kgersen/config-orange-dhcp.boot

## config-orange-dhcp.boot
extraits des parties spécifiques a DHCP:

interfaces {
    ethernet eth1 {
        description ONT
        duplex auto
        speed auto
        vif 832 {
            address dhcp
            description "Internet Orange DHCP"
            dhcp-options {
                client-option "send dhcp-client-identifier 1:00:37:b7:xx:xx:xx;" /* MAC Livebox */
                client-option "send vendor-class-identifier &quot;sagem&quot;;"
                client-option "send user-class &quot;+FSVDSL_livebox.Internet.softathome.Livebox3&quot;;"
                client-option "send rfc3118-authentication 00:00:00:00:00:00:00:00:00:00:00:66:74:69:xx:xx:xx:xx:xx:xx:xx:xx;" /* fti/.... */
                client-option "request subnet-mask, routers, domain-name-servers, domain-name, broadcast-address, dhcp-lease-time, dhcp-renewal-time, dhcp-rebinding-time, option-119, option-90, option-120;"
                default-route update
                default-route-distance 210
                name-server update
            }
            dhcpv6-options {
                /* todo: comment envoyer en DHCPv6-pd :
                client-option "send vendor-class-identifier &quot;sagem&quot;;"
                client-option "send user-class &quot;+FSVDSL_livebox.Internet.softathome.Livebox3&quot;;"
                client-option "send rfc3118-authentication 00:00:00:00:00:00:00:00:00:00:00:66:74:69:xx:xx:xx:xx:xx:xx:xx:xx;"
                */

                parameters-only
            }
            dhcpv6-pd {
                /* DUID-LL + MAC livebox*/
                duid 00:03:00:01:00:37:b7:xx:xx:xx
                pd 1 {
                    interface eth0 {
                        service slaac
                    }
                    prefix-length /64
                }
                prefix-only
                rapid-commit disable
            }
            /* todo: ne sert plus ?*/
            egress-qos "0:0 1:1 2:2 3:3 4:4 5:5 6:6 7:7"
            firewall {
                in {
                    name WAN_LOCAL
                }
            }
            traffic-policy {
            }
        }
        vif 838 {
            bridge-group {
                bridge br0
            }
            description "VLAN TV VOD"
            disable
            egress-qos "0:4 1:4 2:4 3:4 4:4 5:4 6:4 7:4"
        }
        vif 840 {
            bridge-group {
                bridge br0
            }
            description "VLAN TV Canal 1 - Zap"
            disable
            egress-qos "0:5 1:5 2:5 3:5 4:5 5:5 6:5 7:5"
        }
    }
    ethernet eth2 {
        address 192.168.1.3/24
        description "default Orange LAN / SOS access"
        duplex auto
        speed auto
    }
    loopback lo {
    }
}
/* todo TV */
protocols {
    igmp-proxy {
        disable-quickleave
        interface br0 {
            alt-subnet 0.0.0.0/0
            role upstream
            threshold 1
        }
        interface eth0 {
            alt-subnet 0.0.0.0/0
            role downstream
            threshold 1
        }
        interface eth2 {
            alt-subnet 0.0.0.0/0
            role downstream
            threshold 1
        }
    }
}
service {
    dhcp-server {
        disabled false
        hostfile-update disable
        shared-network-name LOCAL_NETWORK {
            authoritative enable
            subnet 192.168.1.0/24 {
                default-router 192.168.1.1
                dns-server 192.168.1.1
                lease 86400
                start 192.168.1.30 {
                    stop 192.168.1.150
                }
            }
        }
    }
    nat {
        rule 5010 {
            description "Masquerading outgoing connections"
            log disable
            outbound-interface eth1.832
            type masquerade
        }
    /* todo TV */
    upnp2 {
        listen-on eth0
        listen-on eth2
        nat-pmp enable
        secure-mode disable
        wan eth1.832
    }
}

## modif-os.patch
--- /opt/vyatta/sbin/vyatta-interfaces.pl.orig
+++ /opt/vyatta/sbin/vyatta-interfaces.pl
@@ -192,6 +192,8 @@
     my $hostname = get_hostname();

     $output .= "option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;\n\n";
+    $output .= "option rfc3118-authentication code 90 = string;\n\n";
+

     $output .= "interface \"$intf\" {\n";
     if (defined($hostname)) {
	extraits des parties spécifiques a DHCP:

	interfaces {
	ethernet eth1 {
	description ONT
	duplex auto
	speed auto
	vif 832 {
	address dhcp
	description "Internet Orange DHCP"
	dhcp-options {
	client-option "send dhcp-client-identifier 1:00:37:b7:xx:xx:xx;" /* MAC Livebox */
	client-option "send vendor-class-identifier "sagem";"
	client-option "send user-class "+FSVDSL_livebox.Internet.softathome.Livebox3";"
	client-option "send rfc3118-authentication 00:00:00:00:00:00:00:00:00:00:00:66:74:69:xx:xx:xx:xx:xx:xx:xx:xx;" /* fti/.... */
	client-option "request subnet-mask, routers, domain-name-servers, domain-name, broadcast-address, dhcp-lease-time, dhcp-renewal-time, dhcp-rebinding-time, option-119, option-90, option-120;"
	default-route update
	default-route-distance 210
	name-server update
	}
	dhcpv6-options {
	/* todo: comment envoyer en DHCPv6-pd :
	client-option "send vendor-class-identifier "sagem";"
	client-option "send user-class "+FSVDSL_livebox.Internet.softathome.Livebox3";"
	client-option "send rfc3118-authentication 00:00:00:00:00:00:00:00:00:00:00:66:74:69:xx:xx:xx:xx:xx:xx:xx:xx;"
	*/

	parameters-only
	}
	dhcpv6-pd {
	/* DUID-LL + MAC livebox*/
	duid 00:03:00:01:00:37:b7:xx:xx:xx
	pd 1 {
	interface eth0 {
	service slaac
	}
	prefix-length /64
	}
	prefix-only
	rapid-commit disable
	}
	/* todo: ne sert plus ?*/
	egress-qos "0:0 1:1 2:2 3:3 4:4 5:5 6:6 7:7"
	firewall {
	in {
	name WAN_LOCAL
	}
	}
	traffic-policy {
	}
	}
	vif 838 {
	bridge-group {
	bridge br0
	}
	description "VLAN TV VOD"
	disable
	egress-qos "0:4 1:4 2:4 3:4 4:4 5:4 6:4 7:4"
	}
	vif 840 {
	bridge-group {
	bridge br0
	}
	description "VLAN TV Canal 1 - Zap"
	disable
	egress-qos "0:5 1:5 2:5 3:5 4:5 5:5 6:5 7:5"
	}
	}
	ethernet eth2 {
	address 192.168.1.3/24
	description "default Orange LAN / SOS access"
	duplex auto
	speed auto
	}
	loopback lo {
	}
	}
	/* todo TV */
	protocols {
	igmp-proxy {
	disable-quickleave
	interface br0 {
	alt-subnet 0.0.0.0/0
	role upstream
	threshold 1
	}
	interface eth0 {
	alt-subnet 0.0.0.0/0
	role downstream
	threshold 1
	}
	interface eth2 {
	alt-subnet 0.0.0.0/0
	role downstream
	threshold 1
	}
	}
	}
	service {
	dhcp-server {
	disabled false
	hostfile-update disable
	shared-network-name LOCAL_NETWORK {
	authoritative enable
	subnet 192.168.1.0/24 {
	default-router 192.168.1.1
	dns-server 192.168.1.1
	lease 86400
	start 192.168.1.30 {
	stop 192.168.1.150
	}
	}
	}
	}
	nat {
	rule 5010 {
	description "Masquerading outgoing connections"
	log disable
	outbound-interface eth1.832
	type masquerade
	}
	/* todo TV */
	upnp2 {
	listen-on eth0
	listen-on eth2
	nat-pmp enable
	secure-mode disable
	wan eth1.832
	}
	}
	--- /opt/vyatta/sbin/vyatta-interfaces.pl.orig
	+++ /opt/vyatta/sbin/vyatta-interfaces.pl
	@@ -192,6 +192,8 @@
	my $hostname = get_hostname();

	$output .= "option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;\n\n";
	+ $output .= "option rfc3118-authentication code 90 = string;\n\n";
	+

	$output .= "interface \"$intf\" {\n";
	if (defined($hostname)) {