Gentoo и два провайдера

Пришлось недавно настроить сервер с Gentoo для работы через двух провайдеров. Сервер имеет три сетевые карты, первая подключена к МАСТЕРЛИНКу (настройки по DHCP, выделенный IP через PPTP VPN), вторая подключена к КОРБИНЕ (настройки по DHCP, выделенный IP через PPTP VPN), третья сетевая карта смотрит во внутриофисную сеть. На сервере хостятся несколько доменов, основным пусть будет, например, domain.org. Когда оба линка работают сервер должен отвечать по обоим IP адресам, но приоритетным провайдером является МАСТЕРЛИНК. Когда МАСТЕРЛИНК падает – шлюз по умолчанию изменяется на КОРБИНУ, когда поднимается – снова на МАСТЕРЛИНК.

Итак, приступим. Сначала установим iproute2, pptpclient и openresolv:

emerge iproute2 pptpclient openresolv

Обзовем две таблицы policy routing-а именами провайдеров, чтобы было удобнее

cat >> /etc/iproute2/rt_tables <end-of-text
2       corbina
3       masterlink
end-of-text

Теперь правим файл конфигурации сети /etc/conf.d/net. У меня он вот такой:

dns_domain="domain.org"

dns_search="domain.org"

config_eth0=( "dhcp" )

dhcpcd_eth0="-c /etc/conf.d/net_masterlink.sh"

# corbina

config_eth1=( "dhcp" )

dhcpcd_eth1="-c /etc/conf.d/net_corbina.sh"

# local

config_eth2=( "192.168.1.1/24" )

postdown(){

    # masterlink

    if [ "${IFACE}" == "eth0" ] ; then

        poff masterlink >/dev/null

fi

    # corbina

    if [ "${IFACE}" == "eth1" ] ; then

        poff corbina >/dev/null

fi

Заметьте, DNS сервера не прописываем, мы их получаем по DHCP. Что тут еще интересного? Описана функция postdown, которая выполняется для всех сетевых интерфейсов после их остановки. В ней корректно выключаются pptp туннели при выключении соответствующего езернет интерфейса. Еще здесь прописаны скрипты, которые выполняются при наступлении DHCP событий (получение адреса, истечение срока аренды адреса и т. п.). Давайте глянем на них поближе. Вот /etc/conf.d/net_corbina.sh:

#!/bin/sh

poff corbina >/dev/null

. $1

for ROUTE in $ROUTES ; do

  GATEWAY=`echo $ROUTE | cut -d , -f 3`

done

for DNSSERVER in $DNSSERVERS ; do

  ip ro add $DNSSERVER via $GATEWAY >/dev/null || ip ro change $DNSSERVER via $GATEWAY >/dev/null

done

for VPN in `host vpn.corbina.ru | cut -d " " -f 4` ; do

  ip ro add $VPN via $GATEWAY >/dev/null || ip ro change $VPN via $GATEWAY >/dev/null

done

pon corbina

Первым действием останавливаем соответствующий pptp туннель, думаю понятно для чего. А дальше уже интереснее, строчка

. $1

служит для инклуда файла с параметрами, получаемыми с DHCP сервера, аргумент передается в скрипт демоном dhcpd. Обычно это файл /var/lib/dhcpcd/dhcpcd-ИМЯ_ИНТЕРФЕЙСА.info, типичный случай /var/lib/dhcpcd/dhcpcd-eth1.info:

IPADDR=’10.46.26.230′
NETMASK=’255.255.248.0′
NETWORK=’10.46.24.0′
BROADCAST=’10.46.31.255′
ROUTES=’233.32.240.0,255.255.255.0,10.46.26.230 10.0.0.0,255.0.0.0,10.46.24.1 85.21.79.0,255.255.255.0,10.46.24.1 85.21.90.0,255.255.255.0,10.46.24.1 85.21.138.208,255.255.255.240,10.46.24.1 83.102.146.96,255.255.255.224,10.46.24.1 172.16.16.0,255.255.255.0,10.46.24.1 85.21.72.80,255.255.255.240,10.46.24.1 78.107.69.98,255.255.255.255,10.46.24.1 78.107.23.0,255.255.255.0,10.46.24.1 85.21.108.16,255.255.255.240,10.46.24.1 83.102.231.32,255.255.255.240,10.46.24.1 78.107.51.0,255.255.255.240,10.46.24.1 78.107.235.4,255.255.255.252,10.46.24.1′
GATEWAYS=»
DNSSERVERS=’213.234.192.8 85.21.192.3′
DHCPSID=’83.102.233.202′
LEASEDFROM=’1218458100′
LEASETIME=’604800′
RENEWALTIME=’302400′
REBINDTIME=’529200′
INTERFACE=’eth1′
CLASSID=’dhcpcd 3.2.3′
CLIENTID=’ff:65:74:68:31:00:01:00:01:10:2b:de:13:00:30:48:63:ee:bd’
DHCPCHADDR=’00:30:48:63:ee:bd’

КОРБИНА не выдает шлюз по умолчанию, зато выдает кучу маршрутов к своим локальным сетям. Исходя из этого я для себя избрал следующий способ получения шлюза по умолчанию: парсим все выданные нам маршруты и шлюзом по умолчанию делаем хост, через который завернут последний из них. Вот так. В дальнейшем наш скрипт /etc/conf.d/net_corbina.sh прописывает через этот шлюз маршруты к DNS серверам, полученным по DHCP и маршруты на VPN серверы КОРБИНЫ. Зачем такой замут? А затем, что DNS корбины выдают разные адреса для VPN серверов при запросах из внутренних и внешних сетей и лучше перестраховаться и прописывать их каждый раз при получении настроек по DHCP. Последним действием стартует pptp туннель с КОРБИНОЙ.

Файл /etc/conf.d/net_masterlink.sh в принципе аналогичен, дополнительно прописываются пиринговые маршруты, доступные через МАСТЕРЛИНК. Их список можно взять на сайте технической поддержки МАСТЕРЛИНКа.

#!/bin/sh

poff masterlink > /dev/null

. $1

for ROUTE in $ROUTES ; do

  GATEWAY=`echo $ROUTE | cut -d , -f 3`

done

for DNSSERVER in $DNSSERVERS ; do

  ip ro add $DNSSERVER via $GATEWAY >/dev/null || ip ro change $DNSSERVER via $GATEWAY >/dev/null

done

for VPN in `host vpn.masterlink.lan | cut -d " " -f 4` ; do

  ip ro add $VPN via $GATEWAY >/dev/null || ip ro change $VPN via $GATEWAY >/dev/null

done

pon masterlink

route del -net 172.28.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 172.28.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 89.191.240.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.191.240.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.191.241.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.191.241.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.191.242.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.191.242.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.191.243.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.191.243.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.143.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.143.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.139.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.139.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.140.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.140.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.141.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.141.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.142.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.142.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.138.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.138.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.137.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.137.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.136.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.136.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.135.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.135.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.134.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.134.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.133.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.133.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.132.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.132.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.130.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.130.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.129.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.129.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.73.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.73.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.128.0 netmask 255.255.192.0 >/dev/null 2>&1 ; route add -net 10.9.128.0 netmask 255.255.192.0 gw $GATEWAY

route del -net 10.9.74.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.74.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.72.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.72.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.71.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.71.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.68.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.68.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.69.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.69.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.70.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.70.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.67.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.67.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.66.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.66.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.2.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.2.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.3.0.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 10.3.0.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 10.4.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.4.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.5.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.5.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.6.0.0 netmask 255.255.240.0 >/dev/null 2>&1 ; route add -net 10.6.0.0 netmask 255.255.240.0 gw $GATEWAY

route del -net 10.7.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.7.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.9.8.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.8.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.64.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.64.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.65.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.65.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.1.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.1.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 89.222.224.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.224.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.212.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 89.222.212.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 10.71.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.71.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.13.1.5 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 10.13.1.5 netmask 255.255.255.255 gw $GATEWAY

route del -net 80.87.145.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 80.87.145.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 80.87.146.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 80.87.146.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 80.87.147.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 80.87.147.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.70.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.70.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.11.128.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.11.128.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.11.0.0 netmask 255.255.192.0 >/dev/null 2>&1 ; route add -net 10.11.0.0 netmask 255.255.192.0 gw $GATEWAY

route del -net 10.215.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.215.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.214.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.214.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 89.222.133.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.133.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.88.0.0 netmask 255.248.0.0 >/dev/null 2>&1 ; route add -net 10.88.0.0 netmask 255.248.0.0 gw $GATEWAY

route del -net 10.67.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.67.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 89.222.208.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 89.222.208.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 172.20.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 172.20.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 213.247.201.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.247.201.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.247.135.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.247.135.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.247.136.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.247.136.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.247.146.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.247.146.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.247.149.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.247.149.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.247.169.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.247.169.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.247.133.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.247.133.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.247.130.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.247.130.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 87.118.246.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 87.118.246.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 87.118.249.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 87.118.249.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.29.0.0 netmask 255.255.240.0 >/dev/null 2>&1 ; route add -net 172.29.0.0 netmask 255.255.240.0 gw $GATEWAY

route del -net 10.9.145.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.145.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.144.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.144.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.219.212.158 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 213.219.212.158 netmask 255.255.255.255 gw $GATEWAY

route del -net 10.0.7.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.0.7.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.0.6.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.0.6.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.0.5.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.0.5.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.254.254 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 172.19.254.254 netmask 255.255.255.255 gw $GATEWAY

route del -net 10.0.4.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.0.4.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.255.254 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 172.19.255.254 netmask 255.255.255.255 gw $GATEWAY

route del -net 172.19.255.128 netmask 255.255.255.192 >/dev/null 2>&1 ; route add -net 172.19.255.128 netmask 255.255.255.192 gw $GATEWAY

route del -net 213.148.28.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.148.28.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.219.210.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.219.210.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.148.26.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.148.26.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.148.24.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.148.24.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.148.19.48 netmask 255.255.255.240 >/dev/null 2>&1 ; route add -net 213.148.19.48 netmask 255.255.255.240 gw $GATEWAY

route del -net 172.24.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 172.24.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.0.40.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 10.0.40.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 172.17.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 172.17.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 172.19.254.21 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 172.19.254.21 netmask 255.255.255.255 gw $GATEWAY

route del -net 172.19.254.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.254.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.253.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.253.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.252.0 netmask 255.255.255.240 >/dev/null 2>&1 ; route add -net 172.19.252.0 netmask 255.255.255.240 gw $GATEWAY

route del -net 172.19.56.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.56.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.45.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.45.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.44.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.44.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.43.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.43.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.42.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.42.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.41.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.41.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.40.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.40.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.36.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.36.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.37.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.37.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.38.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.38.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.39.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.39.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.35.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.35.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.33.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.33.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.34.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.34.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.22.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.22.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.21.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.21.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.20.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.20.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.19.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.19.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.18.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.18.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.11.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.11.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.12.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.12.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.16.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.16.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.17.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.17.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.10.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.10.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.8.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.8.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.9.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.9.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.7.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.7.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.6.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.6.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.4.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.4.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.5.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.5.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.3.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.3.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.2.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.2.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.0.245 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 172.19.0.245 netmask 255.255.255.255 gw $GATEWAY

route del -net 172.19.1.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.1.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.19.0.232 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 172.19.0.232 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.149.254 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.149.254 netmask 255.255.255.255 gw $GATEWAY

route del -net 172.19.0.231 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 172.19.0.231 netmask 255.255.255.255 gw $GATEWAY

route del -net 172.19.0.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.19.0.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.151.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.151.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.148.254 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.148.254 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.148.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.148.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.147.254 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.147.254 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.147.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.147.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.146.254 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.146.254 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.146.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.146.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.146.28 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.146.28 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.145.254 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.145.254 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.145.237 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.145.237 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.145.235 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.145.235 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.145.25 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.145.25 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.145.5 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.145.5 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.145.4 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 89.222.145.4 netmask 255.255.255.255 gw $GATEWAY

route del -net 89.222.145.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.145.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.144.0 netmask 255.255.255.224 >/dev/null 2>&1 ; route add -net 89.222.144.0 netmask 255.255.255.224 gw $GATEWAY

route del -net 195.225.128.64 netmask 255.255.255.192 >/dev/null 2>&1 ; route add -net 195.225.128.64 netmask 255.255.255.192 gw $GATEWAY

route del -net 195.225.128.128 netmask 255.255.255.128 >/dev/null 2>&1 ; route add -net 195.225.128.128 netmask 255.255.255.128 gw $GATEWAY

route del -net 195.225.130.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 195.225.130.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 195.225.131.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 195.225.131.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 195.225.128.0 netmask 255.255.255.224 >/dev/null 2>&1 ; route add -net 195.225.128.0 netmask 255.255.255.224 gw $GATEWAY

route del -net 194.6.222.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 194.6.222.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 194.6.221.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 194.6.221.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 194.6.220.0 netmask 255.255.255.192 >/dev/null 2>&1 ; route add -net 194.6.220.0 netmask 255.255.255.192 gw $GATEWAY

route del -net 91.192.243.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 91.192.243.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 91.192.242.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 91.192.242.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 91.192.241.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 91.192.241.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 91.192.240.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 91.192.240.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.136.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.136.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.33.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.33.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.32.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.32.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 217.78.180.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 217.78.180.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 217.78.176.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 217.78.176.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 81.211.40.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 81.211.40.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 81.211.38.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 81.211.38.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 79.98.136.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 79.98.136.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 10.125.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.125.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.124.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.124.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.123.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.123.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.122.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.122.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.10.254.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.10.254.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.121.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.121.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.10.200.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.10.200.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.10.130.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.10.130.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.10.117.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.10.117.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.10.114.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.10.114.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.10.112.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 10.10.112.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 10.10.108.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 10.10.108.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 10.10.106.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.10.106.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.10.104.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 10.10.104.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 10.10.103.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.10.103.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.10.100.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 10.10.100.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 10.10.96.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 10.10.96.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 10.10.88.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 10.10.88.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 10.10.32.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 10.10.32.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 10.10.20.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 10.10.20.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 10.10.16.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 10.10.16.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 213.148.18.240 netmask 255.255.255.240 >/dev/null 2>&1 ; route add -net 213.148.18.240 netmask 255.255.255.240 gw $GATEWAY

route del -net 212.5.65.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 212.5.65.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.27.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 172.27.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 87.118.247.128 netmask 255.255.255.128 >/dev/null 2>&1 ; route add -net 87.118.247.128 netmask 255.255.255.128 gw $GATEWAY

route del -net 78.153.158.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 78.153.158.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.164.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 89.222.164.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 78.153.156.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 78.153.156.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 78.153.157.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 78.153.157.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.193.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.193.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 89.222.134.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 89.222.134.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 89.191.224.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 89.191.224.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 10.15.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.15.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.194.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.194.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 82.148.23.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 82.148.23.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 82.148.11.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 82.148.11.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.16.23.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.16.23.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.16.27.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.16.27.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.16.37.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.16.37.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.16.15.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.16.15.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 85.249.1.136 netmask 255.255.255.248 >/dev/null 2>&1 ; route add -net 85.249.1.136 netmask 255.255.255.248 gw $GATEWAY

route del -net 10.0.222.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 10.0.222.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 213.251.200.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.251.200.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.251.201.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.251.201.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.0.216.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 10.0.216.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 10.0.218.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 10.0.218.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 10.0.220.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 10.0.220.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 192.168.113.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 192.168.113.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 192.168.96.0 netmask 255.255.240.0 >/dev/null 2>&1 ; route add -net 192.168.96.0 netmask 255.255.240.0 gw $GATEWAY

route del -net 192.168.80.0 netmask 255.255.240.0 >/dev/null 2>&1 ; route add -net 192.168.80.0 netmask 255.255.240.0 gw $GATEWAY

route del -net 192.168.50.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 192.168.50.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 192.168.34.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 192.168.34.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 192.168.179.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 192.168.179.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 192.168.178.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 192.168.178.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 192.168.177.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 192.168.177.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 192.168.168.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 192.168.168.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 192.168.72.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 192.168.72.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 192.168.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 192.168.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 192.168.16.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 192.168.16.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 192.168.52.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 192.168.52.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.179.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.179.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.178.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.178.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.177.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.177.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.100.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.100.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.101.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.101.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 89.222.176.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.176.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 217.197.116.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 217.197.116.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 217.197.112.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 217.197.112.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 10.192.0.0 netmask 255.240.0.0 >/dev/null 2>&1 ; route add -net 10.192.0.0 netmask 255.240.0.0 gw $GATEWAY

route del -net 172.22.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 172.22.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 89.222.216.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 89.222.216.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 172.18.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 172.18.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 89.222.180.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 89.222.180.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 89.222.184.0 netmask 255.255.255.252 >/dev/null 2>&1 ; route add -net 89.222.184.0 netmask 255.255.255.252 gw $GATEWAY

route del -net 10.170.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.170.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 84.47.191.40 netmask 255.255.255.252 >/dev/null 2>&1 ; route add -net 84.47.191.40 netmask 255.255.255.252 gw $GATEWAY

route del -net 81.26.153.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 81.26.153.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.66.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.66.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.65.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.65.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 217.174.109.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 217.174.109.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 217.174.102.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 217.174.102.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 89.222.136.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 89.222.136.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 85.192.24.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 85.192.24.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 10.40.0.0 netmask 255.254.0.0 >/dev/null 2>&1 ; route add -net 10.40.0.0 netmask 255.254.0.0 gw $GATEWAY

route del -net 10.9.147.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.147.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.148.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.9.148.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.9.192.0 netmask 255.255.224.0 >/dev/null 2>&1 ; route add -net 10.9.192.0 netmask 255.255.224.0 gw $GATEWAY

route del -net 10.9.224.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 10.9.224.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 10.17.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.17.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.27.0.0 netmask 255.255.128.0 >/dev/null 2>&1 ; route add -net 10.27.0.0 netmask 255.255.128.0 gw $GATEWAY

route del -net 10.27.128.0 netmask 255.255.192.0 >/dev/null 2>&1 ; route add -net 10.27.128.0 netmask 255.255.192.0 gw $GATEWAY

route del -net 10.241.0.0 netmask 255.255.240.0 >/dev/null 2>&1 ; route add -net 10.241.0.0 netmask 255.255.240.0 gw $GATEWAY

route del -net 10.241.4.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.241.4.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.241.5.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.241.5.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.241.6.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.241.6.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.241.7.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.241.7.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.241.8.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.241.8.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.241.9.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.241.9.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.241.10.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.241.10.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.241.12.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.241.12.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 10.241.13.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 10.241.13.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 79.120.31.152 netmask 255.255.255.252 >/dev/null 2>&1 ; route add -net 79.120.31.152 netmask 255.255.255.252 gw $GATEWAY

route del -net 212.1.224.0 netmask 255.255.255.192 >/dev/null 2>&1 ; route add -net 212.1.224.0 netmask 255.255.255.192 gw $GATEWAY

route del -net 212.1.224.34 netmask 255.255.255.255 >/dev/null 2>&1 ; route add -net 212.1.224.34 netmask 255.255.255.255 gw $GATEWAY

route del -net 212.1.224.64 netmask 255.255.255.224 >/dev/null 2>&1 ; route add -net 212.1.224.64 netmask 255.255.255.224 gw $GATEWAY

route del -net 212.1.224.96 netmask 255.255.255.224 >/dev/null 2>&1 ; route add -net 212.1.224.96 netmask 255.255.255.224 gw $GATEWAY

route del -net 212.1.226.96 netmask 255.255.255.224 >/dev/null 2>&1 ; route add -net 212.1.226.96 netmask 255.255.255.224 gw $GATEWAY

route del -net 212.1.226.160 netmask 255.255.255.224 >/dev/null 2>&1 ; route add -net 212.1.226.160 netmask 255.255.255.224 gw $GATEWAY

route del -net 212.1.226.192 netmask 255.255.255.192 >/dev/null 2>&1 ; route add -net 212.1.226.192 netmask 255.255.255.192 gw $GATEWAY

route del -net 10.104.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.104.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.105.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.105.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.106.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.106.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.107.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.107.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 10.108.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.108.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 193.124.232.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 193.124.232.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 193.124.236.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 193.124.236.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 193.125.32.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 193.125.32.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 193.125.88.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 193.125.88.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 193.125.128.0 netmask 255.255.248.0 >/dev/null 2>&1 ; route add -net 193.125.128.0 netmask 255.255.248.0 gw $GATEWAY

route del -net 85.192.58.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 85.192.58.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 85.192.60.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 85.192.60.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 89.208.130.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 89.208.130.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 89.222.128.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 89.222.128.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 89.222.160.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 89.222.160.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 89.222.170.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 89.222.170.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 89.222.172.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 89.222.172.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 89.222.192.0 netmask 255.255.240.0 >/dev/null 2>&1 ; route add -net 89.222.192.0 netmask 255.255.240.0 gw $GATEWAY

route del -net 89.222.192.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 89.222.192.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 172.25.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 172.25.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 172.26.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 172.26.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 172.30.254.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 172.30.254.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.219.208.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 213.219.208.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 213.219.211.0 netmask 255.255.255.0 >/dev/null 2>&1 ; route add -net 213.219.211.0 netmask 255.255.255.0 gw $GATEWAY

route del -net 213.219.212.0 netmask 255.255.252.0 >/dev/null 2>&1 ; route add -net 213.219.212.0 netmask 255.255.252.0 gw $GATEWAY

route del -net 213.219.220.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 213.219.220.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 213.219.222.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 213.219.222.0 netmask 255.255.254.0 gw $GATEWAY

route del -net 10.84.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.84.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 217.197.240.0 netmask 255.255.240.0 >/dev/null 2>&1 ; route add -net 217.197.240.0 netmask 255.255.240.0 gw $GATEWAY

route del -net 10.195.0.0 netmask 255.255.0.0 >/dev/null 2>&1 ; route add -net 10.195.0.0 netmask 255.255.0.0 gw $GATEWAY

route del -net 195.170.52.96 netmask 255.255.255.224 >/dev/null 2>&1 ; route add -net 195.170.52.96 netmask 255.255.255.224 gw $GATEWAY

route del -net 195.170.56.0 netmask 255.255.254.0 >/dev/null 2>&1 ; route add -net 195.170.56.0 netmask 255.255.254.0 gw $GATEWAY

Зачем так испражняться? А вызвано это тем, что мы хотим полностью динамические настройки, учитываем то, что могут поменять и настройки шлюза, и адреса DNS серверов. Плюс нужно корректно рестартить pptp туннели при изменении сетевых настроек.

Теперь посмотрим на конфигурацию pptp туннелей.

/etc/ppp/chap-secrets:

corbina_login          CORBINA            corbina_password           *
CORBINA               corbina_login      corbina_password           *
masterlink_login      MASTERLINK         masterlink_password        *
MASTERLINK            masterlink_login   masterlink_password        *

Думаю понятно, что нужно здесь и далее по тексту заменить corbina_login, corbina_password, masterlink_login, masterlink_password на свои.
/etc/ppp/options.pptp:

lock
noauth
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 6
lcp-echo-interval 10
persist
maxfail 0
holdoff 10

/etc/ppp/peers/corbina:

pty «pptp vpn.corbina.ru –nolaunchpppd»
name corbina_login
remotename CORBINA
file /etc/ppp/options.pptp
ipparam corbina
linkname corbina

/etc/ppp/peers/masterlink:

pty «pptp vpn.masterlink.lan –nolaunchpppd»
name masterlink_login
remotename MASTERLINK
file /etc/ppp/options.pptp
ipparam masterlink
linkname masterlink

В принципе ничего сложного, оба провайдера используют общий файл с настройками pptp (/etc/ppp/options.pptp). Вся магия начинается после поднятия туннелей, выполняется скрипт /etc/ppp/ip-up.d/99-iproute.sh:

#!/bin/sh

# $1 = interface name (e.g. ppp0)
# $2 = tty device
# $3 = speed
# $4 = local IP address
# $5 = remote IP address
# $6 = ipparam (user specified parameter, see man pppd)

ip ru add from $4 table $6
 ip ro add default via $5 table $6

if [ "$6" == "masterlink" ] ; then
 ip ro add default via $5 >/dev/null 2>&1 || ip ro change default via $5
 fi

if [ "$6" == "corbina" -a ! -e "/var/run/ppp-masterlink.pid" ] ; then
 ip ro add default via $5 >/dev/null 2>&1 || ip ro change default via $5
 fi

Скрипт управляет policy routing-ом (пакеты приходящие на определенный интерфейс уходят с него же), если стартует МАСТЕРЛИНК, то шлюз по умолчанию изменяется на МАСТЕРЛИНК. Если стартует КОРБИНА, а туннель с МАСТЕРЛИНКом не запущен – шлюз по умолчанию изменяется на КОРБИНУ. Таким образом обеспечивается приоритетность МАСТЕРЛИНКа.

При остановке туннеля выполняется скрипт /etc/ppp/ip-down.d/99-iproute.sh:

#!/bin/sh

# $1 = interface name (e.g. ppp0)
# $2 = tty device
# $3 = speed
# $4 = local IP address
# $5 = remote IP address
# $6 = ipparam (user specified parameter, see man pppd)

ip ru del from $4 table $6
 ip ro del default via $5 table $6

if [ "$6" == "masterlink" -a -e "/var/run/ppp-corbina.pid" ] ; then
 CORBINA_IFACE=`cat /var/run/ppp-corbina.pid | tail -n 1`
 CORBINA_GW=`ifconfig $CORBINA_IFACE | grep P-t-P: | awk '{print $3;}' | cut -d ":" -f 2`
 ip ro add default via $CORBINA_GW >/dev/null 2>&1 || ip ro change default via $CORBINA_GW
fi

if [ "$6" == "masterlink" -a -e "/var/lib/dhcpcd/dhcpcd-eth0.info" ] ; then

. /var/lib/dhcpcd/dhcpcd-eth0.info

for ROUTE in $ROUTES ; do
 GATEWAY=`echo $ROUTE | cut -d , -f 3`
done

for DNSSERVER in $DNSSERVERS ; do
 ip ro add $DNSSERVER via $GATEWAY >/dev/null
done

for VPN in `host vpn.masterlink.lan | cut -d " " -f 4` ; do
 ip ro add $VPN via $GATEWAY >/dev/null
 done
fi

if [ "$6" == "corbina" -a -e "/var/lib/dhcpcd/dhcpcd-eth1.info" ] ; then

. /var/lib/dhcpcd/dhcpcd-eth1.info

for ROUTE in $ROUTES ; do
 GATEWAY=`echo $ROUTE | cut -d , -f 3`
 done

for DNSSERVER in $DNSSERVERS ; do
 ip ro add $DNSSERVER via $GATEWAY >/dev/null
 done

for VPN in `host vpn.corbina.ru | cut -d " " -f 4` ; do
 ip ro add $VPN via $GATEWAY >/dev/null
 done
 fi

Сначала мы убираем правила policy routing-а. Затем, если останавливается туннель МАСТЕРЛИНКа, а туннель КОРБИНЫ работает – изменяем шлюз по умолчанию на КОРБИНУ. Дальше для каждого туннеля выполняется свой блок, в котором мы определяем шлюз по умолчанию, прописываем наши DNS и VPN серверы через этот шлюз.

Скрипты /etc/ppp/ip-up.d/99-iproute.sh и /etc/ppp/ip-down.d/99-iproute.sh вызываются из скриптов /etc/ppp/ip-up и /etc/ppp/ip-down соответственно. Я заметил, что в некоторых случаях /etc/ppp/ip-down.d/99-iproute.sh не успевает выполняться до конца. Это вызвано тем, что он фактически просто инклудится в /etc/ppp/ip-down. Решением было изменение /etc/ppp/ip-down (а заодно я поменял и /etc/ppp/ip-up).

/etc/ppp/ip-up:

#!/bin/sh

# This script is run by pppd after the link is established.
# It executes all the scripts available in /etc/ppp/ip-up.d directory,
# with the following parameters:
# $1 = interface name (e.g. ppp0)
# $2 = tty device
# $3 = speed
# $4 = local IP address
# $5 = remote IP address
# $6 = ipparam (user specified parameter, see man pppd)

cd /etc/ppp/ip-up.d || exit

for SCRIPT in *.sh ; do
 sh ./"${SCRIPT}" "$@" >/dev/null 2>&1 &
done

/etc/ppp/ip-down:

#!/bin/sh

# This script is run by pppd after the link is brought down.
 # It executes all the scripts available in /etc/ppp/ip-down.d directory,
 # with the following parameters:
 # $1 = interface name (e.g. ppp0)
 # $2 = tty device
 # $3 = speed
 # $4 = local IP address
 # $5 = remote IP address
 # $6 = ipparam (user specified parameter, see man pppd)

cd /etc/ppp/ip-down.d || exit

for SCRIPT in *.sh ; do
 sh ./"${SCRIPT}" "$@" >/dev/null 2>&1 &
 done

Напоследок правила фаирвола из /var/lib/iptables/rules-save:

# Generated by iptables-save v1.4.0 on Fri Aug  8 11:59:42 2008
*filter
:FORWARD DROP [0:0]
:bad-packets - [0:0]
:INPUT DROP [0:0]
:OUTPUT DROP [0:0]
:sshguard - [0:0]
:icmp-allow - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -j sshguard
-A INPUT -j bad-packets
-A INPUT -p icmp -j icmp-allow
-A INPUT -p icmp -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
-A INPUT -p tcp -m tcp -m state --dport 32768:61000 --state NEW -j ACCEPT
-A INPUT -p udp -m udp -m state --dport 32768:61000 --state NEW -j ACCEPT
-A INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p gre -j ACCEPT
-A INPUT -j DROP
-A FORWARD -p icmp -j icmp-allow
-A FORWARD -j bad-packets
-A FORWARD -i eth2 -j ACCEPT
-A FORWARD -m state -o eth2 --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A bad-packets -p tcp -m tcp --dport 445 -j DROP
-A bad-packets -p tcp -m tcp --dport 135 -j DROP
-A bad-packets -p tcp -m tcp --dport 137:139 -j DROP
-A bad-packets -p udp -m udp --dport 137:139 -j DROP
-A bad-packets -d 169.254.0.0/16 -j DROP
-A bad-packets -s 169.254.0.0/16 -j DROP
-A bad-packets -d 127.0.0.1/32 -j DROP
-A bad-packets -s 127.0.0.1/32 -j DROP
-A icmp-allow -p icmp -m icmp --icmp-type 8 -j RETURN
-A icmp-allow -p icmp -m icmp --icmp-type 0 -j RETURN
-A icmp-allow -p icmp -m icmp --icmp-type 4 -j RETURN
-A icmp-allow -p icmp -m icmp --icmp-type 3 -j RETURN
-A icmp-allow -p icmp -m icmp --icmp-type 11 -j RETURN
-A icmp-allow -p icmp -m icmp --icmp-type 12 -j RETURN
-A icmp-allow -j DROP
-A OUTPUT -j ACCEPT
COMMIT
# Completed on Fri Aug  8 11:59:42 2008
# Generated by iptables-save v1.4.0 on Fri Aug  8 11:59:42 2008
*nat
  REROUTING ACCEPT [56:7209]
  OSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 192.168.1.0/24 -o ! eth2 -j MASQUERADE
COMMIT
# Completed on Fri Aug  8 11:59:42 2008
# Generated by webmin
*mangle
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
  REROUTING ACCEPT [0:0]
  OSTROUTING ACCEPT [0:0]
COMMIT
# Completed

Вроде бы ничего не забыл. На всякий случай: интерфейсы стартуют (останавливаются) командами /etc/init.d/net.eth[0|1|2] start (stop), туннели стартуют (останавливаются) командами pon (poff) [masterlink|corbina].

Комментарии запрещены.

klyaznik.ru

Gentoo и два провайдера

Страницы

Архивы