## Define the available network classes.
m4_divert(42)m4_dnl
-defnetclass untrusted untrusted trusted mcast
-defnetclass trusted untrusted trusted safe noloop mcast
-defnetclass safe trusted safe noloop mcast
-defnetclass noloop trusted safe mcast
+defnetclass untrusted untrusted trusted mcast
+defnetclass trusted untrusted trusted safe noloop mcast
+defnetclass safe trusted safe noloop mcast
+defnetclass noloop trusted safe mcast
+
defnetclass link
defnetclass mcast
m4_divert(-1)
## House networks.
defnet dmz trusted
addr 62.49.204.144/28 2001:470:1f09:1b98::/64
- forwards unsafe untrusted
+ via unsafe untrusted
defnet unsafe trusted
addr 172.29.199.0/25 2001:470:9740:1::/64
- forwards househub
+ via househub
defnet safe safe
addr 172.29.199.192/27 2001:470:9740:4001::/64
- forwards househub
+ via househub
defnet untrusted untrusted
addr 172.29.198.0/25 2001:470:9740:8001::/64
- forwards househub
+ via househub
defnet househub virtual
- forwards housebdry dmz unsafe safe untrusted
+ via housebdry dmz unsafe safe untrusted
defnet housebdry virtual
- forwards househub hub
+ via househub hub
noxit dmz
## House hosts.
## Colocated networks.
defnet jump trusted
addr 212.13.198.64/28 2001:ba8:0:1d9::/64
- forwards colohub
+ via colohub
defnet colo trusted
addr 172.29.199.176/28 2001:ba8:1d9:2::/64
- forwards colohub
+ via colohub
defnet colohub virtual
- forwards colobdry jump colo iodine
+ via colobdry jump colo
defnet colobdry virtual
- forwards colohub hub
+ via colohub hub
noxit jump
defnet iodine untrusted
addr 172.29.198.128/28
- forwards colohub
+ via colohub
## Colocated hosts.
defhost fender
hosttype router
iface eth0 jump colo vpn sgo
iface eth1 jump colo vpn sgo
+ iface vpn-mango binswood
iface vpn-radius housebdry vpn sgo
iface vpn-chiark sgo
iface vpn-+ vpn
## Other networks.
defnet hub virtual
- forwards housebdry colobdry
+ via housebdry colobdry
defnet sgo noloop
addr !172.29.198.0/23
addr 10.0.0.0/8
addr 172.16.0.0/12
addr 192.168.0.0/16
- forwards househub colohub
+ via househub colohub
defnet vpn safe
addr 172.29.199.128/27 2001:ba8:1d9:6000::/64
- forwards househub colohub
+ via househub colohub
host crybaby 1
host terror 2
host orange 3
defnet anycast trusted
addr 172.29.199.224/27 2001:ba8:1d9:0::/64
- forwards dmz unsafe safe untrusted jump colo vpn
+ via dmz unsafe safe untrusted jump colo vpn
defnet default untrusted
addr 62.49.204.144/28 2001:470:1f09:1b98::/64
addr 212.13.198.64/28 2001:ba8:0:1d9::/64
addr 2001:ba8:1d9::/48 #temporary
- forwards dmz unsafe untrusted jump colo
+ via dmz unsafe untrusted jump colo
+
+## Satellite networks.
+defnet binswood noloop
+ addr 10.165.27.0/24
+ via colohub
m4_divert(80)m4_dnl
###--------------------------------------------------------------------------