7 files changed, 59 insertions, 12 deletions
diff --git a/.gitignore b/.gitignore
index 7395836..f187d13 100644
--- a/.gitignore
+++ b/.gitignore
@@ -16,6 +16,9 @@ samizdat.disk.img
 build-stamp
 install-stamp
 install-submodules-stamp
+conf/br0
+conf/dnsmasq.conf
+conf/network_if-up.d_samizdat
 openssh-client-dbgsym_7.9p1-10_amd64.deb
 openssh-client-udeb_7.9p1-10_amd64.udeb
 openssh-client_7.9p1-10_amd64.deb
diff --git a/Makefile b/Makefile
index b64cab9..e5a3109 100644
--- a/Makefile
+++ b/Makefile
@@ -40,12 +40,42 @@ install-nested-kvm: conf/kvm.conf
        install -m0644 conf/kvm.conf ${instdir}/etc/modprobe.d/
        modprobe -r kvm-intel kvm-amd kvm; modprobe kvm; modprobe kvm-intel; modprobe kvm-amd; true
-install-configuration:
+network_filter := $(shell ./src/generate-network-filter.sh)
+conf_files_out = conf/br0 conf/dnsmasq.conf conf/network_if-up.d_samizdat
+conf_files_in = $(addsuffix .in, $(conf_files_out))
+$(conf_files_out): $(conf_files_in) ./src/generate-network-filter.sh
+        sed -e '$(network_filter)' < $@.in > $@
+static_conf_files = conf/torrc conf/nbd-server conf/postfix_main.cf
+.PHONY: install-configuration install-bootserver start-bootserver
+install-bootserver:
+        sudo -E $(MAKE) instdir=/ real-install-bootserver start-bootserver
+start-bootserver:
+        ifup --force br0
+        service dnsmasq restart
+        service nbd-server restart
+real-install-bootserver: $(conf_files_out) $(static_conf_files)
+ifndef instdir
+        $(error "You must specify instdir, for safety.")
+else
+        install  -p  -m0644  -DT  conf/dnsmasq.conf              ${instdir}/etc/dnsmasq.conf
+        install  -p  -m0644  -DT  conf/eth0                      ${instdir}/etc/network/interfaces.d/eth0
+        install  -p  -m0644  -DT  conf/br0                       ${instdir}/etc/network/interfaces.d/br0
+        install  -p  -m0644  -DT  conf/network_if-up.d_samizdat  ${instdir}/etc/network/if-up.d/samizdat
+endif
+install-configuration: real-install-bootserver $(conf_files_out) $(static_conf_files)
 ifndef instdir
        $(error "You must specify instdir, for safety.")
 else
        install  -p  -m0644  -DT  conf/dnsmasq.conf              ${instdir}/etc/dnsmasq.conf
-        install  -p  -m0644  -DT  conf/interfaces.d_eth0         ${instdir}/etc/network/interfaces.d/eth0
+        install  -p  -m0644  -DT  conf/eth0                      ${instdir}/etc/network/interfaces.d/eth0
+        install  -p  -m0644  -DT  conf/br0                       ${instdir}/etc/network/interfaces.d/br0
        install  -p  -m0644  -DT  conf/network_if-up.d_samizdat  ${instdir}/etc/network/if-up.d/samizdat
        install  -p  -m0644  -DT  conf/postfix_main.cf           ${instdir}/etc/postfix/main.cf
        install  -p  -m0644  -DT  conf/torrc                     ${instdir}/etc/tor/torrc
diff --git a/conf/interfaces.d_eth0 b/conf/br0.in
index 3dbf9b4..9d5c17b 100644
--- a/conf/interfaces.d_eth0
+++ b/conf/br0.in
@@ -1,9 +1,4 @@
-# iface eth0 inet static
+auto br0
-#   address 192.168.10.1
-#   netmask 255.255.255.0
-# # post-up ipsec restart
-auto br0 eth0
 iface br0 inet static
 # pre-up echo 0 > /proc/sys/net/ipv6/conf/br0/accept_ra_pinfo # disable ipv6 auto-address
@@ -11,9 +6,7 @@ iface br0 inet static
  pre-down for n in 0 1 2 3 4; do tunctl -d tap$n; done; true
  address 192.168.10.1
  netmask 255.255.255.0
-  bridge_ports eth0 tap0 tap1 tap2 tap3 tap4
+  bridge_ports tap0 tap1 tap2 tap3 tap4
  bridge_maxwait 10
-  up iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
+  up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  up sysctl -w net.ipv4.ip_forward=1
-iface eth0 inet manual
diff --git a/conf/dnsmasq.conf b/conf/dnsmasq.conf.in
index 5ab9008..5ab9008 100644
--- a/conf/dnsmasq.conf
+++ b/conf/dnsmasq.conf.in
diff --git a/conf/eth0 b/conf/eth0
new file mode 100644
index 0000000..364b0a2
--- /dev/null
+++ b/conf/eth0
@@ -0,0 +1,3 @@
+auto eth0
+iface eth0 inet dhcp
diff --git a/conf/network_if-up.d_samizdat b/conf/network_if-up.d_samizdat.in
index 4c02c93..4c02c93 100755
--- a/conf/network_if-up.d_samizdat
+++ b/conf/network_if-up.d_samizdat.in
diff --git a/src/generate-network-filter.sh b/src/generate-network-filter.sh
new file mode 100755
index 0000000..a2e49d0
--- /dev/null
+++ b/src/generate-network-filter.sh
@@ -0,0 +1,18 @@
+#!/bin/sh
+gen_filter()
+{
+  IFS=. read a b c d
+  [ "$a" -a "$b" -a "$c" -a "$d" ] || return
+  cprime=$((c+1))
+  echo s/$a\\.$b\\.$c\\.\\\([0-9]*\\\)/$a.$b.$cprime.\\\\1/g
+}
+get_default()
+{
+  ip route | grep '^default via 192\.168\.[^.]*\.1' |
+    (read default via what ip; [ "$what" ] && echo $what)
+}
+get_default | gen_filter

diff --git a/.gitignore b/.gitignore index 7395836..f187d13 100644 --- a/.gitignore +++ b/.gitignore
@@ -16,6 +16,9 @@ samizdat.disk.img
16	build-stamp	16	build-stamp
17	install-stamp	17	install-stamp
18	install-submodules-stamp	18	install-submodules-stamp
		19	conf/br0
		20	conf/dnsmasq.conf
		21	conf/network_if-up.d_samizdat
19	openssh-client-dbgsym_7.9p1-10_amd64.deb	22	openssh-client-dbgsym_7.9p1-10_amd64.deb
20	openssh-client-udeb_7.9p1-10_amd64.udeb	23	openssh-client-udeb_7.9p1-10_amd64.udeb
21	openssh-client_7.9p1-10_amd64.deb	24	openssh-client_7.9p1-10_amd64.deb


diff --git a/Makefile b/Makefile index b64cab9..e5a3109 100644 --- a/Makefile +++ b/Makefile
@@ -40,12 +40,42 @@ install-nested-kvm: conf/kvm.conf
40	install -m0644 conf/kvm.conf ${instdir}/etc/modprobe.d/	40	install -m0644 conf/kvm.conf ${instdir}/etc/modprobe.d/
41	modprobe -r kvm-intel kvm-amd kvm; modprobe kvm; modprobe kvm-intel; modprobe kvm-amd; true	41	modprobe -r kvm-intel kvm-amd kvm; modprobe kvm; modprobe kvm-intel; modprobe kvm-amd; true
42		42
43	install-configuration:	43	network_filter := $(shell ./src/generate-network-filter.sh)
		44
		45	conf_files_out = conf/br0 conf/dnsmasq.conf conf/network_if-up.d_samizdat
		46	conf_files_in = $(addsuffix .in, $(conf_files_out))
		47
		48	$(conf_files_out): $(conf_files_in) ./src/generate-network-filter.sh
		49	sed -e '$(network_filter)' < $@.in > $@
		50
		51	static_conf_files = conf/torrc conf/nbd-server conf/postfix_main.cf
		52
		53	.PHONY: install-configuration install-bootserver start-bootserver
		54	install-bootserver:
		55	sudo -E $(MAKE) instdir=/ real-install-bootserver start-bootserver
		56
		57	start-bootserver:
		58	ifup --force br0
		59	service dnsmasq restart
		60	service nbd-server restart
		61
		62	real-install-bootserver: $(conf_files_out) $(static_conf_files)
		63	ifndef instdir
		64	$(error "You must specify instdir, for safety.")
		65	else
		66	install -p -m0644 -DT conf/dnsmasq.conf ${instdir}/etc/dnsmasq.conf
		67	install -p -m0644 -DT conf/eth0 ${instdir}/etc/network/interfaces.d/eth0
		68	install -p -m0644 -DT conf/br0 ${instdir}/etc/network/interfaces.d/br0
		69	install -p -m0644 -DT conf/network_if-up.d_samizdat ${instdir}/etc/network/if-up.d/samizdat
		70	endif
		71
		72	install-configuration: real-install-bootserver $(conf_files_out) $(static_conf_files)
44	ifndef instdir	73	ifndef instdir
45	$(error "You must specify instdir, for safety.")	74	$(error "You must specify instdir, for safety.")
46	else	75	else
47	install -p -m0644 -DT conf/dnsmasq.conf ${instdir}/etc/dnsmasq.conf	76	install -p -m0644 -DT conf/dnsmasq.conf ${instdir}/etc/dnsmasq.conf
48	install -p -m0644 -DT conf/interfaces.d_eth0 ${instdir}/etc/network/interfaces.d/eth0	77	install -p -m0644 -DT conf/eth0 ${instdir}/etc/network/interfaces.d/eth0
		78	install -p -m0644 -DT conf/br0 ${instdir}/etc/network/interfaces.d/br0
49	install -p -m0644 -DT conf/network_if-up.d_samizdat ${instdir}/etc/network/if-up.d/samizdat	79	install -p -m0644 -DT conf/network_if-up.d_samizdat ${instdir}/etc/network/if-up.d/samizdat
50	install -p -m0644 -DT conf/postfix_main.cf ${instdir}/etc/postfix/main.cf	80	install -p -m0644 -DT conf/postfix_main.cf ${instdir}/etc/postfix/main.cf
51	install -p -m0644 -DT conf/torrc ${instdir}/etc/tor/torrc	81	install -p -m0644 -DT conf/torrc ${instdir}/etc/tor/torrc


diff --git a/conf/interfaces.d_eth0 b/conf/br0.in index 3dbf9b4..9d5c17b 100644 --- a/conf/interfaces.d_eth0 +++ b/conf/br0.in
@@ -1,9 +1,4 @@
1	# iface eth0 inet static	1	auto br0
2	# address 192.168.10.1
3	# netmask 255.255.255.0
4	# # post-up ipsec restart
5
6	auto br0 eth0
7		2
8	iface br0 inet static	3	iface br0 inet static
9	# pre-up echo 0 > /proc/sys/net/ipv6/conf/br0/accept_ra_pinfo # disable ipv6 auto-address	4	# pre-up echo 0 > /proc/sys/net/ipv6/conf/br0/accept_ra_pinfo # disable ipv6 auto-address
@@ -11,9 +6,7 @@ iface br0 inet static
11	pre-down for n in 0 1 2 3 4; do tunctl -d tap$n; done; true	6	pre-down for n in 0 1 2 3 4; do tunctl -d tap$n; done; true
12	address 192.168.10.1	7	address 192.168.10.1
13	netmask 255.255.255.0	8	netmask 255.255.255.0
14	bridge_ports eth0 tap0 tap1 tap2 tap3 tap4	9	bridge_ports tap0 tap1 tap2 tap3 tap4
15	bridge_maxwait 10	10	bridge_maxwait 10
16	up iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE	11	up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
17	up sysctl -w net.ipv4.ip_forward=1	12	up sysctl -w net.ipv4.ip_forward=1
18
19	iface eth0 inet manual


diff --git a/conf/dnsmasq.conf b/conf/dnsmasq.conf.in index 5ab9008..5ab9008 100644 --- a/conf/dnsmasq.conf +++ b/conf/dnsmasq.conf.in


diff --git a/conf/eth0 b/conf/eth0 new file mode 100644 index 0000000..364b0a2 --- /dev/null +++ b/conf/eth0
@@ -0,0 +1,3 @@
		1	auto eth0
		2
		3	iface eth0 inet dhcp


diff --git a/conf/network_if-up.d_samizdat b/conf/network_if-up.d_samizdat.in index 4c02c93..4c02c93 100755 --- a/conf/network_if-up.d_samizdat +++ b/conf/network_if-up.d_samizdat.in


diff --git a/src/generate-network-filter.sh b/src/generate-network-filter.sh new file mode 100755 index 0000000..a2e49d0 --- /dev/null +++ b/src/generate-network-filter.sh
@@ -0,0 +1,18 @@
		1	#!/bin/sh
		2
		3	gen_filter()
		4	{
		5	IFS=. read a b c d
		6	[ "$a" -a "$b" -a "$c" -a "$d" ] \|\| return
		7	cprime=$((c+1))
		8	echo s/$a\\.$b\\.$c\\.\\\([0-9]*\\\)/$a.$b.$cprime.\\\\1/g
		9	}
		10
		11	get_default()
		12	{
		13	ip route \| grep '^default via 192\.168\.[^.]*\.1' \|
		14	(read default via what ip; [ "$what" ] && echo $what)
		15	}
		16
		17	get_default \| gen_filter
		18