cc78f10777
Même sur adhérent. Il est inutile de mettre une mtu de 1500 alors que les serveurs devront communiquer potentiellement avec l'extérieur, via un lien taggué.
190 lines
5.5 KiB
Python
190 lines
5.5 KiB
Python
# -*- coding: utf-8; mode: python -*-
|
|
|
|
include("ip")
|
|
include("arpwatch")
|
|
|
|
info["owner"] = "root"
|
|
info["group"] = "root"
|
|
info["perms"] = 0644
|
|
|
|
import config.dns
|
|
|
|
header("""
|
|
Les modifications locales sont a mettre dans le fichier /etc/network/interfaces.local
|
|
|
|
Voir http://wiki.crans.org/CransTechnique/Bcfg2/... pour plus d'explications.
|
|
""")
|
|
|
|
configured_ifaces=[]
|
|
|
|
def dev(interface, mode, additionnals=[]):
|
|
"""Generation de la conf d'une interface:
|
|
|
|
- additionnals contient des lignes a mettre en plus a la definition"""
|
|
configured_ifaces.append(interface)
|
|
|
|
if mode == "pub":
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 138.231.136.0
|
|
netmask 255.255.248.0
|
|
broadcast 138.231.143.255
|
|
mtu 1496
|
|
gateway 138.231.136.4
|
|
dns-nameservers %(nameservers)s
|
|
dns-search crans.org""" % { 'interface': interface, 'ip': pubip(), 'nameservers': ' '.join(config.dns.recursiv['fil']) }
|
|
|
|
for line in additionnals:
|
|
print " ", line
|
|
print
|
|
|
|
pub6(interface)
|
|
|
|
elif mode == "wifi":
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 138.231.144.0
|
|
netmask 255.255.248.0
|
|
broadcast 138.231.151.255
|
|
mtu 1496
|
|
dns-nameservers %(nameservers)s
|
|
dns-search wifi.crans.org""" % { 'interface': interface, 'ip': wifiip(), 'nameservers': ' '.join(config.dns.recursiv['wifi']) }
|
|
|
|
for line in additionnals:
|
|
print " ", line
|
|
print
|
|
|
|
elif mode == "adm":
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.231.136.0
|
|
netmask 255.255.255.0
|
|
broadcast 10.231.136.255
|
|
mtu 1496
|
|
dns-nameservers %(nameservers)s
|
|
dns-search adm.crans.org""" % { 'interface': interface, 'ip': admip(), 'nameservers': ' '.join(config.dns.recursiv['adm']) }
|
|
|
|
for line in additionnals:
|
|
print " ", line
|
|
print
|
|
|
|
adm6(interface)
|
|
|
|
elif mode == "radin":
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.42.0.0
|
|
netmask 255.255.0.0
|
|
broadcast 10.42.255.255
|
|
mtu 1496""" % { 'interface': interface, 'ip': radinip() }
|
|
|
|
elif mode == "accueil":
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.51.0.0
|
|
netmask 255.255.0.0
|
|
broadcast 10.51.255.255
|
|
mtu 1496""" % { 'interface': interface, 'ip': accueilip() }
|
|
|
|
elif mode == "ens":
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.2.9.0
|
|
netmask 255.255.255.0
|
|
broadcast 10.2.9.255
|
|
mtu 1496""" % { 'interface': interface, 'ip': appt_ens_ip() }
|
|
|
|
elif mode == "isolement":
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet static
|
|
address %(ip)s
|
|
network 10.52.0.0
|
|
netmask 255.255.0.0
|
|
broadcast 10.52.255.255
|
|
mtu 1496""" % { 'interface': interface, 'ip': isolementip() }
|
|
|
|
elif mode == "manuel":
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet static""" % { 'interface': interface }
|
|
|
|
elif mode == "vide":
|
|
try:
|
|
iface, vlan = interface.split('.')
|
|
except ValueError:
|
|
vlan = None
|
|
if vlan:
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet manual
|
|
pre-up vconfig add %(iface)s %(vlan)s
|
|
post-down vconfig rem %(iface)s.%(vlan)s
|
|
up ip l set %(interface)s up
|
|
down ip l set %(interface)s down""" % { 'interface': interface, 'iface':iface,'vlan':vlan }
|
|
else:
|
|
print """auto %(interface)s
|
|
iface %(interface)s inet manual
|
|
up ip l set %(interface)s up
|
|
down ip l set %(interface)s down""" % { 'interface': interface }
|
|
|
|
else:
|
|
raise NotImplementedError, "Mode de reseau inconnu : %s" % mode
|
|
|
|
if mode != "pub" and mode != "adm" and mode != "wifi" :
|
|
for line in additionnals:
|
|
print " ", line
|
|
print
|
|
|
|
# Definitions communes
|
|
print """auto lo
|
|
iface lo inet loopback
|
|
"""
|
|
|
|
# Pour arpwatch, on surveille nos réseaux
|
|
def otherlisteners():
|
|
print "#Interfaces d'ecoute restantes pour arpwatch "
|
|
for vlan in watched_vlans:
|
|
if vlan == 1:
|
|
iface = 'eth0'
|
|
else:
|
|
iface = 'eth0.%d' % vlan
|
|
if not iface in configured_ifaces:
|
|
dev(iface,'vide')
|
|
|
|
def pubip6(If):
|
|
if len(If_Mac[If].split(':'))<4: alt = ':'
|
|
else: alt = ''
|
|
return "2a01:240:fe3d:4:" + alt + If_Mac[If]
|
|
|
|
def admip6(If):
|
|
if len(If_Mac[If].split(':'))<4: alt = ':'
|
|
else: alt = ''
|
|
return "2a01:240:fe3d:c804:" + alt + If_Mac[If]
|
|
|
|
def pub6(interface, mode = 'serveur'):
|
|
""" fonction permettant d'ajouter une adressse ipv6 a l'interface donnee en argument.
|
|
Le mode permet de faire la distinction entre les simples serveurs et les routeurs.
|
|
En effet, il est assez peu fortuit de rajouter une route par defaut qui va faire une boucle."""
|
|
print """iface %(interface)s inet6 static
|
|
address %(ip6)s
|
|
netmask 64""" % { 'interface': interface, 'ip6': pubip6(interface) }
|
|
if mode == 'serveur':
|
|
print ' gateway fe80::219:bbff:fe31:3b80'
|
|
elif mode == 'routeur':
|
|
print ' up ip r add dev %s 2a01:240:fe3d:f7::/64 via 2a01:240:fe3d:4:20f:1fff:fe66:e0e8' % interface
|
|
print
|
|
|
|
def adm6(interface):
|
|
print """iface %(interface)s inet6 static
|
|
address %(ip6)s
|
|
netmask 64""" % { 'interface': interface, 'ip6': admip6(interface) }
|
|
print
|
|
|
|
Probe_Mac = metadata.Probes["mac"].split('\n')
|
|
If_Mac = dict(zip(Probe_Mac[:-1:2], Probe_Mac[1::2]))
|
|
|
|
exec(str(metadata.Probes["interfaces_local"]))
|