Merge pull request #8 from Freifunk-Troisdorf/remove-old

Remove old

files/keepalive.sh

@@ -1,51 +0,0 @@
-#!/bin/bash
-# Version 1.6
-# Parameter setzen
-GATEWAY1ext=185.66.193.105
-GATEWAY2ext=185.66.193.106
-GATEWAY1=10.188.255.5
-GATEWAY2=10.188.255.6
-GATEWAY1v6=2a03:2260:121::255:5
-GATEWAY2v6=2a03:2260:121::255:6
-IP=/sbin/ip
-PING=/bin/ping
-BATCTL=/usr/local/sbin/batctl
-
-#if [ "hostname = troisdorf1 | troisdorf2" ]
-if [ $(hostname) = "troisdorf1" ] || [ $(hostname) = "troisdorf2" ]
-    then
-        DEFAULT_GATEWAY=$GATEWAY1
-	DEFAULT_GATEWAYext=$GATEWAY1ext
-        FALLBACK_GATEWAY=$GATEWAY2
-	FALLBACK_GATEWAYext=$GATEWAY2ext
-	DEFAULT_GATEWAYv6=$GATEWAY1v6
-	FALLBACK_GATEWAYv6=$GATEWAY2v6
-    else
-        DEFAULT_GATEWAY=$GATEWAY2
-	DEFAULT_GATEWAYext=$GATEWAY2ext
-        FALLBACK_GATEWAY=$GATEWAY1
-        FALLBACK_GATEWAYext=$GATEWAY1ext
-	DEFAULT_GATEWAYv6=$GATEWAY2v6
-	FALLBACK_GATEWAYv6=$GATEWAY1v6
-
-fi
-
-if $PING -c 1 $DEFAULT_GATEWAYext
-        then
-                $IP route replace default via $DEFAULT_GATEWAY table 42
-                $IP -6 route replace default via $DEFAULT_GATEWAYv6 table 42
-                $BATCTL gw server 100Mbit/100Mbit
-                echo "Gateway erreichbar"
-        else
-        if $PING -c 1 $FALLBACK_GATEWAYext
-            then
-                $IP route replace default via $FALLBACK_GATEWAY table 42
-                $IP -6 route replace default via $FALLBACK_GATEWAYv6 table 42
-                $BATCTL gw server 80Mbit/80Mbit
-                echo "Nun FALLBACK_GATEWAY"
-            else
-                $BATCTL gw off
-                #Kein Gateway erreichbar, batctl gw off
-        fi
-fi
-

files/l2tp_backbone.sh.j2

@@ -1,55 +0,0 @@
-#!/bin/sh
-# Version 6
-# Der servername muss mit einer einstelligen Zahl aufhoeren!!!!!
-communityname="troisdorf"
-server="troisdorf1 troisdorf2 troisdorf3 troisdorf4 troisdorf5 troisdorf6 troisdorf7 troisdorf8 troisdorf9"
-#server="troisdorf7 {{ sn_hostname }}"
-domain="freifunk-troisdorf.de"
-mtu={{ sn_mtu }}
-# community MAC address, without the last Byte (:)!
-communitymacaddress="a2:8c:ae:6f:f6"
-tunnelPrefix=10
-sessionPrefix=1
-# Netzwerkteil des Netzes, ohne abschliessenden Punkt
-communitynetwork="10.188"
-# IPv6 network
-#communitynetworkv6="fda0:747e:ab29:7405:255::"
-communitynetworkv6="2a03:2260:121::"
-# Drittes Octet des serverbereichs
-octet3rd="255"
-# CIDR muss /16 sein
-localserver=$(/bin/hostname)
-batadv=/usr/local/sbin/batadv-vis
-batctl=/usr/local/sbin/batctl
-ip=/sbin/ip
-dig=/usr/bin/dig
-
-for i in $server; do
-(
-        for j in $server; do
-                if [ $i  != $j ]; then
-                        if [ $i = $localserver ]; then
-                                 ip l2tp add tunnel remote $($dig +short $j.$domain) local $(/bin/hostname  -I | /usr/bin/cut -f1 -d' ') tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} peer_tunnel_id $tunnelPrefix${j#$communityname}${i#$communityname} encap udp udp_sport 300${i#$communityname}${j#$communityname} udp_dport 300${j#$communityname}${i#$communityname}
-                                 ip l2tp add session name l2tp-$j tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} session_id $sessionPrefix${i#$communityname}${j#$communityname} peer_session_id $sessionPrefix${j#$communityname}${i#$communityname}
-                                 #ip link set address $communitymacaddress:${i#$communityname}${j#$communityname} dev l2tp-$j
-                                 ip link set dev l2tp-$j mtu $mtu
-                                 ip link set up l2tp-$j
-                                 $batctl if add l2tp-$j
-                        fi
-                fi
-        done
-)
-done
-
-# Rest starten
-$ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0
-#$ip link set address $communitymacaddress:ff dev bat0
-$ip link set up dev bat0
-$ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0
-$ip -6 addr add $communitynetworkv6$octet3rd:${localserver#$communityname}/64 dev bat0
-
-/usr/bin/killall batadv-vis
-/bin/sleep 15
-$batadv -i bat0 -s > /dev/null 2>&1 &
-/usr/sbin/service bind9 restart
-/usr/local/sbin/batctl gw server 100Mbit/100Mbit

files/l2tp_backbone_ffswitch.sh.j2

@@ -1,56 +0,0 @@
-#!/bin/sh
-# Version 5
-# Der servername muss mit einer einstelligen Zahl aufhoeren!!!!!
-communityname="troisdorf"
-server="troisdorf0 troisdorf1 troisdorf2 troisdorf3 troisdorf4 troisdorf5 troisdorf6 troisdorf7 troisdorf8 troisdorf9"
-#server="troisdorf0 {{ sn_hostname }}"
-domain="freifunk-troisdorf.de"
-mtu={{ sn_mtu }}
-# community MAC address, without the last Byte (:)!
-communitymacaddress="a2:8c:ae:6f:f6"
-tunnelPrefix=10
-sessionPrefix=1
-# Netzwerkteil des Netzes, ohne abschliessenden Punkt
-communitynetwork="10.188"
-# IPv6 network
-communitynetworkv6="fda0:747e:ab29:7405:255::"
-# Drittes Octet des serverbereichs
-octet3rd="255"
-# CIDR muss /16 sein
-localserver=$(/bin/hostname)
-batadv=/usr/local/sbin/batadv-vis
-alfred=/usr/local/sbin/alfred
-batctl=/usr/local/sbin/batctl
-ip=/sbin/ip
-dig=/usr/bin/dig
-
-for i in $server; do
-(
-        for j in $server; do
-                if [ $i  != $j ]; then
-                        if [ $i = $localserver ]; then
-                                 ip l2tp add tunnel remote $($dig +short $j.$domain) local $(/bin/hostname  -I | /usr/bin/cut -f1 -d' ') tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} peer_tunnel_id $tunnelPrefix${j#$communityname}${i#$communityname} encap udp udp_sport 300${i#$communityname}${j#$communityname} udp_dport 300${j#$communityname}${i#$communityname}
-                                 ip l2tp add session name l2tp-$j tunnel_id $tunnelPrefix${i#$communityname}${j#$communityname} session_id $sessionPrefix${i#$communityname}${j#$communityname} peer_session_id $sessionPrefix${j#$communityname}${i#$communityname}
-                                 #ip link set address $communitymacaddress:${i#$communityname}${j#$communityname} dev l2tp-$j
-                                 ip link set dev l2tp-$j mtu $mtu
-                                 ip link set up l2tp-$j
-                                 $batctl if add l2tp-$j
-                        fi
-                fi
-        done
-)
-done
-
-# Rest starten
-$ip link set address $communitymacaddress:0${localserver#$communityname} dev bat0
-#$ip link set address $communitymacaddress:ff dev bat0
-$ip link set up dev bat0
-$ip addr add $communitynetwork.$octet3rd.${localserver#$communityname}/16 broadcast $communitynetwork.255.255 dev bat0
-$ip -6 addr add $communitynetworkv6${localserver#$communityname}/64 dev bat0
-
-/usr/bin/killall alfred
-/usr/bin/killall batadv-vis
-/bin/sleep 5
-$alfred -i bat0 > /dev/null 2>&1 &
-/bin/sleep 15
-$batadv -i bat0 -s > /dev/null 2>&1 &

files/sn_startup.sh.j2

@@ -1,74 +0,0 @@
-#!/bin/sh
-# Version 1.7
-
-curl -X POST --data-urlencode 'payload={"text": "{{ sn_hostname }} is rebooted", "channel": "#technik", "username": "{{ sn_hostname }}", "icon_emoji": ":floppy_disk:"}' https://hooks.slack.com/services/{{ slack_token }}
-
-# Block RFC1918 and APIPA destination via WAN
-/sbin/iptables -P OUTPUT ACCEPT
-for i in 10.0.0.0/8 172.16.0.0/12 169.254.0.0/16 192.168.0.0/16; do
-/sbin/iptables -A OUTPUT -o eth0 -d $i -j DROP
-done
-
-# Activate IP forwarding
-/sbin/sysctl -w net.ipv6.conf.all.forwarding=1
-/sbin/sysctl -w net.ipv4.ip_forward=1
-
-# restart when kernel panic
-/sbin/sysctl kernel.panic=1
-
-# Stop tunneldigger until bat0 is up
-/usr/sbin/service tunneldigger stop
-
-# Routing table 42
-/bin/grep 42 /etc/iproute2/rt_tables || /bin/echo 42 ffrl >> /etc/iproute2/rt_tables
-
-# Set table for traffice with mark 4
-/bin/ip rule add fwmark 0x4 table 42
-/bin/ip -6 rule add fwmark 0x4 table 42
-
-# Set mark 4 to Freifunk traffic
-/sbin/iptables -t mangle -A PREROUTING -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MARK --set-mark 4
-/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/48 ! -d 2a03:2260:121::/48 -j MARK --set-mark 4
-/sbin/ip6tables -t mangle -A PREROUTING -s 2a03:2260:121::/64 ! -d 2a03:2260:121::/64 -j MARK --set-mark 4
-
-# NAT on eth0
-/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
-
-# All from FF IPv4 via routing table 42
-/bin/ip rule add from 185.66.193.104/30 lookup 42
-/bin/ip -6 rule add from  2a03:2260:121::/64 lookup 42
-
-# Allow MAC address spoofing
-/sbin/sysctl net.ipv4.conf.bat0.rp_filter=0
-
-# Create Tunneldigger Bridge
-/sbin/brctl addbr br-nodes
-/sbin/ip link set dev br-nodes up
-/sbin/ebtables -A FORWARD --logical-in br-nodes -j DROP
-/usr/local/sbin/batctl if add br-nodes
-
-sleep 5
-
-# Fixing the nf_conntrack … dropping packets error
-# hashsize = nf_conntrack_max / 4
-sysctl -w net.netfilter.nf_conntrack_max=131072
-echo 32768 > /sys/module/nf_conntrack/parameters/hashsize
-
-# Against Denial of Service attacks from internal network
-# Check with: sysctl -a | grep conntrack | grep timeout
-sysctl -w net.ipv4.netfilter.ip_conntrack_generic_timeout=240
-sysctl -w net.ipv4.netfilter.ip_conntrack_tcp_timeout_established=54000
-
-# Start tunneldigger
-/bin/systemctl restart tunneldigger
-/bin/systemctl enable tunneldigger
-
-# radvd restart
-/bin/systemctl restart radvd
-/bin/systemctl enable radvd
-
-# restart DHCP
-/bin/systemctl restart isc-dhcp-server
-/bin/systemctl enable isc-dhcp-server
-
-exit 0