Added verizon support

compulab-networking-init.sh

@@ -3,11 +3,25 @@
 #install software
 sudo apt-get install isc-dhcp-server -y
 sudo apt-get install bind9 -y
+# Setup SSH PubkeyAuth
+sudo tee -a /etc/ssh/sshd_config > /dev/null <<EOT
+PubkeyAuthentication yes
+EOT
+
+sudo mkdir /home/compulab/.ssh
+
+# ensure timezone of CDT
+sudo timedatectl set-timezone America/Chicago
+
 #setup cell connection
-sudo nmcli connection add type gsm ifname '*' con-name CellularCon apn 11166.mcs
+sudo nmcli connection add type gsm ifname '*' con-name ATT apn 11166.mcs
+sudo nmcli connection add type gsm ifname '*' con-name Verizon apn ne01.vzwstatic
+
 #set cellular to higher priority
-sudo nmcli connection modify CellularCon ipv4.route-metric 2
-#sudo systemctl restart NetworkManager
+sudo nmcli connection modify ATT ipv4.route-metric 2
+sudo nmcli connection modify Verizon ipv4.route-metric 2
+sudo systemctl restart NetworkManager
+
 #setup GPS connection
 sed -i "/^DEVICES=.*/c\DEVICES=\"/dev/ttyUSB1\"" /etc/default/gpsd
 echo AT+CGPS=0,1 | socat - /dev/ttyUSB3,crnl
@@ -57,8 +71,8 @@ sudo tee /etc/network/iptables > /dev/null <<EOT
 # NAT wwan0 to eth0
 -A POSTROUTING -o wwan0 -j MASQUERADE
 
-# NAT pinhole: HTTP from WAN to LAN
--A PREROUTING -p tcp -m tcp -i wwan0 --dport 80 -j DNAT --to-destination 192.168.1.100:80
+# NAT port forwards
+#-A PREROUTING -p tcp -m tcp -i wwan0 --dport 80 -j DNAT --to-destination 192.168.1.100:80
 
 
 COMMIT
@@ -81,18 +95,16 @@ COMMIT
 # DNS - accept from LAN
 -A INPUT -i eth0 -p tcp --dport 53 -j ACCEPT
 -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT
-
 -A INPUT -i eth1 -p tcp --dport 53 -j ACCEPT
 -A INPUT -i eth1 -p udp --dport 53 -j ACCEPT
 
 # SSH - accept from LAN
 -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
-
 -A INPUT -i eth1 -p tcp --dport 22 -j ACCEPT
+-A INPUT -i wwan0 -p tcp --dport 22 -j ACCEPT
 
 # DHCP client requests - accept from LAN
 -A INPUT -i eth0 -p udp --dport 67:68 -j ACCEPT
-
 -A INPUT -i eth1 -p udp --dport 67:68 -j ACCEPT
 
 # drop all other inbound traffic
@@ -105,10 +117,10 @@ COMMIT
 
 # forward from LAN (eth0) to WAN (wwan0)
 -A FORWARD -i eth0 -o wwan0 -j ACCEPT
-
 -A FORWARD -i eth1 -o wwan0 -j ACCEPT
-# allow traffic from our NAT pinhole
--A FORWARD -p tcp -d 192.168.1.100 --dport 80 -j ACCEPT
+
+# allow traffic from port forward
+#-A FORWARD -p tcp -d 192.168.1.100 --dport 80 -j ACCEPT
 
 
 # drop all other forwarded traffic
@@ -138,7 +150,7 @@ ddns-update-style none;
 subnet 192.168.1.0 netmask 255.255.255.0 {
 	range 192.168.1.100 192.168.1.200;
 	option routers 192.168.1.1;
-	option domain-name-servers 192.168.1.1;
+	option domain-name-servers 8.8.8.8;
 	option broadcast-address 192.168.1.255;
 }
 EOT