wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-06-07 07:33:52 +02:00
Code Issues Projects Releases Wiki Activity

change IP ranges #37

Browse source
This commit is contained in:
jack 2016-08-01 20:09:37 +03:00
parent d6dc57459e
commit e30eb9bf87
4 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
config.cfg
View file

@ -14,7 +14,8 @@ server_name: example.com
server_ip: "{{ ansible_ssh_host }}" server_ip: "{{ ansible_ssh_host }}"
dns_servers: dns_servers:
- 8.8.8.8 - 8.8.8.8
- 8.8.4.4 - 8.8.4.4
vpn_network: 10.19.48.0/24
users: users:
- mr.smith - mr.smith

2
features.yml
View file

@ -62,7 +62,7 @@
chain: PREROUTING chain: PREROUTING
protocol: udp protocol: udp
destination_port: 53 destination_port: 53
source: 10.0.0.0/24 source: "{{ vpn_network }}"
jump: DNAT jump: DNAT
to_destination: 172.16.0.1:53 to_destination: 172.16.0.1:53
notify: notify:

2
templates/ipsec.conf.j2
View file

@ -22,7 +22,7 @@ conn %default
right=%any right=%any
rightauth=pubkey rightauth=pubkey
rightsourceip=10.0.0.0/24 rightsourceip="{{ vpn_network }""
{% if service_dns is defined and service_dns == "N" %} {% if service_dns is defined and service_dns == "N" %}
rightdns={% for host in dns_servers %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %} rightdns={% for host in dns_servers %}{{ host }}{% if not loop.last %},{% endif %}{% endfor %}
{% else %} {% else %}

2
vpn.yml
View file

@ -28,7 +28,7 @@
- netfilter-persistent - netfilter-persistent
- name: Configure iptables so IPSec traffic can traverse the tunnel - name: Configure iptables so IPSec traffic can traverse the tunnel
iptables: table=nat chain=POSTROUTING source=10.0.0.0/24 jump=MASQUERADE iptables: table=nat chain=POSTROUTING source="{{ vpn_network }}" jump=MASQUERADE
notify: notify:
- save iptables - save iptables