Update mxrouter #351

We don't use ipv6 currently. There might be problems if ipv6 routing is enabled, e.g. potential reachability without the appropriate filewall rules. For now, just don't enable it.

Currently, when a vlan interface is created on the host system (e.g. with mxvlan) and moved to the mxrouter instance with interface(), it gets deleted, because it is recogized visible as a vlan interface in the router namespace but not configured via vlan(). Ignore existing vlan interfaces which are configured into the router namespace via interface().

This adds a `veth(NAME)` config call which creates a pair of connected veth devices, one in the default namespace and the other one on the router namespace, both with the same name. This can be used, for example, to create interfaces on the host for VMs with the traffic routed through a mxrouter instance. Example: interface('vlan.irouter'); ip('vlan.irouter','172.19.141.2/24'); route('default','172.19.141.1'); veth('veth.variation'); my $NET_VARIATION = '172.19.118.0/24'; ip('veth.variation', '172.19.118.1/24'); my $NET_WISNET='141.14.16.0/20'; rule('filter','FORWARD',"-m state --state ESTABLISHED,RELATED -j ACCEPT"); rule('filter','FORWARD','-p icmp --icmp-type 8 -j ACCEPT'); # ping rule('filter','FORWARD',"-d $NET_VARIATION -j variation-out"); rule('filter','variation-out',"-s $NET_WISNET -p tcp --dport 22 -j ACCEPT"); # ssh rule('filter','variation-out',"-j DROP"); rule('filter','FORWARD',"-j ACCEPT");

Update mxrouter #351

Update mxrouter #351

Commits on Sep 22, 2023