LuisPalacios
/ firewall_2_post_network.sh
Last active
April 28, 2023 10:11
Se ejecuta tras activar la red y termina de instalar las reglas de iptables
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # /root/firewall/firewall_2_post_network.sh | |
| # | |
| # Script que se ejecuta tras activar la red y termina de instalar las reglas de iptables | |
| # y realiza las últimas confirmaciones... | |
| # | |
| # Está relacionado con este apunte: | |
| # https://www.luispa.com/administración/2023/04/08/networking-avanzado.html | |
| # |
LuisPalacios
/ firewall_1_pre_network.sh
Last active
April 29, 2023 15:44
Instala las reglas con iptables. Se debe ejecutar antes de tener la red activa
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # /root/firewall/firewall_1_pre_network.sh | |
| # | |
| # Script que instala las reglas con iptables. Se debe ejecutar antes de tener la | |
| # red activa, para que nunca pueda activarse la red sin estar las reglas antes puestas. | |
| # | |
| # Está relacionado con este apunte: | |
| # https://www.luispa.com/administración/2023/04/08/networking-avanzado.html | |
| # |
LuisPalacios
/ netSetupVars
Last active
April 28, 2023 10:10
Definir nombres, ip's, etc. para el networking.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # /etc/default/netSetupVars | |
| # Script utilizado durante la instalación de reglas iptables durante el arranque | |
| # del sistema y durante la construcción de túneles con OpenVPN. Es un fichero que | |
| # define con variables los nombres de las interfaces, direcciones IP, etc. que son | |
| # utilizados durante la protección con iptables, creación de túneles, etc. | |
| # | |
| # Su función es: Definir nombres, ip's, etc. para el networking. |
LuisPalacios
/ firewall_clean.sh
Last active
April 28, 2023 10:11
Quitar todas las reglas del firewall (iptables)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # Script utilizado durante la instalación de reglas iptables durante el arranque | |
| # del sistema. Se ejecuta desde otros scripts y tiene dependencia con el fichero | |
| # de definición de variables: | |
| # | |
| # /etc/default/netSetupVars | |
| # | |
| # Su función es: Quitar todas las reglas del firewall (iptables) |
LuisPalacios
/ firewall_2_post_network.service
Last active
April 28, 2023 10:10
Termina de activa reglas con iptables tras tener la red ya disponible.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fichero systemd: | |
| # /etc/systemd/system/firewall_2_post_network.service | |
| # | |
| # Termina de activa reglas con iptables tras tener la red ya disponible. | |
| # | |
| # Para activarlo ejecutar: | |
| # systemctl enable firewall_2_post_network.service | |
| # | |
| # Es fichero está relacionado con este apunte: | |
| # https://www.luispa.com/administración/2023/04/08/networking-avanzado.html |
LuisPalacios
/ firewall_1_pre_network.service
Last active
April 28, 2023 10:10
Activa reglas con iptables llamando a un script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fichero systemd: | |
| # /etc/systemd/system/firewall_1_pre_network.service | |
| # | |
| # Activa reglas con iptables llamando a un script. | |
| # | |
| # Para activarlo ejecutar: | |
| # systemctl enable firewall_1_pre_network.service | |
| # | |
| # Es fichero está relacionado con este apunte: | |
| # https://www.luispa.com/administración/2023/04/08/networking-avanzado.html |
LuisPalacios
/ internet_wait.service
Created
April 15, 2023 16:22
Servicio systemd que comprueba si tengo acceso a internet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Este servicio comprueba si tengo acceso a internet y mientras que | |
| # no lo tenga se queda esperando (sleep's de 1 seg). Es bastante útil | |
| # cuando queremos que otros servicios esperen a tener internet. | |
| # | |
| # Crea el fichero /etc/systemd/system/internet_wait.service | |
| # Instalar con: | |
| # systemctl enable internet_wait.service | |
| # | |
| # En aquellos servicios que queremos que esperen a tener interent | |
| # tenemos que modificar su fichero .service y añadir al final de |
LuisPalacios
/ watch_eth_bridge.sh
Last active
March 12, 2023 11:39
Comprueba conectividad del tunel ethernet bridge openvpn
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # /usr/bin/watch_eth_bridge.sh | |
| # | |
| # Un ejemplo de caso de uso está descrito en este apunte: | |
| # https://www.luispa.com/linux/2014/10/19/bridge-ethernet.html | |
| # | |
| # | |
| # Este script comprueba conectividad del tunel ethernet bridge openvpn entre | |
| # dos servidores. Primero se asegura de tener las entradas correctas en el |
LuisPalacios
/ watch_eth_bridge_con_norte
Last active
March 12, 2023 11:01
Sur: Fichero de configuración para watch_eth_bridge_con_xxxxx.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/default/watch_eth_bridge_con_norte | |
| # Fichero de configuración para watch_eth_bridge_xxxxx.service | |
| # | |
| # Un ejemplo de caso de uso está descrito en este apunte: | |
| # https://www.luispa.com/linux/2014/10/19/bridge-ethernet.html | |
| # | |
| # Opciones watch_eth_bridge.sh | |
| # -l <name> Nombre DNS Público de este host (i.e. sur.midominio.com) | |
| # -r <name> Nombre DNS Público del host remoto (i.e. norte.midominio.com) | |
| # -b <interface> Nombre del interfaz utilizado para montar el BRIDGE |
LuisPalacios
/ watch_eth_bridge_con_sur
Last active
March 12, 2023 10:59
Norte: Fichero de configuración para watch_eth_bridge_con_xxxxx.service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/default/watch_eth_bridge_con_sur | |
| # Fichero de configuración para watch_eth_bridge_xxxxx.service | |
| # | |
| # Un ejemplo de caso de uso está descrito en este apunte: | |
| # https://www.luispa.com/linux/2014/10/19/bridge-ethernet.html | |
| # | |
| # Opciones watch_eth_bridge.sh | |
| # -l <name> Nombre DNS Público del este host (i.e. norte.midominio.com) | |
| # -r <name> Nombre DNS Público del host remoto (i.e. sur.midominio.com) | |
| # -b <interface> Nombre del interfaz utilizado para montar el BRIDGE |