~mdw
/
firewall
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
local.m4: More interfaces for artist.
[firewall]
/
local.m4
diff --git
a/local.m4
b/local.m4
index
5022c4d
..
71c146f
100644
(file)
--- a/
local.m4
+++ b/
local.m4
@@
-71,11
+71,12
@@
defnet housebdry virtual
## House hosts.
defhost radius
## House hosts.
defhost radius
- router
- iface eth0 dmz unsafe safe
- iface eth1 dmz unsafe safe
+
hosttype
router
+ iface eth0 dmz unsafe safe
default
+ iface eth1 dmz unsafe safe
default
iface eth2 safe
iface eth2 safe
- iface eth3 untrusted
+ iface eth3 untrusted default
+ iface t6-he default
defhost roadstar
iface eth0 dmz unsafe
iface eth1 dmz unsafe
defhost roadstar
iface eth0 dmz unsafe
iface eth1 dmz unsafe
@@
-83,22
+84,26
@@
defhost jem
iface eth0 dmz unsafe
iface eth1 dmz unsafe
defhost artist
iface eth0 dmz unsafe
iface eth1 dmz unsafe
defhost artist
+ hosttype router
iface eth0 dmz unsafe
iface eth1 dmz unsafe
iface eth0 dmz unsafe
iface eth1 dmz unsafe
+ iface eth3 untrusted
defhost vampire
defhost vampire
- router
+
hosttype
router
iface eth0.0 dmz unsafe safe
iface eth0.1 dmz unsafe safe
iface eth0.2 safe
iface eth0.3 untrusted
iface eth0.0 dmz unsafe safe
iface eth0.1 dmz unsafe safe
iface eth0.2 safe
iface eth0.3 untrusted
- iface dns0 dns
- iface vpn-+ vpn
+ iface dns0 iodine
iface vpn-precision colobdry vpn
iface vpn-precision colobdry vpn
+ iface vpn-chiark sgo
+ iface vpn-+ vpn
defhost ibanez
iface br-dmz dmz unsafe
iface br-unsafe unsafe
defhost gibson
defhost ibanez
iface br-dmz dmz unsafe
iface br-unsafe unsafe
defhost gibson
+ hosttype client
iface eth0 unsafe
## Colocated networks.
iface eth0 unsafe
## Colocated networks.
@@
-119,11
+124,12
@@
defhost fender
iface br-jump jump colo
iface br-colo jump colo
defhost precision
iface br-jump jump colo
iface br-colo jump colo
defhost precision
- router
+
hosttype
router
iface eth0 jump colo
iface eth1 jump colo
iface eth0 jump colo
iface eth1 jump colo
- iface vpn-+ vpn
iface vpn-vampire housebdry vpn
iface vpn-vampire housebdry vpn
+ iface vpn-chiark sgo
+ iface vpn-+ vpn
defhost telecaster
iface eth0 jump colo
iface eth1 jump colo
defhost telecaster
iface eth0 jump colo
iface eth1 jump colo
@@
-137,11
+143,20
@@
defhost jazz
## Other networks.
defnet hub virtual
forwards housebdry colobdry
## Other networks.
defnet hub virtual
forwards housebdry colobdry
+defnet sgo noloop
+ addr !172.29.198.0/23
+ addr 10.0.0.0/8
+ addr 172.16.0.0/12
+ addr 192.168.0.0/16
+ forwards househub colohub
defnet vpn safe
addr 172.29.199.128/27 2001:ba8:1d9:6000::/64
forwards househub colohub
host crybaby 1
host terror 2
defnet vpn safe
addr 172.29.199.128/27 2001:ba8:1d9:6000::/64
forwards househub colohub
host crybaby 1
host terror 2
+defnet anycast trusted
+ addr 172.29.199.224/27 2001:ba8:1d9:0::/64
+ forwards dmz unsafe safe untrusted jump colo vpn
defnet default untrusted
addr 62.49.204.144/28 2001:470:1f09:1b98::/64
addr 212.13.198.64/28 2001:ba8:0:1d9::/64
defnet default untrusted
addr 62.49.204.144/28 2001:470:1f09:1b98::/64
addr 212.13.198.64/28 2001:ba8:0:1d9::/64