From b2d136ae8a68888f98d36ec34d1705f14b779f1b Mon Sep 17 00:00:00 2001 From: daxi20 Date: Sun, 2 Nov 2025 13:24:07 +0800 Subject: [PATCH] =?UTF-8?q?=E5=88=A0=E9=99=A4DN42=E7=9B=B8=E5=85=B3?= =?UTF-8?q?=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bird/bird.conf | 8 ----- bird/conf/dn42.conf | 41 --------------------- bird/function/dn42.conf | 31 ---------------- bird/function/unet.conf | 4 +-- bird/net/dn42.conf | 65 --------------------------------- bird/vars.conf | 4 --- update.sh | 79 ++++++++++------------------------------- 7 files changed, 20 insertions(+), 212 deletions(-) delete mode 100644 bird/conf/dn42.conf delete mode 100644 bird/function/dn42.conf delete mode 100644 bird/net/dn42.conf diff --git a/bird/bird.conf b/bird/bird.conf index f130d8c..0ac909f 100644 --- a/bird/bird.conf +++ b/bird/bird.conf @@ -12,10 +12,6 @@ protocol kernel { import none; export filter { if source = RTS_STATIC then reject; - if dn42_is_valid_network_v6() then { # 检查DN42自有网段 - krt_prefsrc = DN42_V6_kernel; - accept; - } if !is_bogon_prefix() then { krt_prefsrc = LOCAL_V6_kernel; accept; @@ -31,10 +27,6 @@ protocol kernel { import none; export filter { if source = RTS_STATIC then reject; - if dn42_is_valid_network() then { # 检查DN42自有网段 - krt_prefsrc = DN42_V4_kernel; - accept; - } if unet_is_valid_network_v4() then { # 检查UNET自有网段 krt_prefsrc = UNET_V4_kernel; accept; diff --git a/bird/conf/dn42.conf b/bird/conf/dn42.conf deleted file mode 100644 index 54706ae..0000000 --- a/bird/conf/dn42.conf +++ /dev/null @@ -1,41 +0,0 @@ -function dn42_is_self_net() { - return net ~ [ - 172.20.21.0/26+ - ]; -} - -protocol static route_dn42_export_v4 { - route 172.20.21.0/26 reject; - - ipv4 { - table dn42v4; - import filter { - bgp_large_community.add((DN42_ASN,3,0));# 不允许导出到内核 - bgp_large_community.add((DN42_ASN,1,0));# 不允许传输到ibgp - bgp_large_community.add((DN42_ASN,200,0));# 传输到Ebgp - accept; - }; - export none; - }; -} - - -function dn42_is_self_net_v6() { - return net ~ [ - fde8:936e:ee29::/48+ - ]; -} - -protocol static route_dn42_export_v6 { - route fde8:936e:ee29::/48 reject; - ipv6 { - table dn42v6; - import filter { - bgp_large_community.add((DN42_ASN,3,0));# 不允许导出到内核 - bgp_large_community.add((DN42_ASN,1,0));# 不允许传输到ibgp - bgp_large_community.add((DN42_ASN,200,0));# 传输到Ebgp - accept; - }; - export none; - }; -} diff --git a/bird/function/dn42.conf b/bird/function/dn42.conf deleted file mode 100644 index 619be62..0000000 --- a/bird/function/dn42.conf +++ /dev/null @@ -1,31 +0,0 @@ -ipv4 table dn42v4; -ipv6 table dn42v6; - -function dn42_is_valid_network() { - return net ~ [ - 172.20.0.0/14+ - ]; -} - -function dn42_is_valid_network_v6() { - return net ~ [ - fd00::/8+ - ]; -} - -protocol pipe dn42v4_sync { - table dn42v4; - peer table master4; - export filter { - if bgp_large_community ~ [(DN42_ASN, 3,*)] then reject; - accept; - }; -} -protocol pipe dn42v6_sync { - table dn42v6; - peer table master6; - export filter { - if bgp_large_community ~ [(DN42_ASN, 3,*)] then reject; - accept; - }; -} \ No newline at end of file diff --git a/bird/function/unet.conf b/bird/function/unet.conf index c535550..d1abd98 100644 --- a/bird/function/unet.conf +++ b/bird/function/unet.conf @@ -12,7 +12,6 @@ function unet_is_valid_network_v4() { function unet_is_valid_network_v4_anynet() { return net ~ [ - 172.20.21.0/26+, 44.32.191.0/24+ ]; } @@ -26,8 +25,7 @@ function unet_is_valid_network_v4_allnet(){ function unet_is_voalid_net_v6(){ return net ~ [ 2406:840:e600::/44{44,64}, - 2a0f:1cc5:0010::/44{44,64}, - fde8:936e:ee29::/48+ + 2a0f:1cc5:0010::/44{44,64} ]; } diff --git a/bird/net/dn42.conf b/bird/net/dn42.conf deleted file mode 100644 index 4cb00a8..0000000 --- a/bird/net/dn42.conf +++ /dev/null @@ -1,65 +0,0 @@ -template bgp dn42_bgp_up { - graceful restart; - local as DN42_ASN; - ipv4 { - table dn42v4; - import filter { - if dn42_is_valid_network() && !dn42_is_self_net() then accept; - reject; - }; - export filter { if dn42_is_valid_network() && source ~ [RTS_STATIC, RTS_BGP] then accept; else reject; }; - import limit 9000 action block; - }; - ipv6 { - table dn42v6; - import filter { - if dn42_is_valid_network_v6() && !dn42_is_self_net_v6() then accept; - reject; - }; - export filter { if dn42_is_valid_network_v6() && source ~ [RTS_STATIC, RTS_BGP] then accept; else reject; }; - import limit 9000 action block; - }; -} - -template bgp dn42_ibgp { - graceful restart; - local as DN42_ASN; - med metric; - direct; - ipv4 { - table dn42v4; - next hop self; - gateway direct; - import filter { - if bgp_large_community ~ [(DN42_ASN, 1,*)] then reject; - if !dn42_is_valid_network() then reject; - if dn42_is_self_net() then reject; - accept; - }; - export filter { - if bgp_large_community ~ [(DN42_ASN, 1,*)] then reject; - if !dn42_is_valid_network() then reject; - if dn42_is_self_net() then reject; - accept; - }; - }; - ipv6 { - table dn42v6; - next hop self; - gateway direct; - import filter { - if bgp_large_community ~ [(DN42_ASN, 1,*)] then reject; - if !dn42_is_valid_network_v6() then reject; - if dn42_is_self_net_v6() then reject; - accept; - }; - export filter { - if bgp_large_community ~ [(DN42_ASN, 1,*)] then reject; - if !dn42_is_valid_network_v6() then reject; - if dn42_is_self_net_v6() then reject; - accept; - }; - }; -} - -include "/etc/bird/peers/dn42/*.conf"; \ No newline at end of file diff --git a/bird/vars.conf b/bird/vars.conf index 66be0fe..b041e01 100644 --- a/bird/vars.conf +++ b/bird/vars.conf @@ -2,10 +2,6 @@ define LOCAL_ASN = 153376; define LOCAL_V4_kernel = 44.32.191.7; define LOCAL_V6_kernel = 2406:840:e603::1; -define DN42_ASN = 4242423376; -define DN42_V4_kernel = 172.20.21.2; -define DN42_V6_kernel = fde8:936e:ee29::1; - define UNET_ASN = 4218818801; define UNET_V4_kernel = 10.188.6.2; diff --git a/update.sh b/update.sh index 5c677dd..c2947d7 100644 --- a/update.sh +++ b/update.sh @@ -1,72 +1,31 @@ #!/bin/bash -# 配置参数(请替换为实际URL) -URL="https://git.nia.ink/brnet/bird_config/raw/branch/master/bird/function/unet.conf" # 替换为你的$url -TARGET_FILE="/etc/bird/function/unet.conf" -BACKUP_FILE="${TARGET_FILE}.bak.$(date +%Y%m%d%H%M%S)" # 带时间戳的备份文件 -LOG_FILE="/var/log/update_unet_conf.log" +rm /etc/bird/conf/dn42.conf +rm /etc/bird/function/dn42.conf +rm /etc/bird/net/dn42.conf -# 日志函数 -log() { - echo "[$(date +%Y%m%d%H%M%S)] $1" >> "$LOG_FILE" -} +rm /etc/bird/function/unet.conf +curl https://git.nia.ink/brnet/bird_config/raw/branch/master/bird/function/unet.conf > /etc/bird/function/unet.conf -# 检查root权限 -if [ "$(id -u)" -ne 0 ]; then - log "错误:必须使用root权限运行脚本(请用sudo)" - echo "错误:必须使用root权限运行脚本(请用sudo)" - exit 1 -fi +rm /etc/bird/bird.conf +curl https://git.nia.ink/brnet/bird_config/raw/branch/master/bird/bird.conf > /etc/bird/bird.conf -# 检查wget是否安装 -if ! command -v wget &> /dev/null; then - log "错误:未安装wget,请先执行 'sudo apt install wget' 或 'sudo yum install wget' 安装" - echo "错误:未安装wget,请先安装" - exit 1 -fi +temp_file=$(mktemp) +awk ' + BEGIN { delete_dn42 = 0 } + /^define DN42_ASN/ { delete_dn42 = 1 } + delete_dn42 == 0 { print $0 } + /^define UNET_ASN/ { delete_dn42 = 0; print $0 } +' /etc/bird/vars.conf > "$temp_file" -# 检查目标文件目录是否存在 -if [ ! -d "$(dirname "$TARGET_FILE")" ]; then - log "错误:目标目录 $(dirname "$TARGET_FILE") 不存在" - echo "错误:目标目录不存在" - exit 1 -fi - -# 备份原文件 -log "开始备份原文件到 $BACKUP_FILE" -if cp "$TARGET_FILE" "$BACKUP_FILE"; then - log "备份成功" +if [ -s "$temp_file" ]; then + mv "$temp_file" /etc/bird/vars.conf + echo "已成功删除 /etc/bird/vars.conf 中的DN42配置部分" else - log "错误:备份失败,终止操作" - echo "错误:备份失败" - exit 1 + echo "处理出错,临时文件为空,未修改原文件" + rm "$temp_file" fi -# 下载并覆盖文件 -log "开始从 $URL 下载文件" -if wget -q -O "$TARGET_FILE" "$URL"; then # -q 静默模式,-O 指定输出文件 - log "下载成功,已覆盖 $TARGET_FILE" -else - log "错误:下载失败,恢复原文件" - echo "错误:下载失败,正在恢复原文件..." - mv "$BACKUP_FILE" "$TARGET_FILE" # 恢复备份 - exit 1 -fi - -# 验证文件内容(检查是否为空或乱码) -if [ ! -s "$TARGET_FILE" ]; then # -s 检查文件非空 - log "错误:下载的文件为空,恢复原文件" - echo "错误:文件为空,正在恢复原文件..." - mv "$BACKUP_FILE" "$TARGET_FILE" - exit 1 -fi - -# (可选)重启bird服务并检查状态 -log "重载bird服务" birdc c -log "脚本执行完毕" - -cat $TARGET_FILE - cd rm update.sh \ No newline at end of file