Browse Source

Top half of homework net done

bgp-intro
root 2 years ago
parent
commit
32d0faadfe
  1. 17
      PWHA1/config
  2. 0
      PWHA1/rootfs/etc/bird/bird.conf
  3. 0
      PWHA1/rootfs/etc/bird/bird6.conf
  4. 5
      PWHA1/rootfs/etc/hosts
  5. 0
      PWHA1/rootfs/etc/network/interfaces
  6. 79
      PWHA1/rootfs/etc/sysctl.conf
  7. 17
      PWHA2/config
  8. 0
      PWHA2/rootfs/etc/bird/bird.conf
  9. 0
      PWHA2/rootfs/etc/bird/bird6.conf
  10. 5
      PWHA2/rootfs/etc/hosts
  11. 0
      PWHA2/rootfs/etc/network/interfaces
  12. 79
      PWHA2/rootfs/etc/sysctl.conf
  13. 17
      PWHAA/config
  14. 0
      PWHAA/rootfs/etc/bird/bird.conf
  15. 0
      PWHAA/rootfs/etc/bird/bird6.conf
  16. 5
      PWHAA/rootfs/etc/hosts
  17. 0
      PWHAA/rootfs/etc/network/interfaces
  18. 79
      PWHAA/rootfs/etc/sysctl.conf
  19. 17
      PWHAB/config
  20. 0
      PWHAB/rootfs/etc/bird/bird.conf
  21. 0
      PWHAB/rootfs/etc/bird/bird6.conf
  22. 5
      PWHAB/rootfs/etc/hosts
  23. 0
      PWHAB/rootfs/etc/network/interfaces
  24. 79
      PWHAB/rootfs/etc/sysctl.conf
  25. 17
      PWHAC/config
  26. 0
      PWHAC/rootfs/etc/bird/bird.conf
  27. 0
      PWHAC/rootfs/etc/bird/bird6.conf
  28. 5
      PWHAC/rootfs/etc/hosts
  29. 0
      PWHAC/rootfs/etc/network/interfaces
  30. 79
      PWHAC/rootfs/etc/sysctl.conf
  31. 17
      PWHAD/config
  32. 0
      PWHAD/rootfs/etc/bird/bird.conf
  33. 0
      PWHAD/rootfs/etc/bird/bird6.conf
  34. 5
      PWHAD/rootfs/etc/hosts
  35. 0
      PWHAD/rootfs/etc/network/interfaces
  36. 79
      PWHAD/rootfs/etc/sysctl.conf
  37. 17
      PWHAE/config
  38. 0
      PWHAE/rootfs/etc/bird/bird.conf
  39. 0
      PWHAE/rootfs/etc/bird/bird6.conf
  40. 5
      PWHAE/rootfs/etc/hosts
  41. 0
      PWHAE/rootfs/etc/network/interfaces
  42. 79
      PWHAE/rootfs/etc/sysctl.conf
  43. 17
      PWHAF/config
  44. 0
      PWHAF/rootfs/etc/bird/bird.conf
  45. 0
      PWHAF/rootfs/etc/bird/bird6.conf
  46. 5
      PWHAF/rootfs/etc/hosts
  47. 0
      PWHAF/rootfs/etc/network/interfaces
  48. 79
      PWHAF/rootfs/etc/sysctl.conf
  49. 27
      PWHE00/config
  50. 0
      PWHE00/rootfs/etc/bird/bird.conf
  51. 0
      PWHE00/rootfs/etc/bird/bird6.conf
  52. 5
      PWHE00/rootfs/etc/hosts
  53. 8
      PWHE00/rootfs/etc/network/interfaces
  54. 79
      PWHE00/rootfs/etc/sysctl.conf
  55. 17
      PWHE01/config
  56. 0
      PWHE01/rootfs/etc/bird/bird.conf
  57. 0
      PWHE01/rootfs/etc/bird/bird6.conf
  58. 5
      PWHE01/rootfs/etc/hosts
  59. 0
      PWHE01/rootfs/etc/network/interfaces
  60. 79
      PWHE01/rootfs/etc/sysctl.conf
  61. 26
      PWHE1/config
  62. 0
      PWHE1/rootfs/etc/bird/bird.conf
  63. 0
      PWHE1/rootfs/etc/bird/bird6.conf
  64. 5
      PWHE1/rootfs/etc/hosts
  65. 9
      PWHE1/rootfs/etc/network/interfaces
  66. 79
      PWHE1/rootfs/etc/sysctl.conf
  67. 17
      PWHE2/config
  68. 0
      PWHE2/rootfs/etc/bird/bird.conf
  69. 0
      PWHE2/rootfs/etc/bird/bird6.conf
  70. 5
      PWHE2/rootfs/etc/hosts
  71. 0
      PWHE2/rootfs/etc/network/interfaces
  72. 79
      PWHE2/rootfs/etc/sysctl.conf
  73. 17
      PWHE3/config
  74. 0
      PWHE3/rootfs/etc/bird/bird.conf
  75. 0
      PWHE3/rootfs/etc/bird/bird6.conf
  76. 5
      PWHE3/rootfs/etc/hosts
  77. 0
      PWHE3/rootfs/etc/network/interfaces
  78. 79
      PWHE3/rootfs/etc/sysctl.conf
  79. 17
      PWHE4/config
  80. 0
      PWHE4/rootfs/etc/bird/bird.conf
  81. 0
      PWHE4/rootfs/etc/bird/bird6.conf
  82. 5
      PWHE4/rootfs/etc/hosts
  83. 0
      PWHE4/rootfs/etc/network/interfaces
  84. 79
      PWHE4/rootfs/etc/sysctl.conf
  85. 17
      PWHE5/config
  86. 0
      PWHE5/rootfs/etc/bird/bird.conf
  87. 0
      PWHE5/rootfs/etc/bird/bird6.conf
  88. 5
      PWHE5/rootfs/etc/hosts
  89. 0
      PWHE5/rootfs/etc/network/interfaces
  90. 79
      PWHE5/rootfs/etc/sysctl.conf
  91. 17
      PWHE6/config
  92. 0
      PWHE6/rootfs/etc/bird/bird.conf
  93. 0
      PWHE6/rootfs/etc/bird/bird6.conf
  94. 5
      PWHE6/rootfs/etc/hosts
  95. 0
      PWHE6/rootfs/etc/network/interfaces
  96. 79
      PWHE6/rootfs/etc/sysctl.conf
  97. 26
      PWHE7/config
  98. 0
      PWHE7/rootfs/etc/bird/bird.conf
  99. 0
      PWHE7/rootfs/etc/bird/bird6.conf
  100. 5
      PWHE7/rootfs/etc/hosts
  101. Some files were not shown because too many files have changed in this diff Show More

17
PWHA1/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHA1/rootfs
lxc.uts.name = PWHA1

0
PWHA1/rootfs/etc/bird/bird.conf

0
PWHA1/rootfs/etc/bird/bird6.conf

5
PWHA1/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHA1/rootfs/etc/network/interfaces

79
PWHA1/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHA2/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHA2/rootfs
lxc.uts.name = PWHA2

0
PWHA2/rootfs/etc/bird/bird.conf

0
PWHA2/rootfs/etc/bird/bird6.conf

5
PWHA2/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHA2/rootfs/etc/network/interfaces

79
PWHA2/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHAA/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHAA/rootfs
lxc.uts.name = PWHAA

0
PWHAA/rootfs/etc/bird/bird.conf

0
PWHAA/rootfs/etc/bird/bird6.conf

5
PWHAA/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHAA/rootfs/etc/network/interfaces

79
PWHAA/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHAB/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHAB/rootfs
lxc.uts.name = PWHAB

0
PWHAB/rootfs/etc/bird/bird.conf

0
PWHAB/rootfs/etc/bird/bird6.conf

5
PWHAB/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHAB/rootfs/etc/network/interfaces

79
PWHAB/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHAC/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHAC/rootfs
lxc.uts.name = PWHAC

0
PWHAC/rootfs/etc/bird/bird.conf

0
PWHAC/rootfs/etc/bird/bird6.conf

5
PWHAC/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHAC/rootfs/etc/network/interfaces

79
PWHAC/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHAD/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHAD/rootfs
lxc.uts.name = PWHAD

0
PWHAD/rootfs/etc/bird/bird.conf

0
PWHAD/rootfs/etc/bird/bird6.conf

5
PWHAD/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHAD/rootfs/etc/network/interfaces

79
PWHAD/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHAE/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHAE/rootfs
lxc.uts.name = PWHAE

0
PWHAE/rootfs/etc/bird/bird.conf

0
PWHAE/rootfs/etc/bird/bird6.conf

5
PWHAE/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHAE/rootfs/etc/network/interfaces

79
PWHAE/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHAF/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHAF/rootfs
lxc.uts.name = PWHAF

0
PWHAF/rootfs/etc/bird/bird.conf

0
PWHAF/rootfs/etc/bird/bird6.conf

5
PWHAF/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHAF/rootfs/etc/network/interfaces

79
PWHAF/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

27
PWHE00/config

@ -0,0 +1,27 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHE00/rootfs
lxc.uts.name = PWHE00
lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.name = vlan2001
lxc.net.0.veth.pair = pwhe00.2001
lxc.net.0.script.up = /etc/lxc/lxc-openvswitch
lxc.net.0.script.down = /etc/lxc/lxc-openvswitch
lxc.net.0.hwaddr = 02:00:0a:25:e0:00

0
PWHE00/rootfs/etc/bird/bird.conf

0
PWHE00/rootfs/etc/bird/bird6.conf

5
PWHE00/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

8
PWHE00/rootfs/etc/network/interfaces

@ -0,0 +1,8 @@
auto lo
iface lo inet loopback
auto vlan2001
iface vlan2001 inet dhcp
iface vlan2001 inet6 auto
# accept_ra 1

79
PWHE00/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHE01/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHE01/rootfs
lxc.uts.name = PWHE01

0
PWHE01/rootfs/etc/bird/bird.conf

0
PWHE01/rootfs/etc/bird/bird6.conf

5
PWHE01/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHE01/rootfs/etc/network/interfaces

79
PWHE01/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

26
PWHE1/config

@ -0,0 +1,26 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHE1/rootfs
lxc.uts.name = PWHE1
lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.name = vlan2002
lxc.net.0.veth.pair = pwhe1.2002
lxc.net.0.script.up = /etc/lxc/lxc-openvswitch
lxc.net.0.script.down = /etc/lxc/lxc-openvswitch
lxc.net.0.hwaddr = 02:00:0a:25:e1:32

0
PWHE1/rootfs/etc/bird/bird.conf

0
PWHE1/rootfs/etc/bird/bird6.conf

5
PWHE1/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

9
PWHE1/rootfs/etc/network/interfaces

@ -0,0 +1,9 @@
auto lo
iface lo inet loopback
auto vlan2002
iface vlan2001 inet dhcp
iface vlan2002 inet6 auto
# accept_ra 1

79
PWHE1/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHE2/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHE2/rootfs
lxc.uts.name = PWHE2

0
PWHE2/rootfs/etc/bird/bird.conf

0
PWHE2/rootfs/etc/bird/bird6.conf

5
PWHE2/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHE2/rootfs/etc/network/interfaces

79
PWHE2/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHE3/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHE3/rootfs
lxc.uts.name = PWHE3

0
PWHE3/rootfs/etc/bird/bird.conf

0
PWHE3/rootfs/etc/bird/bird6.conf

5
PWHE3/rootfs/etc/hosts

@ -0,0 +1,5 @@
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

0
PWHE3/rootfs/etc/network/interfaces

79
PWHE3/rootfs/etc/sysctl.conf

@ -0,0 +1,79 @@
#
# /etc/sysctl.conf - Configuration file for setting system variables
# See /etc/sysctl.d/ for additional system variables.
# See sysctl.conf (5) for information.
#
#kernel.domainname = example.com
# Uncomment the following to stop low-level messages on console
#kernel.printk = 3 4 1 3
##############################################################3
# Functions previously found in netbase
#
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
# Turn on Source Address Verification in all interfaces to
# prevent some spoofing attacks
#net.ipv4.conf.default.rp_filter=1
#net.ipv4.conf.all.rp_filter=1
# Uncomment the next line to enable TCP/IP SYN cookies
# See http://lwn.net/Articles/277146/
# Note: This may impact IPv6 TCP sessions too
#net.ipv4.tcp_syncookies=1
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
# Enabling this option disables Stateless Address Autoconfiguration
# based on Router Advertisements for this host
net.ipv6.conf.all.forwarding=1
net.ipv4.icmp_ratelimit = 0
net.ipv6.icmp.ratelimit = 0
###################################################################
# Additional settings - these settings can improve the network
# security of the host and prevent against some network attacks
# including spoofing attacks and man in the middle attacks through
# redirection. Some network environments, however, require that these
# settings are disabled so review and enable them as needed.
#
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
# _or_
# Accept ICMP redirects only for gateways listed in our default
# gateway list (enabled by default)
# net.ipv4.conf.all.secure_redirects = 1
#
# Do not send ICMP redirects (we are not a router)
#net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not a router)
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_source_route = 0
#
# Log Martian Packets
#net.ipv4.conf.all.log_martians = 1
#
###################################################################
# Magic system request Key
# 0=disable, 1=enable all
# Debian kernels have this set to 0 (disable the key)
# See https://www.kernel.org/doc/Documentation/sysrq.txt
# for what other values do
#kernel.sysrq=1
###################################################################
# Protected links
#
# Protects against creating or following links under certain conditions
# Debian kernels have both set to 1 (restricted)
# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt
#fs.protected_hardlinks=0
#fs.protected_symlinks=0

17
PWHE4/config

@ -0,0 +1,17 @@
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template: -r stretch
# Template script checksum (SHA-1): d5aa397522e36a17c64c014dd63c70d8607c9873
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.tty.max = 4
lxc.arch = amd64
lxc.pty.max = 1024
lxc.rootfs.path = btrfs:/var/lib/lxc/PWHE4/rootfs
lxc.uts.name = PWHE4

0
PWHE4/rootfs/etc/bird/bird.conf

0
PWHE4/rootfs/etc/bird/bird6.conf