fic/server
Archived
1
0
Fork 0
Code Issues Pull requests 10 Releases Wiki Activity

fickit: Fix IP and ifaces

Browse source
This commit is contained in:
nemunaire 2022-06-04 18:09:33 +02:00
commit 2ce95ccafc
2 changed files with 13 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

11
fickit-backend.yml
View file

@ -41,20 +41,21 @@ onboot:
# image: linuxkit/openntpd:d6c36ac367ed26a6eeffd8db78334d9f8041b038
- name: synchro-ip-setup
image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
command: ["/bin/sh", "-c", "ip a add 10.10.10.1/29 dev eth0; ip link set eth0 up;" ]
command: ["/bin/sh", "-c", "ip a add 10.10.10.1/29 dev eth2; ip link set eth2 up;" ]
net: new
runtime:
interfaces:
- name: eth0
- name: eth2
bindNS:
net: /run/netns/synchro
- name: admin-ip-setup
image: linuxkit/ip:6cc44dd4e18ddb02de01bc4b34b5799971b6a7bf
command: ["/bin/sh", "-c", "ip link add link eth1 name adminiface type vlan id 99; ip a add 172.16.99.219/24 dev adminiface; ip link set eth1 up; ip link set adminiface up; ip r add default via 172.16.99.1; ip a add 172.17.0.2/24 dev vethin-admin; ip link set vethin-admin up; ping -W 10 -c 1 172.16.99.1;" ]
#command: ["/bin/sh", "-c", "ip link add link eth3 name adminiface type vlan id 99; ip a add 172.16.99.219/24 dev adminiface; ip link set eth3 up; ip link set adminiface up; ip r add default via 172.16.99.1; ip a add 172.17.0.2/24 dev vethin-admin; ip link set vethin-admin up; ping -W 10 -c 1 172.16.99.1;" ]
command: ["/bin/sh", "-c", "ip a add 192.168.49.10/24 dev eth3; ip link set eth3 up; ip r add default via 192.168.49.1; ip a add 172.17.0.2/24 dev vethin-admin; ip link set vethin-admin up; ping -W 10 -c 1 192.168.49.1;" ]
net: new
runtime:
interfaces:
- name: eth1
- name: eth3
- name: vethin-admin
add: veth
peer: veth-admin
@ -388,7 +389,7 @@ files:
[0:0] -A OUTPUT -p icmp --icmp-type 0 -j ACCEPT
[0:0] -A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
[0:0] -A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
[0:0] -A OUTPUT -o eth0 -d 10.10.10.2 -p tcp -m conntrack --ctstate NEW -m tcp --dport ssh -j ACCEPT
[0:0] -A OUTPUT -o eth2 -d 10.10.10.2 -p tcp -m conntrack --ctstate NEW -m tcp --dport ssh -j ACCEPT
[0:0] -A OUTPUT -j LOG
[0:0] -A OUTPUT -j REJECT
COMMIT