Benutzer:Peerco: Unterschied zwischen den Versionen

Aus FunkFeuer Wiki
Wechseln zu: Navigation, Suche
(OpenVPN tunnel)
(OpenVPN tunnel)
Zeile 32: Zeile 32:
 
<pre>
 
<pre>
 
root@gru3ost:~# cat /etc/init.d/S42openvpn
 
root@gru3ost:~# cat /etc/init.d/S42openvpn
#!/bin/sh -e
 
  
DAEMON=/usr/sbin/openvpn
+
[..]
CONFIG_DIR=/var/etc/openvpn
+
VPN_IF=tap0
+
test -x $DAEMON || exit 0
+
test -d $CONFIG_DIR || mkdir $CONFIG_DIR
+
 
+
start_vpn () {
+
 
+
ff_openvpn_active="$(nvram get ff_openvpn_active)"
+
ff_openvpn_host="$(nvram get ff_openvpn_host)"
+
ff_openvpn_proto="$(nvram get ff_openvpn_proto)"
+
ff_openvpn_port="$(nvram get ff_openvpn_port)"
+
ff_openvpn_secret="$(nvram get ff_openvpn_secret)"
+
ff_openvpn_ip="$(nvram get ff_openvpn_ip)"
+
ff_openvpn_netmask="$(nvram get ff_openvpn_netmask)"
+
ff_openvpn_noolsr="$(nvram get ff_openvpn_noolsr)"
+
 
+
if [ ! "$ff_openvpn_active" = "1" ]; then
+
echo -n " OpenVPN not activated"
+
echo
+
exit 0
+
fi
+
 
+
test -z "$ff_openvpn_host" && exit 0
+
test -z "$ff_openvpn_port" && exit 0
+
test -z "$ff_openvpn_ip" && exit 0
+
test -z "$ff_openvpn_netmask" && exit 0
+
  
 
#create OpenVPN config
 
#create OpenVPN config
Zeile 79: Zeile 52:
 
EOM
 
EOM
  
if [ "$ff_openvpn_secret" = "1" ] && [ -f /etc/openvpn/$VPN_IF.secret ]; then
+
[..]
cat>>$CONFIG_DIR/$VPN_IF.conf<<EOM
+
secret          /etc/openvpn/$VPN_IF.secret"
+
auth            sha1
+
cipher          none
+
EOM
+
fi
+
  
#create OLSRd config
+
</pre>
  
if [ "$ff_openvpn_noolsr" = "1" ]; then
+
<pre>
  echo > /tmp/etc/local.olsrd.conf-openvpn
+
else
+
 
+
ff_ip4broad=$(nvram get ff_ip4broad)
+
test -n "$ff_ip4broad" && ff_ip4broad="Ip4Broadcast $(nvram get ff_ip4broad)"
+
 
+
ff_openvpn_lq="$(nvram get ff_openvpn_lq)"
+
test -n "$ff_openvpn_lq" && ff_lqmult="LinkQualityMult default $ff_openvpn_lq"
+
 
+
SPEED=$(nvram get ff_olsrspeed)
+
test -z "$SPEED" && SPEED=5
+
 
+
if [ "0" != "$(nvram get ff_fisheye)" ];then
+
  TCINT=$(( 2 * SPEED / 3 ))
+
else
+
  TCINT=$(( 2 * SPEED ))
+
fi
+
 
+
cat>/tmp/etc/local.olsrd.conf-openvpn<<EOM
+
# this file is automatically generated by openvpn-webif,
+
# to define your own settings use /etc/local.olsrd.conf
+
Interface "$VPN_IF"
+
{
+
        HelloInterval          $(( 1 * SPEED )).0
+
        HelloValidityTime      $(( 25 * SPEED )).0
+
        TcInterval              $TCINT.0
+
        TcValidityTime          $(( 75 * SPEED )).0
+
        MidInterval            $(( 5 * SPEED )).0
+
        MidValidityTime        $(( 75 * SPEED )).0
+
        HnaInterval            $(( 5 * SPEED )).0
+
        HnaValidityTime        $(( 75 * SPEED )).0
+
        $ff_ip4broad
+
        $ff_lqmult
+
}
+
EOM
+
fi
+
 
+
 
+
    $DAEMON --daemon --writepid /var/run/openvpn.$VPN_IF.pid --config $CONFIG_DI
+
R/$VPN_IF.conf --cd $CONFIG_DIR || echo -n " FAILED->"
+
 
+
    echo -n " $VPN_IF"
+
}
+
 
+
 
+
stop_vpn () {
+
  kill `cat /var/run/openvpn.$VPN_IF.pid` || true
+
  rm /var/run/openvpn.$VPN_IF.pid
+
}
+
 
+
case "$1" in
+
start)
+
  echo -n "Starting openvpn:"
+
 
+
      start_vpn
+
 
+
  echo "."
+
  ;;
+
 
+
stop)
+
  echo -n "Stopping openvpn:"
+
 
+
    if test -e /var/run/openvpn.$VPN_IF.pid ; then
+
      stop_vpn
+
      echo -n " $VPN_IF"
+
    else
+
      echo -n " not running: $VPN_IF"
+
    fi
+
  echo "."
+
  ;;
+
 
+
restart)
+
  $0 stop
+
  sleep 1
+
  $0 start
+
  ;;
+
*)
+
  echo "Usage: $0 {start|stop|restart}" >&2
+
  exit 1
+
  ;;
+
esac
+
 
+
exit 0
+
</pre>
+
  
 
== Misc ==
 
== Misc ==

Version vom 28. Dezember 2010, 19:30 Uhr

Nodes

  • gru3 roof on the 5th floor
  • gru3ost base fallback tunnel kryptavpn

Servers

Hardware

  • WRAP Wireless Router Application Platform

Software

Docs

OpenVPN tunnel

leider ließ sich http://ipkg.funkfeuer.at/ipkg/1.7/0xff-openvpn-webif_1.7.1_mipsel.ipk nicht installieren

ipkg remove tcpdump
ipkg remove freifunk-tcpdump
ipkg install freifunk-tcpdump 

root@gru3ost:~# cat /etc/init.d/S42openvpn

[..]

#create OpenVPN config

cat>$CONFIG_DIR/$VPN_IF.conf<<EOM
dev             $VPN_IF
proto           $ff_openvpn_proto
remote          $ff_openvpn_host
port            $ff_openvpn_port
ifconfig        $ff_openvpn_ip $ff_openvpn_netmask
route-up        /etc/openvpn/openvpn-webif-route-up.sh
up              /etc/openvpn/openvpn-webif-if-up.sh
down            /etc/openvpn/openvpn-webif-if-down.sh
up-restart
comp-lzo
script-security 2
verb 3
EOM

[..]



== Misc ==
Von „https://oldwiki.funkfeuer.at/index.php?title=Benutzer:Peerco&oldid=11109