Paste: bird config

Author: crest
Mode: text
Date: Sat, 13 Nov 2010 18:37:44
Plain Text |
router id 172.22.122.1;

log syslog all;

define my_as = 64722;

protocol kernel {
	persist no;
	scan time 5;
	learn yes;
	export all;
}

protocol device {
	scan time 1;
}

protocol static {
	route 172.22.122.0/24  reject;
}

function is_dn42_asn(int asn)
{
	case asn {
		64600..65111: return true;
		else: return false;
	}
}

filter dn42_export
{
	if source ~ [ RTS_BGP, RTS_STATIC ] then {
		if bgp_path.last != my_as then {
			bgp_path.prepend(my_as);
			bgp_path.prepend(my_as);
		}
		accept;
	} else {
		reject;
	}
}

function one_as_path(bgppath p) {
	return (p.first) = (p.last);
}

function is_dn42(prefix p)
	prefix set include;
	prefix set exclude;
{
	exclude = [	10.10.10.0/24+];		# mgmt and kabel deutschland dns, dhcp

	include = [	172.22.0.0/15{22,28},		# dn42 main net
			172.22.254.0/24{26,30},		# dn42 transfer nets
			172.22.0.53/32,			# dn42 anycast dn42
			172.22.53.0/24+,		# srn crazy dns
			192.175.48.0/24,		# AS112 prefix for reverse dns
			10.0.0.0/8{12,30},		# freifunk
			172.31.0.0/16+,			# chaosvpn
			195.160.168.0/23,		# ctdo
			91.204.4.0/22,			# free.de via ctdo
			193.43.220.0/23,		# durchdieluft via ctdo
			83.133.178.0/23,		# muCCC kapsel
			87.106.29.254/32,		# wintix (faule sau)
			188.40.227.0/24,		# morpheus
			109.239.201.0/25,		# morpheus
			85.25.246.16/28,		# leon
			94.45.224.0/19{19,30},		# ccc event
			195.191.196.0/23{23,29},	# ichdasich pi space
			80.224.241.224/27,		# jchome service network
			198.18.0.0/15+ ];		# VAnet
	if p ~ exclude then return false;
	if p ~ include then return true;
	return false;
}

filter dn42_import
{
	if is_dn42_asn(bgp_path.last) && is_dn42(net) then {
		if one_as_path(bgp_path) then preference = 150;
		accept;
	} else {
		reject;
	}
}

protocol bgp dn42_crest0 {
	local as my_as;
	source address 172.22.254.43;
	neighbor 172.22.254.42 as 64828;
	export filter dn42_export;
	import filter dn42_import;
}

Annotation: openvpn config

Author: crest
Mode: text
Date: Sat, 13 Nov 2010 18:53:01
Plain Text |
mode p2p
remote gw.dmz.nonattached.net
port 10012
dev-type tun
dev dn42_danrl0
comp-lzo
secret dn42_danrl0.key
user openvpn
group openvpn
persist-key
persist-tun
keepalive 1 30
mssfix
verb 1
ifconfig 172.22.254.42 172.22.254.43
float
tun-ipv6

New Annotation

Summary:
Author:
Mode:
Body: