From d05f309a5f85b6d5947518946dca7c78f74c000f Mon Sep 17 00:00:00 2001 From: Joseph Hanson Date: Mon, 8 Apr 2024 18:53:32 -0500 Subject: [PATCH] Adding home automation group. --- config-parts/firewall-ipv4.sh | 8 ++++++++ config-parts/firewall.sh | 1 + config-parts/service-dhcp_server.sh | 11 +++++++++-- 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/config-parts/firewall-ipv4.sh b/config-parts/firewall-ipv4.sh index eb9f8be..e8fa1f4 100644 --- a/config-parts/firewall-ipv4.sh +++ b/config-parts/firewall-ipv4.sh @@ -294,6 +294,14 @@ set firewall ipv4 name servers-iot rule 110 action 'accept' set firewall ipv4 name servers-iot rule 110 description 'Rule: accept_k8s_nodes' set firewall ipv4 name servers-iot rule 110 protocol 'icmp' set firewall ipv4 name servers-iot rule 110 source group address-group 'k8s_nodes' +set firewall ipv4 name servers-iot rule 120 action 'accept' +set firewall ipv4 name servers-iot rule 120 description 'Rule: accept_home_automation' +set firewall ipv4 name servers-iot rule 120 protocol 'tcp' +set firewall ipv4 name servers-iot rule 120 source group address-group 'home_automation' +set firewall ipv4 name servers-iot rule 130 action 'accept' +set firewall ipv4 name servers-iot rule 130 description 'Rule: accept_home_automation' +set firewall ipv4 name servers-iot rule 130 protocol 'icmp' +set firewall ipv4 name servers-iot rule 130 source group address-group 'home_automation' set firewall ipv4 name servers-iot rule 999 action 'drop' set firewall ipv4 name servers-iot rule 999 description 'Rule: drop_invalid' set firewall ipv4 name servers-iot rule 999 state invalid diff --git a/config-parts/firewall.sh b/config-parts/firewall.sh index 2a00e4f..b2c498c 100644 --- a/config-parts/firewall.sh +++ b/config-parts/firewall.sh @@ -10,6 +10,7 @@ set firewall group address-group router-addresses address 10.0.0.1 set firewall group address-group router-addresses address 127.0.0.1 set firewall group address-group k8s_nodes address '10.1.1.61-10.1.1.63' # master nodes set firewall group address-group k8s_nodes address '10.1.1.70-10.1.1.79' # worker nodes +set firewall group address-group home_automation address '10.1.1.51-10.1.1.59' # home automation nodes hass/zwave/mqtt etc set firewall group address-group k8s_api address '10.5.0.2' set firewall group address-group k8s_ingress address '10.45.0.1' # external nginx set firewall group address-group k8s_ingress address '10.45.0.3' # internal nginx diff --git a/config-parts/service-dhcp_server.sh b/config-parts/service-dhcp_server.sh index 5eeb37b..a1b8acd 100644 --- a/config-parts/service-dhcp_server.sh +++ b/config-parts/service-dhcp_server.sh @@ -131,11 +131,17 @@ set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 name-server ' set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 range 0 start '10.1.3.200' set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 range 0 stop '10.1.3.254' -set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping kitchen-oven ip-address '10.1.3.12' +# Misc +set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping kitchen-oven ip-address '10.1.3.10' set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping kitchen-oven mac-address '88:e7:12:2a:63:ca' -set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping livingroom-vacuum ip-address '10.1.3.18' +set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping livingroom-vacuum ip-address '10.1.3.11' set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping livingroom-vacuum mac-address '50:14:79:08:db:08' +set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping tubezsb-zwave ip-address '10.1.3.12' +set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping tubezsb-zwave mac-address 'e0:5a:1b:6e:2c:a3' + + +# Switchbot plugs set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping switchbot-plug-mini-1 ip-address '10.1.3.33' set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping switchbot-plug-mini-1 mac-address 'A0:76:4E:21:DE:D0' set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping switchbot-plug-mini-2 ip-address '10.1.3.34' @@ -145,6 +151,7 @@ set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mappin set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping switchbot-plug-mini-4 ip-address '10.1.3.36' set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping switchbot-plug-mini-4 mac-address 'A0:76:4E:1F:D7:84' +# Sonos set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping office-sonos-beam ip-address '10.1.3.71' set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping office-sonos-beam mac-address '54:2a:1b:8e:e0:3b' set service dhcp-server shared-network-name IOT subnet 10.1.3.0/24 static-mapping sonos-2 ip-address '10.1.3.72'