diff --git a/network/blatto-daemon.py b/network/blatto-daemon.py
index 59edca6fd27a1cb76272b7bfdf130a5185cb1e43..9f5c53325da5fbd84747311d173860e357466a21 100755
--- a/network/blatto-daemon.py
+++ b/network/blatto-daemon.py
@@ -79,20 +79,6 @@ while True:
w = iwc[i["ifname"]]
out["essid"] = w["essid"]
interfaces[i["ifname"]] = out
- if blatto_wg:
- try:
- autorouting = open("/run/wg-blatto/autorouting").read().strip()
- current_routing = open("/run/wg-blatto/routing").read().strip()
- wanted_routing = "no" if blatto else autorouting
- p(f"blatto-wg routing: {current_routing} -> {wanted_routing}")
- if wanted_routing != current_routing:
- subprocess.run(["/etc/net/wg-blatto-route", wanted_routing])
-
- current_routing = open("/run/wg-blatto/routing").read().strip()
- blatto_wg["routing"] = current_routing
-
- except FileNotFoundError as e:
- p(f"blatto-wg routing: {e}")
send({"blatto-wg": blatto_wg, "blatto": blatto, "interfaces": interfaces}, "2a01:510:d504:751a::1" if blatto else "2a01:510:d504:751b::1")
p("DONE")
signal.sigtimedwait([signal.SIGHUP], 10)
diff --git a/network/dhcpcd.enter-hook-defaults b/network/dhcpcd.enter-hook-defaults
index 3554202d990198f86a65b32ea90f8d62bd358a1b..cf9b4d837770cb35fdf18314b1230411ce4924b0 100644
--- a/network/dhcpcd.enter-hook-defaults
+++ b/network/dhcpcd.enter-hook-defaults
@@ -8,7 +8,19 @@ fi
if [ "$ifssid" == blatto-jk-5g ] || [ "$ifssid" == blatto-jk-2g ]
then
conntrack_hack
- route6 default via 2a01:510:d504:751a::1 dev w metric 3004
+
+ route 10.12.11.0/24 dev $interface metric 300 table 12
+ route default via 10.12.11.1 dev $interface metric 300 table 12
+ route6 2a01:510:d504:751a::0/64 dev $interface metric 300 table 12
+ route6 default via 2a01:510:d504:751a::1 dev $interface metric 300 table 12
+
+ for i in 2 3 4
+ do
+ route default via 10.12.11.$i metric 300 table 12$i
+ route 10.12.11.0/24 dev $interface metric 300 table 12$i
+ done
+
+ route6 default via 2a01:510:d504:751a::1 dev $interface metric 3004
fi
if [ "$ifssid" == samet-5G ]
@@ -21,7 +33,7 @@ then
mtu 1340
if [ "$reason" == BOUND ]
then
- CDWIFI_IFACE=$interface cdwifi-autologin
+ CDWIFI_IFACE=$interface CDWIFI_CURL="direct curl" cdwifi-autologin
fi
fi
if [ "$ifssid" == Onboard-WiFi ]
diff --git a/network/hopik/scripts/con-sm b/network/hopik/scripts/con-sm
index c24fbb2602e0c7a99709ac419dcfb1fada53454a..32b7b8bae6cb101716e751f5b6606247fd50065a 100755
--- a/network/hopik/scripts/con-sm
+++ b/network/hopik/scripts/con-sm
@@ -12,6 +12,19 @@ ip route add 10.12.0.0/16 via 10.12.11.1 dev $interface metric 1000
ip route add 2a01:510:d504:7500::0/56 via 2a01:510:d504:751a::1 dev wg-blatto metric 1000
ip route add default via 10.12.11.1 dev $interface metric 1000
ip route add default via 2a01:510:d504:751a::1 dev $interface metric 1000
+
+ip route add 10.12.11.0/24 dev $interface metric 100 table 12
+ip route add default via 10.12.11.1 dev $interface metric 100 table 12
+ip -6 route add 2a01:510:d504:751a::0/64 dev $interface metric 100 table 12
+ip -6 route add default via 2a01:510:d504:751a::1 dev $interface metric 100 table 12
+
+for i in 2 3 4
+do
+ ip route add route default via 10.12.11.$i metric 100 table 12$i
+ ip route add route 10.12.11.0/24 dev $interface metric 100 table 12$i
+done
+
+
(echo domain jk.blatto.eu; echo nameserver 10.12.11.1 ) | resolvconf -a $interface
systemctl reload net-blatto-daemon
diff --git a/network/wg-blatto b/network/wg-blatto
index 89eb90b2bf16a35e792d72a635234500eecec048..04e93dca7447540169e91be4476354d6258c39c7 100755
--- a/network/wg-blatto
+++ b/network/wg-blatto
@@ -3,7 +3,9 @@ set -euo xtrace -o pipefail
vlan_name=$1
id=$2
-default_routing=${3:-blatto}
+adopt=false
+
+[ "${3:-no}" == adopt ] && adopt=true
eval "$(ssh root@blatto.eu wg-get-metadata $vlan_name)"
@@ -22,14 +24,15 @@ cat psk | ssh root@blatto.eu "wg-register $vlan_name $id $(hostname) $(cat $id.p
mkdir -p /etc/net
-cat <<AMEN > /etc/net/wg-blatto
+(
+cat <<AMEN
#!/bin/sh
set -o xtrace
+do_route_flush=\${1:-false}
+
ip link del wg-blatto || true
rm /run/wg-blatto/ || true
-ip route flush table 12
-ip -6 route flush table 12
ip link add dev wg-blatto type wireguard
ip addr add $v4net.$id/24 dev wg-blatto metric 100
@@ -39,85 +42,62 @@ wg set wg-blatto peer \$(cat /etc/wireguard/blatto/blattes.pub) preshared-key /e
ip link set mtu 1432 dev wg-blatto
ip link set wg-blatto up
-ip route add throw 10.0.0.0/8 table 12
-ip route add throw 192.168.0.0/16 table 12
-ip route add throw 172.16.0.0/12 table 12
-ip route add $v4net.0/24 dev wg-blatto table 12
-ip rule add not to $blattes_ipv4 ipproto udp dport $port table 12
-ip -6 route add throw fe80::/10 table 12
-ip -6 route add throw fc00::/7 table 12
-ip -6 route add $v6net::/64 dev wg-blatto table 12
-ip -6 rule add table 12
-
-mkdir /run/wg-blatto/
-if [ ${default_routing::5} = auto: ]
-then
- echo ${default_routing:5} > /run/wg-blatto/autorouting
- /etc/net/wg-blatto-route no
-else
- /etc/net/wg-blatto-route $default_routing
-fi
AMEN
-cat <<AMEN > /etc/net/wg-blatto-route
-#!/bin/sh
-set -o xtrace
+for ups in $upstreams
+do
+ ups_id=upstream_${ups}_id
+ ups_id=${!ups_id}
+ echo ip link del wg-blatto2$ups || true
+ echo ip link add wg-blatto2$ups type sit remote $ipv4_prefix.$vlid.$ups_id local any mode any
+ echo ip link set wg-blatto2$ups up
+ echo
+done
+
+cat <<AMEN
+
+for ipv in 4 6
+do
+ for tind in 12 12{2,3,4} 612 612{2,3,4}
+ do
+ \$do_route_flush && ip -\$ipv route flush table \$tind
+ ip -\$ipv rule add fwmark \$tind table \$tind priority \$tind
+ done
+ ip -\$ipv rule add fwmark 6 table 612 priority 32666
+done
+
+ip route add default via $v4net.1 dev wg-blatto table 12 metric 1100
+ip route add default via $v6net::1 dev wg-blatto table 12 metric 1100
+
+ip route add default dev wg-blatto2mn table 122 metric 1100 src $v4net.$id
+ip route add default dev wg-blatto2awn table 123 metric 1100 src $v4net.$id
+ip route add default dev wg-blatto2mul table 124 metric 1100 src $v4net.$id
-blatto=del
-default=del
-adopt_blatto=del
-adopt_default=del
-adopt=del
+mkdir /run/wg-blatto/
-if [ \$1 = no ]
-then
- true
-elif [ \$1 = blatto ]
-then
- blatto=add
-elif [ \$1 = all ]
-then
- blatto=add
- default=add
-elif [ \$1 = adopt_blatto ]
-then
- blatto=add
- adopt_blatto=add
- adopt=add
-elif [ \$1 = adopt_all ]
-then
- blatto=add
- default=add
- adopt_blatto=add
- adopt_default=add
- adopt=add
-else
- echo usage: \$0 no/blatto/all/adopt_blatto/adopt_all
- exit 1
-fi
+echo $adopt > /run/wg-blatto/adopt
+systemctl reload net-blatto-daemon
+AMEN
+if $adopt
+then
+cat <<AMEN
+ip addr add $adopt_v4net.$id/32 dev wg-blatto metric 1000
+ip addr add $adopt_v6net::$id/128 dev wg-blatto metric 1000
-ip route \$blatto $ipv4_prefix.0.0/16 via $v4net.1 dev wg-blatto table 12 metric 100
-ip route \$blatto ${ipv6_prefix}00::0/56 via $v6net::1 dev wg-blatto table 12 metric 100
-ip route \$default default via $v4net.1 dev wg-blatto table 12 metric 100
-ip route \$default default via $v6net::1 dev wg-blatto table 12 metric 100
+ip route add default dev wg-blatto table 12 metric 1000 src $adopt_v4net.$id
+ip route add default dev wg-blatto table 12 metric 1000 src $adopt_v6net::$id
-ip addr \$adopt $adopt_v4net.$id/32 dev wg-blatto metric 1
-ip addr \$adopt $adopt_v6net::$id/128 dev wg-blatto metric 1
-ip route \$adopt_blatto $ipv4_prefix.0.0/16 dev wg-blatto table 12 metric 1 src $adopt_v4net.$id
-ip route \$adopt_blatto ${ipv6_prefix}00::0/56 dev wg-blatto table 12 metric 1 src $adopt_v6net::$id
-ip route \$adopt_default default dev wg-blatto table 12 metric 1 src $adopt_v4net.$id
-ip route \$adopt_default default dev wg-blatto table 12 metric 1 src $adopt_v6net::$id
+ip route add default dev wg-blatto2mn table 122 metric 1000 src $adopt_v4net.$id
+ip route add default dev wg-blatto2awn table 123 metric 1000 src $adopt_v4net.$id
+ip route add default dev wg-blatto2mul table 124 metric 1000 src $adopt_v4net.$id
-if [ \$adopt = add ]
-then
- ip addr del $v4net.$id/24 dev wg-blatto metric 100
- ip addr add $v4net.$id/24 dev wg-blatto metric 100
+ip addr del $v4net.$id/24 dev wg-blatto metric 1100
+ip addr add $v4net.$id/24 dev wg-blatto metric 1100
+AMEN
fi
+) > /etc/net/wg-blatto
-echo \$1 > /run/wg-blatto/routing
-
-systemctl reload net-blatto-daemon
-AMEN
+rm /etc/net/wg-blatto-route || true
-chmod +x /etc/net/wg-blatto{,-route}
+chmod +x /etc/net/wg-blatto