Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung | ||
freifunk:gateway:example [2020-06-09 18:14] – [IPredator] kwasir | freifunk:gateway:example [2021-02-12 19:40] (aktuell) – kwasir | ||
---|---|---|---|
Zeile 1: | Zeile 1: | ||
+ | ====== Gateway Configuration ====== | ||
+ | |||
+ | ===== Operating System ===== | ||
+ | |||
+ | * Debian Wheezy | ||
+ | |||
+ | ===== APT ===== | ||
+ | |||
+ | ==== / | ||
+ | |||
+ | < | ||
+ | deb http:// | ||
+ | deb http:// | ||
+ | deb-src http:// | ||
+ | </ | ||
+ | |||
+ | ==== Installed packages ==== | ||
+ | |||
+ | * OpenVPN | ||
+ | |||
+ | ===== OpenVPN ===== | ||
+ | |||
+ | ==== IPredator ==== | ||
+ | Checked on 09.06.2020 | ||
+ | |||
+ | / | ||
+ | |||
+ | < | ||
+ | client | ||
+ | dev-type tun | ||
+ | dev ipredator | ||
+ | proto udp | ||
+ | remote pw.openvpn.ipredator.se 1194 | ||
+ | remote pw.openvpn.ipredator.me 1194 | ||
+ | remote pw.openvpn.ipredator.es 1194 | ||
+ | resolv-retry infinite | ||
+ | nobind | ||
+ | persist-key | ||
+ | persist-tun | ||
+ | comp-lzo | ||
+ | verb 3 | ||
+ | remote-cert-tls server | ||
+ | auth-user-pass / | ||
+ | auth-retry nointeract | ||
+ | |||
+ | ca [inline] | ||
+ | |||
+ | tls-client | ||
+ | tls-auth [inline] | ||
+ | ns-cert-type server | ||
+ | remote-cert-tls server | ||
+ | remote-cert-ku 0x00e0 | ||
+ | |||
+ | keepalive 10 30 | ||
+ | cipher AES-256-CBC | ||
+ | tun-mtu 1500 | ||
+ | passtos | ||
+ | replay-window 512 60 | ||
+ | route-noexec | ||
+ | |||
+ | script-security 2 | ||
+ | up / | ||
+ | up-restart / | ||
+ | |||
+ | <ca> | ||
+ | -----BEGIN CERTIFICATE----- | ||
+ | MIIFJzC... | ||
+ | -----END CERTIFICATE----- | ||
+ | </ca> | ||
+ | |||
+ | < | ||
+ | -----BEGIN OpenVPN Static key V1----- | ||
+ | 03f7b2... | ||
+ | -----END OpenVPN Static key V1----- | ||
+ | </ | ||
+ | </ | ||
+ | / | ||
+ | |||
+ | < | ||
+ | #!/bin/sh | ||
+ | IP=$4 | ||
+ | BASE=" | ||
+ | LSV=" | ||
+ | if test $LSV -gt 128; then | ||
+ | LSV=128 | ||
+ | else | ||
+ | LSV=0 | ||
+ | fi | ||
+ | echo $LSV | ||
+ | GW=$BASE.$((LSV+1)) | ||
+ | SERVER=$BASE.$((LSV+2)) | ||
+ | |||
+ | ip route add $SERVER/32 via 217.79.189.1 | ||
+ | |||
+ | ip route del 0.0.0.0/1 table 42 | ||
+ | ip route del 128.0.0.0/1 table 42 | ||
+ | |||
+ | ip route add 0.0.0.0/1 via $GW table 42 | ||
+ | ip route add 128.0.0.0/1 via $GW table 42 | ||
+ | exit 0 | ||
+ | </ | ||
+ | / | ||
+ | |||
+ | < | ||
+ | < | ||
+ | < | ||
+ | </ | ||
+ | ===== Fastd ===== | ||
+ | updated 09.06.2020 | ||
+ | ==== Backbone ==== | ||
+ | |||
+ | / | ||
+ | |||
+ | < | ||
+ | log to syslog level info; | ||
+ | mtu 1426; | ||
+ | method " | ||
+ | method " | ||
+ | include " | ||
+ | user " | ||
+ | bind any:9999; | ||
+ | include peers from " | ||
+ | #on up " | ||
+ | #dnsmasq -i bat0 | ||
+ | #"; | ||
+ | interface " | ||
+ | on up " | ||
+ | ip link set address be: | ||
+ | batctl if add $INTERFACE | ||
+ | "; | ||
+ | |||
+ | </ | ||
+ | / | ||
+ | |||
+ | < | ||
+ | secret " | ||
+ | </ | ||
+ | |||
+ | ==== FFMD ==== | ||
+ | / | ||
+ | |||
+ | < | ||
+ | log to syslog level info; | ||
+ | mtu 1312; | ||
+ | method " | ||
+ | method " | ||
+ | include " | ||
+ | user " | ||
+ | bind any:10001; | ||
+ | include peers from " | ||
+ | #on up " | ||
+ | #dnsmasq -i bat0 | ||
+ | #"; | ||
+ | interface " | ||
+ | on up " | ||
+ | ip link set address be: | ||
+ | batctl if add $INTERFACE | ||
+ | "; | ||
+ | on verify async " | ||
+ | |||
+ | </ | ||
+ | |||
+ | / | ||
+ | |||
+ | ===== Changelog ===== | ||
+ | Updated | ||
+ | |||
+ | - 2020-06-09 20:24 von kwasir | ||
+ | |||