# Local loopback
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual

iface usb0 inet dhcp
#  post-up brctl addif vm0 $IFACE
#  post-down brctl delif vm0 $IFACE
  post-up /etc/init.d/dnsmasq restart

iface wlan0 inet static
  wpa-psk "77b933cb18e14a79f046beb16768850f635c9a9c2feb70e729b6e6730ce12fd0"
  wpa-driver broadcom
  wpa-key-mgmt WPA-PSK
  wpa-proto WPA2
  wpa-ssid CVJM
  address 192.168.6.21
  netmask 255.255.255.0
  broadcast 192.168.6.255
  gateway 192.168.6.1
  post-up /etc/init.d/dnsmasq restart
  #post-up brctl addif vm0 $IFACE
  #post-down brctl delif vm0 $IFACE


auto vm0
iface vm0 inet dhcp
  #address 192.168.10.154
  #netmask 255.255.255.0
  #gateway 192.168.10.1
  bridge_fd 3
  bridge_hello 2
  bridge_maxage 12
  bridge_stp off
  bridge_ports eth0
  post-up ifconfig eth0 0.0.0.0
  #post-up ip route add 192.168.0.0/16 via 192.168.1.1
  #post-up dhclient -e IF_METRIC=100 -pf /var/run/dhclient.vm0.pid -lf /var/lib/dhcp3/dhclient.vm0.leases vm0

auto vm1
iface vm1 inet static
  address 172.18.1.1
  netmask 255.255.255.0
  bridge_fd 3
  bridge_hello 2
  bridge_maxage 12
  bridge_stp off
  pre-up brctl addbr $IFACE
  post-down brctl delbr $IFACE


auto eth0.11
iface eth0.11 inet manual
  vlan-raw-device eth0

auto vm2
iface vm2 inet static
  address 192.168.11.98
  netmask 255.255.255.0
  mtu 1492
  bridge_fd 3
  bridge_hello 2
  bridge_maxage 12
  bridge_stp off
  bridge_ports eth0.11
  

auto vm8
iface vm8 inet static
  address 172.18.8.1
  netmask 255.255.255.0
  bridge_fd 3
  bridge_hello 2
  bridge_maxage 12
  bridge_stp off
  pre-up brctl addbr $IFACE
  post-down brctl delbr $IFACE
  post-up iptables -t nat -A POSTROUTING -s 172.18.8.0/24 ! -d 172.18.8.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535
  post-up iptables -t nat -A POSTROUTING -s 172.18.8.0/24 ! -d 172.18.8.0/24 -p udp -j MASQUERADE --to-ports 1024-65535
  post-up iptables -t nat -A POSTROUTING -s 172.18.8.0/24 ! -d 172.18.8.0/24 -j MASQUERADE
  post-up iptables -t filter -A INPUT -i $IFACE -p udp -m udp --dport 53 -j ACCEPT
  post-up iptables -t filter -A INPUT -i $IFACE -p tcp -m tcp --dport 53 -j ACCEPT
  post-up iptables -t filter -A INPUT -i $IFACE -p udp -m udp --dport 67 -j ACCEPT
  post-up iptables -t filter -A INPUT -i $IFACE -p tcp -m tcp --dport 67 -j ACCEPT
  post-up iptables -t filter -A FORWARD -d 172.18.8.0/24 -o $IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
  post-up iptables -t filter -A FORWARD -s 172.18.8.0/24 -i $IFACE -j ACCEPT
  post-up iptables -t filter -A FORWARD -i $IFACE -o $IFACE -j ACCEPT
  post-up iptables -t filter -A FORWARD -o $IFACE -j REJECT --reject-with icmp-port-unreachable
  post-up iptables -t filter -A FORWARD -i $IFACE -j REJECT --reject-with icmp-port-unreachable