Permalink
Browse files

exitnode: deploy rc.local, add routingtable 23

  • Loading branch information...
1977er committed Jan 6, 2019
1 parent bb71174 commit 176b3566329523214c322cde11b11e3070c52b12
Showing with 35 additions and 0 deletions.
  1. +3 −0 roles/exitnode/tasks/main.yml
  2. +15 −0 roles/exitnode/tasks/routing.yml
  3. +17 −0 roles/exitnode/templates/rc.local.j2
@@ -11,3 +11,6 @@

- name: sysctl stuff
include_tasks: sysctl.yml

- name: Routing stuff
include_tasks: routing.yml
@@ -0,0 +1,15 @@
- name: Ensure alternative routing tables are existing
lineinfile:
dest: /etc/iproute2/rt_tables
line: "23 ffnw"

- name: Deploy /etc/rc.local
register: rclocal
template:
src: rc.local.j2
dest: /etc/rc.local
mode: u=rwx,g=rx,o=rx

- name: Apply changes in /etc/rc.local
command: /etc/rc.local
when: rclocal is changed
@@ -0,0 +1,17 @@
#!/bin/sh -e
#
# do not change this, since it is created by ansible!
#

#
# RULES FOR TABLE ffnw
#

# This unreachable route prevents leaking of packets in the other routing tables
# when we have no other default route in the freifunk table.

# Use the packet park from iptables to put the packets in table freifunk
/sbin/ip rule add from all fwmark 0x17 table ffnw priority 242
# /sbin/ip -6 rule add from all fwmark 0x17 table ffnw priority 242

exit 0

0 comments on commit 176b356

Please sign in to comment.