Skip to content

T
tun
Commit 7671826b authored by nanahira's avatar nanahira
Browse files
Options

dont whitelist toomuch things

parent 53a26324
Show whitespace changes
Inline Side-by-side
Showing with 3 additions and 1 deletion
ansible/babeld.conf.j2
View file @ 7671826b
...@@ -13,7 +13,7 @@ redistribute local deny ...@@ -13,7 +13,7 @@ redistribute local deny
reflect-kernel-metric true reflect-kernel-metric true
local-port-readwrite 33123 local-port-readwrite 33123
{% for subnet in routeLists.mycard %} {% for subnet in routeLists.whitelisted %}
in {{subnet}} allow in {{subnet}} allow
{% endfor %} {% endfor %}
in deny in deny
......
src/inventory.ts
View file @ 7671826b
...@@ -163,6 +163,7 @@ class InventoryBuilder { ...@@ -163,6 +163,7 @@ class InventoryBuilder {
this.routeLists = YAML.parse(fs.readFileSync(path.join('lists', 'result.yaml'), 'utf8')); this.routeLists = YAML.parse(fs.readFileSync(path.join('lists', 'result.yaml'), 'utf8'));
// 所有内网网段 // 所有内网网段
this.routeLists.mycard = ['10.198.0.0/16', '10.200.0.0/15', '172.16.0.0/12']; this.routeLists.mycard = ['10.198.0.0/16', '10.200.0.0/15', '172.16.0.0/12'];
this.routeLists.whitelisted = ['10.198.0.0/16']
for (const h in this.hosts) { for (const h in this.hosts) {
const host = this.hosts[h]; const host = this.hosts[h];
for (const c of host.subnets) { for (const c of host.subnets) {
...@@ -170,6 +171,7 @@ class InventoryBuilder { ...@@ -170,6 +171,7 @@ class InventoryBuilder {
continue; continue;
} }
this.routeLists.mycard.push(c); this.routeLists.mycard.push(c);
this.routeLists.whitelisted.push(c);
} }
} }
const vars = { const vars = {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment