AA

2025-05-22 12:28:36 +02:00 · 2025-05-22 12:28:36 +02:00 · 0319493949
parent 8b7d0abbc4
commit 0319493949
10 changed files with 63 additions and 111 deletions
--- a/apply.sh
+++ b/apply.sh
@ -1,21 +0,0 @@
-#!/bin/bash
-
-INTERFACES=("vmbr0" "vmbr1" "eno1" "enp1s0")
-
-echo "==> Aplicando arp_filter..."
-for iface in "${INTERFACES[@]}"; do
-  if [ -f "/proc/sys/net/ipv4/conf/$iface/arp_filter" ]; then
-    echo 1 > "/proc/sys/net/ipv4/conf/$iface/arp_filter"
-  fi
-done
-
-echo 1 > /proc/sys/net/ipv4/conf/all/arp_filter
-echo 1 > /proc/sys/net/ipv4/conf/default/arp_filter
-
-SYSCTL_FILE="/etc/sysctl.conf"
-for iface in "${INTERFACES[@]}" all default; do
-  grep -q "net.ipv4.conf.$iface.arp_filter" "$SYSCTL_FILE" ||     echo "net.ipv4.conf.$iface.arp_filter = 1" >> "$SYSCTL_FILE"
-done
-
-sysctl -p
-echo "==> Configuración de arp_filter aplicada correctamente."
--- a/check-arp-integrity.sh
+++ b/check-arp-integrity.sh
@ -1,21 +0,0 @@
-#!/bin/bash
-
-IP_LOCAL="192.168.1.100"
-MAC_ESPERADA="e8:6a:64:8e:7e:2a"
-INTERFAZ_SALIDA="vmbr0"
-LOG_FILE="/var/log/arp-monitor.log"
-REPO_FIX_SCRIPT="$(dirname "$0")/apply.sh"
-
-RESPUESTA=$(arping -c 3 -I "$INTERFAZ_SALIDA" "$IP_LOCAL" 2>/dev/null | grep reply | head -n1)
-MAC_RESPUESTA=$(echo "$RESPUESTA" | awk -F" " '{print $5}' | tr '[:upper:]' '[:lower:]')
-FECHA=$(date '+%Y-%m-%d %H:%M:%S')
-
-if [[ -z "$MAC_RESPUESTA" ]]; then
-  echo "$FECHA - ERROR: No se recibió respuesta ARP de $IP_LOCAL" >> "$LOG_FILE"
-elif [[ "$MAC_RESPUESTA" != "$MAC_ESPERADA" ]]; then
-  echo "$FECHA - ALERTA: MAC inesperada para $IP_LOCAL. Esperada: $MAC_ESPERADA, Recibida: $MAC_RESPUESTA" >> "$LOG_FILE"
-  echo "$FECHA - Reaplicando configuración arp_filter" >> "$LOG_FILE"
-  bash "$REPO_FIX_SCRIPT" >> "$LOG_FILE" 2>&1
-else
-  echo "$FECHA - OK: ARP verificado correctamente para $IP_LOCAL (MAC $MAC_RESPUESTA)" >> "$LOG_FILE"
-fi
--- a/network-watchdog.sh
+++ b/network-watchdog.sh
@ -0,0 +1,23 @@
+#!/bin/bash
+
+TARGET_IP="192.168.1.1"
+LOG_TAG="net-watchdog"
+
+ping -c 1 -W 2 $TARGET_IP > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+    logger -t $LOG_TAG "Conectividad perdida. Reiniciando vmbr0 + eno1..."
+
+    ip addr flush dev vmbr0
+    ip link set vmbr0 down
+    ip link set eno1 down
+    sleep 2
+    ip link set eno1 up
+    ip link set vmbr0 up
+    IP_ADDR=$(ip -o -4 addr show dev vmbr0 | awk '{print $4}')
+    ip addr add $IP_ADDR dev vmbr0
+    ip route add default via $TARGET_IP
+
+    logger -t $LOG_TAG "Reconfiguración completada."
+else
+    logger -t $LOG_TAG "Conectividad OK."
+fi
--- a/setup.sh
+++ b/setup.sh
@ -1,44 +1,22 @@
 #!/bin/bash

-REPO_URL="http://gitea:3000/baphemot/proxmox-node-config.git"
-CLONE_DIR="/opt/proxmox-node-config"
-MARKER_FILE="$CLONE_DIR/.apply-done"
+SERVICE_NAME="network-watchdog.service"
+TIMER_NAME="network-watchdog.timer"
+SCRIPT_NAME="network-watchdog.sh"
+INSTALL_DIR="/opt/proxmox-node-config"

-if [ ! -d "$CLONE_DIR/.git" ]; then
-  echo "==> Clonando repo desde $REPO_URL..."
-  git clone "$REPO_URL" "$CLONE_DIR"
-else
-  echo "==> Actualizando repo..."
-  git -C "$CLONE_DIR" pull
-fi
+echo "==> Instalando watchdog de red..."

-cd "$CLONE_DIR" || exit 1
+# Copiar archivos systemd
+cp "$INSTALL_DIR/$SERVICE_NAME" /etc/systemd/system/
+cp "$INSTALL_DIR/$TIMER_NAME" /etc/systemd/system/

-if [ ! -f "$MARKER_FILE" ]; then
-  echo "==> Ejecutando apply.sh por primera vez..."
-  bash "$CLONE_DIR/apply.sh"
-  touch "$MARKER_FILE"
-else
-  echo "==> apply.sh ya fue ejecutado previamente, se omite."
-fi
+# Asegurar permisos de ejecución en el script
+chmod +x "$INSTALL_DIR/$SCRIPT_NAME"

-install_unit() {
-  local service_name=$1
-  local timer_name=$2
-
-  if ! systemctl list-timers | grep -q "$timer_name"; then
-    echo "==> Instalando $timer_name..."
-    cp "$CLONE_DIR/systemd/$service_name" /etc/systemd/system/
-    cp "$CLONE_DIR/systemd/$timer_name" /etc/systemd/system/
+# Recargar systemd y activar timer
 systemctl daemon-reexec
 systemctl daemon-reload
-    systemctl enable --now "$timer_name"
-  else
-    echo "==> $timer_name ya está instalado."
-  fi
-}
+systemctl enable --now "$TIMER_NAME"

-install_unit apply.service apply.timer
-install_unit arp-monitor.service arp-monitor.timer
-
-echo "==> Instalación y configuración completa."
+echo "==> Watchdog de red instalado y activado correctamente."
--- a/systemd/apply.service
+++ b/systemd/apply.service
@ -1,6 +0,0 @@
-[Unit]
-Description=Apply ARP Filter Fix to Network Interfaces
-
-[Service]
-Type=oneshot
-ExecStart=/opt/proxmox-node-config/apply.sh
--- a/systemd/apply.timer
+++ b/systemd/apply.timer
@ -1,10 +0,0 @@
-[Unit]
-Description=Run apply.sh every 15 minutes
-
-[Timer]
-OnBootSec=5min
-OnUnitActiveSec=15min
-Persistent=true
-
-[Install]
-WantedBy=timers.target
--- a/systemd/arp-monitor.service
+++ b/systemd/arp-monitor.service
@ -1,6 +0,0 @@
-[Unit]
-Description=Check ARP Table Integrity
-
-[Service]
-Type=oneshot
-ExecStart=/opt/proxmox-node-config/check-arp-integrity.sh
--- a/systemd/arp-monitor.timer
+++ b/systemd/arp-monitor.timer
@ -1,10 +0,0 @@
-[Unit]
-Description=Run ARP monitor every 10 minutes
-
-[Timer]
-OnBootSec=3min
-OnUnitActiveSec=10min
-Persistent=true
-
-[Install]
-WantedBy=timers.target
--- a/systemd/network-watchdog.service
+++ b/systemd/network-watchdog.service
@ -0,0 +1,13 @@
+
+
+[Unit]
+Description=Watchdog de red para vmbr0
+After=network-online.target
+Wants=network-online.target
+
+[Service]
+Type=oneshot
+ExecStart=/opt/proxmox-node-config/network-watchdog.sh
+
+[Install]
+WantedBy=multi-user.target
--- a/systemd/network-watchdog.timer
+++ b/systemd/network-watchdog.timer
@ -0,0 +1,12 @@
+
+
+[Unit]
+Description=Ejecutar watchdog de red cada 5 minutos
+
+[Timer]
+OnBootSec=1min
+OnUnitActiveSec=5min
+Persistent=true
+
+[Install]
+WantedBy=timers.target