nils/gluon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gluon-next-node: split gluon-next-node-batman-adv

Browse Source 
Move ebtables rules dealing with bat0 to gluon-next-node-batman-adv.
This new package should be used in batman-adv based setups instead
of gluon-next-node.
This commit is contained in:
Nils Schneider 2016-04-12 12:24:35 +02:00
parent f7c240496f
commit 33264bec97
4 changed files with 49 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
package/gluon-next-node-batman-adv/Makefile Normal file
View File

@ -0,0 +1,31 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=gluon-next-node-batman-adv
PKG_VERSION:=1
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
include $(GLUONDIR)/include/package.mk
define Package/gluon-next-node-batman-adv
SECTION:=gluon
CATEGORY:=Gluon
TITLE:=Next-node anycast address ebtables filter for batman-adv
DEPENDS:=+gluon-core +gluon-ebtables +gluon-next-node +gluon-mesh-batman-adv +kmod-macvlan
endef
define Build/Prepare
mkdir -p $(PKG_BUILD_DIR)
endef
define Build/Configure
endef
define Build/Compile
endef
define Package/gluon-next-node-batman-adv/install
$(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,gluon-next-node-batman-adv))

17
package/gluon-next-node-batman-adv/files/lib/gluon/ebtables/250-next-node-batman-adv Normal file
View File

@ -0,0 +1,17 @@
local site = require 'gluon.site_config'
local next_node = site.next_node
rule('FORWARD --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')

2
package/gluon-next-node/Makefile
View File

@ -11,7 +11,7 @@ define Package/gluon-next-node
SECTION:=gluon
CATEGORY:=Gluon
TITLE:=Next-node anycast address
DEPENDS:=+gluon-core +gluon-ebtables +gluon-mesh-batman-adv +kmod-macvlan
DEPENDS:=+gluon-core +gluon-ebtables +kmod-macvlan
endef
define Package/gluon-next-node/description

15
package/gluon-next-node/files/lib/gluon/ebtables/250-next-node
View File

@ -3,18 +3,3 @@ local next_node = site.next_node
rule('FORWARD --logical-in br-client -p ARP --arp-ip-src ' .. next_node.ip4 .. ' -j DROP')
rule('FORWARD --logical-in br-client -p ARP --arp-ip-dst ' .. next_node.ip4 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -d ' .. next_node.mac .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -s ' .. next_node.mac .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-destination ' .. next_node.ip4 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv4 --ip-source ' .. next_node.ip4 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-destination ' .. next_node.ip6 .. ' -j DROP')
rule('FORWARD --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')
rule('OUTPUT --logical-out br-client -o bat0 -p IPv6 --ip6-source ' .. next_node.ip6 .. ' -j DROP')