From 03194939494518ba57748aa89caab3a42b849f18 Mon Sep 17 00:00:00 2001 From: alexandrev-tibco Date: Thu, 22 May 2025 12:28:36 +0200 Subject: [PATCH] AA --- apply.sh | 21 ------------- check-arp-integrity.sh | 21 ------------- network-watchdog.sh | 23 ++++++++++++++ setup.sh | 52 +++++++++----------------------- systemd/apply.service | 6 ---- systemd/apply.timer | 10 ------ systemd/arp-monitor.service | 6 ---- systemd/arp-monitor.timer | 10 ------ systemd/network-watchdog.service | 13 ++++++++ systemd/network-watchdog.timer | 12 ++++++++ 10 files changed, 63 insertions(+), 111 deletions(-) delete mode 100644 apply.sh delete mode 100644 check-arp-integrity.sh create mode 100644 network-watchdog.sh delete mode 100644 systemd/apply.service delete mode 100644 systemd/apply.timer delete mode 100644 systemd/arp-monitor.service delete mode 100644 systemd/arp-monitor.timer create mode 100644 systemd/network-watchdog.service create mode 100644 systemd/network-watchdog.timer diff --git a/apply.sh b/apply.sh deleted file mode 100644 index ef92608..0000000 --- a/apply.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -INTERFACES=("vmbr0" "vmbr1" "eno1" "enp1s0") - -echo "==> Aplicando arp_filter..." -for iface in "${INTERFACES[@]}"; do - if [ -f "/proc/sys/net/ipv4/conf/$iface/arp_filter" ]; then - echo 1 > "/proc/sys/net/ipv4/conf/$iface/arp_filter" - fi -done - -echo 1 > /proc/sys/net/ipv4/conf/all/arp_filter -echo 1 > /proc/sys/net/ipv4/conf/default/arp_filter - -SYSCTL_FILE="/etc/sysctl.conf" -for iface in "${INTERFACES[@]}" all default; do - grep -q "net.ipv4.conf.$iface.arp_filter" "$SYSCTL_FILE" || echo "net.ipv4.conf.$iface.arp_filter = 1" >> "$SYSCTL_FILE" -done - -sysctl -p -echo "==> Configuración de arp_filter aplicada correctamente." diff --git a/check-arp-integrity.sh b/check-arp-integrity.sh deleted file mode 100644 index 31d266c..0000000 --- a/check-arp-integrity.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -IP_LOCAL="192.168.1.100" -MAC_ESPERADA="e8:6a:64:8e:7e:2a" -INTERFAZ_SALIDA="vmbr0" -LOG_FILE="/var/log/arp-monitor.log" -REPO_FIX_SCRIPT="$(dirname "$0")/apply.sh" - -RESPUESTA=$(arping -c 3 -I "$INTERFAZ_SALIDA" "$IP_LOCAL" 2>/dev/null | grep reply | head -n1) -MAC_RESPUESTA=$(echo "$RESPUESTA" | awk -F" " '{print $5}' | tr '[:upper:]' '[:lower:]') -FECHA=$(date '+%Y-%m-%d %H:%M:%S') - -if [[ -z "$MAC_RESPUESTA" ]]; then - echo "$FECHA - ERROR: No se recibió respuesta ARP de $IP_LOCAL" >> "$LOG_FILE" -elif [[ "$MAC_RESPUESTA" != "$MAC_ESPERADA" ]]; then - echo "$FECHA - ALERTA: MAC inesperada para $IP_LOCAL. Esperada: $MAC_ESPERADA, Recibida: $MAC_RESPUESTA" >> "$LOG_FILE" - echo "$FECHA - Reaplicando configuración arp_filter" >> "$LOG_FILE" - bash "$REPO_FIX_SCRIPT" >> "$LOG_FILE" 2>&1 -else - echo "$FECHA - OK: ARP verificado correctamente para $IP_LOCAL (MAC $MAC_RESPUESTA)" >> "$LOG_FILE" -fi diff --git a/network-watchdog.sh b/network-watchdog.sh new file mode 100644 index 0000000..37b1eb9 --- /dev/null +++ b/network-watchdog.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +TARGET_IP="192.168.1.1" +LOG_TAG="net-watchdog" + +ping -c 1 -W 2 $TARGET_IP > /dev/null 2>&1 +if [ $? -ne 0 ]; then + logger -t $LOG_TAG "Conectividad perdida. Reiniciando vmbr0 + eno1..." + + ip addr flush dev vmbr0 + ip link set vmbr0 down + ip link set eno1 down + sleep 2 + ip link set eno1 up + ip link set vmbr0 up + IP_ADDR=$(ip -o -4 addr show dev vmbr0 | awk '{print $4}') + ip addr add $IP_ADDR dev vmbr0 + ip route add default via $TARGET_IP + + logger -t $LOG_TAG "Reconfiguración completada." +else + logger -t $LOG_TAG "Conectividad OK." +fi diff --git a/setup.sh b/setup.sh index 4f0ac4c..8daf1af 100644 --- a/setup.sh +++ b/setup.sh @@ -1,44 +1,22 @@ #!/bin/bash -REPO_URL="http://gitea:3000/baphemot/proxmox-node-config.git" -CLONE_DIR="/opt/proxmox-node-config" -MARKER_FILE="$CLONE_DIR/.apply-done" +SERVICE_NAME="network-watchdog.service" +TIMER_NAME="network-watchdog.timer" +SCRIPT_NAME="network-watchdog.sh" +INSTALL_DIR="/opt/proxmox-node-config" -if [ ! -d "$CLONE_DIR/.git" ]; then - echo "==> Clonando repo desde $REPO_URL..." - git clone "$REPO_URL" "$CLONE_DIR" -else - echo "==> Actualizando repo..." - git -C "$CLONE_DIR" pull -fi +echo "==> Instalando watchdog de red..." -cd "$CLONE_DIR" || exit 1 +# Copiar archivos systemd +cp "$INSTALL_DIR/$SERVICE_NAME" /etc/systemd/system/ +cp "$INSTALL_DIR/$TIMER_NAME" /etc/systemd/system/ -if [ ! -f "$MARKER_FILE" ]; then - echo "==> Ejecutando apply.sh por primera vez..." - bash "$CLONE_DIR/apply.sh" - touch "$MARKER_FILE" -else - echo "==> apply.sh ya fue ejecutado previamente, se omite." -fi +# Asegurar permisos de ejecución en el script +chmod +x "$INSTALL_DIR/$SCRIPT_NAME" -install_unit() { - local service_name=$1 - local timer_name=$2 +# Recargar systemd y activar timer +systemctl daemon-reexec +systemctl daemon-reload +systemctl enable --now "$TIMER_NAME" - if ! systemctl list-timers | grep -q "$timer_name"; then - echo "==> Instalando $timer_name..." - cp "$CLONE_DIR/systemd/$service_name" /etc/systemd/system/ - cp "$CLONE_DIR/systemd/$timer_name" /etc/systemd/system/ - systemctl daemon-reexec - systemctl daemon-reload - systemctl enable --now "$timer_name" - else - echo "==> $timer_name ya está instalado." - fi -} - -install_unit apply.service apply.timer -install_unit arp-monitor.service arp-monitor.timer - -echo "==> Instalación y configuración completa." +echo "==> Watchdog de red instalado y activado correctamente." diff --git a/systemd/apply.service b/systemd/apply.service deleted file mode 100644 index 4c1ee0f..0000000 --- a/systemd/apply.service +++ /dev/null @@ -1,6 +0,0 @@ -[Unit] -Description=Apply ARP Filter Fix to Network Interfaces - -[Service] -Type=oneshot -ExecStart=/opt/proxmox-node-config/apply.sh diff --git a/systemd/apply.timer b/systemd/apply.timer deleted file mode 100644 index ae3a522..0000000 --- a/systemd/apply.timer +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Run apply.sh every 15 minutes - -[Timer] -OnBootSec=5min -OnUnitActiveSec=15min -Persistent=true - -[Install] -WantedBy=timers.target diff --git a/systemd/arp-monitor.service b/systemd/arp-monitor.service deleted file mode 100644 index 0d8ed47..0000000 --- a/systemd/arp-monitor.service +++ /dev/null @@ -1,6 +0,0 @@ -[Unit] -Description=Check ARP Table Integrity - -[Service] -Type=oneshot -ExecStart=/opt/proxmox-node-config/check-arp-integrity.sh diff --git a/systemd/arp-monitor.timer b/systemd/arp-monitor.timer deleted file mode 100644 index 8768d40..0000000 --- a/systemd/arp-monitor.timer +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Run ARP monitor every 10 minutes - -[Timer] -OnBootSec=3min -OnUnitActiveSec=10min -Persistent=true - -[Install] -WantedBy=timers.target diff --git a/systemd/network-watchdog.service b/systemd/network-watchdog.service new file mode 100644 index 0000000..21336fe --- /dev/null +++ b/systemd/network-watchdog.service @@ -0,0 +1,13 @@ + + +[Unit] +Description=Watchdog de red para vmbr0 +After=network-online.target +Wants=network-online.target + +[Service] +Type=oneshot +ExecStart=/opt/proxmox-node-config/network-watchdog.sh + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/systemd/network-watchdog.timer b/systemd/network-watchdog.timer new file mode 100644 index 0000000..31d00a1 --- /dev/null +++ b/systemd/network-watchdog.timer @@ -0,0 +1,12 @@ + + +[Unit] +Description=Ejecutar watchdog de red cada 5 minutos + +[Timer] +OnBootSec=1min +OnUnitActiveSec=5min +Persistent=true + +[Install] +WantedBy=timers.target \ No newline at end of file