删除DN42相关配置

2025-11-02 13:24:07 +08:00
parent dcdfb1d71b
commit b2d136ae8a
7 changed files with 20 additions and 212 deletions
--- a/bird/bird.conf
+++ b/bird/bird.conf
@@ -12,10 +12,6 @@ protocol kernel {
        import none;
        export filter {
            if source = RTS_STATIC then reject;
            if dn42_is_valid_network_v6() then {   # 检查DN42自有网段
                krt_prefsrc = DN42_V6_kernel;
                accept;
            }
            if !is_bogon_prefix() then {
                krt_prefsrc = LOCAL_V6_kernel;
                accept;
@@ -31,10 +27,6 @@ protocol kernel {
        import none;
        export filter {
            if source = RTS_STATIC then reject;
            if dn42_is_valid_network() then {   # 检查DN42自有网段
                krt_prefsrc = DN42_V4_kernel;
                accept;
            }
            if unet_is_valid_network_v4() then {   # 检查UNET自有网段
                krt_prefsrc = UNET_V4_kernel;
                accept;
--- a/bird/conf/dn42.conf
+++ b/bird/conf/dn42.conf
@@ -1,41 +0,0 @@
 function dn42_is_self_net() {
  return net ~ [
    172.20.21.0/26+
  ];
 }
 protocol static route_dn42_export_v4 {
    route 172.20.21.0/26 reject; 
    ipv4 {
        table dn42v4;
        import filter {
            bgp_large_community.add((DN42_ASN,3,0));# 不允许导出到内核
            bgp_large_community.add((DN42_ASN,1,0));# 不允许传输到ibgp
            bgp_large_community.add((DN42_ASN,200,0));# 传输到Ebgp
            accept;
        };
        export none;
    };
 }
 function dn42_is_self_net_v6() {
  return net ~ [
    fde8:936e:ee29::/48+
    ];
 }
 protocol static route_dn42_export_v6 {
    route fde8:936e:ee29::/48 reject; 
    ipv6 {
        table dn42v6;
        import filter {
            bgp_large_community.add((DN42_ASN,3,0));# 不允许导出到内核
            bgp_large_community.add((DN42_ASN,1,0));# 不允许传输到ibgp
            bgp_large_community.add((DN42_ASN,200,0));# 传输到Ebgp
            accept;
        };
        export none;
    };
 }
--- a/bird/function/dn42.conf
+++ b/bird/function/dn42.conf
@@ -1,31 +0,0 @@
 ipv4 table dn42v4;
 ipv6 table dn42v6;
 function dn42_is_valid_network() {
  return net ~ [
    172.20.0.0/14+
  ];
 }
 function dn42_is_valid_network_v6() {
  return net ~ [
    fd00::/8+
  ];
 }
 protocol pipe dn42v4_sync {
  table dn42v4;
  peer table master4;
  export filter {
    if bgp_large_community ~ [(DN42_ASN, 3,*)] then reject;
    accept;
    };
 }
 protocol pipe dn42v6_sync {
  table dn42v6;
  peer table master6;
  export filter {
    if bgp_large_community ~ [(DN42_ASN, 3,*)] then reject;
    accept;
    };
 }
--- a/bird/function/unet.conf
+++ b/bird/function/unet.conf
@@ -12,7 +12,6 @@ function unet_is_valid_network_v4() {
 function unet_is_valid_network_v4_anynet() {
  return net ~ [
    172.20.21.0/26+,
    44.32.191.0/24+
  ];
 }
@@ -26,8 +25,7 @@ function unet_is_valid_network_v4_allnet(){
 function unet_is_voalid_net_v6(){
  return net ~ [
    2406:840:e600::/44{44,64},
-    2a0f:1cc5:0010::/44{44,64},
+    2a0f:1cc5:0010::/44{44,64}
    fde8:936e:ee29::/48+
  ];
 }
--- a/bird/net/dn42.conf
+++ b/bird/net/dn42.conf
@@ -1,65 +0,0 @@
 template bgp dn42_bgp_up {
    graceful restart;
    local as DN42_ASN;
    ipv4 {
        table dn42v4;
        import filter {
          if dn42_is_valid_network() && !dn42_is_self_net() then accept;
          reject;
        };
        export filter { if dn42_is_valid_network() && source ~ [RTS_STATIC, RTS_BGP] then accept; else reject; };
        import limit 9000 action block; 
    };
    ipv6 {
        table dn42v6;
        import filter {
          if dn42_is_valid_network_v6() && !dn42_is_self_net_v6() then accept;
          reject;
        };
        export filter { if dn42_is_valid_network_v6() && source ~ [RTS_STATIC, RTS_BGP] then accept; else reject; };
        import limit 9000 action block; 
    };
 }
 template bgp dn42_ibgp {
    graceful restart;
    local as DN42_ASN;
    med metric;
    direct;
    ipv4 {
        table dn42v4;
        next hop self;
        gateway direct;
        import filter { 
            if bgp_large_community ~ [(DN42_ASN, 1,*)] then reject;
            if !dn42_is_valid_network() then reject;
            if dn42_is_self_net() then reject;
            accept; 
        };
        export filter { 
            if bgp_large_community ~ [(DN42_ASN, 1,*)] then reject;
            if !dn42_is_valid_network() then reject;
            if dn42_is_self_net() then reject;
            accept;
            };
    };
    ipv6 {
        table dn42v6;
        next hop self;
        gateway direct;
        import filter { 
            if bgp_large_community ~ [(DN42_ASN, 1,*)] then reject;
            if !dn42_is_valid_network_v6() then reject;
            if dn42_is_self_net_v6() then reject;
            accept; 
        };
        export filter { 
            if bgp_large_community ~ [(DN42_ASN, 1,*)] then reject;
            if !dn42_is_valid_network_v6() then reject;
            if dn42_is_self_net_v6() then reject;
            accept;
            };
    };
 }
 include "/etc/bird/peers/dn42/*.conf";
--- a/bird/vars.conf
+++ b/bird/vars.conf
@@ -2,10 +2,6 @@ define LOCAL_ASN = 153376;
 define LOCAL_V4_kernel = 44.32.191.7;
 define LOCAL_V6_kernel = 2406:840:e603::1;
 define DN42_ASN = 4242423376;
 define DN42_V4_kernel = 172.20.21.2;
 define DN42_V6_kernel = fde8:936e:ee29::1;
 define UNET_ASN = 4218818801;
 define UNET_V4_kernel = 10.188.6.2;
--- a/update.sh
+++ b/update.sh
@@ -1,72 +1,31 @@
 #!/bin/bash
-# 配置参数（请替换为实际URL）
+rm /etc/bird/conf/dn42.conf
-URL="https://git.nia.ink/brnet/bird_config/raw/branch/master/bird/function/unet.conf"  # 替换为你的$url
+rm /etc/bird/function/dn42.conf
-TARGET_FILE="/etc/bird/function/unet.conf"
+rm /etc/bird/net/dn42.conf
 BACKUP_FILE="${TARGET_FILE}.bak.$(date +%Y%m%d%H%M%S)"  # 带时间戳的备份文件
 LOG_FILE="/var/log/update_unet_conf.log"
-# 日志函数
+rm /etc/bird/function/unet.conf
-log() {
+curl https://git.nia.ink/brnet/bird_config/raw/branch/master/bird/function/unet.conf > /etc/bird/function/unet.conf
    echo "[$(date +%Y%m%d%H%M%S)] $1" >> "$LOG_FILE"
 }
-# 检查root权限
+rm /etc/bird/bird.conf
-if [ "$(id -u)" -ne 0 ]; then
+curl https://git.nia.ink/brnet/bird_config/raw/branch/master/bird/bird.conf > /etc/bird/bird.conf
    log "错误：必须使用root权限运行脚本（请用sudo）"
    echo "错误：必须使用root权限运行脚本（请用sudo）"
    exit 1
 fi
-# 检查wget是否安装
+temp_file=$(mktemp)
-if ! command -v wget &> /dev/null; then
+awk '
-    log "错误：未安装wget，请先执行 'sudo apt install wget' 或 'sudo yum install wget' 安装"
+    BEGIN { delete_dn42 = 0 }
-    echo "错误：未安装wget，请先安装"
+    /^define DN42_ASN/ { delete_dn42 = 1 }
-    exit 1
+    delete_dn42 == 0 { print $0 }
-fi
+    /^define UNET_ASN/ { delete_dn42 = 0; print $0 }
 ' /etc/bird/vars.conf > "$temp_file"
-# 检查目标文件目录是否存在
+if [ -s "$temp_file" ]; then
-if [ ! -d "$(dirname "$TARGET_FILE")" ]; then
+    mv "$temp_file" /etc/bird/vars.conf
-    log "错误：目标目录 $(dirname "$TARGET_FILE") 不存在"
+    echo "已成功删除 /etc/bird/vars.conf 中的DN42配置部分"
    echo "错误：目标目录不存在"
    exit 1
 fi
 # 备份原文件
 log "开始备份原文件到 $BACKUP_FILE"
 if cp "$TARGET_FILE" "$BACKUP_FILE"; then
    log "备份成功"
 else
-    log "错误：备份失败，终止操作"
+    echo "处理出错，临时文件为空，未修改原文件"
-    echo "错误：备份失败"
+    rm "$temp_file"
    exit 1
 fi
 # 下载并覆盖文件
 log "开始从 $URL 下载文件"
 if wget -q -O "$TARGET_FILE" "$URL"; then  # -q 静默模式，-O 指定输出文件
    log "下载成功，已覆盖 $TARGET_FILE"
 else
    log "错误：下载失败，恢复原文件"
    echo "错误：下载失败，正在恢复原文件..."
    mv "$BACKUP_FILE" "$TARGET_FILE"  # 恢复备份
    exit 1
 fi
 # 验证文件内容（检查是否为空或乱码）
 if [ ! -s "$TARGET_FILE" ]; then  # -s 检查文件非空
    log "错误：下载的文件为空，恢复原文件"
    echo "错误：文件为空，正在恢复原文件..."
    mv "$BACKUP_FILE" "$TARGET_FILE"
    exit 1
 fi
 # （可选）重启bird服务并检查状态
 log "重载bird服务"
 birdc c
 log "脚本执行完毕"
 cat $TARGET_FILE
 cd 
 rm update.sh