_base=500
+; Tunnel timeout interval in seconds
+tunnel_timeout=60
+; Should PMTU discovery be enabled
+pmtu_discovery=false
+; Namespace (for running multiple brokers); note that you must also
+; configure disjunct ports, and tunnel identifiers in order for
+; namespacing to work
+namespace=backup
+
+[log]
+; Log filename
+filename=/var/log/tunneldigger-broker-backup.log
+; Verbosity
+verbosity=DEBUG
+; Should IP addresses be logged or not
+log_ip_addresses=false
+
+[hooks]
+; Arguments to the session.{up,pre-down,down} hooks are as follows:
+;
+;    <tunnel_id> <session_id> <interface> <mtu> <endpoint_ip> <endpoint_port> <local_port>
+;
+; Arguments to the session.mtu-changed hook are as follows:
+;
+;    <tunnel_id> <session_id> <interface> <old_mtu> <new_mtu>
+;
+
+; Called after the tunnel interface goes up
+session.up=/srv/tunneldigger/bataddif.sh
+; Called just before the tunnel interface goes down
+session.pre-down=/srv/tunneldigger/batdelif.sh
+; Called after the tunnel interface goes down
+session.down=
+; Called after the tunnel MTU gets changed because of PMTU discovery
+session.mtu-changed=

files/named.conf.fftdf

@@ -1,6 +0,0 @@
-zone "fftdf" {
-  type slave;
-  masters { 10.188.1.100; };
-  file "/var/lib/bind/db.fftdf";
-};
-

files/named.conf.local

@@ -0,0 +1,10 @@
+//
+// Do any local configuration here
+//
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
+// Include Freifunk Troisdorf (fftdf) zones
+include "/etc/bind/fftdf/fftdf.conf";

files/radvd.conf.j2

@@ -3,8 +3,7 @@ interface bat0 {
         IgnoreIfMissing on;
         MaxRtrAdvInterval 200;
         RDNSS {{ sn_mesh_IPv6 }} {};
-#        prefix fda0:747e:ab29:7405::/64 {
+	prefix {{ sn_mesh_IPv6_net }} {
-        prefix 2a03:2260:121::/64 {
                 AdvOnLink on;
                 AdvAutonomous on;
                 AdvRouterAddr on;

files/slacktee.conf

@@ -0,0 +1,13 @@
+# ----------
+# Configuration
+#   Describes the Incoming Webhook allowing you to post messages into Slack.
+#   After the configuration, copy this file to /etc or your home directory.
+#   NOTE : Please rename this file to '.slacktee', if you'd like to place this in your home directory.
+# ----------
+webhook_url="https://hooks.slack.com/services/{{ slack_token }}"      # Incoming Webhooks integration URL. See https://my.slack.com/services/new/incoming-webhook
+upload_token=""     # The user's API authentication token, only used for file uploads. See https://api.slack.com/#auth
+channel="technik"   # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'.
+tmp_dir="/tmp"      # Temporary file is created in this directory.
+username="slacktee" # Default username to post messages.
+icon="ghost"        # Default emoji or a direct url to an image to post messages. You don't have to wrap emoji with ':'. See http://www.emoji-cheat-sheet.com.
+attachment=""       # Default color of the attachments. If an empty string is specified, the attachments are not used.

files/slacktee.conf.j2

@@ -0,0 +1,13 @@
+# ----------
+# Configuration
+#   Describes the Incoming Webhook allowing you to post messages into Slack.
+#   After the configuration, copy this file to /etc or your home directory.
+#   NOTE : Please rename this file to '.slacktee', if you'd like to place this in your home directory.
+# ----------
+webhook_url="https://hooks.slack.com/services/{{ slack_token }}"      # Incoming Webhooks integration URL. See https://my.slack.com/services/new/incoming-webhook
+upload_token=""     # The user's API authentication token, only used for file uploads. See https://api.slack.com/#auth
+channel="technik"   # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'.
+tmp_dir="/tmp"      # Temporary file is created in this directory.
+username="slacktee" # Default username to post messages.
+icon="ghost"        # Default emoji or a direct url to an image to post messages. You don't have to wrap emoji with ':'. See http://www.emoji-cheat-sheet.com.
+attachment=""       # Default color of the attachments. If an empty string is specified, the attachments are not used.

files/slacktee.sh

@@ -0,0 +1,605 @@
+#!/usr/bin/env bash
+
+# ----------
+# Default Configuration
+# ----------
+webhook_url=""       # Incoming Webhooks integration URL
+upload_token=""      # The user's API authentication token, only used for file uploads
+channel="general"    # Default channel to post messages. '#' is prepended, if it doesn't start with '#' or '@'.
+tmp_dir="/tmp"       # Temporary file is created in this directory.
+username="slacktee"  # Default username to post messages.
+icon="ghost"         # Default emoji to post messages. Don't wrap it with ':'. See http://www.emoji-cheat-sheet.com; can be a url too.
+attachment=""        # Default color of the attachments. If an empty string is specified, the attachments are not used.
+
+# ----------
+# Initialization
+# ----------
+me=$(basename "$0")
+title=""
+mode="buffering"
+link=""
+textWrapper="\`\`\`"
+parseMode=""
+fields=()
+# Since bash 3 doesn't support the associative array, we store colors and patterns separately
+cond_color_colors=()
+cond_color_patterns=()
+found_pattern_color=""
+# This color is used when 'attachment' is used without color specification
+internal_default_color="#C0C0C0"
+
+# Since bash 3 doesn't support the associative array, we store prefixes and patterns separately
+cond_prefix_prefixes=()
+cond_prefix_patterns=()
+found_title_prefix=""
+
+function show_help()
+{
+	echo "usage: $me [options]"
+	echo "  options:"
+	echo "    -h, --help                        Show this help."
+	echo "    -n, --no-buffering                Post input values without buffering."
+	echo "    -f, --file                        Post input values as a file."
+	echo "    -l, --link                        Add a URL link to the message."
+	echo "    -c, --channel channel_name        Post input values to specified channel or user."
+	echo "    -u, --username user_name          This username is used for posting."
+	echo "    -i, --icon emoji_name|url         This icon is used for posting. You can use a word"
+	echo "                                      from http://www.emoji-cheat-sheet.com or a direct url to an image."
+	echo "    -t, --title title_string          This title is added to posts."
+	echo "    -m, --message-formatting format   Switch message formatting (none|link_names|full)."
+	echo "                                      See https://api.slack.com/docs/formatting for more details."
+	echo "    -p, --plain-text                  Don't surround the post with triple backticks."
+	echo "    -a, --attachment [color]          Use attachment (richly-formatted message)"
+	echo "                                      Color can be 'good','warning','danger' or any hex color code (eg. #439FE0)"
+	echo "                                      See https://api.slack.com/docs/attachments for more details."
+	echo "    -e, --field title value           Add a field to the attachment. You can specify this multiple times."
+	echo "    -s, --short-field title value     Add a short field to the attachment. You can specify this multiple times."
+	echo "    -o, --cond-color color pattern    Change the attachment color if the specified Regex pattern matches the input."
+	echo "                                      You can specify this multile times."
+	echo "                                      If more than one pattern matches, the latest matched pattern is used."
+	echo "    -d, --cond-prefix prefix pattern  This prefix is added to the message, if the specified Regex pattern matches the input."
+	echo "                                      You can specify this multile times."
+	echo "                                      If more than one pattern matches, the latest matched pattern is used."
+	echo "    --config config_file              Specify the location of the config file."
+	echo "    --setup                           Setup slacktee interactively."
+}
+
+
+
+function send_message()
+{
+	message="$1"
+
+	# Prepend the prefix to the message, if it's set
+	if [[ -z $attachment && -n $found_pattern_prefix ]]; then
+		message="$found_pattern_prefix$message"
+		# Clear conditional prefix for the nest send
+		found_pattern_prefix=""
+	fi
+
+	escaped_message=$(echo "$textWrapper\n$message\n$textWrapper" | sed 's/"/\\"/g' | sed "s/'/\\'/g" )
+	message_attr=""
+	if [[ $message != "" ]]; then
+		if [[ -n $attachment ]]; then
+
+			# Set message color
+			message_color="$attachment"
+			if [[ -n $found_pattern_color ]]; then
+				message_color="$found_pattern_color"
+				# Reset with the default color for the next send
+				found_pattern_color="$attachment"
+			fi
+
+			message_attr="\"attachments\": [{ \"color\": \"$message_color\", \"mrkdwn_in\": [\"text\", \"fields\"], \"text\": \"$escaped_message\" "
+
+			if [[ -n $found_pattern_prefix ]]; then
+				title="$found_pattern_prefix $title"
+				# Clear conditional prefix for the nest send
+				found_pattern_prefix=""
+			fi
+
+			if [[ -n $title ]]; then
+				message_attr="$message_attr, \"title\": \"$title\" "
+			fi
+
+			if [[ -n $link ]]; then
+				message_attr="$message_attr, \"title_link\": \"$link\" "
+			fi
+
+			if [[ $mode == "file" ]]; then
+				fields+=("{\"title\": \"Access URL\", \"value\": \"$access_url\" }")
+				fields+=("{\"title\": \"Download URL\", \"value\": \"$download_url\"}")
+			fi
+
+			if [[ ${#fields[@]} != 0 ]]; then
+				message_attr="$message_attr, \"fields\": ["
+				for field in "${fields[@]}"; do 
+					message_attr="$message_attr $field,"
+				done
+				message_attr=${message_attr%?} # Remove last comma
+				message_attr="$message_attr ]"
+			fi
+
+			# Close attachment
+			message_attr="$message_attr }], "
+		else
+			message_attr="\"text\": \"$escaped_message\","	    
+		fi
+
+		icon_url=""
+		icon_emoji=""
+		if echo "$icon" | grep -q "^https\?://.*"; then
+			icon_url="$icon"
+		else
+			icon_emoji=":$icon:"
+		fi
+
+		json="{\"channel\": \"$channel\", \"username\": \"$username\", $message_attr \"icon_emoji\": \"$icon_emoji\", \"icon_url\": \"$icon_url\" $parseMode}"
+		post_result=$(curl -X POST --data-urlencode "payload=$json" "$webhook_url" 2> /dev/null)
+		exit_code=1
+		if [[ $post_result == "ok" ]]; then
+			exit_code=0
+		fi
+	fi
+}
+
+function process_line()
+{
+	echo "$1"
+	line="$(echo "$1" | sed $'s/\t/  /g')"
+
+	# Check the patterns of the conditional colors
+	# If more than one pattern matches, the latest pattern is used
+	if [[ ${#cond_color_patterns[@]} != 0 ]]; then
+		for i in "${!cond_color_patterns[@]}"; do
+			if [[ $line =~ ${cond_color_patterns[$i]} ]]; then
+				found_pattern_color=${cond_color_colors[$i]}
+			fi
+		done
+	fi
+
+	# Check the patterns of the conditional titles
+	# If more than one pattern matches, the latest pattern is used
+	if [[ ${#cond_prefix_patterns[@]} != 0 ]]; then
+		for i in "${!cond_prefix_patterns[@]}"; do
+			if [[ $line =~ ${cond_prefix_patterns[$i]} ]]; then
+				found_pattern_prefix=${cond_prefix_prefixes[$i]}
+				if [[ -n $attachment || $mode != "no-buffering" ]]; then
+					# Append a line break to the prefix for better formatting
+					found_pattern_prefix="$found_pattern_prefix\n"
+				else
+					# Append a space to the prefix for better formatting
+					found_pattern_prefix="$found_pattern_prefix "
+				fi
+			fi
+		done
+	fi
+
+	if [[ $mode == "no-buffering" ]]; then
+		prefix=''
+		if [[ -z $attachment ]]; then
+			prefix=$title
+		fi  
+		send_message "$prefix$line"
+	elif [[ $mode == "file" ]]; then
+		echo "$line" >> "$filename"
+	else
+		if [[ -z "$text" ]]; then
+			text="$line"
+		else
+			text="$text\n$line"
+		fi  
+	fi  
+}
+
+function setup()
+{
+	if [[ -z "$HOME" ]]; then
+		echo "\$HOME is not defined. Please set it first."
+		exit 1
+	fi
+
+	local_conf="$HOME/.slacktee"
+
+	if [[ -e "$local_conf" ]]; then
+		echo ".slacktee is found in your home directory."
+		read -p "Are you sure to overwrite it? [y/n] :" choice
+		case "$choice" in
+			y|Y )
+				# Continue
+				;;
+			* )
+				exit 0 # Abort
+				;;
+		esac
+	fi
+
+	# Load current local config
+	. $local_conf
+
+	# Start setup
+	read -p "Incoming Webhook URL [$webhook_url]: " input_webhook_url
+	if [[ -z "$input_webhook_url" ]]; then
+		input_webhook_url=$webhook_url
+	fi
+	read -p "Upload Token [$upload_token]: " input_upload_token
+	if [[ -z "$input_upload_token" ]]; then
+		input_upload_token=$upload_token
+	fi
+	read -p "Temporary Directory [$tmp_dir]: " input_tmp_dir
+	if [[ -z "$input_tmp_dir" ]]; then
+		input_tmp_dir=$tmp_dir
+	fi
+	read -p "Default Channel [$channel]: " input_channel
+	if [[ -z "$input_channel" ]]; then
+		input_channel=$channel
+	fi
+	read -p "Default Username [$username]: " input_username
+	if [[ -z "$input_username" ]]; then
+		input_username=$username
+	fi
+	read -p "Default Icon: [$icon]: " input_icon
+	if [[ -z "$input_icon" ]]; then
+		input_icon=$icon
+	fi
+	read -p "Default color of the attachment. (empty string disables attachment) [$attachment]: " input_attachment
+	if [[ -z "$input_attachment" ]]; then
+		input_attachment=$attachment
+	elif [[ $input_attachment == '""' || $input_attachment == "''" ]]; then
+		input_attachment=""
+	fi
+
+	cat <<- EOF | sed 's/^[[:space:]]*//' > "$local_conf"
+	webhook_url="$input_webhook_url"
+	upload_token="$input_upload_token"
+	tmp_dir="$input_tmp_dir"
+	channel="$input_channel"
+	username="$input_username"
+	icon="$input_icon"
+	attachment="$input_attachment"
+	EOF
+}
+
+# ----------
+# Parse command line options
+# ----------
+OPTIND=1
+
+while [[ $# -gt 0 ]]; do
+	opt="$1"
+	shift
+
+	case "$opt" in
+		-h|\?|--help)
+			show_help
+			exit 0
+			;;
+		-n|--no-buffering)
+			mode="no-buffering"
+			;;
+		-f|--file)
+			mode="file"
+			;;
+		-l|--link)
+			link="$1"
+			shift
+			;;
+		-c|--channel)
+			opt_channel="$1"
+			shift
+			;;
+		-u|--username)
+			opt_username="$1"
+			shift
+			;;
+		-i|--icon)
+			opt_icon="$1"
+			shift
+			;;
+		-t|--title)
+			title="$1"
+			shift
+			;;
+		-d|--cond-prefix)
+			case "$1" in
+				-*|'')
+					# Found next command line option or empty. Error.
+					echo "a prefix of the conditional title was not specified"
+					show_help
+					exit 1
+					;;
+				*)
+					# Prefix should be found
+					case "$2" in
+						-*|'')
+							# Found next command line option or empty. Error.
+							echo "a pattern of the conditional title was not specified"
+							show_help
+							exit 1
+							;;
+						*)
+							# Set the prefix and the pattern to arrays
+							cond_prefix_prefixes+=("$1")
+							cond_prefix_patterns+=("$2")
+							shift
+							shift
+							;;
+					esac
+					;;
+			esac
+			;;
+		-m|--message-formatting)
+			case "$1" in
+				none)
+					parseMode=', "parse": "none"'
+					;;
+				link_names)
+					parseMode=', "link_names": "1"'
+					;;
+				full)
+					parseMode=', "parse": "full"'
+					;;
+				*)
+					echo "unknown message formatting option"
+					show_help
+					exit 1
+					;;
+			esac
+			shift
+			;;
+		-p|--plain-text)
+			textWrapper=""
+			;;
+
+		-a|--attachment)
+			case "$1" in
+				-*|'')
+					# Found next command line option
+					opt_attachment="$internal_default_color" # Use default color
+					;;
+				\#*|good|warning|danger)
+					# Found hex color code or predefined colors
+					opt_attachment="$1"
+					shift
+					;;
+				*)
+					echo "unknown attachment color"
+					show_help
+					exit 1
+					;;
+			esac
+			;;
+		-o|--cond-color)
+			case "$1" in
+				-*|'')
+					# Found next command line option or empty. Error.
+					echo "a color of the conditional color was not specified"
+					show_help
+					exit 1
+					;;
+				\#*|good|warning|danger)
+					# Found hex color code or predefined colors
+					case "$2" in
+						-*|'')
+							# Found next command line option or empty. Error.
+							echo "a pattern of the conditional color was not specified"
+							show_help
+							exit 1
+							;;
+						*)
+							# Set the color and the pattern to arrays
+							cond_color_colors+=("$1")
+							cond_color_patterns+=("$2")
+							shift
+							shift
+							;;
+					esac
+					;;
+				*)
+					echo "unknown attachment color $1"
+					show_help
+					exit 1
+				;;
+			esac
+			;;
+		-e|-s|--field|--short-field)
+			case "$1" in
+				-*|'')
+					# Found next command line option or empty. Error.
+					echo "field title was not specified"
+					show_help
+					exit 1
+					;;
+				*)
+					case "$2" in
+						-*|'')
+							# Found next command line option or empty. Error.
+							echo "field value was not specified"
+							show_help
+							exit 1
+							;;			   
+						*)
+							if [[ $opt == "-s" || $opt == "--short-field" ]]; then
+								fields+=("{\"title\": \"$1\", \"value\": \"$2\", \"short\": true}")
+							else
+								fields+=("{\"title\": \"$1\", \"value\": \"$2\"}")
+							fi
+							shift
+							shift
+							;;
+					esac
+			esac
+			;;
+		--config)
+			CUSTOM_CONFIG=$1
+			shift
+			;;
+		--setup)
+			setup
+			exit 1
+			;;
+		*)
+			echo "illegal option $opt"
+			show_help
+			exit 1
+			;;
+	esac
+done
+
+# ---------
+# Read in our configurations
+# ---------
+if [[ -e "/etc/slacktee.conf" ]]; then
+	. /etc/slacktee.conf
+fi
+
+if [[ -n "$HOME" && -e "$HOME/.slacktee" ]]; then
+	. "$HOME/.slacktee"
+fi
+
+if [[ -e "$CUSTOM_CONFIG" ]]; then
+	. $CUSTOM_CONFIG
+fi
+
+# Overwrite webhook_url if the environment variable SLACKTEE_WEBHOOK is set
+if [[ "$SLACKTEE_WEBHOOK" != "" ]]; then
+	webhook_url="$SLACKTEE_WEBHOOK"
+fi
+
+# Overwrite upload_token if the environment variable SLACKTEE_TOKEN is set
+if [[ "$SLACKTEE_TOKEN" != "" ]]; then
+	upload_token="$SLACKTEE_TOKEN"
+fi
+
+# Overwrite channel if it's specified in the command line option
+if [[ "$opt_channel" != "" ]]; then
+	channel="$opt_channel"
+fi
+
+# Overwrite username if it's specified in the command line option
+if [[ "$opt_username" != "" ]]; then
+	username="$opt_username"
+fi
+
+# Overwrite icon if it's specified in the command line option
+if [[ "$opt_icon" != "" ]]; then
+	icon="$opt_icon"
+fi
+
+# Overwrite attachment if it's specified in the command line option
+if [[ "$opt_attachment" != "" ]]; then
+	attachment="$opt_attachment"
+fi
+
+# Set the default color to attachment if it's still empty and the length of the cond_color_patterns is not 0
+if [[ -z $attachment ]] && [[ ${#cond_color_patterns[@]} != 0 ]]; then
+	attachment="$internal_default_color"
+fi
+
+# ----------
+# Validate configurations
+# ----------
+
+if [[ $webhook_url == "" ]]; then
+	echo "Please setup the webhook url of this incoming webhook integration."
+	exit 1
+fi
+
+if [[ $upload_token == "" && $mode == "file" ]]; then
+	echo "Please provide the authentication token for file uploads."
+	exit 1
+fi
+
+if [[ $channel == "" ]]; then
+	echo "Please specify a channel."
+	exit 1
+elif [[ ( "$channel" != "#"* ) && ( "$channel" != "@"* ) ]]; then
+	channel="#$channel"
+fi
+
+if [[ -n "$icon" ]]; then
+	icon=${icon#:} # remove leading ':'
+	icon=${icon%:} # remove trailing ':'
+fi
+
+# ----------
+# Start script
+# ----------
+
+text=""
+if [[ -n "$title" || -n "$link" ]]; then
+	# Use link as title, if title is not specified
+	if [[ -z "$title" ]]; then
+		title="$link"
+	fi
+
+	# Add title to filename in the file mode
+	if [[ "$mode" == "file" ]]; then
+		filetitle=$(echo "$title"|sed 's/[ /:.]//g')
+		filetitle="$filetitle-"
+	fi
+
+	if [[ -z "$attachment" ]]; then
+		if [[ "$mode" == "no-buffering" ]]; then
+			if [[ -n "$link" ]]; then
+				title="<$link|$title>: "
+			else
+				title="$title: "
+			fi
+		elif [[ "$mode" == "file" ]]; then
+			if [[ -n "$link" ]]; then
+				title="<$link|$title>"
+			fi
+		else
+			if [[ -n "$link" ]]; then
+				text="-- <$link|$title> --\n"
+			else
+				text="-- $title --\n"
+			fi
+		fi
+	fi
+fi
+
+timestamp="$(date +'%m%d%Y-%H%M%S')"
+filename="$tmp_dir/$filetitle$$-$timestamp.log"
+
+if [[ "$mode" == "file" ]]; then
+	touch $filename
+fi
+
+exit_code=0
+
+while IFS='' read line; do
+	process_line "$line"
+done
+if [[ -n $line ]]; then
+	process_line "$line"
+fi
+
+if [[ "$mode" == "buffering" ]]; then
+	send_message "$text"
+elif [[ "$mode" == "file" ]]; then
+	if [[ -s "$filename" ]]; then
+		channels_param=""
+		if [[ ( "$channel" == "#"* ) ]]; then
+			# Set channels for making the file public
+			channels_param="-F channels=$channel"
+		fi
+		result="$(curl -F file=@"$filename" -F token="$upload_token" $channels_param https://slack.com/api/files.upload 2> /dev/null)"
+		access_url="$(echo "$result" | awk 'match($0, /url_private":"([^"]*)"/) {print substr($0, RSTART+14, RLENGTH-15)}'|sed 's/\\//g')"
+		download_url="$(echo "$result" | awk 'match($0, /url_private_download":"([^"]*)"/) {print substr($0, RSTART+23, RLENGTH-24)}'|sed 's/\\//g')"
+		if [[ -n "$attachment" ]]; then
+			text="Input file has been uploaded"
+		else
+			if [[ "$title" != "" ]]; then
+				title=" of $title"
+			fi
+			text="Input file$title has been uploaded.\n$access_url\n\nYou can download it from the link below.\n$download_url"
+		fi
+		send_message "$text"
+	fi
+	# Clean up the temp file
+	rm "$filename"
+fi
+
+exit $exit_code

files/sn_startup.exit.sh.j2

@@ -19,11 +19,11 @@ curl -X POST --data-urlencode 'payload={"text": "{{ sn_hostname }} is rebooted",
 
 # Set mark 4 to Freifunk traffic
 /sbin/iptables -t mangle -A PREROUTING -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MARK --set-mark 4
-/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/64 ! -d 2a03:2260:121::/64 -j MARK --set-mark 4
+/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/48 ! -d 2a03:2260:121::/48 -j MARK --set-mark 4
 
 # All from FF IPv4 via routing table 42
 /bin/ip rule add from {{ sn_ffrl_IPv4 }}/32 lookup 42
-/bin/ip -6 rule add from  2a03:2260:121::/64 lookup 42
+/bin/ip -6 rule add from {{ sn_mesh_IPv6_net }} lookup 42
 
 # Allow MAC address spoofing
 /sbin/sysctl net.ipv4.conf.bat0.rp_filter=0

files/start-broker-backup.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+WDIR=/srv/tunneldigger
+VIRTUALENV_DIR=/srv/tunneldigger
+
+cd $WDIR
+source $VIRTUALENV_DIR/bin/activate
+
+bin/python broker/l2tp_broker.py l2tp_broker-backup.cfg

files/supernode

@@ -1,50 +1,61 @@
 #!/bin/bash
 help () {
 echo "Supernode Settings:"
-echo "status | off | on | auto"
+echo "status | off | on | backup | backup_off"
 }
 
 status () {
 	supernode_status=$(/bin/cat /etc/supernode-status/supernode.status)
 	supernode_mode=$(/bin/cat /etc/supernode-status/supernode.mode)
-	loadbalancing=$(cat /etc/supernode-status/loadbalancing.mode)
 
-	echo "Supernode Status: (Ist-Zustand)"
+	echo -e "\nSupernode Status: (Ist-Zustand)"
 	if [ $supernode_status == 0 ]; then
-		echo "Supernode ist Offline"
+		echo "Supernode ist Abgeschaltet"
 	elif [ $supernode_status == 1 ]; then
-		echo "Supernode läuft (Loadbalancing)"
+		echo "Supernode läuft (Automatik inkl. Backup)"
 	elif [ $supernode_status == 2 ]; then
-		echo "Supernode läuft (Dauer-Ein)"
+		echo "Supernode läuft (Backup Netz Aktiv)"
 	elif [ $supernode_status == 3 ]; then
-		echo "Supernode Offline (Loadbalancing)"
+		echo "Supernode läuft (Backup deaktiviert)"	
 	fi
+	echo -e "\nSupernode Status: (Soll-Zustand)"
+	if [ $supernode_mode == 0 ]; then
+		echo "Supernode ist Abgeschaltet"
+	elif [ $supernode_mode == 1 ]; then
+		echo "Supernode läuft (Automatik inkl. Backup)"
+	elif [ $supernode_mode == 2 ]; then
+		echo "Supernode läuft (Backup Netz Aktiv)"
+	elif [ $supernode_mode == 3 ]; then
+		echo "Supernode läuft (Backup deaktiviert)"
+	fi
+	echo -e "\nService Status"
 	for service in bird bird6 dhcpd radvd python named
     do
     	if [ "$(/bin/cat /etc/supernode-status/$service.status)" = "1" ]; then
-    		echo -e "$service \e[1;4;93mläuft\e[0m"
+    		echo -e "$service läuft"
     	else
-    		echo -e "$service \e[1;4;91mläuft nicht\e[0m"
+    		echo -e "$service aus"
     	fi
     done
 }
 
 off () {
 	echo 0 > /etc/supernode-status/supernode.mode
-	echo 0 > /etc/supernode-status/loadbalancing.mode
-	
 	echo "Supernode Aus"
 }
 
 on () {
 	echo 1 > /etc/supernode-status/supernode.mode
-	echo 0 > /etc/supernode-status/loadbalancing.mode
+	echo "Supernode An"
-	echo "Supernode Dauer-An"
 }
 
-auto () {
+backup () {
-	echo 1 > /etc/supernode-status/loadbalancing.mode
+	echo 2 > /etc/supernode-status/supernode.mode
-	echo 1 > /etc/supernode-status/supernode.mode
+	echo "Supernode Aktiviert inkl. Backup"
-	echo "Supernode Aktiviert inkl. Loadbalance"
 }
-$1
+
+backup_off () {
+	echo 3 > /etc/supernode-status/supernode.mode
+	echo "Supernode Aktiviert (Backup deaktiviert)"
+}
+$1

files/tunneldigger-backup.service

@@ -0,0 +1,9 @@
+[Unit]
+Description = Start tunneldigger L2TPv3 broker
+After = network.target
+
+[Service]
+ExecStart = /srv/tunneldigger/start-broker-backup.sh
+
+[Install]
+WantedBy = multi-user.target

install.sn.yml

@@ -9,7 +9,7 @@
   user: root
   gather_facts: False
   vars:
-    snversion: master_v3.0.14
+    snversion: master_v3.0.15
     batmanversion: v2015.2
     common_required_packages:
       - git
@@ -51,11 +51,16 @@
       - l2tp_eth
     tunneldigger_scripts:
       - start-broker.sh
+      - start-broker-backup.sh
       - batdelif.sh
     tunneldigger_service:
       - tunneldigger.service
-    bind_zone_fftdf:
+      - tunneldigger-backup.service
-      - named.conf.fftdf
+    broker_cfg:
+      - l2tp_broker-backup.cfg
+      - l2tp_broker.cfg
+#    bind_zone_fftdf:
+#      - named.conf.fftdf
     check_gw_script:
       - keepalive.sh
     authorized_keys:
@@ -160,7 +165,8 @@
       pip: requirements=/srv/tunneldigger/broker/requirements.txt virtualenv=/srv/tunneldigger/
       when: tunneldigger.changed
     - name: Copy l2tp broker config template
-      template: src=./files/l2tp_broker.cfg.j2 dest=/srv/tunneldigger/l2tp_broker.cfg owner=root group=root mode=0444
+      template: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0444
+      with_items: broker_cfg
       when: tunneldigger.changed
     - name: Copy tunneldigger script template
       template: src=./files/bataddif.sh.j2 dest=/srv/tunneldigger/bataddif.sh owner=root group=root mode=0500
@@ -169,8 +175,8 @@
       copy: src=./files/{{ item }} dest=/srv/tunneldigger owner=root group=root mode=0500
       with_items: tunneldigger_scripts
       when: tunneldigger.changed
-    - name: Copy tunneldigger service file
+    - name: Copy tunneldigger service template
-      copy: src=./files/{{ item }} dest=/etc/systemd/system/tunneldigger.service owner=root group=root mode=0444
+      copy: src=./files/{{ item }} dest=/etc/systemd/system owner=root group=root mode=0444
       with_items: tunneldigger_service
       when: tunneldigger.changed
     - name: Tunneldigger reload
@@ -178,6 +184,7 @@
       with_items:
       - systemctl daemon-reload
       - systemctl enable tunneldigger.service
+      - systemctl enable tunneldigger-backup.service
       when: tunneldigger.changed
     - name: Copy logrotate config
       copy: src=./files/{{ item }} dest=/etc/ owner=root group=root mode=0500
@@ -201,9 +208,9 @@
       template: src=./files/keepalive.exit.sh.j2 dest=/opt/freifunk/keepalive.sh owner=root group=root mode=0500
       register: check_gw
       when: sn_exit is defined
-    - name: Add cron job with check gateway script
+#    - name: Add cron job with check gateway script
-      cron: name=check_gw special_time=reboot job="/opt/freifunk/keepalive.sh > /dev/null 2>&1 &" user="root" 
+#      cron: name=check_gw special_time=reboot job="/opt/freifunk/keepalive.sh > /dev/null 2>&1 &" user="root" 
-      when: check_gw.changed
+#      when: check_gw.changed
     - name: Supernode Config script super- and exitnode
       copy: src=./files/supernode dest=/usr/bin/supernode owner=root group=root mode=0500
       when: sn_exit is defined
@@ -246,13 +253,18 @@
     - name: SSH authorized_keys
       copy: src=./files/{{ item }} dest=/root/.ssh owner=root group=root mode=0400
       with_items: authorized_keys
-    - name: Copy secondary zone file
-      copy: src=./files/{{ item }} dest=/etc/bind owner=root group=bind mode=644
-      with_items: bind_zone_fftdf
     - name: Bind9, activate fftdf zone
-      lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/named.conf.fftdf";' state=present
+      lineinfile: dest=/etc/bind/named.conf line='include "/etc/bind/fftdf/fftdf.conf";' state=present
     - name: Copy option template
       template: src=./files/named.conf.options.j2 dest=/etc/bind/named.conf.options owner=root group=bind mode=644
+    - name: Create fftdf directory
+      file: path=/etc/bind/fftdf state=directory
+    - name: Copy FFTDF Zones
+      copy: src=./files/fftdf/{{ item }} dest=/etc/bind/fftdf/{{ item }} owner=root group=bind mode=644
+      with_items: 
+        - fftdf.conf
+    - name: Copy fftdf Zone config template
+      template: src=./files/fftdf/db.fftdf.j2 dest=/etc/bind/fftdf/db.fftdf owner=radvd group=root mode=0444
     - name: Copy radvd config template
       template: src=./files/radvd.conf.j2 dest=/etc/radvd.conf owner=radvd group=root mode=0444
     - name: Interface configuration with ffrl gre tunnel
@@ -272,6 +284,10 @@
       get_url: url=https://raw.githubusercontent.com/MightySCollins/speedtest-cli/master/speedtest_cli.py dest=/usr/bin/speedtest-cli
     - name: Change rights speedtest-cli
       file: path=/usr/bin/speedtest-cli owner=root group=root mode=0755
+    - name: Copy Slacktee Config
+      template: src=./files/slacktee.conf.j2 dest=/etc/slacktee.conf owner=root group=root mode=0544
+    - name: Copy Slacktee
+      copy: src=./files/slacktee.sh dest=/usr/local/bin/slacktee.sh owner=root group=root mode=0744
     - name: set netfilter rules
       lineinfile: dest=/etc/sysctl.conf line="{{ item }}"
       with_items: