Netz39

Benutzer-Werkzeuge

Webseiten-Werkzeuge

Zuletzt angesehen:
freifunk:gateway:example

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen RevisionVorhergehende Überarbeitung
freifunk:gateway:example [2020-06-09 20:24] – [Gateway Example Configuration] kwasirfreifunk:gateway:example [2021-02-12 20:40] (aktuell) kwasir
Zeile 1: Zeile 1:
 +====== Gateway Configuration ======
 +
 +===== Operating System =====
 +
 +  * Debian Wheezy
 +
 +===== APT =====
 +
 +==== /etc/apt/sources.list ====
 +
 +<code>
 +deb http://repo.universe-factory.net/debian/ sid main
 +deb http://debian.draic.info/ wheezy main
 +deb-src http://debian.draic.info/ wheezy main
 +</code>
 +
 +==== Installed packages ====
 +
 +  * OpenVPN
 +
 +===== OpenVPN =====
 +
 +==== IPredator ====
 +Checked on 09.06.2020 
 +
 +/etc/openvpn/ipredator.conf:
 +
 +<code>
 +client
 +dev-type tun
 +dev ipredator
 +proto udp
 +remote pw.openvpn.ipredator.se 1194
 +remote pw.openvpn.ipredator.me 1194
 +remote pw.openvpn.ipredator.es 1194
 +resolv-retry infinite
 +nobind
 +persist-key 
 +persist-tun
 +comp-lzo
 +verb 3
 +remote-cert-tls server
 +auth-user-pass /etc/openvpn/ipredator.auth
 +auth-retry nointeract
 +
 +ca [inline]
 +
 +tls-client
 +tls-auth [inline]
 +ns-cert-type server
 +remote-cert-tls server
 +remote-cert-ku 0x00e0 
 +
 +keepalive 10 30
 +cipher AES-256-CBC
 +tun-mtu 1500
 +passtos
 +replay-window 512 60
 +route-noexec
 +
 +script-security 2
 +up /etc/openvpn/ipredator-up
 +up-restart /etc/openvpn/ipredator-up
 +
 +<ca>
 +-----BEGIN CERTIFICATE-----
 +MIIFJzC...
 +-----END CERTIFICATE-----
 +</ca>
 +
 +<tls-auth>
 +-----BEGIN OpenVPN Static key V1-----
 +03f7b2...
 +-----END OpenVPN Static key V1-----
 +</tls-auth>
 +</code>
 +/etc/openvpn/ipredator-up:
 +
 +<code>
 +#!/bin/sh
 +IP=$4
 +BASE="$(echo $IP | cut -d. -f1-3)"
 +LSV="$(echo $IP | cut -d. -f4)"
 +if test $LSV -gt 128; then
 +    LSV=128
 +else
 +    LSV=0
 +fi
 +echo $LSV
 +GW=$BASE.$((LSV+1))
 +SERVER=$BASE.$((LSV+2))
 +
 +ip route add $SERVER/32 via 217.79.189.1
 +
 +ip route del 0.0.0.0/1 table 42
 +ip route del 128.0.0.0/1 table 42
 +
 +ip route add 0.0.0.0/1 via $GW table 42
 +ip route add 128.0.0.0/1 via $GW table 42
 +exit 0
 +</code>
 +/etc/openvpn/ipredator.auth
 +
 +<code>
 +<username>
 +<password>
 +</code>
 +===== Fastd =====
 +updated 09.06.2020
 +==== Backbone ====
 +
 +/etc/fastd/backbone/fastd.conf:
 +
 +<code>
 +log to syslog level info;
 +mtu 1426;
 +method "salsa2012+umac";
 +method "salsa2012+gmac";
 +include "secret.conf";
 +user "fastd";
 +bind any:9999;
 +include peers from "peers";
 +#on up "
 +#dnsmasq -i bat0
 +#";
 +interface "mesh-vpn-backbone";
 +on up "
 +ip link set address be:98:1f:07:ff:52 up dev $INTERFACE
 +batctl if add $INTERFACE
 +";
 +
 +</code>
 +/etc/fastd/backbone/secret.conf
 +
 +<code>
 +secret "dsfhjjds...";
 +</code>
 +
 +==== FFMD ====
 +/etc/fastd/magdeburg/fastd.conf:
 +
 +<code>
 +log to syslog level info;
 +mtu 1312;
 +method "salsa2012+umac";
 +method "salsa2012+gmac";
 +include "secret.conf";
 +user "fastd";
 +bind any:10001;
 +include peers from "peers";
 +#on up "
 +#dnsmasq -i bat0
 +#";
 +interface "mesh-vpn";
 +on up "
 +ip link set address be:98:1f:07:ff:b3 up dev $INTERFACE
 +batctl if add $INTERFACE
 +";
 +on verify async "true";
 +
 +</code>
 +
 +/etc/fastd/magdeburg/secret.conf
 +
 +===== Changelog =====
 +Updated 
 +
 +- 2020-06-09 20:24 von kwasir
 +