- Setup for actual network environment
This commit is contained in:
@@ -118,8 +118,8 @@ echo "1" > /proc/sys/net/ipv4/ip_forward
|
|||||||
|
|
||||||
## Setup IPv6
|
## Setup IPv6
|
||||||
|
|
||||||
IP6PRIVATE=2001:7c0:409:8001::/64
|
IP6PRIVATE=2001:7c0:409:8e78::/64
|
||||||
IP6LANIP=2001:7c0:409:8001::2
|
IP6LANIP=2001:7c0:409:8e78::117:221
|
||||||
|
|
||||||
# Delete old iptables rules
|
# Delete old iptables rules
|
||||||
# and temporarily block all traffic.
|
# and temporarily block all traffic.
|
||||||
@@ -150,13 +150,13 @@ ip6tables -A INPUT -i lo -j ACCEPT
|
|||||||
ip6tables -A OUTPUT -o lo -j ACCEPT
|
ip6tables -A OUTPUT -o lo -j ACCEPT
|
||||||
|
|
||||||
# Source spoof filtering from us
|
# Source spoof filtering from us
|
||||||
ip6tables -N SSOutFilterLAN
|
#ip6tables -N SSOutFilterLAN
|
||||||
ip6tables -A OUTPUT -o $LANIF -j SSOutFilterLAN
|
#ip6tables -A OUTPUT -o $LANIF -j SSOutFilterLAN
|
||||||
ip6tables -A FORWARD -o $LANIF -j SSOutFilterLAN
|
#ip6tables -A FORWARD -o $LANIF -j SSOutFilterLAN
|
||||||
ip6tables -A SSOutFilterLAN -s $IP6LANIP -j RETURN
|
#ip6tables -A SSOutFilterLAN -s $IP6LANIP -j RETURN
|
||||||
ip6tables -A SSOutFilterLAN -s fe80::/10 -j RETURN
|
#ip6tables -A SSOutFilterLAN -s fe80::/10 -j RETURN
|
||||||
ip6tables -A SSOutFilterLAN -j LOG --log-prefix "SOURCESPOOFOUT6 "
|
#ip6tables -A SSOutFilterLAN -j LOG --log-prefix "SOURCESPOOFOUT6 "
|
||||||
ip6tables -A SSOutFilterLAN -j DROP
|
#ip6tables -A SSOutFilterLAN -j DROP
|
||||||
|
|
||||||
# Source spoof filtering to us
|
# Source spoof filtering to us
|
||||||
ip6tables -N SSInFilterLAN
|
ip6tables -N SSInFilterLAN
|
||||||
|
|||||||
@@ -3,7 +3,13 @@ auto lo
|
|||||||
iface lo inet loopback
|
iface lo inet loopback
|
||||||
|
|
||||||
auto eth0
|
auto eth0
|
||||||
iface eth0 inet static
|
iface eth0 inet dhcp
|
||||||
address 172.20.117.221
|
iface eth0 inet6 static
|
||||||
netmask 255.255.255.240
|
address 2001:7c0:409:8e78::117:221
|
||||||
gateway 172.20.117.209
|
netmask 64
|
||||||
|
|
||||||
|
#auto eth0
|
||||||
|
#iface eth0 inet static
|
||||||
|
# address 172.20.117.221
|
||||||
|
# netmask 255.255.255.240
|
||||||
|
# gateway 172.20.117.209
|
||||||
|
|||||||
@@ -1 +1,2 @@
|
|||||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCgvPpPNe3SxVtXWeyWE/cB+ME+8q8goWQLDnGfjtEFdStL/2d39yyiqEvE1ystjfrdrhd6xcwYntAAiX/8LsV9kGOGx2QMxiAaKNboEJKFwPqeOQLYY69DDq3n4VQaNlMMNzsqSTDuaS/Gl4WZqvpYQ4wJaS3Ln95ec0zFLyUWyyh3uaw7iv/iJUX9NLlCTbuEtrhswnHyYK7x1g9LWBAtBER0QLAIU1CO/VCeRmfgKf0OIzdKiBw2lgVAwpme/LPh7SAQhQoRcQdkBCZH/Wl9K0Bp/it6BwSYaHVChEaN7BIOrD2kGNAfQn+KSfmCua1OP3OAQvtsZyCSeor1Y05/ matthias@pc
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCgvPpPNe3SxVtXWeyWE/cB+ME+8q8goWQLDnGfjtEFdStL/2d39yyiqEvE1ystjfrdrhd6xcwYntAAiX/8LsV9kGOGx2QMxiAaKNboEJKFwPqeOQLYY69DDq3n4VQaNlMMNzsqSTDuaS/Gl4WZqvpYQ4wJaS3Ln95ec0zFLyUWyyh3uaw7iv/iJUX9NLlCTbuEtrhswnHyYK7x1g9LWBAtBER0QLAIU1CO/VCeRmfgKf0OIzdKiBw2lgVAwpme/LPh7SAQhQoRcQdkBCZH/Wl9K0Bp/it6BwSYaHVChEaN7BIOrD2kGNAfQn+KSfmCua1OP3OAQvtsZyCSeor1Y05/ matthias@pc
|
||||||
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC+2WqFF4b5iIl/zM5uzm4Y+oBmWW4vnlZ7z8D1gdzTB17fE+GlFAYBqLTRkgcCHK6spzxrVEiAm47RmrP/d7wud/EVHy6n9QPC9b9Ov2/Huo4e7K1OHN/FAWkfjTC8AKc7RiBvdb8apgpkWRWZbrqKqGaD8gRPjMFz+m/pg4Nq7P4NQLCJnlknVSi0JIwLmJc86ZBPqPbeZT7WQgIvsrhwcn956oYM95SxMU5xEMLHKGyGBh+8o8PWIpv6Vt7S+JN6kssKkduEqd75mDBjbVCVQ2ng2sqhZsbrqc9AD2K/o3EBpgwTwOxCYKx3bs6ILW3tXsltJDF0pnCBZwydJncf matthias@matthias-tp
|
||||||
|
|||||||
Reference in New Issue
Block a user