hosts/astatine: Isolate ppp interface

hosts/astatine: remove mtu option so client uses mru sent by provider
hosts/astatine: enable remote wireshark capture
2024-03-01 22:02:36 +01:00 · 2024-03-01 22:02:36 +01:00 · 2024-03-01 22:02:36 +01:00 · 2024-03-01 22:02:36 +01:00
3 changed files with 102 additions and 1 deletions
--- a/hosts/astatine/configuration.nix
+++ b/hosts/astatine/configuration.nix
@ -5,6 +5,8 @@
    [
      ./hardware-configuration.nix
      ./ppp.nix
      ./programs.nix
      ./users.nix
    ];
@ -26,7 +28,7 @@
  networking.hostName = "astatine";
-  networking.firewall.enable = false;
+  #networking.firewall.enable = false;
  services.wg-clerie = {
    enable = true;
--- a/hosts/astatine/ppp.nix
+++ b/hosts/astatine/ppp.nix
@ -0,0 +1,90 @@
 { pkgs, ... }:
 {
  # Make space for VLAN header in containing ethernet segment
  networking.interfaces."enp1s0".mtu = 1518;
  ## DSL-Uplink
  networking.vlans."enp1s0.7" = {
    id = 7;
    interface = "enp1s0";
  };
  services.pppd = {
    enable = true;
    peers.lns-test = {
      config = ''
        plugin pppoe.so enp1s0.7
        user "criese#regiotest@bsa-vdsl"
        ifname ppp-lns-test
        persist
        maxfail 0
        holdoff 5
        noipdefault
        lcp-echo-interval 20
        lcp-echo-failure 3
        hide-password
        nodefaultroute
        +ipv6
        debug
      '';
    };
  };
  /*
  networking.interfaces.lo.useDHCP = true;
  networking.interfaces.ppp-lns-test.useDHCP = true;
  networking.dhcpcd = {
    enable = true;
    extraConfig = ''
      interface ppp-lns-test
        ipv6rs
        ia_pd 0 lo/0
    '';
  };*/
  environment.etc."ppp/ip-up" = {
    text = ''
      #! ${pkgs.runtimeShell} -e
      ${pkgs.iproute2}/bin/ip route flush table 20001 || true
      ${pkgs.iproute2}/bin/ip route add default dev ppp-lns-test table 20001
    '';
    mode = "555";
  };
  environment.etc."ppp/ip-down" = {
    text = ''
      #! ${pkgs.runtimeShell} -e
      ${pkgs.iproute2}/bin/ip route flush table 20001 || true
    '';
    mode = "555";
  };
  environment.etc."ppp/ipv6-up" = {
    text = ''
      #! ${pkgs.runtimeShell} -e
      ${pkgs.iproute2}/bin/ip -6 route flush table 20001 || true
      ${pkgs.iproute2}/bin/ip -6 route add default dev ppp-lns-test table 20001
    '';
    mode = "555";
  };
  environment.etc."ppp/ipv6-down" = {
    text = ''
      #! ${pkgs.runtimeShell} -e
      ${pkgs.iproute2}/bin/ip -6 route flush table 20001 || true
    '';
    mode = "555";
  };
  petabyte.policyrouting = {
    enable = true;
    rules4 = [
      { rule = "from 212.218.16.237/32 lookup 20001"; prio = 19000; }
      { rule = "from 212.218.16.237/32  unreachable"; prio = 19001; }
    ];
  };
 }
--- a/hosts/astatine/programs.nix
+++ b/hosts/astatine/programs.nix
@ -0,0 +1,9 @@
 { pkgs, ... }:
 {
  environment.systemPackages = with pkgs; [
    tcpdump # for remote wireshark
  ];
 }
Author	SHA1	Message	Date
clerie	ffdc95da84	hosts/astatine: Isolate ppp interface	2024-03-01 22:02:36 +01:00
clerie	a5c2009bfd	hosts/astatine: remove mtu option so client uses mru sent by provider	2024-03-01 22:02:36 +01:00
clerie	991b4d6bd1	hosts/astatine: enable remote wireshark capture	2024-03-01 22:02:36 +01:00
clerie	70a663b633	hosts/astatine: ppp test	2024-03-01 22:02:36 +01:00