The "routing configurator" script now supports DHCP and interface routing (in addition to static IP routing). The script provides support for multiple gateways on multiple interfaces, and allows designation of the Internet 'route of last resort' for a particular gateway of one's choosing.The script can be downloaded via HTTP, for now, from: http://www.securityappraisers.net/downloads/routes.tar The script can be extracted to /sbin/init.d/routes.local (this is a 'hook' wisely provided by Astaro; a script in this location gets called whenever a change is made to the "Routes" or "Interfaces" pages in the webadmin). This script has been tested with version 4. This script serves as a good example of adapting Astaro to your needs. If you have ideosyncratic routing requirements, this script can serve as a good point of departure. The MD5 for the script is: f8c6d9dabde6ba823c6952b55da40351 [ Check posts below to see if this script has been updated; newer MD5 signatures will be listed in such posts ] Specify individual gateways for multiple interfaces; then add an "Any" route on the "Routes" page of the webadmin, specifying a target gateway of either an interface or a host. In the case of an interface target, the script will obtain the gateway from the interface's static gateway entry, or, in the case of DHCP, from the gateway brokered by a DHCP server. This script will: flush all prior routes (except loopback network 127.0.0.0) add routes for the network defined by each interface's address and mask (also specifying a gateway if one is specified on the interface) [the interface that will support the route of last resort will not be specified as a subnetwork route, since the route of last resort should cover this...] add specific routes specified on the Routes webadmin page (based on networks that are not labeled "Any") add routes of last resort (0.0.0.0) for targets labeled "Any" [there should only be one "Any"/"route of last resort"; dead gateway is not supported in this script implementation...) [/list] The script generates an HTML formatted log in Astaro's web publishing directory. This log can be accessed from the webadmin by using a url of: https:// your_webadmin_url /routes.htm This software is neither expressly endorsed nor supported by Astaro. Although reasonable efforts of software quality assurance have been made, this free software implies no obligations of support or liability by SecurityAppraisers. Trivial sanity checking of data is performed by this script; but routing and interface misconfigurations are NOT handled (e.g., two interfaces having the same address, or overlapping networks, etc.). For extra details read the comments in the script. Note : From a troubleshooting, reliability, and security perspective, it is almost always preferable to use static IP addressing on your vital Internet gateways, as opposed to DHCP. Having said that, we understand the constraints that many people may be working under that requires them to employ DHCP on their gateway addressing...

Routing Script+DHCP and interface routing support

The "routing configurator" script now supports DHCP and interface routing (in addition to static IP routing). The script provides support for multiple gateways on multiple interfaces, and allows designation of the Internet 'route of last resort' for a particular gateway of one's choosing.The script can be downloaded via HTTP, for now, from:

http://www.securityappraisers.net/downloads/routes.tar

The script can be extracted to /sbin/init.d/routes.local (this is a 'hook' wisely provided by Astaro; a script in this location gets called whenever a change is made to the "Routes" or "Interfaces" pages in the webadmin). This script has been tested with version 4. This script serves as a good example of adapting Astaro to your needs. If you have ideosyncratic routing requirements, this script can serve as a good point of departure.

The MD5 for the script is:

f8c6d9dabde6ba823c6952b55da40351

[Check posts below to see if this script has been updated; newer MD5 signatures will be listed in such posts]

Specify individual gateways for multiple interfaces; then add an "Any" route on the "Routes" page of the webadmin, specifying a target gateway of either an interface or a host. In the case of an interface target, the script will obtain the gateway from the interface's static gateway entry, or, in the case of DHCP, from the gateway brokered by a DHCP server.

This script will:

flush all prior routes (except loopback network 127.0.0.0)
add routes for the network defined by each interface's address and mask (also specifying a gateway if one is specified on the interface)
[the interface that will support the route of last resort will not be specified as a subnetwork route, since the route of last resort should cover this...]
add specific routes specified on the Routes webadmin page (based on networks that are not labeled "Any")
add routes of last resort (0.0.0.0) for targets labeled "Any" [there should only be one "Any"/"route of last resort"; dead gateway is not supported in this script implementation...)

[/list]
The script generates an HTML formatted log in Astaro's web publishing directory. This log can be accessed from the webadmin by using a url of:

https://your_webadmin_url/routes.htm

This software is neither expressly endorsed nor supported by Astaro.

Although reasonable efforts of software quality assurance have been made, this free software implies no obligations of support or liability by SecurityAppraisers.

Trivial sanity checking of data is performed by this script; but routing and interface misconfigurations are NOT handled (e.g., two interfaces having the same address, or overlapping networks, etc.).

For extra details read the comments in the script.

Note: From a troubleshooting, reliability, and security perspective, it is almost always preferable to use static IP addressing on your vital Internet gateways, as opposed to DHCP. Having said that, we understand the constraints that many people may be working under that requires them to employ DHCP on their gateway addressing...

Parents

0 pablito over 22 years ago

I've been meaning to try this script on a site I manage. A crazy summer in Toronto has prevented extra value like this script from being done. Now that is supports DHCP I'll be another step closer to making it easy. Wondering if a PPPoE interface can also work.
The site I want to run this on has a cable modem (DHCP) and ADSL (PPPoE).
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 pablito over 22 years ago

I've been meaning to try this script on a site I manage. A crazy summer in Toronto has prevented extra value like this script from being done. Now that is supports DHCP I'll be another step closer to making it easy. Wondering if a PPPoE interface can also work.
The site I want to run this on has a cable modem (DHCP) and ADSL (PPPoE).
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data