diff options
| author | Asbjørn Sloth Tønnesen <asbjorn@labitat.dk> | 2025-06-04 16:09:47 +0000 |
|---|---|---|
| committer | Asbjørn Sloth Tønnesen <asbjorn@labitat.dk> | 2025-06-04 16:44:30 +0000 |
| commit | 408d66c00e2c88fbc3d4831c2cda0d0449131a96 (patch) | |
| tree | a8b26610aa530e8356a86132106a4227ab09194b | |
| parent | 7045377eaae765990cb9dc7d171fdc3b687d3a4f (diff) | |
| download | labitat-ansible-408d66c00e2c88fbc3d4831c2cda0d0449131a96.tar.gz labitat-ansible-408d66c00e2c88fbc3d4831c2cda0d0449131a96.tar.xz labitat-ansible-408d66c00e2c88fbc3d4831c2cda0d0449131a96.zip | |
space_server: nftables: remove old IP prefixes
Signed-off-by: Asbjørn Sloth Tønnesen <asbjorn@labitat.dk>
| -rw-r--r-- | roles/space_server/templates/nftables.conf.j2 | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/roles/space_server/templates/nftables.conf.j2 b/roles/space_server/templates/nftables.conf.j2 index 5637e09..adfbfed 100644 --- a/roles/space_server/templates/nftables.conf.j2 +++ b/roles/space_server/templates/nftables.conf.j2 @@ -10,8 +10,8 @@ define ext_if = wan define ext_ip4 = 45.145.93.0 define ext_ip6 = 2a00:fbe4:1ab:: define int_net4 = 10.42.0.0/16 -define ext_net4 = { 185.38.175.0/24, 45.145.93.0/24 } -define ext_net6 = { 2a01:4262:1ab::/48, 2a00:fbe4:1ab::/48 } +define ext_net4 = 45.145.93.0/24 +define ext_net6 = 2a00:fbe4:1ab::/48 define link_net4 = 193.106.167.40/29 define link_net6 = 2a03:5440:1:2935:1ab::/80 @@ -22,26 +22,26 @@ define adm_net4 = 10.42.0.0/24 define wire_if = lan11 define wire_ip4 = 10.42.1.1 define wire_net4 = 10.42.1.0/24 -define wire_net6 = { 2a01:4262:1ab:b::/64, 2a00:fbe4:1ab:b::/64 } +define wire_net6 = 2a00:fbe4:1ab:b::/64 define priv_if = lan12 define priv_ip4 = 10.42.2.1 define priv_net4 = 10.42.2.0/24 -define priv_net6 = { 2a01:4262:1ab:c::/64, 2a00:fbe4:1ab:c::/64 } +define priv_net6 = 2a00:fbe4:1ab:c::/64 define free_if = lan13 define free_ip4 = 10.42.3.1 define free_nat = 45.145.93.1 define free_net4 = 10.42.3.0/24 -define free_net6 = { 2a01:4262:1ab:d::/64, 2a00:fbe4:1ab:d::/64 } +define free_net6 = 2a00:fbe4:1ab:d::/64 define pass_if = lan14 define pass_ip4 = 10.42.4.1 define pass_net4 = 10.42.4.0/24 -define pass_net6 = { 2a01:4262:1ab:e::/64, 2a00:fbe4:1ab:e::/64 } +define pass_net6 = 2a00:fbe4:1ab:e::/64 define futu_if = lan15 -define futu_net6 = { 2a01:4262:1ab:f::/64, 2a00:fbe4:1ab:f::/64 } +define futu_net6 = 2a00:fbe4:1ab:f::/64 define nat64_if = nat64 define nat64_net4 = 10.42.128.0/17 @@ -49,13 +49,13 @@ define nat64_net4 = 10.42.128.0/17 define colo_if = { lan20, lan21 } define tor_if = lan25 -define tor_net4 = { 185.38.175.128/28, 45.145.93.128/28 } -define tor_net6 = { 2a01:4262:1ab:ffff::/64, 2a00:fbe4:1ab:ffff::/64 } +define tor_net4 = 45.145.93.128/28 +define tor_net6 = 2a00:fbe4:1ab:ffff::/64 define local_ip4 = { $ext_ip4, $adm_ip4, $wire_ip4, $priv_ip4, $free_ip4, $pass_ip4 } define local_ip6 = { $ext_ip6 } define local_net4 = { $ext_ip4, $free_nat, $int_net4 } -define local_net6 = { 2a01:4262:1ab::/52, 2a00:fbe4:1ab::/52 } +define local_net6 = 2a00:fbe4:1ab::/52 define avahi_ifs = { $wire_if, $priv_if, $pass_if } |