Commit graph

21 commits

Author SHA1 Message Date
Simon Bruder 7a7b385b44
shinobu/router: Change nft variable source 2023-10-04 23:19:44 +02:00
Simon Bruder 8ecf4ecbfd
shinobu/router: Split configuration 2023-10-04 23:19:43 +02:00
Simon Bruder 257b000e24
shinobu/router: Add ethtool 2023-09-21 21:11:22 +02:00
Simon Bruder 8a1724fe43
shinobu/router: Clean up nftables rules 2023-09-21 12:59:12 +02:00
Simon Bruder 9c42cb0903
shinobu/router: Fix VPN bypass
This now actually works and I have a better understanding of nftables.
Some of my learnings are documented as comments in the rules.
2023-09-21 12:56:36 +02:00
Simon Bruder caac620ea6
shinobu/router: Add tracing infrastructure 2023-09-21 12:44:27 +02:00
Simon Bruder 1c24743911
shinobu/router: Fix naming of subnets in rules
This has no practical effect, but did cause confusion.
2023-09-21 11:31:00 +02:00
Simon Bruder b10b83c207
shinobu/router: Use dns over https
For some reason, this makes DNS more reliable.
2023-09-20 22:11:24 +02:00
Simon Bruder f1c70dce99
Revert "shinobu/router: Switch provider for wg-upstream"
This reverts commit 0bcc5d6141.

This leaves MSS clamping in place.
2023-09-19 12:23:38 +02:00
Simon Bruder aa85febe12
shinobu/router: Fix IPv6 networking
Previously, I did not have IPv6 upstream, so even a wrong configuration
worked. Now it uses a different routing table for IPv4 and IPv6, so it
also works on dual-stack upstreams.

However, how it worked without IPv6 forwarding enabled, is still a
mystery to me.
2023-09-12 15:00:51 +02:00
Simon Bruder e7d740f03c
shinobu/router: Restrict wan 2023-09-12 15:00:51 +02:00
Simon Bruder 94fcee359a
shinobu/router: Reduce semicolon usage
Only use it where it is necessary
2023-09-12 15:00:51 +02:00
Simon Bruder 2dab79f0bc
shinobu/router: Use correct v6 address for vueko
It is not used (yet), therefore it went unnoticed.
2023-09-12 15:00:51 +02:00
Simon Bruder f88669f202
shinobu: Move physically 2023-09-12 15:00:51 +02:00
Simon Bruder 0bcc5d6141
shinobu/router: Switch provider for wg-upstream
The old provider was doing weird stuff with DNS that I wasn’t able to
debug well.

However, apparently, the old provider did MSS clamping on their side.
Therefore, it is now required that I do this on my side.
2023-09-12 15:00:51 +02:00
Simon Bruder f71cbedf14
shinobu/router: Exclude vueko from VPN 2023-08-08 14:20:21 +02:00
Simon Bruder 826929571b
shinobu/router: Switch to nftables 2023-08-08 14:19:48 +02:00
Simon Bruder ba1f9262fb
shinobu/router: Make wg-mullvad vendor neutral 2023-08-08 11:44:45 +02:00
Simon Bruder 751e9d51b9
shinobu: Change wg-mullvad peer 2023-08-08 11:42:52 +02:00
Simon Bruder 3df0ddcc27
shinobu/co2_exporter: Migrate from fuuko 2023-07-01 13:14:32 +02:00
Simon Bruder 1b44e31627
shinobu: Init 2023-07-01 12:37:12 +02:00