266 lines
7.5 KiB
Python
266 lines
7.5 KiB
Python
# -*- coding: utf-8; mode: python -*-
|
|
|
|
include("ip")
|
|
include("arpwatch")
|
|
|
|
info["owner"] = "root"
|
|
info["group"] = "root"
|
|
info["mode"] = 0644
|
|
|
|
import config.dns
|
|
|
|
header("""
|
|
Les modifications locales sont a mettre dans le fichier /etc/network/interfaces.local
|
|
|
|
Voir http://wiki.crans.org/CransTechnique/Bcfg2/... pour plus d'explications.
|
|
""")
|
|
|
|
configured_ifaces=[]
|
|
|
|
def dev(interface, mode, additionnals=[]):
|
|
"""Generation de la conf d'une interface:
|
|
|
|
- additionnals contient des lignes a mettre en plus a la definition"""
|
|
configured_ifaces.append(interface)
|
|
|
|
if mode == "pub":
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 138.231.136.0
|
|
netmask 255.255.248.0
|
|
broadcast 138.231.143.255
|
|
mtu 1496
|
|
gateway 138.231.136.4
|
|
dns-nameservers %(nameservers)s
|
|
dns-search crans.org""" % { 'interface': interface, 'ip': pubip(), 'nameservers': ' '.join(config.dns.recursiv['fil']) })
|
|
|
|
for line in additionnals:
|
|
out(" %s" % (line,))
|
|
out()
|
|
|
|
pub6(interface)
|
|
|
|
elif mode == "wifi":
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 138.231.144.0
|
|
netmask 255.255.248.0
|
|
broadcast 138.231.151.255
|
|
mtu 1496
|
|
dns-nameservers %(nameservers)s
|
|
dns-search wifi.crans.org""" % { 'interface': interface, 'ip': wifiip(), 'nameservers': ' '.join(config.dns.recursiv['wifi']) })
|
|
|
|
for line in additionnals:
|
|
out(" %s" % (line,))
|
|
out()
|
|
|
|
elif mode == "adm":
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.231.136.0
|
|
netmask 255.255.255.0
|
|
broadcast 10.231.136.255
|
|
mtu 1496
|
|
dns-nameservers %(nameservers)s
|
|
dns-search adm.crans.org""" % { 'interface': interface, 'ip': admip(), 'nameservers': ' '.join(config.dns.recursiv['adm']) })
|
|
|
|
for line in additionnals:
|
|
out(" %s" % (line,))
|
|
out()
|
|
|
|
adm6(interface)
|
|
|
|
elif mode == "radin":
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.42.0.0
|
|
netmask 255.255.0.0
|
|
broadcast 10.42.255.255
|
|
mtu 1496""" % { 'interface': interface, 'ip': radinip() })
|
|
out()
|
|
radin6(interface)
|
|
|
|
elif mode == "accueil":
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.51.0.0
|
|
netmask 255.255.0.0
|
|
broadcast 10.51.255.255
|
|
mtu 1496""" % { 'interface': interface, 'ip': accueilip() })
|
|
|
|
elif mode == "ens":
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.2.9.0
|
|
netmask 255.255.255.0
|
|
broadcast 10.2.9.255
|
|
mtu 1496""" % { 'interface': interface, 'ip': appt_ens_ip() })
|
|
|
|
elif mode == "isolement":
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.52.0.0
|
|
netmask 255.255.0.0
|
|
broadcast 10.52.255.255
|
|
mtu 1496""" % { 'interface': interface, 'ip': isolementip() })
|
|
|
|
elif mode == "federez":
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.53.0.0
|
|
netmask 255.255.0.0
|
|
broadcast 10.53.255.255
|
|
mtu 1496""" % { 'interface': interface, 'ip': federezip() })
|
|
|
|
elif mode == "manuel":
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet static""" % { 'interface': interface })
|
|
|
|
elif mode == "vide":
|
|
try:
|
|
iface, vlan = interface.split('.')
|
|
except ValueError:
|
|
vlan = None
|
|
if vlan:
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet manual
|
|
pre-up vconfig add %(iface)s %(vlan)s
|
|
post-down vconfig rem %(iface)s.%(vlan)s
|
|
up ip l set %(interface)s up
|
|
down ip l set %(interface)s down""" % { 'interface': interface, 'iface':iface,'vlan':vlan })
|
|
else:
|
|
out("""auto %(interface)s
|
|
iface %(interface)s inet manual
|
|
up ip l set %(interface)s up
|
|
down ip l set %(interface)s down""" % { 'interface': interface })
|
|
|
|
else:
|
|
raise NotImplementedError, "Mode de reseau inconnu : %s" % mode
|
|
|
|
if mode != "pub" and mode != "adm" and mode != "wifi" :
|
|
for line in additionnals:
|
|
out(" %s" % (line,))
|
|
out()
|
|
|
|
# Definitions communes
|
|
out("""auto lo
|
|
iface lo inet loopback
|
|
""")
|
|
|
|
# Pour arpwatch, on surveille nos réseaux
|
|
def otherlisteners():
|
|
out("#Interfaces d'ecoute restantes pour arpwatch")
|
|
for vlan in watched_vlans:
|
|
if vlan == 1:
|
|
iface = 'eth0'
|
|
else:
|
|
iface = 'eth0.%d' % vlan
|
|
if not iface in configured_ifaces:
|
|
dev(iface,'vide')
|
|
|
|
def pubip6(If):
|
|
if len(If_Mac[If].split(':'))<4: alt = ':'
|
|
else: alt = ''
|
|
return "2a01:240:fe3d:4:" + alt + If_Mac[If]
|
|
|
|
def admip6(If):
|
|
if len(If_Mac[If].split(':'))<4: alt = ':'
|
|
else: alt = ''
|
|
return "2a01:240:fe3d:c804:" + alt + If_Mac[If]
|
|
|
|
def wifiip6(If):
|
|
if len(If_Mac[If].split(':'))<4: alt = ':'
|
|
else: alt = ''
|
|
return "2a01:240:fe3d:c04:" + alt + If_Mac[If]
|
|
|
|
def radinip6(If):
|
|
if len(If_Mac[If].split(':'))<4: alt = ':'
|
|
else: alt = ''
|
|
return "2001:470:c8b9:a4:" + alt + If_Mac[If]
|
|
|
|
def eui64(If):
|
|
if len(If_Mac[If].split(':'))<4: alt = ':'
|
|
else: alt = ''
|
|
return alt + If_Mac[If]
|
|
|
|
def str64(name):
|
|
"""Construit un suffixe 64 bits à partir d'une chaine"""
|
|
name = name[:8]
|
|
name = '\x00'*(8-len(name)) + name
|
|
attr = ''
|
|
for x in range(4):
|
|
block = (ord(name[2*x])<<8) + ord(name[2*x+1])
|
|
attr += ':%x' % block
|
|
|
|
skip = False
|
|
while attr.startswith(':0:'):
|
|
skip = True
|
|
attr = attr[2:]
|
|
if not skip:
|
|
attr = attr[1:]
|
|
return attr
|
|
|
|
def interface6(interface, list_ip, mode = 'serveur'):
|
|
""" fonction permettant d'ajouter une adressse ipv6 a l'interface donnee en argument.
|
|
Le mode permet de faire la distinction entre les simples serveurs et les routeurs.
|
|
"""
|
|
if mode == 'routeur':
|
|
# Le routeur est le ::1 du réseau
|
|
list_ip += ['fe80::1/64']
|
|
|
|
main_ip = list_ip[0]
|
|
list_ip = list_ip[1:]
|
|
out("""iface %(interface)s inet6 static
|
|
address %(ip6)s
|
|
netmask %(netmask)s""" % {
|
|
'interface': interface,
|
|
'ip6': main_ip.split('/')[0],
|
|
'netmask': (main_ip.split('/') + ['64'])[1],
|
|
})
|
|
# Avoid loops
|
|
if mode != 'routeur' and mode != 'public':
|
|
out(' gateway fe80::1')
|
|
for ip in list_ip:
|
|
out(' up ip a add %s dev $IFACE' % (ip,))
|
|
out(' down ip a delete %s dev $IFACE' % (ip,))
|
|
out(' up /sbin/sysctl net/ipv6/conf/$IFACE/autoconf=0')
|
|
out()
|
|
|
|
def pub6(interface, mode='serveur', list_ip=[]):
|
|
list_ip = [pubip6(interface) + '/64'] + list_ip
|
|
interface6(interface, list_ip, mode=mode)
|
|
|
|
def wifi6(interface, list_ip=[], name=None, mode = 'serveur'):
|
|
conf_prefix = "fda8:5d34:a228:c04:%s/64"
|
|
list_ip = [ "2a01:240:fe3d:c04:%s/64" % eui64(interface),
|
|
conf_prefix % eui64(interface),
|
|
] + list_ip
|
|
if name is not None:
|
|
list_ip.append(conf_prefix % str64(name))
|
|
|
|
interface6(interface, list_ip, mode=mode)
|
|
|
|
def adm6(interface):
|
|
out("""iface %(interface)s inet6 static
|
|
address %(ip6)s
|
|
netmask 64""" % { 'interface': interface, 'ip6': admip6(interface) })
|
|
out()
|
|
|
|
def radin6(interface):
|
|
out("""iface %(interface)s inet6 static
|
|
address %(ip6)s
|
|
netmask 64""" % { 'interface': interface, 'ip6': radinip6(interface) })
|
|
out()
|
|
|
|
Probe_Mac = metadata.Probes["mac"].split('\n')
|
|
If_Mac = dict(zip(Probe_Mac[:-1:2], Probe_Mac[1::2]))
|
|
|
|
exec(str(metadata.Probes["interfaces_local"]))
|