diff options
Diffstat (limited to 'config/obr')
-rw-r--r-- | config/obr/badhosts | 598 | ||||
-rw-r--r-- | config/obr/dhcpd.conf | 28 | ||||
-rw-r--r-- | config/obr/nsd-external/zones/andreasbaumann.cc | 6 | ||||
-rw-r--r-- | config/obr/nsd-external/zones/maschezuoz.ch | 3 | ||||
-rw-r--r-- | config/obr/nsd-internal/zones/1.168.192.in-addr | 8 | ||||
-rw-r--r-- | config/obr/nsd-internal/zones/andreasbaumann.cc | 8 | ||||
-rw-r--r-- | config/obr/nsd-internal/zones/lan | 8 | ||||
-rw-r--r-- | config/obr/pf.conf | 41 | ||||
-rw-r--r-- | config/obr/rc.services | 4 | ||||
-rw-r--r-- | config/obr/relayd.conf | 14 | ||||
-rw-r--r-- | config/obr/unbound/etc/root.hints | 4 |
11 files changed, 692 insertions, 30 deletions
diff --git a/config/obr/badhosts b/config/obr/badhosts index e69de29..dc56d37 100644 --- a/config/obr/badhosts +++ b/config/obr/badhosts @@ -0,0 +1,598 @@ +# AhrefsBot +164.132.161.65 +54.36.148.0 +54.36.148.10 +54.36.148.101 +54.36.148.102 +54.36.148.103 +54.36.148.104 +54.36.148.107 +54.36.148.108 +54.36.148.11 +54.36.148.110 +54.36.148.111 +54.36.148.112 +54.36.148.113 +54.36.148.114 +54.36.148.115 +54.36.148.116 +54.36.148.117 +54.36.148.118 +54.36.148.119 +54.36.148.12 +54.36.148.121 +54.36.148.122 +54.36.148.123 +54.36.148.125 +54.36.148.126 +54.36.148.127 +54.36.148.128 +54.36.148.129 +54.36.148.13 +54.36.148.130 +54.36.148.131 +54.36.148.132 +54.36.148.133 +54.36.148.134 +54.36.148.136 +54.36.148.137 +54.36.148.138 +54.36.148.139 +54.36.148.140 +54.36.148.141 +54.36.148.142 +54.36.148.143 +54.36.148.144 +54.36.148.145 +54.36.148.146 +54.36.148.147 +54.36.148.148 +54.36.148.149 +54.36.148.15 +54.36.148.150 +54.36.148.151 +54.36.148.152 +54.36.148.153 +54.36.148.155 +54.36.148.156 +54.36.148.157 +54.36.148.158 +54.36.148.159 +54.36.148.160 +54.36.148.161 +54.36.148.162 +54.36.148.165 +54.36.148.166 +54.36.148.167 +54.36.148.168 +54.36.148.169 +54.36.148.17 +54.36.148.170 +54.36.148.171 +54.36.148.172 +54.36.148.173 +54.36.148.174 +54.36.148.175 +54.36.148.176 +54.36.148.177 +54.36.148.179 +54.36.148.18 +54.36.148.181 +54.36.148.182 +54.36.148.183 +54.36.148.184 +54.36.148.185 +54.36.148.186 +54.36.148.187 +54.36.148.188 +54.36.148.189 +54.36.148.19 +54.36.148.190 +54.36.148.192 +54.36.148.193 +54.36.148.194 +54.36.148.195 +54.36.148.196 +54.36.148.197 +54.36.148.198 +54.36.148.2 +54.36.148.200 +54.36.148.201 +54.36.148.202 +54.36.148.204 +54.36.148.205 +54.36.148.206 +54.36.148.209 +54.36.148.21 +54.36.148.210 +54.36.148.211 +54.36.148.212 +54.36.148.214 +54.36.148.215 +54.36.148.216 +54.36.148.217 +54.36.148.218 +54.36.148.219 +54.36.148.22 +54.36.148.220 +54.36.148.221 +54.36.148.222 +54.36.148.223 +54.36.148.224 +54.36.148.225 +54.36.148.226 +54.36.148.227 +54.36.148.229 +54.36.148.23 +54.36.148.231 +54.36.148.232 +54.36.148.233 +54.36.148.235 +54.36.148.236 +54.36.148.237 +54.36.148.238 +54.36.148.239 +54.36.148.24 +54.36.148.240 +54.36.148.241 +54.36.148.243 +54.36.148.244 +54.36.148.245 +54.36.148.246 +54.36.148.247 +54.36.148.248 +54.36.148.249 +54.36.148.25 +54.36.148.250 +54.36.148.252 +54.36.148.253 +54.36.148.254 +54.36.148.255 +54.36.148.26 +54.36.148.27 +54.36.148.28 +54.36.148.29 +54.36.148.3 +54.36.148.30 +54.36.148.31 +54.36.148.32 +54.36.148.33 +54.36.148.34 +54.36.148.35 +54.36.148.36 +54.36.148.37 +54.36.148.38 +54.36.148.4 +54.36.148.40 +54.36.148.41 +54.36.148.43 +54.36.148.44 +54.36.148.45 +54.36.148.46 +54.36.148.47 +54.36.148.48 +54.36.148.49 +54.36.148.5 +54.36.148.50 +54.36.148.51 +54.36.148.53 +54.36.148.54 +54.36.148.55 +54.36.148.56 +54.36.148.57 +54.36.148.58 +54.36.148.59 +54.36.148.6 +54.36.148.60 +54.36.148.61 +54.36.148.62 +54.36.148.63 +54.36.148.64 +54.36.148.65 +54.36.148.66 +54.36.148.67 +54.36.148.68 +54.36.148.69 +54.36.148.7 +54.36.148.70 +54.36.148.71 +54.36.148.73 +54.36.148.74 +54.36.148.75 +54.36.148.76 +54.36.148.77 +54.36.148.78 +54.36.148.8 +54.36.148.80 +54.36.148.81 +54.36.148.82 +54.36.148.83 +54.36.148.84 +54.36.148.85 +54.36.148.86 +54.36.148.88 +54.36.148.89 +54.36.148.9 +54.36.148.90 +54.36.148.91 +54.36.148.92 +54.36.148.93 +54.36.148.94 +54.36.148.96 +54.36.148.97 +54.36.148.98 +54.36.148.99 +54.36.149.0 +54.36.149.1 +54.36.149.10 +54.36.149.100 +54.36.149.101 +54.36.149.103 +54.36.149.104 +54.36.149.105 +54.36.149.106 +54.36.149.11 +54.36.149.12 +54.36.149.14 +54.36.149.16 +54.36.149.17 +54.36.149.18 +54.36.149.19 +54.36.149.2 +54.36.149.20 +54.36.149.21 +54.36.149.22 +54.36.149.23 +54.36.149.24 +54.36.149.25 +54.36.149.27 +54.36.149.28 +54.36.149.29 +54.36.149.30 +54.36.149.31 +54.36.149.33 +54.36.149.34 +54.36.149.36 +54.36.149.37 +54.36.149.38 +54.36.149.39 +54.36.149.40 +54.36.149.41 +54.36.149.42 +54.36.149.43 +54.36.149.44 +54.36.149.45 +54.36.149.46 +54.36.149.47 +54.36.149.48 +54.36.149.49 +54.36.149.50 +54.36.149.51 +54.36.149.52 +54.36.149.53 +54.36.149.55 +54.36.149.56 +54.36.149.57 +54.36.149.58 +54.36.149.6 +54.36.149.61 +54.36.149.62 +54.36.149.63 +54.36.149.64 +54.36.149.65 +54.36.149.66 +54.36.149.67 +54.36.149.69 +54.36.149.7 +54.36.149.70 +54.36.149.71 +54.36.149.72 +54.36.149.74 +54.36.149.75 +54.36.149.76 +54.36.149.77 +54.36.149.78 +54.36.149.79 +54.36.149.8 +54.36.149.80 +54.36.149.82 +54.36.149.83 +54.36.149.84 +54.36.149.85 +54.36.149.86 +54.36.149.87 +54.36.149.88 +54.36.149.89 +54.36.149.9 +54.36.149.90 +54.36.149.91 +54.36.149.92 +54.36.149.94 +54.36.149.95 +54.36.149.96 +54.36.149.97 +54.36.149.99 +# Semrush +185.191.171.11 +185.191.171.12 +185.191.171.13 +185.191.171.15 +185.191.171.17 +185.191.171.19 +185.191.171.20 +185.191.171.22 +185.191.171.26 +185.191.171.3 +185.191.171.4 +185.191.171.41 +185.191.171.43 +185.191.171.45 +185.191.171.7 +185.191.171.8 +# Adsbot +216.18.204.206 +# PetalBot/Spiegel is just not tamable but via an explicit ban +114.119.128.10 +114.119.128.127 +114.119.128.218 +114.119.128.244 +114.119.129.199 +114.119.129.25 +114.119.129.254 +114.119.129.4 +114.119.130.12 +114.119.130.147 +114.119.130.151 +114.119.130.168 +114.119.130.30 +114.119.130.57 +114.119.130.96 +114.119.131.166 +114.119.131.197 +114.119.131.42 +114.119.131.92 +114.119.132.104 +114.119.132.131 +114.119.132.146 +114.119.132.36 +114.119.132.43 +114.119.132.52 +114.119.132.70 +114.119.133.12 +114.119.133.14 +114.119.133.161 +114.119.133.166 +114.119.133.190 +114.119.133.26 +114.119.133.89 +114.119.134.155 +114.119.134.156 +114.119.134.159 +114.119.134.161 +114.119.134.165 +114.119.134.207 +114.119.134.208 +114.119.134.64 +114.119.134.72 +114.119.135.169 +114.119.135.172 +114.119.135.206 +114.119.135.209 +114.119.135.217 +114.119.135.229 +114.119.135.92 +114.119.136.109 +114.119.136.113 +114.119.136.138 +114.119.136.150 +114.119.136.176 +114.119.136.190 +114.119.136.246 +114.119.136.69 +114.119.136.72 +114.119.136.75 +114.119.136.87 +114.119.136.92 +114.119.137.103 +114.119.137.122 +114.119.137.123 +114.119.137.125 +114.119.137.141 +114.119.137.145 +114.119.137.146 +114.119.137.153 +114.119.137.167 +114.119.137.211 +114.119.137.217 +114.119.137.224 +114.119.137.230 +114.119.137.249 +114.119.137.64 +114.119.137.67 +114.119.137.70 +114.119.138.117 +114.119.138.183 +114.119.138.185 +114.119.138.199 +114.119.138.210 +114.119.138.226 +114.119.138.5 +114.119.138.74 +114.119.138.77 +114.119.139.134 +114.119.139.174 +114.119.139.198 +114.119.139.207 +114.119.139.217 +114.119.139.42 +114.119.140.115 +114.119.140.179 +114.119.140.234 +114.119.140.237 +114.119.140.73 +114.119.140.79 +114.119.141.15 +114.119.141.2 +114.119.141.201 +114.119.141.217 +114.119.141.27 +114.119.141.30 +114.119.141.35 +114.119.141.42 +114.119.141.69 +114.119.141.77 +114.119.141.80 +114.119.141.93 +114.119.142.12 +114.119.142.179 +114.119.142.183 +114.119.142.63 +114.119.142.99 +114.119.143.101 +114.119.143.123 +114.119.143.151 +114.119.143.209 +114.119.143.252 +114.119.143.39 +114.119.143.68 +114.119.144.24 +114.119.144.29 +114.119.144.31 +114.119.144.42 +114.119.144.63 +114.119.144.65 +114.119.144.80 +114.119.145.115 +114.119.145.129 +114.119.145.150 +114.119.145.188 +114.119.145.19 +114.119.145.194 +114.119.145.235 +114.119.145.237 +114.119.145.25 +114.119.145.37 +114.119.145.5 +114.119.145.56 +114.119.145.66 +114.119.145.86 +114.119.145.89 +114.119.146.101 +114.119.146.129 +114.119.146.145 +114.119.146.15 +114.119.146.206 +114.119.146.211 +114.119.146.229 +114.119.146.37 +114.119.146.4 +114.119.146.70 +114.119.146.95 +114.119.146.98 +114.119.147.152 +114.119.147.246 +114.119.147.248 +114.119.147.32 +114.119.147.39 +114.119.147.47 +114.119.147.81 +114.119.148.1 +114.119.148.13 +114.119.148.154 +114.119.148.17 +114.119.148.189 +114.119.148.4 +114.119.148.47 +114.119.149.116 +114.119.149.118 +114.119.149.157 +114.119.149.159 +114.119.149.171 +114.119.149.2 +114.119.149.228 +114.119.149.23 +114.119.149.3 +114.119.150.155 +114.119.150.170 +114.119.150.215 +114.119.150.29 +114.119.150.38 +114.119.151.152 +114.119.151.184 +114.119.151.208 +114.119.151.60 +114.119.151.82 +114.119.152.148 +114.119.152.171 +114.119.152.23 +114.119.152.235 +114.119.152.30 +114.119.152.5 +114.119.152.59 +114.119.152.73 +114.119.152.77 +114.119.153.108 +114.119.153.121 +114.119.153.132 +114.119.153.191 +114.119.153.209 +114.119.153.215 +114.119.153.232 +114.119.153.242 +114.119.153.253 +114.119.153.97 +114.119.154.124 +114.119.154.14 +114.119.154.155 +114.119.154.166 +114.119.154.189 +114.119.154.237 +114.119.154.252 +114.119.155.10 +114.119.155.145 +114.119.155.2 +114.119.155.200 +114.119.155.210 +114.119.155.23 +114.119.155.236 +114.119.155.69 +114.119.155.70 +114.119.155.78 +114.119.155.79 +114.119.156.111 +114.119.156.120 +114.119.156.126 +114.119.156.134 +114.119.156.138 +114.119.156.144 +114.119.156.146 +114.119.156.165 +114.119.156.227 +114.119.156.23 +114.119.156.233 +114.119.156.38 +114.119.156.59 +114.119.156.86 +114.119.157.111 +114.119.157.152 +114.119.157.166 +114.119.157.174 +114.119.157.177 +114.119.157.195 +114.119.157.196 +114.119.157.20 +114.119.157.217 +114.119.157.237 +114.119.157.245 +114.119.157.250 +114.119.157.36 +114.119.158.157 +114.119.158.217 +114.119.158.234 +114.119.158.36 +114.119.158.83 +114.119.159.228 +114.119.159.254 +114.119.159.58 +114.119.159.6 +114.119.159.79 diff --git a/config/obr/dhcpd.conf b/config/obr/dhcpd.conf index 546afd1..6e4450d 100644 --- a/config/obr/dhcpd.conf +++ b/config/obr/dhcpd.conf @@ -65,7 +65,7 @@ shared-network LAN { } host eurobuild1 { - hardware ethernet 00:40:05:a1:32:56; + hardware ethernet 00:13:20:62:0b:36; fixed-address 192.168.1.14; } @@ -149,6 +149,23 @@ shared-network LAN { filename "pxelinux.0"; } + host eurobuild6-8-i486 { + hardware ethernet 52:54:00:79:61:ea; + fixed-address 192.168.1.39; + filename "pxelinux.0"; + } + + host eurobuild3-i486 { + hardware ethernet 52:54:00:e5:c4:a1; + fixed-address 192.168.1.40; + filename "pxelinux.0"; + } + + host eurobuild3-pfrey-mewa { + hardware ethernet 52:54:00:6f:b0:77; + fixed-address 192.168.1.41; + } + host i486test { hardware ethernet 52:54:00:32:AD:3A; fixed-address 192.168.1.28; @@ -172,7 +189,7 @@ shared-network LAN { } host eurobuild9 { - hardware ethernet b2:d0:43:ac:e8:12; + hardware ethernet b8:27:eb:44:4b:07; fixed-address 192.168.1.32; } @@ -196,10 +213,17 @@ shared-network LAN { fixed-address 192.168.1.37; } + host euroweb3 { + hardware ethernet 00:00:24:d1:dc:a8; + fixed-address 192.168.1.38; + } + host wrt1 { hardware ethernet 00:22:6B:73:CA:EC; fixed-address 192.168.1.254; } + + } } diff --git a/config/obr/nsd-external/zones/andreasbaumann.cc b/config/obr/nsd-external/zones/andreasbaumann.cc index 5c6348c..75c667b 100644 --- a/config/obr/nsd-external/zones/andreasbaumann.cc +++ b/config/obr/nsd-external/zones/andreasbaumann.cc @@ -3,7 +3,7 @@ $TTL 60 @ IN SOA ns.andreasbaumann.cc. admin.andreasbaumann.cc. ( - 2020020101 ; serial + 2021041500 ; serial 3h ; refresh 15m ; retry 2w ; expire @@ -37,6 +37,4 @@ webmail IN A 83.150.2.48 git IN A 83.150.2.48 mon IN A 83.150.2.48 archlinux32 IN A 83.150.2.48 - -; this is hosted at GoDaddy -backup IN A 192.186.235.194 +libraries IN A 83.150.2.48 diff --git a/config/obr/nsd-external/zones/maschezuoz.ch b/config/obr/nsd-external/zones/maschezuoz.ch index e3314e5..9828ca1 100644 --- a/config/obr/nsd-external/zones/maschezuoz.ch +++ b/config/obr/nsd-external/zones/maschezuoz.ch @@ -3,7 +3,7 @@ $TTL 60 @ IN SOA ns.maschezuoz.ch. admin.maschezuoz.ch. ( - 2019032601 ; serial + 2020121200 ; serial 3h ; refresh 15m ; retry 2w ; expire @@ -26,7 +26,6 @@ $ORIGIN maschezuoz.ch. ns IN A 83.150.2.48 www IN A 83.150.2.48 -www-joomla IN A 83.150.2.48 imap IN A 83.150.2.48 smtp IN A 83.150.2.48 webmail IN A 83.150.2.48 diff --git a/config/obr/nsd-internal/zones/1.168.192.in-addr b/config/obr/nsd-internal/zones/1.168.192.in-addr index 3fdbbb1..b643d47 100644 --- a/config/obr/nsd-internal/zones/1.168.192.in-addr +++ b/config/obr/nsd-internal/zones/1.168.192.in-addr @@ -5,7 +5,7 @@ $ORIGIN . $TTL 60 1.168.192.in-addr.arpa IN SOA obr.lan. root.obr.lan. ( - 2020080600 ; serial + 2021041500 ; serial 3h ; refresh 15m ; retry 2w ; expire @@ -48,3 +48,9 @@ $ORIGIN 1.168.192.in-addr.arpa. 35 IN PTR eurobuild6-7-i486.lan. 36 IN PTR eurobuild10.lan. 37 IN PTR eurobuild11.lan. +38 IN PTR euroweb3.lan. +39 IN PTR eurobuild6-8-i486.lan. +40 IN PTR eurobuild3-i486.lan. +41 IN PTR eurobuild3-pfrey-mewa.lan. +42 IN PTR eurobuild3-libraries.lan. +254 IN PTR wrt1.lan. diff --git a/config/obr/nsd-internal/zones/andreasbaumann.cc b/config/obr/nsd-internal/zones/andreasbaumann.cc index 3b4c45b..184b30e 100644 --- a/config/obr/nsd-internal/zones/andreasbaumann.cc +++ b/config/obr/nsd-internal/zones/andreasbaumann.cc @@ -3,7 +3,7 @@ $TTL 60 @ IN SOA ns.andreasbaumann.cc. root.andreasbaumann.cc. ( - 2020020102 ; serial + 2021060200 ; serial 3h ; refresh 15m ; retry 2w ; expire @@ -29,8 +29,6 @@ webmail A 192.168.1.15 www A 192.168.1.15 git A 192.168.1.15 archlinux32 A 192.168.1.15 -;archlinux32 A 192.168.1.22 -mon A 192.168.1.33 +mon A 192.168.1.15 +libraries A 192.168.1.42 -; hosted at godaddy -backup A 192.186.235.194 diff --git a/config/obr/nsd-internal/zones/lan b/config/obr/nsd-internal/zones/lan index fcd77a0..172028b 100644 --- a/config/obr/nsd-internal/zones/lan +++ b/config/obr/nsd-internal/zones/lan @@ -5,7 +5,7 @@ $ORIGIN . $TTL 60 lan IN SOA obr.lan. root.obr.lan. ( - 2020101200 ; serial + 2021041500 ; serial 3h ; refresh 15m ; retry 2w ; expire @@ -48,4 +48,10 @@ eurobuild6 A 192.168.1.34 eurobuild6-7-i486 A 192.168.1.35 eurobuild10 A 192.168.1.36 eurobuild11 A 192.168.1.37 +euroweb3 A 192.168.1.38 +eurobuild6-8-i486 A 192.168.1.39 +eurobuild3-i486 A 192.168.1.40 +eurobuild3-pfrey-mewa A 192.168.1.41 +eurobuild3-libraries A 192.168.1.42 +wrt1 A 192.168.1.254 iway-gateway A 83.150.2.1 diff --git a/config/obr/pf.conf b/config/obr/pf.conf index 0640334..8cc7c3f 100644 --- a/config/obr/pf.conf +++ b/config/obr/pf.conf @@ -26,7 +26,7 @@ eurobuild3 = 192.168.1.12 eurobuild4 = 192.168.1.18 eurobuild5 = 192.168.1.21 eurobuild6 = 192.168.1.34 -euroweb2 = 192.168.1.22 +eurobuild3pfreymewa = 192.168.1.41 eurodata = 192.168.1.9 euroweb = 192.168.1.15 euromac = 192.168.1.20 @@ -89,6 +89,33 @@ block quick from <bruteforce> pass in on $ext_if proto tcp from any to ($ext_if) port ssh keep state \ (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2221 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2222 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2223 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2224 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2225 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2226 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2227 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2228 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) +pass in on $ext_if proto tcp from any to ($ext_if) port 2229 keep state \ + (max-src-conn 5, max-src-conn-rate 10/20, overload <bruteforce> \ + flush global) # allow everything on the bridge pass on $DMZ_if all @@ -113,15 +140,17 @@ pass out on $int_if inet proto tcp to $eurodata port 21 user _ftp_proxy pass in on $ext_if inet proto tcp to port 2121 divert-to 127.0.0.1 port 8022 pass out on $int_if inet proto tcp to $eurobuild3 port 2121 user _ftp_proxy pass in on $ext_if proto tcp from any to port 2221 rdr-to $euroweb port 22 -pass in on $ext_if proto tcp from any to port 2222 rdr-to $eurodata port 22 +#pass in on $ext_if proto tcp from any to port 2222 rdr-to $eurodata port 22 pass in on $ext_if proto tcp from any to port 2223 rdr-to $eurobuild3 port 22 -pass in on $ext_if proto tcp from any to port 2224 rdr-to $eurobuild4 port 22 -pass in on $ext_if proto tcp from any to port 2225 rdr-to $eurobuild5 port 22 -pass in on $ext_if proto tcp from any to port 2226 rdr-to $euromac port 22 -pass in on $ext_if proto tcp from any to port 2227 rdr-to $euroweb2 port 22 +#pass in on $ext_if proto tcp from any to port 2224 rdr-to $eurobuild4 port 22 +#pass in on $ext_if proto tcp from any to port 2225 rdr-to $eurobuild5 port 22 +#pass in on $ext_if proto tcp from any to port 2226 rdr-to $euromac port 22 +#pass in on $ext_if proto tcp from any to port 2227 rdr-to $eurobuild3pfreymewa port 22 pass in on $ext_if proto tcp from any to port 2228 rdr-to $eurobuild6 port 22 pass in on $ext_if proto tcp from any to port 5999 rdr-to $euromac port 5900 pass in on $ext_if proto tcp from any to port 5900:5998 rdr-to $eurobuild3 +pass in on $ext_if proto tcp from any to port 5912 rdr-to $eurobuild6 port 5902 +pass in on $ext_if proto tcp from any to port 5914 rdr-to $eurobuild6 port 5904 pass in on $ext_if proto tcp from any to port 6881:6889 rdr-to $eurobuild3 pass in on $ext_if proto tcp from any to port 9981:9982 rdr-to $eurobuild3 pass in on $ext_if proto tcp from any to port 8080 rdr-to $eurobuild3 diff --git a/config/obr/rc.services b/config/obr/rc.services index 1ae324e..229cad5 100644 --- a/config/obr/rc.services +++ b/config/obr/rc.services @@ -17,8 +17,8 @@ chown _dhcp:_dhcp /var/db/dhcpd.leases /usr/sbin/dhcpd -c /etc/dhcpd.conf vr2 echo ftp-proxy: starting FTP proxy... -/usr/sbin/ftp-proxy -R 192.168.1.9 -p 8021 -/usr/sbin/ftp-proxy -R 192.168.1.12 -p 8022 +/usr/sbin/ftp-proxy -R 192.168.1.9 -r -p 8021 +/usr/sbin/ftp-proxy -R 192.168.1.12 -r -p 8022 echo relayd: starting reverse proxy... /usr/sbin/relayd diff --git a/config/obr/relayd.conf b/config/obr/relayd.conf index 425a064..4d76c5d 100644 --- a/config/obr/relayd.conf +++ b/config/obr/relayd.conf @@ -9,8 +9,6 @@ log state changes EXT_IF = 83.150.2.48 table <euroweb> { euroweb.lan } -table <euroserver> { euroserver.lan } -table <euromon> { euromon.lan } http protocol "http_protocol" { @@ -45,7 +43,7 @@ http protocol "http_protocol" { match request quick header "Host" value "cloud.andreasbaumann.cc" \ forward to <euroweb> no tag match request quick header "Host" value "mon.andreasbaumann.cc" \ - forward to <euromon> no tag + forward to <euroweb> no tag match request quick header "Host" value "imap.andreasbaumann.cc" \ forward to <euroweb> no tag match request quick header "Host" value "imap.maschezuoz.ch" \ @@ -64,6 +62,14 @@ http protocol "http_protocol" { forward to <euroweb> no tag match request quick header "Host" value "openbsd-firewall.org" \ forward to <euroweb> no tag + match request quick header "Host" value "libraries.andreasbaumann.cc" \ + forward to <euroweb> no tag + match request quick header "Host" value "kapuzbib.eurospider.com" \ + forward to <euroweb> no tag + match request quick header "Host" value "staluzern-old.eurospider.com" \ + forward to <euroweb> no tag + match request quick header "Host" value "zhbluzern-old.eurospider.com" \ + forward to <euroweb> no tag block request tagged disallowed_host label "BAD host" } @@ -73,7 +79,5 @@ relay http_relay { protocol http_protocol forward to <euroweb> port 80 - forward to <euroserver> port 80 - forward to <euromon> port 80 } diff --git a/config/obr/unbound/etc/root.hints b/config/obr/unbound/etc/root.hints index a0f7fab..ba64d70 100644 --- a/config/obr/unbound/etc/root.hints +++ b/config/obr/unbound/etc/root.hints @@ -9,8 +9,8 @@ ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET ; -; last update: September 14, 2020 -; related version of root zone: 2020091401 +; last update: May 27, 2021 +; related version of root zone: 2021052701 ; ; FORMERLY NS.INTERNIC.NET ; |