Einrichtungs Script PSEUDO Top level

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
  • cat /usr/local/bin/generate.sh
#!/bin/bash
test $# -ne "1" && echo "OKT is missing"
OKT=$1
cat<<HERE > /var/cache/bind/88.10.in-addr.arpa
\$TTL 300
@         IN SOA  dnswg.int. technik.kit.lab. (
                2023022010 14400 3600 3600000 86400)
             IN NS     dnsgw.int.
\$GENERATE 201-213   \$  NS ns.it\$.int.
HERE

cat<<HERE > /var/cache/bind/int
\$TTL 300
@         IN SOA  dnsgw.int. technik.kit.lab. (
                2023022010 14400 3600 3600000 86400)
             IN NS     dnsgw
dnsgw       IN  A     192.168.$OKT.88
callcenter.lab   IN     A     172.24.24.100

\$GENERATE 201-213 ns.it\$ A 10.88.\$.21
\$GENERATE 201-213 fw.it\$ A 192.168.$OKT.\$
\$GENERATE 201-213 it\$ NS ns.it\$
HERE



cat<<HERE > /etc/network/interfaces
auto lo
iface lo inet loopback

auto enp0s3
iface enp0s3 inet static
 address 192.168.$OKT.88/24
 gateway 192.168.$OKT.254
 #post-up ip addr add 192.168.0.254/24 dev enp0s3
 post-up ip route add 10.88.201.0/24 via 192.168.$OKT.201
 post-up ip route add 10.88.202.0/24 via 192.168.$OKT.202
 post-up ip route add 10.88.203.0/24 via 192.168.$OKT.203
 post-up ip route add 10.88.204.0/24 via 192.168.$OKT.204
 post-up ip route add 10.88.205.0/24 via 192.168.$OKT.205
 post-up ip route add 10.88.206.0/24 via 192.168.$OKT.206
 post-up ip route add 10.88.207.0/24 via 192.168.$OKT.207
 post-up ip route add 10.88.208.0/24 via 192.168.$OKT.208
 post-up ip route add 10.88.209.0/24 via 192.168.$OKT.209
 post-up ip route add 10.88.210.0/24 via 192.168.$OKT.210
 post-up ip route add 10.88.211.0/24 via 192.168.$OKT.211
 post-up ip route add 10.88.212.0/24 via 192.168.$OKT.212
 post-up ip route add 10.88.213.0/24 via 192.168.$OKT.213
 post-up ip route add 10.88.214.0/24 via 192.168.$OKT.214
HERE

cat<<HERE > /etc/bind/named.conf.local
zone "int" {
    type master;
    forwarders {};
    file "int";
};
zone "88.10.in-addr.arpa" {
    type master;
    forwarders {};
    file "88.10.in-addr.arpa";
};
HERE
cat<<HERE > /etc/nftables.conf
#!/usr/sbin/nft -f
flush ruleset
table inet nat {
        chain prerouting {
                type nat hook prerouting priority dstnat; policy accept;
                dnat ip prefix to ip daddr map { 10.82.88.0/24 : 192.168.$OKT.0/24 }
        }

        chain postrouting {
                type nat hook postrouting priority srcnat; policy accept;
                ip saddr 10.80.0.0/14 ip daddr 192.168.$OKT.0/24 snat to 192.168.$OKT.88

        }
}
HERE
Abgerufen von „http://wiki.ixheim.de/index.php?title=Einrichtungs_Script_PSEUDO_Top_level&oldid=67227