-.PHONY: default clean serve
+.PHONY: default clean serve diagram
-default: favicon.ico
+default: diagram favicon.ico
ikiwiki --refresh --setup ikiwiki.setup
clean:
serve: default
@cd dest; python -m SimpleHTTPServer
+diagram:
+ $(MAKE) -C Network/
+
favicon.ico:
convert assets/logo.png -define icon:auto-resize=64,48,32,16 \
-fill 'rgb(118,20,7)' -opaque white \
- The gateway for a network is on the last IP for the subnet.
+### Routing and firewall rules
+
+This network diagram represents networks, and the connection flows between them:
+an arrow from A to B means that a connection can be opened from network A to
+network B. In all cases, a subset of ICMP (ECHO, ...) is allowed.
+
+Note that any given system might have interfaces in several of these networks.
+
+[[!img Network/overview.svg alt="r³ network overview"]]
+
## WiFi
--- /dev/null
+*.png
+*.svg
--- /dev/null
+DIAGRAMS:=overview
+FORMATS:=svg png
+
+.PHONY: default
+default: $(foreach diagram,$(DIAGRAMS),$(foreach ext,$(FORMATS),$(diagram).$(ext)))
+
+$(foreach ext,$(FORMATS),%.$(ext)): %.dot
+ $(foreach ext,$(FORMATS),circo -T$(ext) $^ -o $*.$(ext);)
--- /dev/null
+digraph network {
+ label="r³ network overview";
+ node [ shape=none ];
+ edge [ lblstyle="above, sloped" ];
+
+ public [ label="Public (36)\n89.106.211.32/27" ]
+ inet [ label="Internet" ]
+ guests [ label="Guests (127)" ]
+ members [ label="Members (128)\n89.106.211.64/27" ]
+ mgmt [ label="Management (23)" ]
+ iot [ label="IoT (33)" ]
+ svc [ label="Services (34)" ]
+
+ public -> inet [ dir=both ];
+
+ guests -> inet [ label="NAT, tc" ];
+ members -> inet [ dir=both label="NAT || firewall" ];
+ guests -> members [ dir=both label="firewall" ];
+
+ {svc mgmt iot guests members} -> public;
+}
projects / noc.git / commitdiff