ajout des scripts

cfe6afb8 · theo.rossmann · 79c982fc · cfe6afb8 · cfe6afb8 · cfe6afb8
Commit cfe6afb8 authored 1 month ago by theo.rossmann
--- a/script.sh
+++ b/script.sh
+#!/bin/bash
+
+echo " Connexion a R1 "
+ssh R1 << 'EOF'
+
+apt update && apt install -y tcpdump
+echo 1 > /proc/sys/net/ipv4/ip_forward
+
+dhclient -v eth0
+
+ip addr add 10.0.0.1/24 dev eth1
+ip link set eth1 up
+
+cat > /root/nat.nft <<END
+#!/usr/sbin/nft -f
+
+flush ruleset
+
+table ip nat {
+    chain masq {
+        type nat hook postrouting priority 100;
+        oifname "eth0" counter masquerade
+    }
+}
+END
+
+nft -f /root/nat.nft
+EOF
+echo " Connexion a H1 "
+
+ssh H1 << 'EOF'
+
+apt update && apt install -y tcpdump
+ip addr add 10.0.0.2/24 dev eth0
+ip link set eth0 up
+ip route add default via 10.0.0.1 dev eth0
+
+EOF
+
--- a/script2.sh
+++ b/script2.sh
+    #!/bin/bash
+    ssh -tt R1 << 'EOF'
+    set -e
+
+    # Supprimer proprement les éléments existants
+    ip netns del ns2 2>/dev/null || true
+    ip link del veth0 2>/dev/null || true
+    ip link del veth1 2>/dev/null || true
+
+    ip netns add ns2
+
+    ip link add veth0 type veth peer name veth0-ns
+    ip link set veth0-ns netns ns2
+
+    ip link add veth1 type veth peer name veth1-ns
+    ip link set veth1-ns netns ns2
+
+    ip link set veth0 up
+    ip link set veth1 up
+
+    # Côté ns2
+    # activer le loopback
+    ip netns exec ns2 ip link set lo up
+    ip netns exec ns2 ip link set veth0-ns name veth0
+    ip netns exec ns2 ip link set veth1-ns name veth1
+    ip netns exec ns2 ip link set veth0 up
+    ip netns exec ns2 ip link set veth1 up
+
+
+    ip addr add 192.168.0.1/24 dev veth0
+    ip addr add 192.168.1.1/24 dev veth1
+
+    ip netns exec ns2 ip addr add 192.168.0.2/24 dev veth0
+    ip netns exec ns2 ip addr add 192.168.1.2/24 dev veth1
+
+    # Activer le forwarding
+    ip netns exec ns2 sysctl -w net.ipv4.ip_forward=1
+
+    # NAT dans R2 sur veth0
+    ip netns exec ns2 bash -c 'cat > /root/nat-r2.nft <<EONAT
+    flush ruleset
+    table ip nat {
+        chain masq {
+            type nat hook postrouting priority 100;
+            oifname "veth0" counter masquerade
+        }
+    }
+    EONAT
+    nft -f /root/nat-r2.nft
+    '
+    # Ajout des routes
+    ip netns exec ns2 ip route add default via 192.168.0.1
+    ip netns exec ns2 ip route add 10.0.0.0/24 via 192.168.1.1
+
+    # Redirection du trafic par défaut dans R1 vers R2
+    ip route delete default || true
+    ip route add default via 192.168.1.2
+    echo '100 custom' >> /etc/iproute2/rt_tables
+    ip rule add iif veth0 table custom
+    ip route add default via 172.21.1.1 table custom
+
+    EOF
--- a/script3.sh
+++ b/script3.sh
+#!/bin/bash
+
+ssh -tt R1 << 'EOF'
+set -e # Arrête le script si une commande échoue
+
+ip netns del ns2 2>/dev/null || true
+ip link del br0 2>/dev/null || true
+ip link del br1 2>/dev/null || true
+ip link del veth0 2>/dev/null || true
+ip link del veth1 2>/dev/null || true
+nft flush ruleset 2>/dev/null || true
+
+ip netns add ns2
+
+ip link add veth0 type veth peer name veth0-ns
+ip link add veth1 type veth peer name veth1-ns
+
+
+ip link set veth0-ns netns ns2
+ip link set veth1-ns netns ns2
+
+
+ip link add br0 type bridge
+ip link add br1 type bridge
+
+ip link set eth0 up
+ip link set eth1 up
+ip link set br0 up
+ip link set br1 up
+
+ip link set eth0 master br0
+ip link set eth1 master br1
+
+ip link set veth0 up
+ip link set veth0 master br0
+ip link set veth1 up
+ip link set veth1 master br1
+
+
+ip netns exec ns2 ip link set veth0-ns name eth0 
+ip netns exec ns2 ip link set veth1-ns name eth1 
+ip netns exec ns2 ip link set eth0 up 
+ip netns exec ns2 ip link set eth1 up
+
+# IP sur br1
+ip addr add 10.0.0.254/24 dev br1
+# IP sur br0
+ip addr add 172.21.1.100/24 dev br0
+
+sysctl -w net.ipv4.ip_forward=1
+
+ip route del default via 172.21.1.1 dev br0 2>/dev/null || true
+# passerelle Internet
+ip route add default via 172.21.1.1 dev br0
+
+bash -c 'cat > /root/nat-r1.nft <<EONAT
+flush ruleset
+table ip nat {
+    chain postrouting {
+        type nat hook postrouting priority 100;
+        oifname "br0" counter masquerade
+    }
+}
+EONAT
+nft -f /root/nat-r1.nft
+'
+EOF
+
+ssh -tt H1 << 'EOF'
+set -e
+ip addr flush dev eth0
+ip addr add 10.0.0.1/24 dev eth0
+ip link set eth0 up
+ip route del default 2>/dev/null || true
+ip route add default via 10.0.0.254
+ping -c 3 8.8.8.8
+EOF
--- a/script4.sh
+++ b/script4.sh
+#!/bin/bash
+# H1: 10.0.0.1/24
+# R3 (ns3) eth1 (côté H1): 10.0.0.254/24
+# R3 (ns3) eth0 (côté R2): 192.168.32.1/24
+# R2 (ns2) eth1 (côté R3): 192.168.32.2/24
+# R2 (ns2) eth0 (côté Internet): 172.21.1.100/24
+# Passerelle Internet: 172.21.1.1
+
+ssh -tt R1 << 'EOF'
+set -e
+
+ip netns del ns2 2>/dev/null || true
+ip netns del ns3 2>/dev/null || true
+ip link del br0 2>/dev/null || true
+ip link del br1 2>/dev/null || true
+ip link del veth_r1_ns3 2>/dev/null || true # R1 <-> ns3
+ip link del veth_ns3_ns2 2>/dev/null || true # ns3 <-> ns2 (une seule commande suffit)
+ip link del veth_r1_ns2 2>/dev/null || true # R1 <-> ns2
+
+nft flush ruleset 2>/dev/null || true
+
+ip netns add ns2
+ip netns add ns3
+
+ip link add veth_r1_ns3 type veth peer name veth_ns3_r1
+ip link add veth_ns3_ns2 type veth peer name veth_ns2_ns3
+ip link add veth_r1_ns2 type veth peer name veth_ns2_r1
+
+
+ip link set veth_ns3_r1 netns ns3
+ip link set veth_ns3_ns2 netns ns3
+
+ip link set veth_ns2_ns3 netns ns2
+ip link set veth_ns2_r1 netns ns2
+
+
+ip link add br0 type bridge
+ip link add br1 type bridge
+
+ip link set eth0 up
+ip link set eth1 up
+ip link set br0 up
+ip link set br1 up
+
+ip link set eth0 master br0
+ip link set eth1 master br1
+
+
+ip link set veth_r1_ns3 up
+ip link set veth_r1_ns3 master br1
+ip link set veth_r1_ns2 up
+ip link set veth_r1_ns2 master br0
+
+# --- Configuration de ns3 (R3) ---
+ip netns exec ns3 ip link set veth_ns3_r1 name eth1 # Interface côté H1
+ip netns exec ns3 ip link set veth_ns3_ns2 name eth0 # Interface côté R2
+ip netns exec ns3 ip link set eth1 up
+ip netns exec ns3 ip link set eth0 up
+ip netns exec ns3 ip addr add 10.0.0.254/24 dev eth1
+ip netns exec ns3 ip addr add 192.168.32.1/24 dev eth0
+ip netns exec ns3 sysctl -w net.ipv4.ip_forward=1
+ip netns exec ns3 ip route add default via 192.168.32.2 dev eth0
+
+# --- Configuration de ns2 (R2) ---
+ip netns exec ns2 ip link set veth_ns2_ns3 name eth1 # Interface côté R3
+ip netns exec ns2 ip link set veth_ns2_r1 name eth0 # Interface côté Internet
+ip netns exec ns2 ip link set eth1 up
+ip netns exec ns2 ip link set eth0 up
+ip netns exec ns2 ip route add 10.0.0.0/24 via 192.168.32.1 dev eth1
+ip netns exec ns2 ip addr add 192.168.32.2/24 dev eth1
+ip netns exec ns2 ip addr add 172.21.1.100/24 dev eth0
+ip netns exec ns2 sysctl -w net.ipv4.ip_forward=1
+ip netns exec ns2 ip route add default via 172.21.1.1 dev eth0
+
+
+ip netns exec ns2 bash -c 'cat > /root/nat.nft <<EOFNAT
+flush ruleset
+table ip nat {
+    chain postrouting {
+        type nat hook postrouting priority 100;
+        oifname "eth0" counter masquerade
+    }
+}
+EOFNAT
+nft -f /root/nat.nft
+'
+EOF
+
+ssh -tt H1 << 'EOF'
+set -e
+ip addr flush dev eth0
+ip addr add 10.0.0.1/24 dev eth0
+ip link set eth0 up
+ip route del default 2>/dev/null || true
+
+ip route add default via 10.0.0.254
+
+ping -c 4 -W 2 8.8.8.8
+EOF
+