Benutzer:Peerco: Unterschied zwischen den Versionen

Aus FunkFeuer Wiki
Wechseln zu: Navigation, Suche
K (Notizen)
 
(124 dazwischenliegende Versionen von 2 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
== Funkfeuer Nodes ==
+
== Funkfeuer wichtig ==
* [http://v13omni.gru3.wien.funkfeuer.at/cgi-bin-status.html gru3] roof on the 5th floor
+
* [[Kanalwahl#Unsere_ssid_und_bssid|Unsere SSID und BSSID]]
* [http://omni.gru3ost.wien.funkfeuer.at/cgi-bin-status.html gru3ost] base fallback tunnel kryptavpn
+
 
 +
<pre>
 +
Leider stoße ich immer wieder an Knoten mit SSID ?.node.wien.funkfeuer.at
 +
mit <node> der jewalige Knotenname.
 +
Bei manchen Geräten mag das funktionieren, aber nicht bei allen.
 +
Viele Geräte alt oder neu verlangen stehts nach der selben SSID,
 +
womit viele dazu gezwingen werden die selbe SSID gleichfalls einzustellen.
 +
Das führt dazu dass ein Knoten mit dem Namen bez10 sich zum Knoten
 +
bez13 dann via SSID bez13.wien.funkfeuer.at verbinden muss.
 +
Dann sendet aber der Knoten im 10. Bezirk die Kennung von 13. Bezirk
 +
im SSID, was nicht der wahrheit entspricht. Zusätzlich kann sich dieser
 +
Knoten im Bezirk 10 dann nicht mehr mit anderen regulären Knoten
 +
mittels der richtigen SSID zu der selben Zeit verbinden!!!
 +
</pre>
 +
 
 +
== Brenner Besichtigung 07/07/2011 ==
 +
 
 +
* http://eth0.p4.wien.funkfeuer.at/brenner-funkfeuer/ Fotos und Videos (Videos lassen sich nicht Downloaden) deshalb youtube
 +
* http://www.youtube.com/watch?v=aUkKXtl554o Brenner von Unten
 +
* http://www.youtube.com/watch?v=IMbaR6Ii_B4 Rundblick oben
 +
* http://www.youtube.com/watch?v=1tw_Q4JP3IA Rundblick oben
 +
* http://www.youtube.com/watch?v=2Rebuw6uIBg wieder runter zum Aufzug (Blick hinunter aus Brenner)
 +
* http://www.youtube.com/watch?v=Aa8mKeLH9QY wieder im Aufzug
 +
* http://www.youtube.com/watch?v=jY3JRWWxGcQ Fahrt mit dem Aufzug hinunter 200m / 7 min (Aufnahme kürzer) Begegnung mit Aaron und co.
 +
* http://www.youtube.com/my_playlists?p=2230EB3164DCA160 komplette Playlist (nicht alles ist interessant)
 +
 
 +
== ley21 ==
 +
 
 +
* http://a1.ley21.wien.funkfeuer.at/cgi-bin-status.html Linksys WRT54GL/Markit Freifunk Firmware mit Tunnel
 +
* http://synology.ley21.wien.funkfeuer.at/cgi-bin-status.html Linksys WRT54GL/Markit Freifunk Firware mit Tunnel
 +
* http://tener.ley21.wien.funkfeuer.at/cgi-bin-status.html Linksys WRT54GL/Markit Freifunk Firware mit Tunnel
 +
* http://fon1.ley21.wien.funkfeuer.at/cgi-bin-status.html Fonera 2100/OpenWRT Freifunk Fonera Pack 0.7.2-r3
 +
* http://fon2.ley21.wien.funkfeuer.at/cgi-bin-status.html Fonera 2100/OpenWRT Freifunk Fonera Pack 0.7.2-r3
 +
* http://p4.ley21.wien.funkfeuer.at/ (derzeit nicht verfügbar)
 +
* http://pentoo.ley21.funkfeuer.at/cgi-bin-status.html Acer Aspire One 110l / Linpus Lite (x86 dev)
 +
* http://peerco.ley21.wien.funkfeuer.at/cgi-bin-status.html TP-Link  [[0xff_Backfire-Vienna-Weiterführendes#3G.2FUMTS.2FModem]]
 +
* http://wrap.ley21.wien.funkfeuer.at/cgi-bin-status.html WRAP/OpenWRT Backfire 10.03.1
 +
* http://xbrenner.ley21.wien.funkfeuer.at/cgi-bin-status.html Bullet M2
 +
* http://bulletm.ley21.wien.funkfeuer.at/cgi-bin-status.html Bullet M2
 +
* http://loco.ley21.wien.funkfeuer.at/cgi-bin-status.html NanostationLoco M5
 +
* http://loco2.ley21.wien.funkfeuer.at NanoStationLoco M5
 +
 
 +
 
 +
* https://marvin.funkfeuer.at/cgi-bin/smokeping/freenet.cgi?target=ley21
 +
 
 +
== Nodes ==
 +
 
 +
* Hornstein und Neufeld/a.d.L
 +
 
 +
* [http://tunnel.hornstein.wien.funkfeuer.at/cgi-bin-status.html Hornstein] Test BackFire Vienna im Qemu unter Gentoo Linux auf dem http://www.picki.at/
  
 
== Servers ==
 
== Servers ==
* [http://p4.dev0.wien.funkfeuer.at/gru3-funkfeuer/ p4.dev0] web foto video
+
 
* [http://p4.dev0.wien.funkfeuer.at:8000/index.html p4.dev0] 12kbps 32kHz stereo aacp stream (winamp5)
+
* [http://p4.ley21.wien.funkfeuer.at/ p4]
* [http://wrap.dev0.wien.funkfeuer.at/ wrap.dev0]
+
* [http://pentoo.ley21.wien.funkfeuer.at/ pentoo]
  
 
== Hardware ==
 
== Hardware ==
 +
 
* [http://www.pcengines.ch/wrap.htm WRAP] Wireless Router Application Platform
 
* [http://www.pcengines.ch/wrap.htm WRAP] Wireless Router Application Platform
  
 
== Software ==
 
== Software ==
 +
 
* [http://www.nullsoft.com/nsv/ Nullsoft (Streaming|S as in Soft) Video]
 
* [http://www.nullsoft.com/nsv/ Nullsoft (Streaming|S as in Soft) Video]
 
* [http://www.scvi.net/ The Winamp TV - NSV - NullSoft Video Streaming Resource]
 
* [http://www.scvi.net/ The Winamp TV - NSV - NullSoft Video Streaming Resource]
 
* [http://www.mpex.net/ MPeX.net - MP3 Software, Downloads, Hardware, Anleitungen, Winamp]
 
* [http://www.mpex.net/ MPeX.net - MP3 Software, Downloads, Hardware, Anleitungen, Winamp]
 +
* [http://www.davereyn.co.uk/ Qemu Manager]
 +
* [http://sourceforge.net/projects/wmolsr/ Windows Mobile OLSR Daemon]
 +
* [http://www.grc.upv.es/calafate/olsr/olsr.htm OLSR for Windows 2000 and Pocket PC]
 +
* [http://www.gentoo.org/proj/en/base/embedded/gnap.xml Gentoo Network Appliance (GNAP)]
 +
 +
== Docs ==
  
== docs ==
 
 
* [http://downloads.openwrt.org/docs/buildroot-documentation.html OpenWrt Buildroot]
 
* [http://downloads.openwrt.org/docs/buildroot-documentation.html OpenWrt Buildroot]
 +
* [http://wiki.openwrt.org/doc/howto/qemu OpenWrt in QEMU]
 +
* [http://wiki.laptop.org/go/Talk:Using_QEMU_on_Windows Talk:Using QEMU on Windows]
 +
* [http://www.davereyn.co.uk/download.htm Qemu Manager Download]
 +
* [http://www.h7.dion.ne.jp/~qemu-win/ QEMU on Windows]
 +
* C:\qemu-0.9.0-windows>qemu.exe -L . -hda openwrt-x86-ext2.image -net tap,ifname=TAP -net nic
 +
 +
== OpenVPN tunnel ==
 +
 +
<p>
 +
* http://ipkg.funkfeuer.at/autoupdate/freifunk-openwrt-autoupdate-1.7.4.8-0xff-markit-full.trx
 +
* http://ipkg.funkfeuer.at/ipkg/1.6/0xff-openvpn-webif_1.5.3_mipsel.ipk
 +
 +
leider ließ sich http://ipkg.funkfeuer.at/ipkg/1.7/0xff-openvpn-webif_1.7.1_mipsel.ipk nicht installieren
 +
 +
ipkg remove tcpdump<br>
 +
ipkg remove freifunk-tcpdump<br>
 +
ipkg install freifunk-tcpdump
 +
</p>
 +
 +
Mit http://texas.funkfeuer.at/~markus/olsrd/0xff-olsrd/test/freifunk-openwrt-autoupdate-1.7.4.9-0xff-markit-recommended-vpn.trx nicht erforderlich, nur comp-lzo in der S42openvpn korrigieren, (compl-zo ist da falsch drin).<br>
 +
 +
http://www.nux.at/pub/funkfeuer/wrt54gl_v1.1/freifunk-openwrt-autoupdate-1.7.4.9-0xff-markit-recommended-vpn.trx"
 +
 +
<pre>
 +
root@gru3ost:~# cat /etc/init.d/S42openvpn
 +
 +
[..]
 +
 +
#create OpenVPN config
 +
 +
cat>$CONFIG_DIR/$VPN_IF.conf<<EOM
 +
dev            $VPN_IF
 +
proto          $ff_openvpn_proto
 +
remote          $ff_openvpn_host
 +
port            $ff_openvpn_port
 +
ifconfig        $ff_openvpn_ip $ff_openvpn_netmask
 +
route-up        /etc/openvpn/openvpn-webif-route-up.sh
 +
up              /etc/openvpn/openvpn-webif-if-up.sh
 +
down            /etc/openvpn/openvpn-webif-if-down.sh
 +
up-restart
 +
</pre>
 +
 +
<pre>
 +
comp-lzo
 +
script-security 2
 +
</pre>
 +
 +
<pre>
 +
verb 3
 +
EOM
 +
 +
[..]
 +
 +
</pre>
 +
 +
<pre>
 +
root@gru3ost:~# cat /etc/init.d/S45firewall
 +
 +
[..]
 +
 +
ins_nat() {
 +
        LANNAT=
 +
        case $WIFIDEV in "");;*)case $LANDEV in "");;*)if ! in_range $LANADR/$LA
 +
NPRE;then
 +
                use_nat
 +
 +
                # Setup alias and dest nat for an ethernet DMZ PC, e.g.
 +
                # 172.31.255.254 on WLAN -> DMZ PC which has 192.168.1.2
 +
                # Also add to olsrd.conf: "HNA4 172.31.255.254 255.255.255.255"
 +
                IFS=\;
 +
                devnum=0
 +
                for dmz in $(nvram get ff_dmz); do
 +
                        src=${dmz%[:,]*}
 +
                        dst=${dmz#*[:,]}
 +
                        ip addr add dev $WIFIDEV $src/32 label $WIFIDEV:$devnum
 +
                        iptables -t nat -I PREROUTING -d $src -j DNAT --to $dst
 +
                        iptables -I FORWARD -s ! $LANNET/$LANPRE -d $dst -j ACCE
 +
PT
 +
                        iptables -I FORWARD -s $dst -d ! $LANNET/$LANPRE -j ACCE
 +
PT
 +
                        iptables -I OUTPUT -o lo -s $src -d $src -j ACCEPT
 +
                        iptables -I INPUT -i lo -s $src -j ACCEPT
 +
                        devnum=$(( $devnum + 1 ))
 +
                done
 +
                unset IFS
 +
 +
                case $LANADR in "")
 +
                        LANNAT=192.168.0.0/16
 +
                ;;*)
 +
                        LANNAT=$LANNET/$LANPRE
 +
                ;;esac
 +
                iptables -t nat -I POSTROUTING -o $WIFIDEV -s $LANNAT -d ! $LANN
 +
AT -j MASQUERADE
 +
</pre>
 +
 +
<pre>
 +
                iptables -t nat -I POSTROUTING -o tap0 -s $LANNAT -d ! $LANNAT -
 +
j MASQUERADE
 +
</pre>
 +
 +
<pre>
 +
        fi;;esac;;esac
 +
 +
        # Mask packets from these WLAN DHCP clients, so they can do
 +
        # inet w/o OLSR unless HNA4 is to be used to accomplish this
 +
        case $(nvram get ff_wldhcp_hna4) in 1);;*)
 +
                ff_wldhcp=$(nvram get ff_wldhcp)
 +
                case $ff_wldhcp in "");;*)
 +
                        use_nat
 +
                        IFS=\;
 +
                        for wldhcp in $ff_wldhcp; do
 +
                                iptables -t nat -I POSTROUTING -s ${wldhcp%[:,]*
 +
} -j MASQUERADE
 +
                        done
 +
                        unset IFS
 +
                ;;esac
 +
        ;;esac
 +
        case $WANDEV in "");;*)if in_range $WANADR/$WANPRE;then
 +
                case $LANNAT in "");;*)
 +
                        iptables -t nat -I POSTROUTING -o $WANDEV -s $LANNAT -d
 +
! $LANNAT -j MASQUERADE
 +
                ;;esac
 +
        else
 +
                use_nat
 +
                iptables -t nat -I POSTROUTING -o $WANDEV -j MASQUERADE
 +
        fi;;esac
 +
}
 +
 +
[..]
 +
 +
</pre>
 +
 +
<pre>
 +
System-Log:  Ein- / Ausblenden
 +
Jan  1 00:00:06 (none) syslog.info syslogd started: BusyBox v1.01 (2010.08.29-10:07+0000)
 +
Jan  1 00:00:06 (none) kern.info kernel: CRONDOG: Timer margin: 600 sec
 +
Jan  1 00:00:06 (none) kern.info kernel: Universal TUN/TAP device driver 1.5 (C)1999-2002 Maxim Krasnyansky
 +
Jan  1 00:00:12 (none) kern.notice openvpn[443]: OpenVPN 2.1.1 mipsel-linux [LZO2] [EPOLL] built on Aug 29 2010
 +
Jan  1 00:00:12 (none) kern.warn openvpn[443]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
 +
Jan  1 00:00:12 (none) kern.warn openvpn[443]: ******* WARNING *******: OpenVPN built without OpenSSL -- encryption and authentication features disabled -- all data will be tunnelled as cleartext
 +
Jan  1 00:00:12 (none) kern.notice openvpn[443]: LZO compression initialized
 +
Jan  1 00:00:12 (none) kern.notice openvpn[443]: TUN/TAP device tap0 opened
 +
Jan  1 00:00:12 (none) kern.notice openvpn[443]: TUN/TAP TX queue length set to 100
 +
Jan  1 00:00:12 (none) kern.notice openvpn[443]: /usr/sbin/ip link set dev tap0 up mtu 1500
 +
Jan  1 00:00:12 (none) kern.notice openvpn[443]: /usr/sbin/ip addr add dev tap0 78.41.112.211/24 broadcast 78.41.112.255
 +
Jan  1 00:00:12 (none) kern.notice openvpn[443]: /etc/openvpn/openvpn-webif-if-up.sh tap0 1500 1533 78.41.112.211 255.255.255.0 init
 +
Jan  1 00:00:13 (none) kern.notice openvpn[443]: Data Channel MTU parms [ L:1533 D:1450 EF:1 EB:135 ET:32 EL:0 AF:14/1 ]
 +
Jan  1 00:00:13 (none) kern.notice openvpn[505]: Socket Buffers: R=[32767->65534] S=[32767->65534]
 +
Jan  1 00:00:13 (none) kern.notice openvpn[505]: UDPv4 link local (bound): [undef]:5012
 +
Jan  1 00:00:13 (none) kern.notice openvpn[505]: UDPv4 link remote: 78.41.115.228:5012
 +
Jan  1 00:00:15 (none) kern.warn kernel: ip_conntrack version 2.1 (5953 buckets, 5953 max) - 332 bytes per conntrack
 +
Jan  1 00:00:16 (none) kern.warn kernel: Flushing ip conntrack...
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: started, version 2.45 cachesize 150
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: compile time options: IPv6 GNU-getopt ISC-leasefile no-DBus no-I18N TFTP
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: DHCP, IP range 192.168.137.100 -- 192.168.137.103, lease time 12h
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: reading /var/run/resolv.dnsmasq
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: using nameserver 8.8.8.8#53
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: using nameserver 208.67.220.220#53
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: using nameserver 193.238.157.5#53
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: using nameserver 193.238.157.16#53
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: read /etc/hosts - 2 addresses
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: read /etc/local.hosts - 6 addresses
 +
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: read /etc/ethers - 0 addresses
 +
Jan  1 00:00:19 (none) kern.warn dropbear[807]: Failed reading '/etc/dropbear/dropbear_rsa_host_key', disabling RSA
 +
Jan  1 00:00:20 (none) kern.info dropbear[812]: Running in background
 +
Jan  1 00:00:22 (none) user.notice olsr/init: olsr/system: Starting olsrd...
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '1' (was 1) to /proc/sys/net/ipv4/ip_forward
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 0) to /proc/sys/net/ipv4/conf/all/send_redirects
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 0) to /proc/sys/net/ipv4/conf/tap0/send_redirects
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 1) to /proc/sys/net/ipv4/conf/tap0/rp_filter
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Adding interface tap0
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: New main address: 78.41.112.211
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 0) to /proc/sys/net/ipv4/conf/eth1/send_redirects
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 1) to /proc/sys/net/ipv4/conf/eth1/rp_filter
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Adding interface eth1
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 0) to /proc/sys/net/ipv4/conf/vlan1/send_redirects
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 1) to /proc/sys/net/ipv4/conf/vlan1/rp_filter
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: Adding interface vlan1
 +
Dec 31 12:00:01 (none) kern.info olsrd[972]: olsr.org -  pre-0.6.2-git_dd97fa3-hash_737916162b783a0a0151c72c37342856  - successfully started
 +
Dec 31 12:00:01 (none) user.notice secureadmin:: started.
 +
Dec 31 12:00:01 (none) kern.notice xrelayd[1016]: xrelayd.c:820 Listening for ssl connections on server port 443
 +
Dec 31 12:00:05 (none) daemon.info srelay[1181]: Starting: MAX_CH(10)
 +
Dec 31 12:00:07 (none) kern.notice openvpn[505]: Peer Connection Initiated with 78.41.115.228:5012
 +
Dec 31 12:00:08 (none) kern.notice openvpn[505]: Initialization Sequence Completed
 +
Mar 24 14:34:56 (none) kern.info rrdcollect[2440]: We just started
 +
Mar 24 14:34:56 (none) kern.info rrdcollect[2440]: Update method: rrdlib
 +
Mar 24 14:53:41 (none) syslog.info -- MARK --
 +
</pre>
 +
 +
== OpenVPN Tunnel mit BackFire Vienna ==
 +
 +
<pre>
 +
config 'openvpn' 'to_krypta'
 +
    option 'dev' 'tun'
 +
    option 'management' '127.0.0.1 31194'
 +
    option 'nobind' '1'
 +
    option 'verb' '3'
 +
    option 'remote' '78.41.115.228'
 +
    option 'proto' 'udp'
 +
    option 'dev_type' 'tap'
 +
    option 'comp_lzo' '0'
 +
    option 'enable' '1'
 +
    option 'ifconfig' '193.238.xxx.xxx 255.255.25x.000' #dirch deine IP ersetzen
 +
    option 'port' '50xx' # dein port
 +
</pre>
 +
 +
comp_lzo 0 oder 1 je nach dem man es braucht, muss aber gleich mit der Server Seite sein
 +
 +
Quelle https://lists.funkfeuer.at/pipermail/wien/2011-July/007687.html by Joe
 +
 +
danach nunmehr das tap device im Netzwerk hinzufügen
 +
 +
genauso läuft hornstein, vorübergehend auf dem Tunnelport für den schareck
 +
 +
Update: (Erich)
 +
Wenn der Tunnel einfach nicht starten will, ist womöglich eine nicht unterstützte Option eingetragen.
 +
Auskunft hierüber liefert der Befehl "logread" auf einer SSH-Konsole.
 +
"option 'management' '127.0.0.1 31194'" kann auf neueren Backfire-Builds dieses Problem verursachen.
 +
 +
<br>
 +
<b>update (mi001)</b>
 +
 +
<pre>
 +
config openvpn 'to_krypta'
 +
        option dev 'tun'
 +
        option nobind '1'
 +
        option verb '3'
 +
        option remote '78.41.115.228'
 +
        option port '50xx'
 +
        option dev_type 'tap'
 +
        option proto 'udp'
 +
        option ifconfig '78.41.11x.xxx 255.255.255.0'
 +
        option comp_lzo '1'
 +
        option enable '1'
 +
        option keepalive '2 10'
 +
</pre>
 +
 +
== Tunnel mit Gentoo Linux ==
 +
 +
* Bespiel auf [http://eth0.pentoo.wien.funkfeuer.at/cgi-bin-status.html Pentoo] (Acer Aspire One 110l, Atom 1.6 GHz, 8 GB SSD, 8 GB USB Stick (distfiles)
 +
 +
<pre>
 +
pentoo ~ # cat /etc/conf.d/net
 +
# This network configuration was written by net-setup
 +
config_eth0="78.41.113.18 netmask 255.255.255.0"
 +
config_wlan0="78.41.113.170 netmask 255.255.255.0"
 +
#ifup_wlan0="iwconfig \$int mode ad-hoc essid v13.freiesnetz.www.funkfeuer.at channel 13"
 +
mode_wlan0="ad-hoc"
 +
channel_wlan0="13"
 +
essid_wlan0="v13.freiesnetz.www.funkfeuer.at"
 +
</pre>
 +
 +
<pre>
 +
pentoo ~ # ifconfig eth0
 +
eth0      Protokoll:Ethernet  Hardware Adresse 00:1e:68:8a:7a:56
 +
          inet Adresse:78.41.113.18  Bcast:78.41.113.255  Maske:255.255.255.0
 +
          inet6 Adresse: fe80::21e:68ff:fe8a:7a56/64 Gültigkeitsbereich:Verbindung
 +
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
 +
          RX packets:17250332 errors:0 dropped:0 overruns:0 frame:0
 +
          TX packets:36175354 errors:0 dropped:0 overruns:0 carrier:0
 +
          Kollisionen:0 Sendewarteschlangenlänge:1000
 +
          RX bytes:4020452971 (3.7 GiB)  TX bytes:1961321939 (1.8 GiB)
 +
          Interrupt:44
 +
 +
pentoo ~ # ifconfig wlan0
 +
wlan0    Protokoll:Ethernet  Hardware Adresse 00:22:68:92:86:08
 +
          inet Adresse:78.41.113.170  Bcast:78.41.113.255  Maske:255.255.255.0
 +
          inet6 Adresse: fe80::222:68ff:fe92:8608/64 Gültigkeitsbereich:Verbindung
 +
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
 +
          RX packets:87982705 errors:0 dropped:0 overruns:0 frame:0
 +
          TX packets:30829560 errors:0 dropped:0 overruns:0 carrier:0
 +
          Kollisionen:0 Sendewarteschlangenlänge:1000
 +
          RX bytes:2026779703 (1.8 GiB)  TX bytes:2581858981 (2.4 GiB)
 +
 +
pentoo ~ # ifconfig tap0
 +
tap0      Protokoll:Ethernet  Hardware Adresse 72:ef:f9:9f:81:35
 +
          inet Adresse:78.41.113.186  Bcast:0.0.0.0  Maske:255.255.255.255
 +
          inet6 Adresse: fe80::70ef:f9ff:fe9f:8135/64 Gültigkeitsbereich:Verbindung
 +
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
 +
          RX packets:73658051 errors:0 dropped:0 overruns:0 frame:0
 +
          TX packets:55535814 errors:0 dropped:24829479 overruns:0 carrier:0
 +
          Kollisionen:0 Sendewarteschlangenlänge:100
 +
          RX bytes:3458609786 (3.2 GiB)  TX bytes:7392900 (7.0 MiB)
 +
 +
</pre>
 +
 +
<pre>
 +
pentoo ~ # iwconfig wlan0
 +
wlan0    IEEE 802.11bg  ESSID:"v13.freiesnetz.www.funkfeuer.at"
 +
          Mode:Ad-Hoc  Frequency:2.472 GHz  Cell: 26:A7:D4:E4:4F:4D
 +
          Tx-Power=20 dBm
 +
          Retry  long limit:7  RTS thr:off  Fragment thr:off
 +
          Encryption key:off
 +
          Power Management:off
 +
 +
</pre>
 +
 +
<pre>
 +
pentoo ~ # eix -e openvpn
 +
[I] net-misc/openvpn
 +
    Available versions:  2.1.4 2.2.2 **9999 {eurephia examples iproute2 ipv6 +lzo minimal pam passwordsave pkcs11 selinux (+)ssl static userland_BSD}
 +
    Installed versions:  2.2.2(20:03:59 2012-02-23)(pam ssl -examples -iproute2 -minimal -passwordsave -pkcs11 -selinux -static -userland_BSD)
 +
    Homepage:            http://openvpn.net/
 +
    Description:        OpenVPN is a robust and highly flexible tunneling application compatible with many OSes.
 +
</pre>
 +
 +
<pre>
 +
pentoo ~ # cat funkfeuer
 +
#route add 78.41.115.228 gw 10.64.64.64
 +
openvpn --mktun --dev tap0
 +
openvpn --dev tap0 --remote 78.41.115.228 --port 5063 --daemon --writepid /var/run/openvpn-tap0.pid --up-delay --ping-restart 20 --script-security 3 system --comp-lzo
 +
ip add add 78.41.113.186/32 broadcast + dev tap0
 +
ip link set tap0 up
 +
#iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o tap0 -j MASQUERADE
 +
</pre>
 +
 +
<pre>
 +
pentoo ~ # cat /etc/olsrd.conf
 +
[..]
 +
LoadPlugin "olsrd_httpinfo.so.0.1"
 +
{
 +
    # port number the httpinfo plugin will be listening, default 1978
 +
    PlParam    "port"  "8080"
 +
 +
    # ip address that can access the plugin, use "0.0.0.0"
 +
    # to allow everyone
 +
#  PlParam    "Host"  "127.0.0.1"
 +
#  PlParam    "Host"  "80.23.53.22"
 +
 +
    # networks that can access the plugin (ip/netmask)
 +
    # careful with 0.0.0.0/0, makes (ddos) attacks poss.
 +
    PlParam    "Net"    "0.0.0.0 0.0.0.0"
 +
#  PlParam    "Net"    "104.0.0.0 255.255.0.0"
 +
#  PlParam    "Net"    "192.168.0.0 255.255.0.0"
 +
}
 +
[..]
 +
InterfaceDefaults {
 +
    HelloInterval    5.0
 +
    HelloValidityTime 100.0
 +
    TcInterval        3.0
 +
    TcValidityTime    500.0
 +
    HnaInterval      30.0
 +
    HnaValidityTime  500.0
 +
    Ip4Broadcast      255.255.255.255
 +
}
 +
[..]
 +
Interface "eth0"
 +
{
 +
    # Interface Mode is used to prevent unnecessary
 +
    # packet forwarding on switched ethernet interfaces
 +
    # valid Modes are "mesh" and "ether"
 +
    # (default is "mesh")
 +
 +
    Mode "ether"
 +
}
 +
Interface "wlan0"
 +
{
 +
    # Interface Mode is used to prevent unnecessary
 +
    # packet forwarding on switched ethernet interfaces
 +
    # valid Modes are "mesh" and "ether"
 +
    # (default is "mesh")
 +
 +
    # Mode "mesh"
 +
}
 +
Interface "tap0"
 +
{
 +
    # Interface Mode is used to prevent unnecessary
 +
    # packet forwarding on switched ethernet interfaces
 +
    # valid Modes are "mesh" and "ether"
 +
    # (default is "mesh")
 +
 +
    LinkQualityMult 78.41.112.238 0.4
 +
    Mode "ether"
 +
}
 +
</pre>
 +
 +
== WRAP & ALIX ==
 +
 +
* [http://www.pcengines.ch/wrap.htm Wireless Router Application Platform]
 +
* [http://www.pcengines.ch/alix.htm ALIX system boards]
 +
 +
== Fonera ==
 +
 +
* [http://wiki.freifunk-hannover.de/Fonera_mit_OLSR Fonera mit OLSR]
 +
* [http://download.berlin.freifunk.net/fonera/ fonera]
 +
* [[Fonera]]
 +
 +
* Freischalten Channel 13
 +
 +
* Version von FreiFunk (Sven Ola) wien unter Fonera mit OLSR beschrieben ist
 +
 +
* Kamikaze, da funkzioniert das nicht so wie bei der Freifunk Firmware von Sven Ola. Hier ist für die Freischaltung nur ein Eintrag im /etc/config/wireless unter config 'wifi-device' und zwar option 'country' '276' notwendig.
 +
 +
<pre>
 +
bei mir sieht es so aus
 +
 +
cat /etc/config/wireless
 +
 +
config 'wifi-device' 'wifi0'
 +
        option 'type' 'atheros'
 +
        option 'distance' '15000'
 +
        option 'diversity' '0'
 +
        option 'country' '276'
 +
        option 'channel' '13'
 +
 +
config 'wifi-iface'
 +
        option 'device' 'wifi0'
 +
        option 'network' 'wlan'
 +
        option 'mode' 'adhoc'
 +
        option 'mcast_rate' '5500'
 +
        option 'encryption' 'none'
 +
        option 'rate' '5500'
 +
        option 'ssid' 'v13.freiesnetz.www.funkfeuer.at'
 +
        option 'bssid' '26:A7:D4:E4:4F:4D'
 +
</pre>
 +
== buildroot ==
 +
* ftp://oe1xrw.ozw.wien.funkfeuer.at/
 +
* http://www.nux.at/openwrt/
 +
* http://downloads.openwrt.org/kamikaze/docs/openwrt.html
 +
* https://dev.openwrt.org/wiki/GetSource
 +
* http://wiki.openwrt.org/de/doc/howto/buildroot.exigence
 +
* http://kephra.de/blog/OpenWRT_build.html
 +
* http://wiki.openwrt.org/toh/fon/fonera
 +
* http://josefsson.org/openwrt/dongle.html
 +
* http://texas.funkfeuer.at/~markus/olsrd/
 +
 +
== Misc ==
 +
 +
<b>linksys</b>
 +
<pre>
 +
Legaler Grenzwert:    20  dBm  = 100 mW
 +
Kabel/Stecker-Verlust:  3  dB
 +
Antennengewinn:        8.5 dBi
 +
Ergebnis:              58  qdBm =  28 mW
 +
 +
eth1      unknown transmit-power information.
 +
 +
          Current Tx-Power:14 dBm      (25 mW)
 +
</pre>
 +
<pre>
 +
Legaler Grenzwert:    20  dBm  = 100 mW
 +
Kabel/Stecker-Verlust:  3  dB
 +
Antennengewinn:        6  dBi
 +
Ergebnis:              68  qdBm =  50 mW
 +
 +
eth1      unknown transmit-power information.
 +
 +
          Current Tx-Power:17 dBm      (50 mW)
 +
</pre>
 +
<b>fonera</b>
 +
<pre>
 +
ath0      8 available transmit-powers :
 +
          0 dBm        (1 mW)
 +
          4 dBm        (2 mW)
 +
          6 dBm        (3 mW)
 +
          8 dBm        (6 mW)
 +
          10 dBm        (10 mW)
 +
          12 dBm        (15 mW)
 +
          14 dBm        (25 mW)
 +
          16 dBm        (39 mW)
 +
          Current Tx-Power:16 dBm      (39 mW)
 +
</pre>
 +
<b>leistung allgemein</b>
 +
<pre>
 +
0 dBm =  1 mW =  1 qdBm (24 dBi Antenne -5 dB Kabel/Stecker)
 +
1 dBm =  1 mW =  4 qdBm (24 dBi Antenne -5 dB Kabel/Stecker)
 +
2 dBm =  2 mW =  8 qdBm
 +
3 dBm =  2 mW = 12 qdBm (20 dBi Antenne -3 dB Kabel/Stecker)
 +
4 dBm =  3 mW = 16 qdBm
 +
5 dBm =  3 mW = 20 qdBm
 +
6 dBm =  4 mW = 24 qdBm
 +
7 dBm =  5 mW = 28 qdBm
 +
8 dBm =  6 mW = 32 qdBm
 +
9 dBm =  8 mW = 36 qdBm
 +
10 dBm =  10 mW = 40 qdBm
 +
11 dBm =  13 mW = 44 qdBm
 +
12 dBm =  16 mW = 48 qdBm
 +
13 dBm =  20 mW = 52 qdBm
 +
14 dBm =  25 mW = 56 qdBm
 +
15 dBm =  32 mW = 60 qdBm (8 dBi Antenne -3 dB Kabel/Stecker)
 +
16 dBm =  40 mW = 64 qdBm
 +
17 dBm =  50 mW = 68 qdBm (4 dBi Antenne -1 dB Kabel/Stecker)
 +
18 dBm =  63 mW = 72 qdBm
 +
19 dBm =  79 mW = 76 qdBm
 +
20 dBm = 100 mW = 80 qdBm (0 dBi Antenne -0 dB Kabel/Stecker)
 +
21 dBm = 126 mW = 84 qdBm
 +
22 dBm = 158 mW = 88 qdBm
 +
23 dBm = 200 mW = 92 qdBm
 +
24 dBm = 251 mW = 96 qdBm
 +
</pre>
 +
 +
== Notizen ==
 +
 +
<pre>
 +
gru3 - Gruschaplatz 3 - alte GPS 48.19457925291452;16.283304691314697 frontend 48 11 41 16 17 0
 +
gru3ost - Gruschaplatz 3 - alte GPS 48.194548857439884;16.28334492444992 frontend 48 11 40 16 17 1
 +
</pre>
 +
<pre>
 +
wag23 - Wagramerstrasse 23/1 - alte GPS 48.23561590674427;16.42226256430149 frontend 48 14 8.25 16 25 19.96
 +
wag23ost - Wagramerstrasse 23/1 - alte GPS 48.23552077360733;16.42235577106476 frontend 48 14 7.7 16 25 20.6
 +
</pre>
 +
 +
== nux ==
 +
 +
[http://nux.brc.wien.funkfeuer.at/mediawiki/index.php/Benutzer:Pk pk@nux]<br>
 +
[http://tap0.nux.wien.funkfeuer.at/mediawiki/index.php/Benutzer:Pk pk@nux]
 +
 +
== NAT traversal ==
  
== misc ==
+
<pre>
 +
http://samy.pl/pwnat/
 +
http://m19s28.dyndns.org/iblech/nat-traverse/#vpn-ppp
 +
</pre>

Aktuelle Version vom 27. November 2013, 04:52 Uhr

Funkfeuer wichtig

Leider stoße ich immer wieder an Knoten mit SSID ?.node.wien.funkfeuer.at
mit <node> der jewalige Knotenname.
Bei manchen Geräten mag das funktionieren, aber nicht bei allen.
Viele Geräte alt oder neu verlangen stehts nach der selben SSID,
womit viele dazu gezwingen werden die selbe SSID gleichfalls einzustellen.
Das führt dazu dass ein Knoten mit dem Namen bez10 sich zum Knoten
bez13 dann via SSID bez13.wien.funkfeuer.at verbinden muss.
Dann sendet aber der Knoten im 10. Bezirk die Kennung von 13. Bezirk
im SSID, was nicht der wahrheit entspricht. Zusätzlich kann sich dieser
Knoten im Bezirk 10 dann nicht mehr mit anderen regulären Knoten
mittels der richtigen SSID zu der selben Zeit verbinden!!!

Brenner Besichtigung 07/07/2011

ley21


Nodes

  • Hornstein und Neufeld/a.d.L

Servers

Hardware

  • WRAP Wireless Router Application Platform

Software

Docs

OpenVPN tunnel

leider ließ sich http://ipkg.funkfeuer.at/ipkg/1.7/0xff-openvpn-webif_1.7.1_mipsel.ipk nicht installieren ipkg remove tcpdump
ipkg remove freifunk-tcpdump
ipkg install freifunk-tcpdump

Mit http://texas.funkfeuer.at/~markus/olsrd/0xff-olsrd/test/freifunk-openwrt-autoupdate-1.7.4.9-0xff-markit-recommended-vpn.trx nicht erforderlich, nur comp-lzo in der S42openvpn korrigieren, (compl-zo ist da falsch drin).

http://www.nux.at/pub/funkfeuer/wrt54gl_v1.1/freifunk-openwrt-autoupdate-1.7.4.9-0xff-markit-recommended-vpn.trx" 

root@gru3ost:~# cat /etc/init.d/S42openvpn

[..]

#create OpenVPN config

cat>$CONFIG_DIR/$VPN_IF.conf<<EOM
dev             $VPN_IF
proto           $ff_openvpn_proto
remote          $ff_openvpn_host
port            $ff_openvpn_port
ifconfig        $ff_openvpn_ip $ff_openvpn_netmask
route-up        /etc/openvpn/openvpn-webif-route-up.sh
up              /etc/openvpn/openvpn-webif-if-up.sh
down            /etc/openvpn/openvpn-webif-if-down.sh
up-restart

comp-lzo
script-security 2

verb 3
EOM

[..]


root@gru3ost:~# cat /etc/init.d/S45firewall

[..]

ins_nat() {
        LANNAT=
        case $WIFIDEV in "");;*)case $LANDEV in "");;*)if ! in_range $LANADR/$LA
NPRE;then
                use_nat

                # Setup alias and dest nat for an ethernet DMZ PC, e.g.
                # 172.31.255.254 on WLAN -> DMZ PC which has 192.168.1.2
                # Also add to olsrd.conf: "HNA4 172.31.255.254 255.255.255.255"
                IFS=\;
                devnum=0
                for dmz in $(nvram get ff_dmz); do
                        src=${dmz%[:,]*}
                        dst=${dmz#*[:,]}
                        ip addr add dev $WIFIDEV $src/32 label $WIFIDEV:$devnum
                        iptables -t nat -I PREROUTING -d $src -j DNAT --to $dst
                        iptables -I FORWARD -s ! $LANNET/$LANPRE -d $dst -j ACCE
PT
                        iptables -I FORWARD -s $dst -d ! $LANNET/$LANPRE -j ACCE
PT
                        iptables -I OUTPUT -o lo -s $src -d $src -j ACCEPT
                        iptables -I INPUT -i lo -s $src -j ACCEPT
                        devnum=$(( $devnum + 1 ))
                done
                unset IFS

                case $LANADR in "")
                        LANNAT=192.168.0.0/16
                ;;*)
                        LANNAT=$LANNET/$LANPRE
                ;;esac
                iptables -t nat -I POSTROUTING -o $WIFIDEV -s $LANNAT -d ! $LANN
AT -j MASQUERADE

                iptables -t nat -I POSTROUTING -o tap0 -s $LANNAT -d ! $LANNAT -
j MASQUERADE

        fi;;esac;;esac

        # Mask packets from these WLAN DHCP clients, so they can do
        # inet w/o OLSR unless HNA4 is to be used to accomplish this
        case $(nvram get ff_wldhcp_hna4) in 1);;*)
                ff_wldhcp=$(nvram get ff_wldhcp)
                case $ff_wldhcp in "");;*)
                        use_nat
                        IFS=\;
                        for wldhcp in $ff_wldhcp; do
                                iptables -t nat -I POSTROUTING -s ${wldhcp%[:,]*
} -j MASQUERADE
                        done
                        unset IFS
                ;;esac
        ;;esac
        case $WANDEV in "");;*)if in_range $WANADR/$WANPRE;then
                case $LANNAT in "");;*)
                        iptables -t nat -I POSTROUTING -o $WANDEV -s $LANNAT -d
! $LANNAT -j MASQUERADE
                ;;esac
        else
                use_nat
                iptables -t nat -I POSTROUTING -o $WANDEV -j MASQUERADE
        fi;;esac
}

[..]


System-Log:  Ein- / Ausblenden 
Jan  1 00:00:06 (none) syslog.info syslogd started: BusyBox v1.01 (2010.08.29-10:07+0000)
Jan  1 00:00:06 (none) kern.info kernel: CRONDOG: Timer margin: 600 sec
Jan  1 00:00:06 (none) kern.info kernel: Universal TUN/TAP device driver 1.5 (C)1999-2002 Maxim Krasnyansky
Jan  1 00:00:12 (none) kern.notice openvpn[443]: OpenVPN 2.1.1 mipsel-linux [LZO2] [EPOLL] built on Aug 29 2010
Jan  1 00:00:12 (none) kern.warn openvpn[443]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Jan  1 00:00:12 (none) kern.warn openvpn[443]: ******* WARNING *******: OpenVPN built without OpenSSL -- encryption and authentication features disabled -- all data will be tunnelled as cleartext
Jan  1 00:00:12 (none) kern.notice openvpn[443]: LZO compression initialized
Jan  1 00:00:12 (none) kern.notice openvpn[443]: TUN/TAP device tap0 opened
Jan  1 00:00:12 (none) kern.notice openvpn[443]: TUN/TAP TX queue length set to 100
Jan  1 00:00:12 (none) kern.notice openvpn[443]: /usr/sbin/ip link set dev tap0 up mtu 1500
Jan  1 00:00:12 (none) kern.notice openvpn[443]: /usr/sbin/ip addr add dev tap0 78.41.112.211/24 broadcast 78.41.112.255
Jan  1 00:00:12 (none) kern.notice openvpn[443]: /etc/openvpn/openvpn-webif-if-up.sh tap0 1500 1533 78.41.112.211 255.255.255.0 init
Jan  1 00:00:13 (none) kern.notice openvpn[443]: Data Channel MTU parms [ L:1533 D:1450 EF:1 EB:135 ET:32 EL:0 AF:14/1 ]
Jan  1 00:00:13 (none) kern.notice openvpn[505]: Socket Buffers: R=[32767->65534] S=[32767->65534]
Jan  1 00:00:13 (none) kern.notice openvpn[505]: UDPv4 link local (bound): [undef]:5012
Jan  1 00:00:13 (none) kern.notice openvpn[505]: UDPv4 link remote: 78.41.115.228:5012
Jan  1 00:00:15 (none) kern.warn kernel: ip_conntrack version 2.1 (5953 buckets, 5953 max) - 332 bytes per conntrack
Jan  1 00:00:16 (none) kern.warn kernel: Flushing ip conntrack...
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: started, version 2.45 cachesize 150
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: compile time options: IPv6 GNU-getopt ISC-leasefile no-DBus no-I18N TFTP
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: DHCP, IP range 192.168.137.100 -- 192.168.137.103, lease time 12h
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: reading /var/run/resolv.dnsmasq
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: using nameserver 8.8.8.8#53
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: using nameserver 208.67.220.220#53
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: using nameserver 193.238.157.5#53
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: using nameserver 193.238.157.16#53
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: read /etc/hosts - 2 addresses
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: read /etc/local.hosts - 6 addresses
Jan  1 00:00:18 (none) daemon.info dnsmasq[747]: read /etc/ethers - 0 addresses
Jan  1 00:00:19 (none) kern.warn dropbear[807]: Failed reading '/etc/dropbear/dropbear_rsa_host_key', disabling RSA
Jan  1 00:00:20 (none) kern.info dropbear[812]: Running in background
Jan  1 00:00:22 (none) user.notice olsr/init: olsr/system: Starting olsrd...
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '1' (was 1) to /proc/sys/net/ipv4/ip_forward
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 0) to /proc/sys/net/ipv4/conf/all/send_redirects
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 0) to /proc/sys/net/ipv4/conf/tap0/send_redirects
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 1) to /proc/sys/net/ipv4/conf/tap0/rp_filter
Dec 31 12:00:01 (none) kern.info olsrd[972]: Adding interface tap0 
Dec 31 12:00:01 (none) kern.info olsrd[972]: New main address: 78.41.112.211 
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 0) to /proc/sys/net/ipv4/conf/eth1/send_redirects
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 1) to /proc/sys/net/ipv4/conf/eth1/rp_filter
Dec 31 12:00:01 (none) kern.info olsrd[972]: Adding interface eth1 
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 0) to /proc/sys/net/ipv4/conf/vlan1/send_redirects
Dec 31 12:00:01 (none) kern.info olsrd[972]: Writing '0' (was 1) to /proc/sys/net/ipv4/conf/vlan1/rp_filter
Dec 31 12:00:01 (none) kern.info olsrd[972]: Adding interface vlan1 
Dec 31 12:00:01 (none) kern.info olsrd[972]: olsr.org -  pre-0.6.2-git_dd97fa3-hash_737916162b783a0a0151c72c37342856  - successfully started
Dec 31 12:00:01 (none) user.notice secureadmin:: started.
Dec 31 12:00:01 (none) kern.notice xrelayd[1016]: xrelayd.c:820 Listening for ssl connections on server port 443
Dec 31 12:00:05 (none) daemon.info srelay[1181]: Starting: MAX_CH(10)
Dec 31 12:00:07 (none) kern.notice openvpn[505]: Peer Connection Initiated with 78.41.115.228:5012
Dec 31 12:00:08 (none) kern.notice openvpn[505]: Initialization Sequence Completed
Mar 24 14:34:56 (none) kern.info rrdcollect[2440]: We just started
Mar 24 14:34:56 (none) kern.info rrdcollect[2440]: Update method: rrdlib
Mar 24 14:53:41 (none) syslog.info -- MARK --

OpenVPN Tunnel mit BackFire Vienna

config 'openvpn' 'to_krypta'
    option 'dev' 'tun'
    option 'management' '127.0.0.1 31194'
    option 'nobind' '1'
    option 'verb' '3'
    option 'remote' '78.41.115.228'
    option 'proto' 'udp'
    option 'dev_type' 'tap'
    option 'comp_lzo' '0'
    option 'enable' '1'
    option 'ifconfig' '193.238.xxx.xxx 255.255.25x.000' #dirch deine IP ersetzen
    option 'port' '50xx' # dein port

comp_lzo 0 oder 1 je nach dem man es braucht, muss aber gleich mit der Server Seite sein

Quelle https://lists.funkfeuer.at/pipermail/wien/2011-July/007687.html by Joe

danach nunmehr das tap device im Netzwerk hinzufügen

genauso läuft hornstein, vorübergehend auf dem Tunnelport für den schareck

Update: (Erich) Wenn der Tunnel einfach nicht starten will, ist womöglich eine nicht unterstützte Option eingetragen. Auskunft hierüber liefert der Befehl "logread" auf einer SSH-Konsole. "option 'management' '127.0.0.1 31194'" kann auf neueren Backfire-Builds dieses Problem verursachen.


update (mi001) 

config openvpn 'to_krypta'
        option dev 'tun'
        option nobind '1'
        option verb '3'
        option remote '78.41.115.228'
        option port '50xx'
        option dev_type 'tap'
        option proto 'udp'
        option ifconfig '78.41.11x.xxx 255.255.255.0'
        option comp_lzo '1'
        option enable '1'
        option keepalive '2 10'

Tunnel mit Gentoo Linux

  • Bespiel auf Pentoo (Acer Aspire One 110l, Atom 1.6 GHz, 8 GB SSD, 8 GB USB Stick (distfiles) 
pentoo ~ # cat /etc/conf.d/net
# This network configuration was written by net-setup
config_eth0="78.41.113.18 netmask 255.255.255.0"
config_wlan0="78.41.113.170 netmask 255.255.255.0"
#ifup_wlan0="iwconfig \$int mode ad-hoc essid v13.freiesnetz.www.funkfeuer.at channel 13"
mode_wlan0="ad-hoc"
channel_wlan0="13"
essid_wlan0="v13.freiesnetz.www.funkfeuer.at"

pentoo ~ # ifconfig eth0
eth0      Protokoll:Ethernet  Hardware Adresse 00:1e:68:8a:7a:56
          inet Adresse:78.41.113.18  Bcast:78.41.113.255  Maske:255.255.255.0
          inet6 Adresse: fe80::21e:68ff:fe8a:7a56/64 Gültigkeitsbereich:Verbindung
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:17250332 errors:0 dropped:0 overruns:0 frame:0
          TX packets:36175354 errors:0 dropped:0 overruns:0 carrier:0
          Kollisionen:0 Sendewarteschlangenlänge:1000
          RX bytes:4020452971 (3.7 GiB)  TX bytes:1961321939 (1.8 GiB)
          Interrupt:44

pentoo ~ # ifconfig wlan0
wlan0     Protokoll:Ethernet  Hardware Adresse 00:22:68:92:86:08
          inet Adresse:78.41.113.170  Bcast:78.41.113.255  Maske:255.255.255.0
          inet6 Adresse: fe80::222:68ff:fe92:8608/64 Gültigkeitsbereich:Verbindung
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:87982705 errors:0 dropped:0 overruns:0 frame:0
          TX packets:30829560 errors:0 dropped:0 overruns:0 carrier:0
          Kollisionen:0 Sendewarteschlangenlänge:1000
          RX bytes:2026779703 (1.8 GiB)  TX bytes:2581858981 (2.4 GiB)

pentoo ~ # ifconfig tap0
tap0      Protokoll:Ethernet  Hardware Adresse 72:ef:f9:9f:81:35
          inet Adresse:78.41.113.186  Bcast:0.0.0.0  Maske:255.255.255.255
          inet6 Adresse: fe80::70ef:f9ff:fe9f:8135/64 Gültigkeitsbereich:Verbindung
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:73658051 errors:0 dropped:0 overruns:0 frame:0
          TX packets:55535814 errors:0 dropped:24829479 overruns:0 carrier:0
          Kollisionen:0 Sendewarteschlangenlänge:100
          RX bytes:3458609786 (3.2 GiB)  TX bytes:7392900 (7.0 MiB)


pentoo ~ # iwconfig wlan0
wlan0     IEEE 802.11bg  ESSID:"v13.freiesnetz.www.funkfeuer.at"
          Mode:Ad-Hoc  Frequency:2.472 GHz  Cell: 26:A7:D4:E4:4F:4D
          Tx-Power=20 dBm
          Retry  long limit:7   RTS thr:off   Fragment thr:off
          Encryption key:off
          Power Management:off


pentoo ~ # eix -e openvpn
[I] net-misc/openvpn
     Available versions:  2.1.4 2.2.2 **9999 {eurephia examples iproute2 ipv6 +lzo minimal pam passwordsave pkcs11 selinux (+)ssl static userland_BSD}
     Installed versions:  2.2.2(20:03:59 2012-02-23)(pam ssl -examples -iproute2 -minimal -passwordsave -pkcs11 -selinux -static -userland_BSD)
     Homepage:            http://openvpn.net/
     Description:         OpenVPN is a robust and highly flexible tunneling application compatible with many OSes.

pentoo ~ # cat funkfeuer
#route add 78.41.115.228 gw 10.64.64.64
openvpn --mktun --dev tap0
openvpn --dev tap0 --remote 78.41.115.228 --port 5063 --daemon --writepid /var/run/openvpn-tap0.pid --up-delay --ping-restart 20 --script-security 3 system --comp-lzo
ip add add 78.41.113.186/32 broadcast + dev tap0
ip link set tap0 up
#iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o tap0 -j MASQUERADE

pentoo ~ # cat /etc/olsrd.conf
[..]
LoadPlugin "olsrd_httpinfo.so.0.1"
{
    # port number the httpinfo plugin will be listening, default 1978
    PlParam     "port"   "8080"

    # ip address that can access the plugin, use "0.0.0.0"
    # to allow everyone
#   PlParam     "Host"   "127.0.0.1"
#   PlParam     "Host"   "80.23.53.22"

    # networks that can access the plugin (ip/netmask)
    # careful with 0.0.0.0/0, makes (ddos) attacks poss.
    PlParam     "Net"    "0.0.0.0 0.0.0.0"
#   PlParam     "Net"    "104.0.0.0 255.255.0.0"
#   PlParam     "Net"    "192.168.0.0 255.255.0.0"
}
[..]
InterfaceDefaults {
    HelloInterval     5.0
    HelloValidityTime 100.0
    TcInterval        3.0
    TcValidityTime    500.0
    HnaInterval       30.0
    HnaValidityTime   500.0
    Ip4Broadcast      255.255.255.255
}
[..]
Interface "eth0"
{
    # Interface Mode is used to prevent unnecessary
    # packet forwarding on switched ethernet interfaces
    # valid Modes are "mesh" and "ether"
    # (default is "mesh")

    Mode "ether"
}
Interface "wlan0"
{
    # Interface Mode is used to prevent unnecessary
    # packet forwarding on switched ethernet interfaces
    # valid Modes are "mesh" and "ether"
    # (default is "mesh")

    # Mode "mesh"
}
Interface "tap0"
{
    # Interface Mode is used to prevent unnecessary
    # packet forwarding on switched ethernet interfaces
    # valid Modes are "mesh" and "ether"
    # (default is "mesh")

    LinkQualityMult 78.41.112.238 0.4
    Mode "ether"
}

WRAP & ALIX

Fonera

  • Freischalten Channel 13
  • Version von FreiFunk (Sven Ola) wien unter Fonera mit OLSR beschrieben ist
  • Kamikaze, da funkzioniert das nicht so wie bei der Freifunk Firmware von Sven Ola. Hier ist für die Freischaltung nur ein Eintrag im /etc/config/wireless unter config 'wifi-device' und zwar option 'country' '276' notwendig. 
bei mir sieht es so aus

cat /etc/config/wireless

config 'wifi-device' 'wifi0'
        option 'type' 'atheros'
        option 'distance' '15000'
        option 'diversity' '0'
        option 'country' '276'
        option 'channel' '13'

config 'wifi-iface'
        option 'device' 'wifi0'
        option 'network' 'wlan'
        option 'mode' 'adhoc'
        option 'mcast_rate' '5500'
        option 'encryption' 'none'
        option 'rate' '5500'
        option 'ssid' 'v13.freiesnetz.www.funkfeuer.at'
        option 'bssid' '26:A7:D4:E4:4F:4D'

buildroot

Misc

linksys 

Legaler Grenzwert:     20   dBm  = 100 mW
Kabel/Stecker-Verlust:  3   dB
Antennengewinn:         8.5 dBi
Ergebnis:              58   qdBm =  28 mW

eth1      unknown transmit-power information.

          Current Tx-Power:14 dBm       (25 mW)

Legaler Grenzwert:     20   dBm  = 100 mW
Kabel/Stecker-Verlust:  3   dB
Antennengewinn:         6   dBi
Ergebnis:              68   qdBm =  50 mW

eth1      unknown transmit-power information.

          Current Tx-Power:17 dBm       (50 mW)

fonera 

ath0      8 available transmit-powers :
          0 dBm         (1 mW)
          4 dBm         (2 mW)
          6 dBm         (3 mW)
          8 dBm         (6 mW)
          10 dBm        (10 mW)
          12 dBm        (15 mW)
          14 dBm        (25 mW)
          16 dBm        (39 mW)
          Current Tx-Power:16 dBm       (39 mW)

leistung allgemein 

 0 dBm =   1 mW =  1 qdBm (24 dBi Antenne -5 dB Kabel/Stecker)
 1 dBm =   1 mW =  4 qdBm (24 dBi Antenne -5 dB Kabel/Stecker)
 2 dBm =   2 mW =  8 qdBm
 3 dBm =   2 mW = 12 qdBm (20 dBi Antenne -3 dB Kabel/Stecker) 
 4 dBm =   3 mW = 16 qdBm
 5 dBm =   3 mW = 20 qdBm
 6 dBm =   4 mW = 24 qdBm
 7 dBm =   5 mW = 28 qdBm
 8 dBm =   6 mW = 32 qdBm
 9 dBm =   8 mW = 36 qdBm
10 dBm =  10 mW = 40 qdBm
11 dBm =  13 mW = 44 qdBm
12 dBm =  16 mW = 48 qdBm
13 dBm =  20 mW = 52 qdBm
14 dBm =  25 mW = 56 qdBm
15 dBm =  32 mW = 60 qdBm (8 dBi Antenne -3 dB Kabel/Stecker)
16 dBm =  40 mW = 64 qdBm
17 dBm =  50 mW = 68 qdBm (4 dBi Antenne -1 dB Kabel/Stecker)
18 dBm =  63 mW = 72 qdBm
19 dBm =  79 mW = 76 qdBm
20 dBm = 100 mW = 80 qdBm (0 dBi Antenne -0 dB Kabel/Stecker)
21 dBm = 126 mW = 84 qdBm
22 dBm = 158 mW = 88 qdBm
23 dBm = 200 mW = 92 qdBm
24 dBm = 251 mW = 96 qdBm

Notizen

gru3 - Gruschaplatz 3 - alte GPS 48.19457925291452;16.283304691314697 frontend 48 11 41 16 17 0
gru3ost - Gruschaplatz 3 - alte GPS 48.194548857439884;16.28334492444992 frontend 48 11 40 16 17 1

wag23 - Wagramerstrasse 23/1 - alte GPS 48.23561590674427;16.42226256430149 frontend 48 14 8.25 16 25 19.96
wag23ost - Wagramerstrasse 23/1 - alte GPS 48.23552077360733;16.42235577106476 frontend 48 14 7.7 16 25 20.6

nux

pk@nux
pk@nux

NAT traversal

http://samy.pl/pwnat/
http://m19s28.dyndns.org/iblech/nat-traverse/#vpn-ppp
Von „https://oldwiki.funkfeuer.at/index.php?title=Benutzer:Peerco&oldid=13819