added nat configuration #39
Conversation
dhcp/install.sh
Outdated
|
|
||
| #configuration | ||
| # fetching interface name | ||
| INTERNET=$(ifconfig | grep -m 1 RUNNING | cut -d':' -f1) |
There was a problem hiding this comment.
I understand that you have copied this from some example, and in the case of example it may give a correct result, but not always.
Try this one which is safer: ip route | grep default | cut -d' ' -f5
There was a problem hiding this comment.
okay. I will now prefer ip route over ifconfig.
There was a problem hiding this comment.
okay. I will now prefer ip route over ifconfig
It is not a matter of preference, your first implementation is not guaranteed to work in all the cases.
dhcp/install.sh
Outdated
| apt --yes update | ||
| apt --yes --install-recommends install dnsmasq | ||
| export DEBIAN_FRONTEND=noninteractive | ||
| apt -yq --yes install iptables-persistent |
There was a problem hiding this comment.
-yq flag is required to handle DEBIAN_FRONTEND variable.
There was a problem hiding this comment.
-yq flag is required to handle DEBIAN_FRONTEND variable.
Are you sure about this? Where did you find this information?
There was a problem hiding this comment.
I can share the source - https://serverfault.com/a/227194
There was a problem hiding this comment.
Look up in the man page the meaning of -yq and then remove it.
You have spent me 1 our only for this, and it is not normal that I spend in the project as much time as you do.
dhcp/install.sh
Outdated
| #configuration | ||
| # fetching interface name | ||
| INTERNET=$(ifconfig | grep -m 1 RUNNING | cut -d':' -f1) | ||
| LOCAL=$(ifconfig | grep -m 2 RUNNING | cut -d':' -f1 | tail -n1) |
There was a problem hiding this comment.
Here try something like this:
ip route | grep -v default | cut -d' ' -f3 | grep -v $INTERNET | head -1
dhcp/install.sh
Outdated
| INTERNET=$(ifconfig | grep -m 1 RUNNING | cut -d':' -f1) | ||
| LOCAL=$(ifconfig | grep -m 2 RUNNING | cut -d':' -f1 | tail -n1) | ||
|
|
||
| # configuration | ||
| echo "dhcp-range=tftp,${NETWORK}.250,${NETWORK}.254" >> /etc/dnsmasq.conf |
There was a problem hiding this comment.
Are you sure we need this line with tftp? What does the documentation of dnsmasq say about it?
There was a problem hiding this comment.
yes, the documentation says If dnsmasq is providing a TFTP service then only the filename is required to enable network booting.
Some comment on stackoverflow gave an explanation to this line and concluded that it would reduce time required for network boot.
There was a problem hiding this comment.
yes, the documentation says If dnsmasq is providing a TFTP service then only the filename is required to enable network booting.
We don't need TFTP service on the DHCP server.
Some comment on stackoverflow gave an explanation to this line and concluded that it would reduce time required for network boot.
You cannot trust all the comments on stackoverflow. Couldn't you find anything on the documentation of dnsmasq?
There was a problem hiding this comment.
We don't need TFTP service on the DHCP server.
Please remove this line and fix the configuration of dnsmasq.
dhcp/install.sh
Outdated
| apt --yes update | ||
| apt --yes --install-recommends install dnsmasq | ||
| export DEBIAN_FRONTEND=noninteractive |
There was a problem hiding this comment.
What happens if you remove (or comment out) this line?
There was a problem hiding this comment.
This line is required to handle interactive post-install configuration. If we remove this we won't be able to handle that with our script. As a result we won't be able to install iptables-persistent
There was a problem hiding this comment.
This line is required to handle interactive post-install configuration. If we remove this we won't be able to handle that with our script. As a result we won't be able to install iptables-persistent
Have you tried this?
There was a problem hiding this comment.
yes. I can share a screenshot of what happens if I remove that line. The provision script just freezes -
There was a problem hiding this comment.
yes. I can share a screenshot of what happens if I remove that line.
If I try to remove it and there is no problem, then you are going to have problems. OK?
There was a problem hiding this comment.
Sure. I can make it easy for you. I have created a video which has both cases(line commented and line not commented) https://youtu.be/WQHwKu9ebYA
There was a problem hiding this comment.
Ok, do it like this:
DEBIAN_FRONTEND=noninteractive apt --yes install iptables-persistent
dhcp/install.sh
Outdated
| iptables-save > /etc/iptables.rules | ||
|
|
||
| # restarting service | ||
| service dnsmasq restart |
There was a problem hiding this comment.
You can move this line after changing the configuration (or place the configuration change above it), just to keep them together.
using ip route in place of ifconfig, adding proper comment, clubbing up code together
dhcp server now does not offer tftp services and interactive yes no box is handled by single line
I have added
NATconfiguration to the dhcp server.