Sergio Álvarez xergio
xergio
/ sur_firewall_inames.sh
Created
June 3, 2025 20:11
— forked from LuisPalacios/sur_firewall_inames.sh
Sur: Nombres de interfaces para montar el firewall
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## | |
| ## /root/firewall/sur_firewall_inames.sh | |
| ## | |
| ## Script que configura iptables en un servidor Raspbian OS | |
| ## | |
| ## Este fichero está relacionado con este apunte: | |
| ## https://www.luispa.com/linux/2014/10/19/bridge-ethernet.html | |
| ## |
xergio
/ sur_firewall_clean.sh
Created
June 3, 2025 20:11
— forked from LuisPalacios/sur_firewall_clean.sh
Sur: Script parte del firewall /root/firewall/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| ## Servidor ‘sur’ | |
| ## | |
| ## Este fichero está relacionado con este apunte: | |
| ## https://www.luispa.com/linux/2014/10/19/bridge-ethernet.html | |
| ## | |
| # | |
| # Quita las iptables por completo, lo permite todo. | |
| # |
xergio
/ firewall_2_pre_network.service
Created
June 3, 2025 20:11
— forked from LuisPalacios/firewall_2_pre_network.service
Sur: segunda para de la activación de reglas iptables durante el boot
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Este servicio activa reglas con iptables llamando a un script | |
| # | |
| # Instalar con: | |
| # systemctl enable firewall_2_pre_network.service | |
| # | |
| [Unit] | |
| Description=Activar reglas iptables despues de la red | |
| Wants=network-online.target internet_wait.service | |
| After=network-online.target internet_wait.service |
xergio
/ firewall_1_pre_network.service
Created
June 3, 2025 20:11
— forked from LuisPalacios/firewall_1_pre_network.service
Sur: Instalar reglas iptables
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Este servicio activa reglas con iptables llamando a un script | |
| # | |
| # Instalar con: | |
| # systemctl enable firewall_1_pre_network.service | |
| # | |
| [Unit] | |
| Description=Activar reglas iptables antes que la red | |
| Wants=network-pre.target | |
| Before=network-pre.target |
xergio
/ vlans
Created
June 3, 2025 20:11
— forked from LuisPalacios/vlans
Sur: /etc/network/interfaces.d/vlans
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| ## Fichero /etc/network/interfaces.d/vlans para Raspberry Pi OS 64 bits | |
| ## Servidor ‘sur’ | |
| ## | |
| ## Este fichero está relacionado con este apunte: | |
| ## https://www.luispa.com/linux/2014/10/19/bridge-ethernet.html | |
| ## | |
| ## Relacionado: https://gist.github.com/LuisPalacios/7f36aa70890dbf9a9cb72fda3250ef7a | |
| ## | |
| auto eth1.206 |
xergio
/ dhcpcd.conf
Created
June 3, 2025 20:11
— forked from LuisPalacios/dhcpcd.conf
Sur: /etc/dhcpcd.conf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| ## Fichero /etc/dhcpcd.conf para Raspberry Pi OS 64 bits | |
| ## Servidor ‘sur’ | |
| ## | |
| ## Este fichero está relacionado con este apunte: | |
| ## https://www.luispa.com/linux/2014/10/19/bridge-ethernet.html | |
| ## | |
| ## Configuración IP: | |
| ## `eth0` Recibe IP, DNS y Router vía DHCP | |
| ## `eth1` Puerto principal para TRUNK Vlans, sin IP: |
xergio
/ norte_bridge_ethernet_server_DOWN.sh
Created
June 3, 2025 20:11
— forked from LuisPalacios/norte_bridge_ethernet_server_DOWN.sh
Norte: /etc/openvpn/server/norte_bridge_ethernet_server_DOWN.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script que se ejecuta al hacer un `stop` del servicio Bridge Ethernet | |
| # Interfaces, rutas + IP y MACs asociaré a las interfaces tap y bridge | |
| . /etc/openvpn/server/norte_bridge_ethernet_server_CONFIG.sh | |
| # Elimino filtros L2 y L3 | |
| /etc/openvpn/server/norte_bridge_ethernet_server_FW_CLEAN.sh | |
| # Elimino la asociación de flujos RTSP a su helper |
xergio
/ norte_bridge_ethernet_server_UP.sh
Created
June 3, 2025 20:11
— forked from LuisPalacios/norte_bridge_ethernet_server_UP.sh
Norte: /etc/openvpn/server/norte_bridge_ethernet_server_UP.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script que se ejecuta al hacer un `start` del servicio Bridge Ethernet | |
| # Interfaces, rutas + IP y MACs asociaré a las interfaces tap y bridge | |
| . /etc/openvpn/server/norte_bridge_ethernet_server_CONFIG.sh | |
| # Activo el tunel IPSec | |
| ip link set ${EB_TAP} address ${mac_tap} | |
| ip link set ${EB_TAP} up |
xergio
/ norte_bridge_ethernet_server_FW_CLEAN.sh
Created
June 3, 2025 20:11
— forked from LuisPalacios/norte_bridge_ethernet_server_FW_CLEAN.sh
Norte: /etc/openvpn/server/norte_bridge_ethernet_server_FW_CLEAN.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Este script desactiva por completo el firewall a nivel 2 y 3 | |
| # Interfaces, rutas + IP y MACs asociaré a las interfaces tap y bridge | |
| . /etc/openvpn/server/norte_bridge_ethernet_server_CONFIG.sh | |
| # Elimino filtros L3 antiguos | |
| for i in `echo ${EB_TAP} ${IF_IPTV}`; do | |
| iptables -D INPUT -i ${i} -j ACCEPT 2> /dev/null | |
| iptables -D FORWARD -i ${i} -j ACCEPT 2> /dev/null |
xergio
/ norte_bridge_ethernet_server_CONFIG.sh
Created
June 3, 2025 20:11
— forked from LuisPalacios/norte_bridge_ethernet_server_CONFIG.sh
Norte: /etc/openvpn/server/norte_bridge_ethernet_server_CONFIG.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Fichero xxxxxxx_bridge_ethernet_server_CONFIG.sh | |
| # Este fichero contiene los nombres de las interfaces y parámetros de cada uno de | |
| # ellas. Los utilizan los scripts de arranque y parada del servicio Bridge Ethernet | |
| # Configuración General | |
| export mtu="1492" | |
| # Configuración para el tunel openvpn (interfaz tapXXX) | |
| # Las direcciones MAC's pueden ser cualquiera, obviamente que no se usen en otro sitio. |