872d0690cd
Prevent the local-node ip6 from being eligible for source address selection. This is highly undesireable in a layer 3 mesh.
63 lines
1.3 KiB
Lua
Executable File
63 lines
1.3 KiB
Lua
Executable File
#!/usr/bin/lua
|
|
|
|
local site = require 'gluon.site_config'
|
|
local uci = require 'luci.model.uci'
|
|
local ip = require 'luci.ip'
|
|
|
|
local c = uci.cursor()
|
|
|
|
|
|
c:delete('network', 'local_node_dev')
|
|
c:section('network', 'device', 'local_node_dev',
|
|
{
|
|
name = 'local-node',
|
|
ifname = 'br-client',
|
|
type = 'macvlan',
|
|
macaddr = site.next_node.mac,
|
|
}
|
|
)
|
|
|
|
local prefix4 = ip.IPv4(site.prefix4)
|
|
c:delete('network', 'local_node')
|
|
c:delete('network', 'local_node4')
|
|
c:delete('network', 'local_node6')
|
|
|
|
c:section('network', 'interface', 'local_node4',
|
|
{
|
|
ifname = 'local-node',
|
|
proto = 'static',
|
|
ipaddr = site.next_node.ip4 .. '/32',
|
|
}
|
|
)
|
|
|
|
c:section('network', 'interface', 'local_node6',
|
|
{
|
|
ifname = 'local-node',
|
|
proto = 'static_deprecated',
|
|
ip6addr = site.next_node.ip6,
|
|
}
|
|
)
|
|
|
|
c:delete('network', 'local_node_route6')
|
|
c:section('network', 'route6', 'local_node_route6',
|
|
{
|
|
interface = 'client',
|
|
target = site.prefix6,
|
|
gateway = '::',
|
|
}
|
|
)
|
|
|
|
c:save('network')
|
|
|
|
c:delete('firewall', 'local_node')
|
|
c:section('firewall', 'zone', 'local_node',
|
|
{
|
|
name = 'local_node',
|
|
network = {'local_node'},
|
|
input = 'ACCEPT',
|
|
output = 'ACCEPT',
|
|
forward = 'REJECT',
|
|
}
|
|
)
|
|
c:save('firewall')
|