From: Mark Wooding <mdw@distorted.org.uk>
Date: Sun, 11 Mar 2012 05:23:50 +0000 (+0000)
Subject: Merge branch 'master' into emergency
X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/commitdiff_plain/c8dab9d26762658a6ba0b34c5598b589ae2652d3?hp=-c

Merge branch 'master' into emergency

* master:
  local.m4: Fix the `safe' network prefix length.
  local.m4: Define the IPv6 network structure.
  local.m4: Add routes to/from the `safe' network.
  local.m4: The VPN will be available through the colo.
  functions.m4: Correct defaulting of IPv6 host addresses.

Conflicts:
	local.m4
---

c8dab9d26762658a6ba0b34c5598b589ae2652d3
diff --combined local.m4
index 8f39161,f139f00..4385223
--- a/local.m4
+++ b/local.m4
@@@ -47,20 -47,20 +47,20 @@@ m4_divert(26)m4_dn
  
  ## House networks.
  defnet dmz trusted
- 	addr 62.49.204.144/28
+ 	addr 62.49.204.144/28 2001:470:1f09:1b98::/64
  	forwards unsafe untrusted
  defnet unsafe trusted
- 	addr 172.29.199.0/25
+ 	addr 172.29.199.0/25 2001:470:9740:1::/64
  	forwards househub
  defnet safe safe
- 	addr 172.29.199.192/28
+ 	addr 172.29.199.192/27 2001:470:9740:4001::/64
  	forwards househub
  defnet untrusted untrusted
- 	addr 172.29.198.0/25
+ 	addr 172.29.198.0/25 2001:470:9740:8001::/64
  	forwards househub
  defnet vpn safe
- 	addr 172.29.199.128/27
- 	forwards househub
+ 	addr 172.29.199.128/27 2001:ba8:1d9:6000::/64
+ 	forwards househub colohub
  	host crybaby 1
  	host terror 2
  defnet iodine untrusted
@@@ -75,8 -75,8 +75,8 @@@ defnet housebdry virtua
  ## House hosts.
  defhost radius
  	router
- 	iface eth0 dmz unsafe
- 	iface eth1 dmz unsafe
+ 	iface eth0 dmz unsafe safe
+ 	iface eth1 dmz unsafe safe
  	iface eth2 safe
  	iface eth3 untrusted
  defhost roadstar
@@@ -90,13 -90,13 +90,14 @@@ defhost artis
  	iface eth1 dmz unsafe
  defhost vampire
  	router
- 	iface eth0.0 dmz unsafe default
- 	iface eth0.1 dmz unsafe default
 -	iface eth0.0 dmz unsafe safe
 -	iface eth0.1 dmz unsafe safe
++	iface eth0.0 dmz unsafe safe default
++	iface eth0.1 dmz unsafe safe default
+ 	iface eth0.2 safe
 -	iface eth0.3 untrusted
 +	iface eth0.3 untrusted default
  	iface dns0 dns
  	iface vpn-+ vpn
  	iface vpn-precision colobdry vpn
 +	iface t6-he default
  defhost ibanez
  	iface br-dmz dmz unsafe
  	iface br-unsafe unsafe
@@@ -106,10 -106,10 +107,10 @@@ defhost gibso
  
  ## Colocated networks.
  defnet jump trusted
- 	addr 212.13.198.64/28
+ 	addr 212.13.198.64/28 2001:ba8:0:1d9::/64
  	forwards colohub
  defnet colo trusted
- 	addr 172.29.199.176/28
+ 	addr 172.29.199.176/28 2001:ba8:1d9:2::/64
  	forwards colohub
  defnet colohub virtual
  	forwards colobdry jump colo
@@@ -141,8 -141,9 +142,9 @@@ defhost jaz
  defnet hub virtual
  	forwards housebdry colobdry
  defnet default untrusted
- 	addr 62.49.204.144/28
- 	addr 212.13.198.64/28
+ 	addr 62.49.204.144/28 2001:470:1f09:1b98::/64
+ 	addr 212.13.198.64/28 2001:ba8:0:1d9::/64
+ 	addr 2001:ba8:1d9::/48 #temporary
  	forwards dmz untrusted unsafe jump colo
  
  m4_divert(80)m4_dnl