documentation:firewall

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		 Previous revision
documentation:firewall [2022/09/20 15:06] – created tetovjdocumentation:firewall [2022/09/30 12:24] (current) tetovj
Line 9: Line 9:
   * ''d.control.lth.se'' (''192.168.68.0/24'')   * ''d.control.lth.se'' (''192.168.68.0/24'')
  
-To access nodes behind athans you will need to [[tutorials:add_network_routes|add network routes]] for each subnet with athans IP address as gateway (currently ''130.235.83.152''). You will also need a wired connection to LU's network.+To access nodes behind athans you will need to [[tutorials:add_network_routes|add network routes]] for each subnet with athans IP address as gateway (currently ''130.235.83.152'').  
 + 
 +You will also need a wired connection to Automatic Control's part of LU's network (130.235.83.0/24). 
 + 
 +Robots are configured for all 4 subnets but usually only connected to one. Test pinging them to figure out if it's A, B, C or D. 
 + 
 +=== Scripts === 
 + 
 +== Windows == 
 + 
 +TODO: Test! 
 + 
 +<file DOS athans_routes.bat> 
 +for /l %%i in (65, 1, 68) do ( 
 +    route -p ADD 192.168.%%i.0 MASK 255.255.255.0 130.235.83.152 
 +
 +</file> 
 + 
 +== Mac == 
 + 
 +TODO: Test! 
 + 
 +Run script using ''chmod +x athans_routes_mac.sh && sudo .\athans_routes_mac.sh'' 
 + 
 +<file zsh athans_routes_mac.sh> 
 +#!/usr/bin/zsh 
 + 
 +GATEWAY=130.235.83.152 
 + 
 +for i in {65..68} ; do 
 +    SUBNET="192.168.$i.0/24" 
 +    route -n add -net "192.168.$i.0/24" 130.235.83.152 
 +done 
 +</file> 
 + 
 +== Linux == 
 + 
 += ''ip route''
 + 
 +Not persistent! 
 + 
 +Find name of device using ''ip link''.  
 + 
 +Run script using ''chmod +x athans_routes_linux_ip_route.sh && sudo ./athans_routes_linux_ip_route.sh enpXsY''
 + 
 +<file bash athans_routes_linux_ip_route.sh> 
 +#!/usr/bin/bash 
 + 
 +GATEWAY=130.235.83.152 
 +DEVICE=$1 
 + 
 +for i in {65..68} ; do 
 +    SUBNET="192.168.$i.0/24" 
 +    ip route add SUBNETviaGATEWAY dev $DEVICE 
 +done 
 +</file> 
 + 
 += nmcli = 
 + 
 +Find name of device using ''ip link''.  
 + 
 +Run script using ''chmod +x athans_routes_linux_nmcli.sh && sudo ./athans_routes_linux_nmcli.sh 'Wired Connection 1'''
 + 
 +<file bash athans_routes_linux_nmcli.sh> 
 +#!/usr/bin/bash 
 + 
 +GATEWAY=130.235.83.152 
 +CONNECTION=$1 
 + 
 +for i in {65..68} ; do 
 +    SUBNET="192.168.$i.0/24" 
 +    nmcli connection modify “CONNECTION+ipv4.routesSUBNET $GATEWAY”  
 +done 
 +</file> 
 + 
 += netplan = 
 + 
 +Find name of device using ''ip link'' and replace enpXsY in file below. 
 + 
 +Put file into ''/etc/netplan/'' and apply with ''sudo netplan apply''
 + 
 +<file yaml athans_routes.yaml> 
 +network: 
 +  version: 2 
 +  ethernets: 
 +    enpXsY: 
 +      routes: 
 +      - to: 192.168.65.0/24 
 +        via: 130.235.83.152 
 +      - to: 192.168.66.0/24 
 +        via: 130.235.83.152 
 +      - to: 192.168.67.0/24 
 +        via: 130.235.83.152 
 +      - to: 192.168.68.0/24 
 +        via: 130.235.83.152 
 +</file>
  • documentation/firewall.1663686413.txt.gz
  • Last modified: 2022/09/20 15:06
  • by tetovj