statzitz/vm-start
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

first commit in a while

Browse source
This commit is contained in:
primardj 2024-02-19 17:38:08 +00:00
parent ae29e8c584
commit b7b534f0bb
5 changed files with 70 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
ethernet_restreint/clean_no_restrent.sh Executable file
View file

@ -0,0 +1,16 @@
#!/bin/sh
echo "clean firewall"
echo "0" | tee /proc/sys/net/ipv4/ip_forward
sv stop nftables
sv start nftables
echo "clean veth0 and br0"
ip link del veth0
ip link del br0
ip link del dummy0
echo "clean the rest of the bridges."
ip link del br1
ip link del br2

1
ethernet_restreint/config_interface.sh
View file

@ -24,6 +24,7 @@ ip address delete 10.0.2.100/24 dev tap0
ip address add 10.0.2.100/24 dev br0 ip address add 10.0.2.100/24 dev br0
ip link set dev br0 up ip link set dev br0 up
ip route add default via 10.0.2.0 dev br0 ip route add default via 10.0.2.0 dev br0
ip route add 10.10.0.0/24 via 10.0.2.31
bridge="br1" bridge="br1"
add_bridge add_bridge

2
ethernet_restreint/enter_ethernet_restreint.sh
View file

@ -2,7 +2,7 @@
# #
#echo $$ > /tmp/pid #echo $$ > /tmp/pid
#unshare --user --map-root-user --net --mount #exec unshare --user --map-root-user --net --mount
#slirp4netns #slirp4netns
rootlesskit --net=slirp4netns --copy-up=/etc bash rootlesskit --net=slirp4netns --copy-up=/etc bash

51
ethernet_restreint/no_restreint.sh Executable file
View file

@ -0,0 +1,51 @@
#!/bin/sh
if which doas &> /dev/null
then
rooter=$(which doas)
elif which sudo &> /dev/null
then
rooter=$(which sudo)
elif [ "$(id -u)" == "0" ]
then
rooter=""
else
echo "Error, no enough rights" >&2
exit
fi
echo "change firewall rules"
# step zero, active ipv4_forward, and changes rule nftables to authorise forward, and and masquerade wlan0.
echo "1" | $rooter tee /proc/sys/net/ipv4/ip_forward
$rooter nft flush ruleset
echo "e"
$rooter nft "table inet my_nat {
chain postrouting {
type nat hook postrouting priority srcnat; policy accept;
oifname "wlan0" masquerade
}
}"
echo "create dummy interface veth0"
# step one, create a dummy veth interface
$rooter ip link add veth0 type dummy
$rooter ip a add 10.0.2.2/24 dev veth0
$rooter ip link set dev veth0 up
echo "link br0 with veth0"
# step two, create the bridge br0 interface, and link it with veth0
$rooter ip link add br0 type bridge
$rooter ip link set dev veth0 master br0
$rooter ip link set dev br0 up
$rooter ip a del 10.0.2.2/24 dev veth0
$rooter ip a add 10.0.2.2/24 dev br0
$rooter ip route add 10.0.2.0/24 via 10.0.2.31 dev br0
$rooter ip route add 10.10.0.0/16 via 10.0.2.31 dev br0
echo "create two other interfaces."
# step three, create others bridges interface
$rooter ip link add br1 type bridge
$rooter ip link set dev br1 up
$rooter ip link add br2 type bridge
$rooter ip link set dev br2 up

2
vm-start.sh
View file

@ -227,7 +227,7 @@ set_net() {
exit 1 exit 1
fi fi
network="${network} \ network="${network} \
-netdev bridge,id=${1#*:} \ -netdev bridge,id=${1#*:},br=${1#*:} \
-device virtio-net,netdev=${1#*:},mac=${mac}" -device virtio-net,netdev=${1#*:},mac=${mac}"
;; ;;
"none") "none")