synched with home router

author: Andreas Baumann <mail@andreasbaumann.cc> 2016-01-17 19:18:47 +0100
committer: Andreas Baumann <mail@andreasbaumann.cc> 2016-01-17 19:18:47 +0100
commit: a9b4889984b28d6898313c3175c910371cd4286b (patch)
tree: 40667dee4f87f83d2455cccedb66bc75b2095773 /config
parent: 80d36ae6bb350c09d6b39e8d177c029a668ab696 (diff)
download: OpenBSD-firewall-a9b4889984b28d6898313c3175c910371cd4286b.tar.gz
OpenBSD-firewall-a9b4889984b28d6898313c3175c910371cd4286b.tar.bz2
14 files changed, 215 insertions, 64 deletions
diff --git a/config/obr/dhcpd.conf b/config/obr/dhcpd.conf
index 54d655d..644de4e 100644
--- a/config/obr/dhcpd.conf
+++ b/config/obr/dhcpd.conf
@@ -22,11 +22,6 @@ shared-network LAN {
       fixed-address 192.168.1.2;
     }
 
-    host europa4 {
-      hardware ethernet 00:00:1C:B5:F3:43;
-      fixed-address 192.168.1.5;
-    }
-
     host europa5 {
       hardware ethernet 00:01:80:5F:5D:EB;
       fixed-address 192.168.1.6;
@@ -62,17 +57,22 @@ shared-network LAN {
       fixed-address 192.168.1.13;
     }
 
-    host eurodock {
-      hardware ethernet 00:13:20:62:0B:36;
+    host eurobuild1 {
+      hardware ethernet 00:40:05:a1:32:56;
       fixed-address 192.168.1.14;
     }
+
+    host eurobuild2 {
+      hardware ethernet 00:00:1C:B5:F3:43;
+      fixed-address 192.168.1.5;
+    }
  
     host euroweb {
       hardware ethernet b8:27:eb:2a:d9:c7;
       fixed-address 192.168.1.15;
     }
 
-    host eurobeam {
+    host europrint {
       hardware ethernet b8:27:eb:76:8e:67;
       fixed-address 192.168.1.16;
     }
@@ -81,5 +81,16 @@ shared-network LAN {
       hardware ethernet 00:0f:20:d0:96:f1;
       fixed-address 192.168.1.17;
     }
+
+    host eurobuild3 {
+      hardware ethernet b8:27:eb:54:5f:13;
+      fixed-address 192.168.1.18;
+    }
+
+    host euroobr {
+      hardware ethernet 52:54:00:31:2B:EE;
+      fixed-address 192.168.1.19;
+    }
+
   }
 }
diff --git a/config/obr/named/etc/named.conf b/config/obr/named/etc/named.conf
index e23734c..24b6a65 100644
--- a/config/obr/named/etc/named.conf
+++ b/config/obr/named/etc/named.conf
@@ -91,19 +91,24 @@ view "internal" {
     file "master/1.168.192.in-addr";
   };
 
-  zone "andreasbaumann.dyndns.org" {
+  zone "andreasbaumann.cc" {
     type master;
-    file "master/andreasbaumann.dyndns.org";
+    file "master/andreasbaumann.cc-internal";
   };
 
-  zone "patrickfrey.dyndns.org" {
+  zone "bikecentum.com" {
     type master;
-    file "master/patrickfrey.dyndns.org";
+    file "master/bikecentum.com-internal";
   };
 
-  zone "andreasbaumann.cc" {
+  zone "maschezuoz.ch" {
     type master;
-    file "master/andreasbaumann.cc-internal";
+    file "master/maschezuoz.ch-internal";
+  };
+
+  zone "project-strus.net" {
+    type master;
+    file "master/project-strus.net-internal";
   };
 
 };
@@ -115,4 +120,15 @@ view "external" {
     type master;
     file "master/andreasbaumann.cc-external";
   };
+
+  zone "bikecentum.com" {
+    type master;
+    file "master/bikecentum.com-external";
+  };
+
+  zone "maschezuoz.ch" {
+    type master;
+    file "master/maschezuoz.ch-external";
+  };
+
 };
diff --git a/config/obr/named/master/1.168.192.in-addr b/config/obr/named/master/1.168.192.in-addr
index cdae532..b70945c 100644
--- a/config/obr/named/master/1.168.192.in-addr
+++ b/config/obr/named/master/1.168.192.in-addr
@@ -5,10 +5,10 @@ $ORIGIN .
 $TTL 60
 
 1.168.192.in-addr.arpa	IN SOA	obr.lan. root.obr.lan. (
-				2015033000	; serial
+				2016010800	; serial
 				3h		; refresh
 				15m		; retry
-				1w		; expire
+				2w		; expire
 				60		; minimum TTL
 			)
 
@@ -18,7 +18,7 @@ $ORIGIN 1.168.192.in-addr.arpa.
 
 1		IN	PTR	obr.lan.
 2		IN	PTR	europa1.lan.
-5		IN	PTR	europa4.lan.
+5		IN	PTR	eurobuild2.lan.
 6		IN	PTR	europa5.lan.
 7		IN	PTR	europa6.lan.
 8		IN	PTR	eeepc.lan.
@@ -26,9 +26,11 @@ $ORIGIN 1.168.192.in-addr.arpa.
 10		IN	PTR	eeepc-wifi.lan.
 12		IN	PTR	euroserver.lan.
 13		IN	PTR	europa10.lan.
-14		IN	PTR	eurodock.lan.
+14		IN	PTR	eurobuild1.lan.
 15		IN	PTR	euroweb.lan.
-16		IN	PTR	eurobeam.lan.
+16		IN	PTR	europrint.lan.
 17		IN	PTR	eurohp1.lan.
+18		IN	PTR	eurobuild3.lan.
+19		IN	PTR	euroobr.lan.
 253		IN	PTR	wrt2.lan.
 254		IN	PTR	wrt1.lan.
diff --git a/config/obr/named/master/andreasbaumann.cc-external b/config/obr/named/master/andreasbaumann.cc-external
index 8773737..5bc48db 100644
--- a/config/obr/named/master/andreasbaumann.cc-external
+++ b/config/obr/named/master/andreasbaumann.cc-external
@@ -3,10 +3,10 @@
 $TTL 60
 
 @		IN	SOA	ns.andreasbaumann.cc. admin.andreasbaumann.cc. (
-				2015040300	; serial
+				2015101500	; serial
 				3h		; refresh
 				15m		; retry
-				1w		; expire
+				2w		; expire
 				60		; minimum TTL
 			)
 
@@ -31,3 +31,8 @@ pop	IN	A		83.150.2.48
 smtp	IN	A		83.150.2.48
 webmail	IN	A		83.150.2.48
 git	IN	A		83.150.2.48
+devel	IN	A		83.150.2.48
+build	IN	A		83.150.2.48
+
+; this is hosted at GoDaddy
+backup	IN	A		192.186.235.194
diff --git a/config/obr/named/master/andreasbaumann.cc-internal b/config/obr/named/master/andreasbaumann.cc-internal
index c9eb901..d76a5af 100644
--- a/config/obr/named/master/andreasbaumann.cc-internal
+++ b/config/obr/named/master/andreasbaumann.cc-internal
@@ -3,10 +3,10 @@
 $TTL 60
 
 @		IN	SOA	ns.andreasbaumann.cc. root.andreasbaumann.cc. (
-				2015040300	; serial
+				2015101500	; serial
 				3h		; refresh
 				15m		; retry
-				1w		; expire
+				2w		; expire
 				60		; minimum TTL
 			)
 
@@ -28,3 +28,8 @@ smtp			A	192.168.1.15
 webmail			A	192.168.1.15
 www			A	192.168.1.15
 git			A	192.168.1.15
+devel			A	192.168.1.12
+build			A	192.168.1.19
+
+; hosted at godaddy
+backup			A	192.186.235.194 
diff --git a/config/obr/named/master/andreasbaumann.dyndns.org b/config/obr/named/master/andreasbaumann.dyndns.org
deleted file mode 100644
index 146c98f..0000000
--- a/config/obr/named/master/andreasbaumann.dyndns.org
+++ /dev/null
@@ -1,17 +0,0 @@
-; reroute zone for andreasbaumann.dyndns.org
-
-$TTL 60
-
-@		IN	SOA	ns.andreasbaumann.dyndns.org. root.obr.lan. (
-				2015030501	; serial
-				3h		; refresh
-				15m		; retry
-				1w		; expire
-				60		; minimum TTL
-			)
-
-		NS		ns
-	IN	NS		ns.andreasbaumann.dyndns.org.
-	IN	A		192.168.1.12
-ns	IN	A		192.168.1.12
-
diff --git a/config/obr/named/master/bikecentum.com-external b/config/obr/named/master/bikecentum.com-external
new file mode 100644
index 0000000..50175f3
--- /dev/null
+++ b/config/obr/named/master/bikecentum.com-external
@@ -0,0 +1,31 @@
+; external view of zone bikecentum.com
+
+$TTL 60
+
+@		IN	SOA	ns.bikecentum.com. admin.bikecentum.com. (
+				2015100804	; serial
+				3h		; refresh
+				15m		; retry
+				2w		; expire
+				60		; minimum TTL
+			)
+
+	IN	NS		d.ns.buddyns.com.
+	IN	NS		c.ns.buddyns.com.
+	IN	NS		e.ns.buddyns.com.
+	IN	MX	10	smtp.bikecentum.com.
+	IN	TXT		"v=spf1 mx ip4:83.150.2.48/24 ~all"
+
+$ORIGIN bikecentum.com.
+
+	IN	A		83.150.2.48
+
+ns	IN	A		83.150.2.48
+smtp	IN	A		83.150.2.48
+
+www	IN	A		83.150.2.48
+ftp	IN	A		83.150.2.48
+imap	IN	A		83.150.2.48
+pop	IN	A		83.150.2.48
+smtp	IN	A		83.150.2.48
+webmail	IN	A		83.150.2.48
diff --git a/config/obr/named/master/bikecentum.com-internal b/config/obr/named/master/bikecentum.com-internal
new file mode 100644
index 0000000..f954b63
--- /dev/null
+++ b/config/obr/named/master/bikecentum.com-internal
@@ -0,0 +1,28 @@
+; internal view of zone bikecentum.com
+
+$TTL 60
+
+@		IN	SOA	ns.bikecentum.com. admin.bikecentum.com. (
+				2015100804	; serial
+				3h		; refresh
+				15m		; retry
+				2w		; expire
+				60		; minimum TTL
+			)
+
+	IN	NS		ns.bikecentum.com.
+	IN	MX	10	smtp.bikecentum.com.
+	IN	TXT		"v=spf1 mx ip4:83.150.2.48/24 ~all"
+
+$ORIGIN bikecentum.com.
+
+	IN		A	192.168.1.15
+
+ns			A	192.168.1.1
+
+ftp			A	192.168.1.12
+imap			A	192.168.1.15
+pop			A	192.168.1.15
+smtp			A	192.168.1.15
+webmail			A	192.168.1.15
+www			A	192.168.1.15
diff --git a/config/obr/named/master/lan b/config/obr/named/master/lan
index 9d042ca..b0d12b6 100644
--- a/config/obr/named/master/lan
+++ b/config/obr/named/master/lan
@@ -5,10 +5,10 @@ $ORIGIN .
 $TTL 60
 
 lan	IN		SOA	obr.lan. root.obr.lan. (
-				2015033000	; serial
+				2016010800	; serial
 				3h		; refresh
 				15m		; retry
-				1w		; expire
+				2w		; expire
 				60		; minimum TTL
 			)
 
@@ -18,7 +18,7 @@ $ORIGIN lan.
 
 obr			A		192.168.1.1
 europa1			A		192.168.1.2
-europa4			A		192.168.1.5 
+eurobuild2		A		192.168.1.5 
 europa5			A		192.168.1.6
 europa6			A		192.168.1.7
 eeepc			A		192.168.1.8
@@ -26,9 +26,13 @@ eurodata		A		192.168.1.9
 eeepc-wifi		A		192.168.1.10
 euroserver		A		192.168.1.12
 europa10		A		192.168.1.13
-eurodock		A		192.168.1.14
+eurobuild1		A		192.168.1.14
 euroweb			A		192.168.1.15
-eurobeam		A		192.168.1.16
+europrint		A		192.168.1.16
 eurohp1			A		192.168.1.17
+eurobuild3		A		192.168.1.18
+euroobr			A		192.168.1.19
 wrt2			A		192.168.1.253
 wrt1			A		192.168.1.254
+iway-gateway		A		83.150.2.1
+rpmaster		CNAME		wrt2
diff --git a/config/obr/named/master/maschezuoz.ch-external b/config/obr/named/master/maschezuoz.ch-external
new file mode 100644
index 0000000..3efa1a3
--- /dev/null
+++ b/config/obr/named/master/maschezuoz.ch-external
@@ -0,0 +1,29 @@
+; external view of zone maschezuoz.ch
+
+$TTL 60
+
+@		IN	SOA	ns.maschezuoz.ch. admin.maschezuoz.ch. (
+				2015100901	; serial
+				3h		; refresh
+				15m		; retry
+				2w		; expire
+				60		; minimum TTL
+			)
+
+	IN	NS		d.ns.buddyns.com.
+	IN	NS		c.ns.buddyns.com.
+	IN	NS		f.ns.buddyns.com.
+	IN	MX	10	smtp.maschezuoz.ch.
+	IN	TXT		"v=spf1 mx ip4:83.150.2.48/24 ~all"
+
+
+$ORIGIN maschezuoz.ch.
+
+	IN	A		83.150.2.48
+
+ns	IN	A		83.150.2.48
+
+www	IN	A		83.150.2.48
+imap	IN	A		83.150.2.48
+smtp	IN	A		83.150.2.48
+webmail	IN	A		83.150.2.48
diff --git a/config/obr/named/master/maschezuoz.ch-internal b/config/obr/named/master/maschezuoz.ch-internal
new file mode 100644
index 0000000..cc10a70
--- /dev/null
+++ b/config/obr/named/master/maschezuoz.ch-internal
@@ -0,0 +1,26 @@
+; internal view of zone maschezuoz.ch
+
+$TTL 60
+
+@		IN	SOA	ns.maschezuoz.ch. admin.maschezuoz.ch. (
+				2015100901	; serial
+				3h		; refresh
+				15m		; retry
+				2w		; expire
+				60		; minimum TTL
+			)
+
+	IN	NS		ns.maschezuoz.ch.
+	IN	MX	10	smtp.maschezuoz.ch.
+	IN	TXT		"v=spf1 mx ip4:83.150.2.48/24 ~all"
+
+$ORIGIN maschezuoz.ch.
+
+	IN		A	192.168.1.15
+
+ns			A	192.168.1.1
+
+www			A	192.168.1.15
+smtp			A	192.168.1.15
+imap			A	192.168.1.15
+webmail			A	192.168.1.15
diff --git a/config/obr/named/master/patrickfrey.dyndns.org b/config/obr/named/master/patrickfrey.dyndns.org
deleted file mode 100644
index 39fbb04..0000000
--- a/config/obr/named/master/patrickfrey.dyndns.org
+++ /dev/null
@@ -1,17 +0,0 @@
-; reroute zone for patrickfrey.dyndns.org
-
-$TTL 60
-
-@		IN	SOA	ns.patrickfrey.dyndns.org. root.obr.lan. (
-				2015032200	; serial
-				3h		; refresh
-				15m		; retry
-				1w		; expire
-				60		; minimum TTL
-			)
-
-		NS		ns
-	IN	NS		ns.patrickfrey.dyndns.org.
-	IN	A		192.168.1.15
-ns	IN	A		192.168.1.15
-
diff --git a/config/obr/named/master/project-strus.net-internal b/config/obr/named/master/project-strus.net-internal
new file mode 100644
index 0000000..edce576
--- /dev/null
+++ b/config/obr/named/master/project-strus.net-internal
@@ -0,0 +1,25 @@
+; internal view of zone project-strus.net
+
+$TTL 60
+
+@		IN	SOA	ns.project-strus.net. admin.project-strus.net. (
+				2015120100	; serial
+				3h		; refresh
+				15m		; retry
+				2w		; expire
+				60		; minimum TTL
+			)
+
+	IN	NS		ns.project-strus.net.
+	IN	MX	10	mx02.easyname.eu.
+	IN	MX	10	mx01.easyname.eu.
+
+$ORIGIN project-strus.net.
+
+	IN		A	77.244.243.43
+
+ns			A	192.168.1.1
+
+www			A	77.244.243.43
+demo			CNAME	xs04.eurospider.ch.
+ellokal			A	192.168.1.15
diff --git a/config/obr/pf.conf b/config/obr/pf.conf
index a1c34fd..227bb52 100644
--- a/config/obr/pf.conf
+++ b/config/obr/pf.conf
@@ -93,8 +93,11 @@ pass in on $ext_if proto tcp from any to port 9418 rdr-to $euroweb
 anchor "ftp-proxy/*"
 pass in on $ext_if inet proto tcp to port 21 divert-to 127.0.0.1 port 8021
 pass out on $int_if inet proto tcp to $eurodata port 21 user proxy
+pass in on $ext_if inet proto tcp to port 2121 divert-to 127.0.0.1 port 8022
+pass out on $int_if inet proto tcp to $euroserver port 2121 user proxy
 pass in on $ext_if proto tcp from any to port 2221 rdr-to $euroweb port 22   
-pass in on $ext_if proto tcp from any to port 2222 rdr-to $euroserver port 22
 pass in on $ext_if proto tcp from any to port 2223 rdr-to $euroserver port 22
-pass in on $ext_if proto tcp from any to port 9000:9099 rdr-to $euroserver
+pass in on $ext_if proto tcp from any to port 8080 rdr-to $euroserver port 8080
+pass in on $ext_if proto tcp from any to port 8081 rdr-to $euroserver port 8081
+pass in on $ext_if proto tcp from any to port 5900:5999 rdr-to $euroserver
 pass in on $ext_if proto tcp from any to port 6881:6889 rdr-to $euroserver
author	Andreas Baumann <mail@andreasbaumann.cc>	2016-01-17 19:18:47 +0100
committer	Andreas Baumann <mail@andreasbaumann.cc>	2016-01-17 19:18:47 +0100
commit	a9b4889984b28d6898313c3175c910371cd4286b (patch)
tree	40667dee4f87f83d2455cccedb66bc75b2095773 /config
parent	80d36ae6bb350c09d6b39e8d177c029a668ab696 (diff)
download	OpenBSD-firewall-a9b4889984b28d6898313c3175c910371cd4286b.tar.gz OpenBSD-firewall-a9b4889984b28d6898313c3175c910371cd4286b.tar.bz2