diff --git a/_Footer.md b/_Footer.md index 643bc00..e69de29 100644 --- a/_Footer.md +++ b/_Footer.md @@ -1 +0,0 @@ -Hosted by: [xuu](mailto:xuu@sour.is), [nurtic-vibe](mailto:nurtic-vibe@grmml.net), [toBee](mailto:tom@xcv.vc), [burble](mailto:dn42@burble.com) | Accessible via: [dn42](http://wiki.dn42), [tor](http://jsptropkiix3ki5u.onion), [i2p](http://beb6v2i4jevo72vvnx6segsk4zv3pu3prbwcfuta3bzrcv7boy2q.b32.i2p/) diff --git a/_Sidebar.md b/_Sidebar.md index 86f345e..e69de29 100644 --- a/_Sidebar.md +++ b/_Sidebar.md @@ -1,47 +0,0 @@ - * [Home](/Home) - * [Getting Started](/howto/Getting-Started) - * [Registry Authentication](/howto/Registry-Authentication) - * [Address Space](/howto/Address-Space) - * [FAQ](/FAQ) - -* How-To - * [Wireguard](/howto/wireguard) - * [Openvpn](/howto/openvpn) - * [IPsec With Public Keys](/howto/IPsec-with-PublicKeys) - * [Tinc](/howto/tinc) - * [GRE on FreeBSD](/howto/GRE-on-FreeBSD) - * [GRE on OpenBSD](/howto/GRE-on-OpenBSD) - * [IPv6 Multicast (PIM-SM)](/howto/IPv6-Multicast) - * [Bird](/howto/Bird) / [Bird2](/howto/Bird2) - * [Quagga](/howto/Quagga) - * [OpenBGPD](/howto/OpenBGPD) - * [Mikrotik RouterOS](/howto/mikrotik) - * [EdgeRouter](/howto/EdgeOS-Config) - * [Static routes on Windows](/howto/Static-routes-on-Windows) - * [Universal Network Requirements](/howto/networksettings) - * [VyOS](/howto/vyos) - * [NixOS](/howto/nixos) - -* Services - * [IRC](/services/IRC) - * [Whois registry](/services/Whois) - * [DNS](/services/DNS) - * [Public DNS](/services/Clearnet-Domains) - * [Looking Glasses](/services/Looking-Glasses) - * [Repository Mirrors](/services/Repository-Mirrors) - * [Distributed Wiki](/services/Distributed-Wiki) - * [Certificate Authority](/services/Certificate-Authority) - * [Route Collector](/services/Route-Collector) - -* Internal - * [Internal services](/internal/Internal-Services) - * [Interconnections](/internal/Interconnections) - * [APIs](/internal/APIs) - * [Historical services](/internal/Historical-Services) - -* External Tools - * [Paste Board](/https://paste.dn42.us) - * [Git Repositories](/https://git.dn42.dev) - --------------- - diff --git a/https:/birdconf.md b/https:/birdconf.md index 46f0281..e69de29 100644 --- a/https:/birdconf.md +++ b/https:/birdconf.md @@ -1,150 +0,0 @@ -############################################# -# Variable header # -################################################ - - -define OWNAS = 4242422322; -define OWNIP = 172.22.181.193; -define OWNIPv6 = fd42:4242:2322::1; -define OWNNET = 172.22.181.192/27; -define OWNNETv6 = fd42:4242:2322::/48; -define OWNNETSET = [172.22.181.192/27+]; -define OWNNETSETv6 = [fd42:4242:2322::/48+]; - -################################################ -# Header end # -################################################ - -router id OWNIP; - -protocol device { - scan time 10; -} - -/* - * Utility functions - */ - -function is_self_net() { - return net ~ OWNNETSET; -} - -function is_self_net_v6() { - return net ~ OWNNETSETv6; -} - -function is_valid_network() { - return net ~ [ - 172.20.0.0/14{21,29}, # dn42 - 172.20.0.0/24{28,32}, # dn42 Anycast - 172.21.0.0/24{28,32}, # dn42 Anycast - 172.22.0.0/24{28,32}, # dn42 Anycast - 172.23.0.0/24{28,32}, # dn42 Anycast - 172.31.0.0/16+, # ChaosVPN - 10.100.0.0/14+, # ChaosVPN - 10.0.0.0/8{15,24} # Freifunk.net - ]; -} - -roa4 table dn42_roa; -roa6 table dn42_roa_v6; - -protocol static { - roa4 { table dn42_roa; }; - include "/etc/bird/roa4.conf"; -}; - -protocol static { - roa6 { table dn42_roa_v6; }; - include "/etc/bird/roa6.conf"; -}; - -function is_valid_network_v6() { - return net ~ [ - fd00::/8{44,64} # ULA address space as per RFC 4193 - ]; -} - -protocol kernel { - scan time 20; - - ipv6 { - import none; - export filter { - if source = RTS_STATIC then reject; - krt_prefsrc = OWNIPv6; - accept; - }; - }; -}; - -protocol kernel { - scan time 20; - - ipv4 { - import none; - export filter { - if source = RTS_STATIC then reject; - krt_prefsrc = OWNIP; - accept; - }; - }; -} - -protocol static { - route OWNNET reject; - - ipv4 { - import all; - export none; - }; -} - -protocol static { - route OWNNETv6 reject; - - ipv6 { - import all; - export none; - }; -} - -template bgp dnpeers { - local as OWNAS; - path metric 1; - - ipv4 { - import filter { - if is_valid_network() && !is_self_net() then { - if (roa_check(dn42_roa, net, bgp_path.last) != ROA_VALID) then { - print "[dn42] ROA check failed for ", net, " ASN ", bgp_path.last; - reject; - } else accept; - } else reject; - }; - - export filter { if is_valid_network() then accept; else reject; }; - import limit 1000 action block; - }; - - ipv6 { - import filter { - if is_valid_network_v6() && !is_self_net_v6() then { - if (roa_check(dn42_roa_v6, net, bgp_path.last) != ROA_VALID) then { - print "[dn42] ROA check failed for ", net, " ASN ", bgp_path.last; - reject; - } else accept; - } else reject; - }; - export filter { if is_valid_network_v6() then accept; else reject; }; - import limit 1000 action block; - }; -} - - -include "/etc/bird/peers/*"; - -log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug }; -log stderr all; -#log "/home/bird/bird.log" all; -#log "/root/bird.log" all;