brnet/bird_config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

inet4

Browse Source
This commit is contained in:
gaoyuheng
2026-01-26 12:28:08 +08:00
parent 7602aae2a0
commit 2891ac911e
2 changed files with 54 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bird/net/unet.conf
View File

@@ -1,7 +1,7 @@
# 公网处理 => inet4/6 # 公网处理 => inet4/6
protocol pipe unet4_inet4_sync { protocol pipe unet4_inet4_sync {
table unet4; table unet4;
peer table master4; peer table inet4;
export filter { export filter {
if bgp_large_community ~ [(UNET_ASN, 3,*)] then reject; if bgp_large_community ~ [(UNET_ASN, 3,*)] then reject;
if is_bogon_prefix() then reject; if is_bogon_prefix() then reject;

68
ip-policy-rules
View File

@@ -1,17 +1,16 @@
#!/sbin/openrc-run #!/sbin/openrc-run
description="Custom IP Policy Route for Alpine"
description="Custom IP Policy Route Rules for Alpine"
depend() { depend() {
need net networking need net networking
after net-online after net-online
trigger on restart networking trigger on restart networking
} }
trigger() { trigger() {
case "$1" in case "$1" in
restart) restart)
ebegin "Triggered by networking restart, reloading IP policy rules" ebegin "Triggered by network restart, reloading IP policy rules"
restart restart
eend $? eend $?
;; ;;
@@ -22,21 +21,52 @@ trigger() {
esac esac
} }
#空格来分隔不同的前缀
ALL_TUNNEL_SUBNETS="44.32.191.0/24"
BASE_PRIORITY=200
LAN_SUBNET_V4="172.20.0.0/14"
LAN_SUBNET_V6_FD="fd00::/8"
TUNNEL_SUBNET_V6="2000::/3"
add_rules() {
local current_prio=${BASE_PRIORITY}
for subnet in ${ALL_TUNNEL_SUBNETS}; do
ip rule add from ${subnet} lookup 102 priority ${current_prio} 2>/dev/null
ip rule add to ${subnet} lookup 102 priority $((current_prio + 1)) 2>/dev/null
current_prio=$((current_prio + 2))
done
ip rule add from ${LAN_SUBNET_V4} to ${LAN_SUBNET_V4} lookup 105 priority ${current_prio} 2>/dev/null
current_prio=$((current_prio + 10))
ip -6 rule add from ${TUNNEL_SUBNET_V6} to ${TUNNEL_SUBNET_V6} lookup 102 priority ${BASE_PRIORITY} 2>/dev/null
ip -6 rule add from ${LAN_SUBNET_V6_FD} to ${LAN_SUBNET_V6_FD} lookup 105 priority $((BASE_PRIORITY + 10)) 2>/dev/null
}
del_rules() {
local current_prio=${BASE_PRIORITY}
for subnet in ${ALL_TUNNEL_SUBNETS}; do
ip rule del from ${subnet} lookup 102 priority ${current_prio} 2>/dev/null
ip rule del to ${subnet} lookup 102 priority $((current_prio + 1)) 2>/dev/null
current_prio=$((current_prio + 2))
done
ip rule del from ${LAN_SUBNET_V4} to ${LAN_SUBNET_V4} lookup 105 priority ${current_prio} 2>/dev/null
current_prio=$((current_prio + 10))
ip -6 rule del from ${TUNNEL_SUBNET_V6} to ${TUNNEL_SUBNET_V6} lookup 102 priority ${BASE_PRIORITY} 2>/dev/null
ip -6 rule del from ${LAN_SUBNET_V6_FD} to ${LAN_SUBNET_V6_FD} lookup 105 priority $((BASE_PRIORITY + 10)) 2>/dev/null
}
start() { start() {
ebegin "Loading custom IP policy rules" ebegin "Loading static IP policy rules (tunnel + downstream)"
ip rule add from 44.32.191.0/24 to 0.0.0.0/0 lookup 102 priority 200 add_rules
ip rule add from 172.20.0.0/14 to 172.20.0.0/14 lookup 105 priority 300
ip -6 rule add from 2000::/3 to 2000::/3 lookup 102 priority 200
ip -6 rule add from fd00::/8 to fd00::/8 lookup 105 priority 300
eend $? "Failed to load IP policy rules" eend $? "Failed to load IP policy rules"
} }
stop() { stop() {
ebegin "Removing custom IP policy rules" ebegin "Removing static IP policy rules (tunnel + downstream)"
ip rule del from 44.32.191.0/24 to 0.0.0.0/0 lookup 102 priority 200 del_rules
ip rule del from 172.20.0.0/14 to 172.20.0.0/14 lookup 105 priority 300
ip -6 rule del from 2000::/3 to 2000::/3 lookup 102 priority 200
ip -6 rule del from fd00::/8 to fd00::/8 lookup 105 priority 300
eend $? "Failed to remove IP policy rules" eend $? "Failed to remove IP policy rules"
} }
@@ -44,4 +74,12 @@ restart() {
stop stop
sleep 1 sleep 1
start start
}
reload() {
ebegin "Refreshing static IP policy rules"
del_rules
sleep 0.5
add_rules
eend $? "Failed to refresh IP policy rules"
} }