diff --git a/config_hex.grote.lan.rsc b/config_hex.grote.lan.rsc index c63d7fd..1c6e2d9 100644 --- a/config_hex.grote.lan.rsc +++ b/config_hex.grote.lan.rsc @@ -1,4 +1,4 @@ -# 2023-07-21 18:44:51 by RouterOS 7.10 +# 2023-07-21 18:48:06 by RouterOS 7.10 # software id = NPZE-DVQU # # model = RB750Gr3 @@ -73,102 +73,3 @@ add interface=ether2 /ip firewall address-list add address=192.168.2.0/24 list=subnet2 add address=192.168.2.0/24 list=mgmt_access -add address=192.168.3.0/24 list=subnet3 -add address=10.25.25.0/24 list=subnet2525 -add address=10.25.26.0/24 list=mgmt_access -add address=10.25.26.0/24 list=subnet2526 -add address=192.168.3.0/24 list=mgmt_access -add address=10.25.27.0/24 list=subnet2527 -add address=10.25.27.0/24 list=mgmt_access -add address=192.168.2.43 list=snmp_server -/ip firewall filter -add action=accept chain=input connection-state=established,related \ - log-prefix="Allow established, related: " -add action=drop chain=input connection-state=invalid log-prefix=\ - "Drop invalid:" -add action=accept chain=input in-interface=wireguard_s2s_hex log-prefix=\ - "Allow OSPF: " protocol=ospf -add action=accept chain=input icmp-options=!5:0-255 log-prefix="Allow ICMP: " \ - protocol=icmp -add action=accept chain=input dst-port=13232,13233 in-interface=ether2 \ - log-prefix="Allow Wireguard: " protocol=udp -add action=accept chain=input dst-port=22,8291 log-prefix=\ - "Allow ssh+winbox: " protocol=tcp src-address-list=mgmt_access -add action=drop chain=input log-prefix="INPUT: Drop anything not allowed: " -add action=fasttrack-connection chain=forward connection-state=\ - established,related hw-offload=yes log-prefix="FastTrack Connection: " -add action=accept chain=forward connection-state=established,related \ - log-prefix="Allow established, related: " -add action=drop chain=forward connection-state=invalid log-prefix=\ - "Drop invalid:" -add action=accept chain=forward dst-address-list=subnet3 log-prefix=\ - "Allow SN2 -> SN3: " src-address-list=subnet2 -add action=accept chain=forward dst-address-list=subnet3 log-prefix=\ - "Allow SN2526 -> SN3: " src-address-list=subnet2526 -add action=accept chain=forward dst-address-list=subnet3 log-prefix=\ - "Allow SN2525 -> SN3: " src-address-list=subnet2525 -add action=accept chain=forward in-interface=wireguard_clients log-prefix=\ - "Allow WG-Clients-> Ether2: " out-interface=ether2 src-address-list=\ - subnet2527 -add action=drop chain=forward disabled=yes log=yes log-prefix=\ - "FORWARD: Drop anything not allowed: " -/ip firewall nat -add action=masquerade chain=srcnat log-prefix="NAT: Alles von SN2" \ - out-interface=!wireguard_s2s_hex -/ip service -set telnet disabled=yes -set ftp disabled=yes -set www disabled=yes -set ssh address=192.168.2.0/24,192.168.3.0/24,10.25.26.0/24 -set api disabled=yes -set winbox address=192.168.2.0/24,192.168.3.0/24,10.25.26.0/24 -set api-ssl disabled=yes -/ip ssh -set strong-crypto=yes -/routing ospf interface-template -add area=ospf-area-1 disabled=no interfaces=wireguard_s2s_hex networks=\ - 10.25.26.0/30 type=ptmp -/routing ospf static-neighbor -add address=10.25.26.1%wireguard_s2s_hex area=ospf-area-1 disabled=no -/snmp -set contact="mgrote " location="S\FCdstra\DFe" \ - trap-community=librenms-v3 trap-generators=temp-exception,interfaces \ - trap-version=3 -/system clock -set time-zone-name=Europe/Berlin -/system identity -set name=hex -/system logging -add disabled=yes topics=ospf -/system note -set show-at-login=no -/system ntp client -set enabled=yes -/system ntp client servers -add address=0.de.pool.ntp.org -/system routerboard settings -set silent-boot=yes -/system watchdog -set automatic-supout=no ping-timeout=5m watch-address=10.25.26.1 -/tool bandwidth-server -set enabled=no -/tool mac-server -set allowed-interface-list=none -/tool mac-server mac-winbox -set allowed-interface-list=winbox-access -/tool mac-server ping -set enabled=no -/tool netwatch -add disabled=no down-script="# set variables\r\ - \n:local wginterface wireguard_s2s_hex\r\ - \n# Valid characters in variable names are letters and digits. If variable\ - \_name contains any other character, then variable name should be put in d\ - ouble quotes.\r\ - \n\r\ - \n:log error \"wireguard-tunnel down: \$wginterface\"\r\ - \n/interface/wireguard/disable \$wginterface\r\ - \n:delay 20s\r\ - \n/interface/wireguard/enable \$wginterface\r\ - \n:log info \"Restart wireguard-tunnel: \$wginterface\"\r\ - \nping 192.168.2.1\r\ - \n" host=192.168.2.1 interval=30s timeout=1s type=simple diff --git a/x b/x index 9f9606a..651dbf9 100644 --- a/x +++ b/x @@ -3,9 +3,15 @@ # setze Variable devices="rb5009.grote.lan,/home/mg/oxidized-selfmade/neu hex.grote.lan,/ssh/keys/hex" + + # teste auf dependencies GIT_REPO_PATH=/home/mg/oxidized-selfmade GIT_REPO_BRANCH=master +GIT_USERNAME=oxidized +GIT_USER_MAIL=michael.grote@posteo.de if [ -d "$GIT_REPO_PATH" ]; then + git config --global user.email "$GIT_USER_MAIL" + git config --global user.name "$GIT_USERNAME" cd "$GIT_REPO_PATH" if [ -d ".git" ]; then git pull origin $GIT_REPO_BRANCH