Mirrors
/
aredn
mirror of https://github.com/aredn/aredn.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Find the closest supernode, not the first (#1229) 

* Find the closest supernode, not the first

* Support DNS queries coming from the supernode network
This commit is contained in:
Tim Wilkinson 2024-05-29 19:59:29 -07:00 committed by GitHub
parent da71e6e26b
commit fde3b08367
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
files/etc/cron.hourly/check-supernodes
View File

@ -51,17 +51,28 @@ if c:get("aredn", "@supernode[0]", "support") == "0" then
os.exit(0)
end
-- Find the first supernode to use as a nameserver
local dns = ""
-- Find the closest supernode to use as a nameserver
local sn = {}
for _, hna in ipairs(aredn.olsr.getOLSRHNA())
do
if hna.genmask == 8 and hna.destination == "10.0.0.0" then
dns = "#" .. hna.gateway .. "\nserver=/local.mesh/" .. hna.gateway .. "\nrev-server=10.0.0.0/8," .. hna.gateway .. "\nrev-server=172.31.0.0/16," .. hna.gateway .. "\nrev-server=172.30.0.0/16," .. hna.gateway .. "\n"
sn[hna.gateway] = true
break
end
end
local best = { destination = nil, etx = 99999999 }
for _, route in ipairs(aredn.olsr.getOLSRRoutes())
do
if sn[route.destination] and route.etx < best.etx then
best = route
end
end
if not best.destination then
os.exit(0)
end
-- Updae the dns and restart network if necessary
-- Update the dns and restart network if necessary
local dns = "#" .. best.destination .. "\nserver=/local.mesh/" .. best.destination .. "\nrev-server=10.0.0.0/8," ..best.destination .. "\nrev-server=172.31.0.0/16," .. best.destination .. "\nrev-server=172.30.0.0/16," .. best.destination .. "\n"
local odns = ""
local f = io.open(dns_file)
if f then

4
files/etc/local/mesh-firewall/13-supernode-rules
View File

@ -36,6 +36,8 @@ SUPERNODE_ENABLE=$(/sbin/uci -q get aredn.@supernode[0].enable)
if [ "${SUPERNODE_ENABLE}" = "1" ]; then
nft insert rule ip fw4 input_dtdlink udp dport 53 accept comment \"dns access\" 2> /dev/null
nft insert rule ip fw4 input_dtdlink tcp dport 53 accept comment \"dns access\" > /dev/null
nft insert rule ip fw4 input_dtdlink tcp dport 53 accept comment \"dns access\" 2> /dev/null
nft insert rule ip fw4 input_vpn udp dport 53 accept comment \"dns access\" 2> /dev/null
nft insert rule ip fw4 input_vpn tcp dport 53 accept comment \"dns access\" 2> /dev/null
ip route add blackhole 10.0.0.0/8 table 30
fi