FAELIX/hphr
FAELIX/hphr
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

sort out naming of subinterfaces; add sysctls

Browse Source
This commit is contained in:
Marek Isalski 2019-09-30 22:38:58 +01:00
parent f88ce976ea
commit df5e80366e
2 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
postconfig.sh
View File

@ -12,5 +12,3 @@ ipset restore < /config/hphr.ipset
iptables-restore /config/hphr.rules.v4
ip6tables-restore /config/hphr.rules.v6
sysctl net.ipv4.conf.all.log_martians=0

20
vyos.conf.j2
View File

@ -70,13 +70,26 @@ interfaces {
{% if iface_data['lag'] %}bond-group {{ iface_data['lag']['name'] }}{% endif %}
{% for tagged_vlan in iface_data['tagged_vlans'] %}
{% set subiface_data = salt['pillar.get']('netbox:interfaces:%s.%04d'%(iface_name,tagged_vlan['vid']),{'description':'','addresses':[],'enabled':False}) %}
{% set subiface_data = salt['pillar.get']('netbox:interfaces:%s.%d'%(iface_name,tagged_vlan['vid']),{'description':'','addresses':[],'enabled':False}) %}
vif {{ tagged_vlan['vid'] }} {
description "{{ tagged_vlan['name'].replace('"','\\"') or "-" }} => {{ subiface_data['description'].replace('"','\\"') or "-" }}"
{% for address in subiface_data['addresses'] %}
address {{ address['address'] }}
{% endfor %}
{% if not subiface_data['enabled'] %}disable{% endif %}
{% if salt['pillar.get']('interfaces:'+iface_name+"."+("%d"%tagged_vlan['vid'])+':ip') %}
ip {
{{ interface_ip_ospf(iface_name+"."+("%d"%tagged_vlan['vid'])) }}
}
{% endif %}
{% if salt['pillar.get']('interfaces:'+iface_name+"."+("%d"%tagged_vlan['vid'])+':ipv6') %}
ipv6 {
dup-addr-detect-transmits 1
{{ interface_ipv6_ospfv3(iface_name+"."+("%d"%tagged_vlan['vid'])) }}
}
{% endif %}
}
{% endfor %}
@ -1030,6 +1043,11 @@ system {
all net.ipv4.conf.default.rp_filter {
value 2
}
{% for sysctl, value in salt['pillar.get']('system:sysctl:custom', {}).items() %}
custom {{ sysctl }} {
value {{ value }}
}
{% endfor %}
}
syslog {