save: document the network setup

2025-11-10 13:59:48 -05:00
parent 28476fbac4
commit 9795974dc6
1 changed files with 38 additions and 0 deletions
--- a/examples/opnsense/scripts/DEVELOP.md
+++ b/examples/opnsense/scripts/DEVELOP.md
@@ -0,0 +1,38 @@
+## réseau
+
+- fonctionne uniquement avec connection filaire, pas wifi
+- on crée des bridges pour le réseau WAN et LAN pour qu'ils soient facilement accessible sur le poste de travail
+
+```
+# paramètres
+PRIMARY_PROFIL=enpXsY
+NETWORK_LABEL=harmony
+
+WAN_BRIDGE=$NETWORL_LABEL-wan-brd   # max 15 char
+LAN_NIC=$NETWORK_LABEL-lan-nic
+LAN_BRIDGE=$NETWORK_LABEL-lan-brd
+
+
+# Setup WAN bridge
+nmcli c down $PRIMARY
+nmcli c add type bridge ifname $WAN_BRIDGE con-name $WAN_BRIDGE
+nmcli c add type bridge-slave ifname $PRIMARY_PROFILE master $WAN_BRIDGE ipv4.method auto
+# nmcli c up $WAN_BRIDGE
+
+
+# Setup LAN nic
+sudo modprobe dummy
+sudo ip link add $LAN_NIC type dummy
+ip tuntap add dev $LAN_NIC mode tap user root  # todo: why user root?
+
+# Setup LAN bridge
+nmcli c add type bridge ifname $LAN_BRIDGE con-name $LAN_BRIDGE
+nmcli c add type bridge-slave ifname $LAN_NIC master $LAN_BRIDGE ipv4.method auto
+nmcli c up $LAN_BRIDGE
+```
+
+LAN bridge do not have an IP address and appear down. But it is successfully used by opnsense and can be accessed from the host network.
+
+## config opnsense minimale
+
+  - ssh enabled