Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
N
nextgen-router
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Locked Files
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Security & Compliance
Security & Compliance
Dependency List
License Compliance
Packages
Packages
List
Container Registry
Analytics
Analytics
CI / CD
Code Review
Insights
Issues
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
MyCard
nextgen-router
Commits
0c3cce25
Commit
0c3cce25
authored
Dec 13, 2020
by
nanahira
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
add gdut
parent
dfa67008
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
38 additions
and
0 deletions
+38
-0
files/ppp-post-scripts/postdown.sh.j2
files/ppp-post-scripts/postdown.sh.j2
+14
-0
files/ppp-post-scripts/postup.sh.j2
files/ppp-post-scripts/postup.sh.j2
+14
-0
files/services/docker-compose.yml.j2
files/services/docker-compose.yml.j2
+7
-0
variables.yaml
variables.yaml
+3
-0
No files found.
files/ppp-post-scripts/postdown.sh.j2
View file @
0c3cce25
...
@@ -7,6 +7,20 @@ PPPOE_SELECTION_MARK=$((PPPOE_NEXT_HOP_MARK + 50))
...
@@ -7,6 +7,20 @@ PPPOE_SELECTION_MARK=$((PPPOE_NEXT_HOP_MARK + 50))
iptables-save |
grep
--
'-j TCPMSS'
|
grep
--
"
$PPP_IFACE
"
|
sed
's/^-A/-D/g'
| xargs
-I
'{}'
bash
-c
'iptables -t mangle {}'
iptables-save |
grep
--
'-j TCPMSS'
|
grep
--
"
$PPP_IFACE
"
|
sed
's/^-A/-D/g'
| xargs
-I
'{}'
bash
-c
'iptables -t mangle {}'
ip6tables-save |
grep
--
'-j TCPMSS'
|
grep
--
"
$PPP_IFACE
"
|
sed
's/^-A/-D/g'
| xargs
-I
'{}'
bash
-c
'ip6tables -t mangle {}'
ip6tables-save |
grep
--
'-j TCPMSS'
|
grep
--
"
$PPP_IFACE
"
|
sed
's/^-A/-D/g'
| xargs
-I
'{}'
bash
-c
'ip6tables -t mangle {}'
{
%
if
gdut is defined and gdut %
}
# Rules for GDUT
iptables
-t
mangle
-D
POSTROUTING
-o
"
$PPP_IFACE
"
-j
TTL
--ttl-set
64
iptables
-t
mangle
-D
OUTPUT
-o
"
$PPP_IFACE
"
-j
TTL
--ttl-set
64
iptables
-t
mangle
-D
FORWARD
-o
"
$PPP_IFACE
"
-j
TTL
--ttl-set
64
iptables
-D
FORWARD
-p
tcp
-i
"
$PPP_IFACE
"
-m
multiport
--sports
80
--tcp-flags
ACK ACK
-m
string
--algo
bm
--string
" src=
\"
http://1.1.1."
-j
DROP
iptables
-D
FORWARD
-p
tcp
-o
"
$PPP_IFACE
"
-m
multiport
--sports
80
--tcp-flags
ACK ACK
-m
string
--algo
bm
--string
" src=
\"
http://1.1.1."
-j
DROP
ip6tables
-D
FORWARD
-p
tcp
-i
"
$PPP_IFACE
"
-m
multiport
--sports
80
--tcp-flags
ACK ACK
-m
string
--algo
bm
--string
" src=
\"
http://1.1.1."
-j
DROP
ip6tables
-D
FORWARD
-p
tcp
-o
"
$PPP_IFACE
"
-m
multiport
--sports
80
--tcp-flags
ACK ACK
-m
string
--algo
bm
--string
" src=
\"
http://1.1.1."
-j
DROP
{
% endif %
}
iptables
-t
nat
-o
"
$PPP_IFACE
"
-D
POSTROUTING
-j
MASQUERADE
iptables
-t
nat
-o
"
$PPP_IFACE
"
-D
POSTROUTING
-j
MASQUERADE
ip rule del pref 100 fwmark
$PPPOE_NEXT_HOP_MARK
lookup
$PPPOE_NEXT_HOP_MARK
ip rule del pref 100 fwmark
$PPPOE_NEXT_HOP_MARK
lookup
$PPPOE_NEXT_HOP_MARK
...
...
files/ppp-post-scripts/postup.sh.j2
View file @
0c3cce25
...
@@ -35,6 +35,20 @@ if [[ "$?" == 0 ]]; then
...
@@ -35,6 +35,20 @@ if [[ "$?" == 0 ]]; then
{
% endfor %
}
{
% endfor %
}
fi
fi
{
%
if
gdut is defined and gdut %
}
# Rules for GDUT
iptables
-t
mangle
-A
POSTROUTING
-o
"
$PPP_IFACE
"
-j
TTL
--ttl-set
64
iptables
-t
mangle
-A
OUTPUT
-o
"
$PPP_IFACE
"
-j
TTL
--ttl-set
64
iptables
-t
mangle
-A
FORWARD
-o
"
$PPP_IFACE
"
-j
TTL
--ttl-set
64
iptables
-A
FORWARD
-p
tcp
-i
"
$PPP_IFACE
"
-m
multiport
--sports
80
--tcp-flags
ACK ACK
-m
string
--algo
bm
--string
" src=
\"
http://1.1.1."
-j
DROP
iptables
-A
FORWARD
-p
tcp
-o
"
$PPP_IFACE
"
-m
multiport
--sports
80
--tcp-flags
ACK ACK
-m
string
--algo
bm
--string
" src=
\"
http://1.1.1."
-j
DROP
ip6tables
-A
FORWARD
-p
tcp
-i
"
$PPP_IFACE
"
-m
multiport
--sports
80
--tcp-flags
ACK ACK
-m
string
--algo
bm
--string
" src=
\"
http://1.1.1."
-j
DROP
ip6tables
-A
FORWARD
-p
tcp
-o
"
$PPP_IFACE
"
-m
multiport
--sports
80
--tcp-flags
ACK ACK
-m
string
--algo
bm
--string
" src=
\"
http://1.1.1."
-j
DROP
{
% endif %
}
cd
{{
ansible_user_dir
}}
/nextgen-router/services/dnsmasq
cd
{{
ansible_user_dir
}}
/nextgen-router/services/dnsmasq
docker-compose restart smartdns
docker-compose restart smartdns
...
...
files/services/docker-compose.yml.j2
View file @
0c3cce25
...
@@ -4,6 +4,13 @@ services:
...
@@ -4,6 +4,13 @@ services:
restart: always
restart: always
image: git-registry.mycard.moe/nanahira/docker-lldp
image: git-registry.mycard.moe/nanahira/docker-lldp
network_mode: host
network_mode: host
{% if gdut is defined and gdut %}
drcom:
restart: always
image: git-registry.mycard.moe/nanahira/gdut-drcom
network_mode: host
command: --remote-ip {{gdut.remote}} --keep-alive1-flag {{gdut.flag}} --enable-crypt 1
{% endif %}
{% if services.ddns is defined and services.ddns %}
{% if services.ddns is defined and services.ddns %}
{% for instance in services.ddns %}
{% for instance in services.ddns %}
ddns-{{instance.name}}:
ddns-{{instance.name}}:
...
...
variables.yaml
View file @
0c3cce25
...
@@ -78,6 +78,9 @@ vars:
...
@@ -78,6 +78,9 @@ vars:
dnsmasq
:
dnsmasq
:
gfwlistIPSet
:
false
# 导入 gfwlist ipset
gfwlistIPSet
:
false
# 导入 gfwlist ipset
mycardDomains
:
false
# 导入 MCNetwork 内网域名
mycardDomains
:
false
# 导入 MCNetwork 内网域名
gdut
:
# 校园网特化使用
remote
:
10.0.3.6
flag
:
2f
services
:
services
:
ddns
:
ddns
:
-
name
:
test-ddns
-
name
:
test-ddns
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment