Sign in Subscribe

Bashscript: How to Setup Zerotier Bridge / Routing

suuhm

2 min read
Bashscript: How to Setup Zerotier Bridge / Routing

Here a little helper script for easy setup your  Zerotier Node for accessing local LAN

#!/bin/bash
#
# Zerotier - Network Route and Bridge
#
# (c) 2022 suuhmer
#
# Infos /Source: 
# https://zerotier.atlassian.net/wiki/spaces/SD/pages/224395274/Route+between+ZeroTier+and+Physical+Networks
#

MODE=$1

echo " ============================================="
echo "* Zerotier-Helper.sh - Setup Route & Bridge   *"
echo "*                                             *"
echo "*                          (c) 2022 suuhmer   *"
echo " ============================================="
echo; sleep 2

# Installing and Join Setup
if [ "$1" == "--install" ]; then
   NETWORK_ID=XXXXXX

   echo "Installing first zerotier client..."; sleep 2
   curl -s https://install.zerotier.com | bash

   if [ -z $2 ]; then
      echo -n "No networkid entered, please set up now.."; read NETWORK_ID
   fi

   zerotier-cli join $NETWORK_ID
   zerotier-cli listnetworks

   echo "setup and installed.."
fi

setup_routing() {
   PHY_IFACE=$(route -4 | grep defaul | cut -d " " -f45);
   ZT_IFACE=$(ifconfig | grep -E "^zt" | cut -d ":" -f 1)

   sysctl -w net.ipv4.ip_forward=1

   echo "setup: Physical Interface: $PHY_IFACE and Zerotier IF: $ZT_IFACE"
   sleep 2; echo

   iptables -t nat -A POSTROUTING -o $PHY_IFACE -j MASQUERADE
   iptables -A FORWARD -i $PHY_IFACE -o $ZT_IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
   iptables -A FORWARD -i $ZT_IFACE -o $PHY_IFACE -j ACCEPT

   echo "finished"
}

# sudo apt install iptables-persistent
# sudo bash -c iptables-save > /etc/iptables/rules.v4

setup_bridging(){
   echo -n "No networkid entered, please set up now.."; read NETWORK_ID
   BR_IF="br0"
   echo -n "No Bridge Address entered, please set up now.."; read BR_ADDR
   echo -n "No Gateway Address entered, please set up now.."; read GW_ADDR
   PHY_IFACE=$(route -4 | grep defaul | cut -d " " -f45);
   ZT_IF=$(ifconfig | grep -E "^zt" | cut -d ":" -f 1)

   # setup no auto manage of routes tec
   zerotier-cli set $NETWORK_ID allowManaged=0

   echo "Remove somehting..."
   apt remove --purge --auto-remove dhcpcd5 fake-hwclock ifupdown isc-dhcp-client isc-dhcp-common openresolv

   ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf;
   systemctl enable systemd-networkd;
   systemctl enable systemd-resolved;
   systemctl enable systemd-timesyncd;

   #Setup bridge systemd files...
cat << EOF | tee /etc/systemd/network/25-bridge-br0.network
[Match]
Name=$BR_IF

[Network]
Address=$BR_ADDR
Gateway=$GW_ADDR
DNS=1.1.1.1
EOF

cat << EOF | tee /etc/systemd/network/br0.netdev
[NetDev]
Name=$BR_IF
Kind=bridge
EOF

cat << EOF | tee /etc/systemd/network/25-bridge-br0-zt.network
[Match]
Name=$ZT_IF

[Network]
Bridge=$BR_IF
EOF

cat << EOF | tee /etc/systemd/network/25-bridge-br0-en.network
[Match]
Name=$PHY_IFACE

[Network]
Bridge=$BR_IF
EOF

   echo "Review configs.."
   echo
   tail -n+0 /etc/systemd/network/*
   iptables -A FORWARD -p all -i br0 -j ACCEPT

   echo "Reboot press enter... "; read NULL;
   #reboot
}

#
## MAIN
#

if [ $MODE == "--set-routing" ]; then
   setup_routing
elif [ $MODE == "--set-bridge" ]; then
   setup_bridging
else
   echo "Wrong input / Help"
   echo "Setup help: $0 [--set-routing|--set-bridge] [--install <NETWORK-ID>]"
   exit 1
fi

exit 0

Sign up for more like this.

Enter your email
Subscribe