Added dnsmasq DNS listening on container bridge interfaces; corrected ddns.json
This commit is contained in:
parent
9c043ae30c
commit
2d50a982b8
3 changed files with 56 additions and 34 deletions
|
|
@ -41,6 +41,7 @@ The suite is organized into three independent but complementary scripts, each ma
|
|||
- Enforces inter-VLAN isolation by default (forward chain policy drop); specific cross-VLAN traffic is permitted via `inter_vlan_exceptions`
|
||||
- Masquerades outbound traffic for all non-WireGuard VLANs automatically
|
||||
- Auto-detects active container bridge interfaces (Docker, Podman, libvirt, etc.) and adds forward rules so VLAN clients can reach containerized services
|
||||
- Auto-detects active container bridge interfaces and adds DNS listening on each bridge IP, so containers can reach the local DNS resolver during builds and at runtime (container services, e.g. Docker, Podman, must be running at the time of `--apply`)
|
||||
- Installs a `systemd` boot service (`core-nat.service`) to re-apply firewall rules on every boot
|
||||
- Co-exists with Docker (does not touch Docker-managed `nat`/`filter` tables)
|
||||
- Generates FreeRADIUS `clients.conf` and `users` files from `core.json` reservations, enabling dynamic VLAN assignment via MAC Authentication Bypass (MAB) for both wired (802.1X) and wireless clients
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue