====== Gateway Configuration ======
===== Operating System =====
* Debian Wheezy
===== APT =====
==== /etc/apt/sources.list ====
deb http://repo.universe-factory.net/debian/ sid main
deb http://debian.draic.info/ wheezy main
deb-src http://debian.draic.info/ wheezy main
==== Installed packages ====
* OpenVPN
===== OpenVPN =====
==== IPredator ====
Checked on 09.06.2020
/etc/openvpn/ipredator.conf:
client
dev-type tun
dev ipredator
proto udp
remote pw.openvpn.ipredator.se 1194
remote pw.openvpn.ipredator.me 1194
remote pw.openvpn.ipredator.es 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
remote-cert-tls server
auth-user-pass /etc/openvpn/ipredator.auth
auth-retry nointeract
ca [inline]
tls-client
tls-auth [inline]
ns-cert-type server
remote-cert-tls server
remote-cert-ku 0x00e0
keepalive 10 30
cipher AES-256-CBC
tun-mtu 1500
passtos
replay-window 512 60
route-noexec
script-security 2
up /etc/openvpn/ipredator-up
up-restart /etc/openvpn/ipredator-up
-----BEGIN CERTIFICATE-----
MIIFJzC...
-----END CERTIFICATE-----
-----BEGIN OpenVPN Static key V1-----
03f7b2...
-----END OpenVPN Static key V1-----
/etc/openvpn/ipredator-up:
#!/bin/sh
IP=$4
BASE="$(echo $IP | cut -d. -f1-3)"
LSV="$(echo $IP | cut -d. -f4)"
if test $LSV -gt 128; then
LSV=128
else
LSV=0
fi
echo $LSV
GW=$BASE.$((LSV+1))
SERVER=$BASE.$((LSV+2))
ip route add $SERVER/32 via 217.79.189.1
ip route del 0.0.0.0/1 table 42
ip route del 128.0.0.0/1 table 42
ip route add 0.0.0.0/1 via $GW table 42
ip route add 128.0.0.0/1 via $GW table 42
exit 0
/etc/openvpn/ipredator.auth
===== Fastd =====
updated 09.06.2020
==== Backbone ====
/etc/fastd/backbone/fastd.conf:
log to syslog level info;
mtu 1426;
method "salsa2012+umac";
method "salsa2012+gmac";
include "secret.conf";
user "fastd";
bind any:9999;
include peers from "peers";
#on up "
#dnsmasq -i bat0
#";
interface "mesh-vpn-backbone";
on up "
ip link set address be:98:1f:07:ff:52 up dev $INTERFACE
batctl if add $INTERFACE
";
/etc/fastd/backbone/secret.conf
secret "dsfhjjds...";
==== FFMD ====
/etc/fastd/magdeburg/fastd.conf:
log to syslog level info;
mtu 1312;
method "salsa2012+umac";
method "salsa2012+gmac";
include "secret.conf";
user "fastd";
bind any:10001;
include peers from "peers";
#on up "
#dnsmasq -i bat0
#";
interface "mesh-vpn";
on up "
ip link set address be:98:1f:07:ff:b3 up dev $INTERFACE
batctl if add $INTERFACE
";
on verify async "true";
/etc/fastd/magdeburg/secret.conf
===== Changelog =====
Updated
- 2020-06-09 20:24 von kwasir