Änderungen

VPN zentral-Server-skript (Quelltext anzeigen)

Version vom 6. März 2007, 17:02 Uhr

4.832 Bytes hinzugefügt , 17:02, 6. Mär. 2007

K

→‎Datei: /etc/init.d/vpn: update

Zeile 10: Zeile 10:

fkt_write_olsrd_conf() {

fkt_infotext "generating olsrd.conf ..."

−

~~# experimental!~~

+

cp /etc/olsrd.conf_head /etc/olsrd.conf

−

awk '/ifup/ {print $3,$12}' /etc/vtund.conf

+

awk '/ifup/ {print $3,$12}' /etc/vtund.conf|

+

while read IFACE NODE

+

do

+

cat>>/etc/olsrd.conf<<EOF

+

Interface "$IFACE" {

+

HelloInterval 50.0

+

HelloValidityTime 900.0

+

TcInterval 30.0

+

TcValidityTime 2700.0

+

MidInterval 150.0

+

MidValidityTime 2700.0

+

HnaInterval 150.0

+

HnaValidityTime 900.0

+

Ip4Broadcast 10.63.$NODE.253

+

LinkQualityMult default 0.1

+

}

+

EOF

+

done

+

}

+

fkt_netcount_start() {

+

fkt_infotext "installing netfilter counters ..."

+

iptables -N vpn_user_outgoing

+

iptables -N vpn_olsr_outgoing

+

iptables -N vpn_user_incoming

+

iptables -N vpn_olsr_incoming

+

iptables -I OUTPUT -o tap+ -j vpn_user_outgoing

+

iptables -I OUTPUT -o tap+ -p udp --sport 698 -j vpn_olsr_outgoing

+

iptables -I INPUT -i tap+ -j vpn_user_incoming

+

iptables -I INPUT -i tap+ -p udp --dport 698 -j vpn_olsr_incoming

+

awk '/ifup/ {print $3}' /etc/vtund.conf|

+

while read IFACE

+

do

+

iptables -I vpn_user_outgoing -i $IFACE -j ACCEPT

+

iptables -I vpn_olsr_outgoing -i $IFACE -j ACCEPT

+

iptables -I vpn_user_incoming -i $IFACE -j ACCEPT

+

iptables -I vpn_olsr_incoming -i $IFACE -j ACCEPT

+

done

+

}

+

fkt_netcount_stop() {

+

fkt_infotext "deleting netfilter counters ..."

+

iptables -D OUTPUT -o tap+ -j vpn_user_outgoing

+

iptables -D OUTPUT -o tap+ -p udp --sport 698 -j vpn_olsr_outgoing

+

iptables -D INPUT -i tap+ -j vpn_user_incoming

+

iptables -D INPUT -i tap+ -p udp --dport 698 -j vpn_olsr_incoming

+

iptables -F vpn_olsr_outgoing

+

iptables -F vpn_user_outgoing

+

iptables -F vpn_olsr_incoming

+

iptables -F vpn_user_incoming

+

iptables -X vpn_olsr_outgoing

+

iptables -X vpn_user_outgoing

+

iptables -X vpn_olsr_incoming

+

iptables -X vpn_user_incoming

}

Zeile 47: Zeile 103:

start)

fkt_write_olsrd_conf

+

fkt_netcount_start

fkt_start_vtund

fkt_start_olsrd

Zeile 53: Zeile 110:

fkt_kill_olsrd

fkt_kill_vtund

+

fkt_netcount_stop

;;

restart)

Zeile 65: Zeile 123:

;;

esac

+

</pre>

+

=Datei: /etc/olsrd.conf_head=

+

<pre>

+

DebugLevel 0

+

IpVersion 4

+

AllowNoInt yes

+

Pollrate 0.05

+

TcRedundancy 2

+

MprCoverage 7

+

UseHysteresis no

+

LinkQualityFishEye 0

+

LinkQualityWinSize 100

+

LinkQualityDijkstraLimit 0 5.0

+

LinkQualityLevel 2

+

#

+

# Achtung! Aenderungen nur in /etc/olsrd.conf_head machen! Siehe /etc/init.d/vpn!

+

#

+

#LoadPlugin "olsrd_quagga.so.0.2.2"

+

#{

+

# PlParam "redistribute" "bgp"

+

#}

+

Hna4 {

+

10.63.30.252 255.255.255.252

+

10.63.30.0 255.255.255.240

+

104.63.30.0 255.255.255.240

+

104.61.0.0 255.255.0.0

+

}

+

IpcConnect {

+

MaxConnections 1

+

Host 127.0.0.1

+

Net 10.63.0.0 255.0.0.0

+

}

+

Interface "venet0" {

+

HelloInterval 5.0

+

HelloValidityTime 90.0

+

TcInterval 3.0

+

TcValidityTime 270.0

+

MidInterval 15.0

+

MidValidityTime 270.0

+

HnaInterval 15.0

+

HnaValidityTime 90.0

+

Ip4Broadcast 10.63.30.254

+

LinkQualityMult default 0.1

+

}

+

</pre>

+

=Datei: /etc/vtund.conf=

+

<pre>

+

default {type ether; compress no; encrypt no; keepalive no; multi no; stat no; }

+

j2a {device tap0 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 82 ";};}

+

rembrandt {device tap1 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 41 ";};}

+

l18a_roof {device tap2 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 1 ";};}

+

rex {device tap3 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 54 ";};}

+

ranger {device tap4 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 20 ";};}

+

Bode {device tap5 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 37 ";};}

+

hababusch {device tap6 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 33 ";};}

+

t65uplink {device tap7 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 62 ";};}

+

weimarwest {device tap8 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 87 ";};}

+

trierer7 {device tap9 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 120 ";};}

+

m18-ping02 {device tap10 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 2 ";};}

+

stonebridge {device tap11 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 39 ";};}

+

heller_und_pfennig {device tap12 ; passwd ff ; up{program "/etc/init.d/vpn ifup %% 224 ";};}

</pre>

Fries43

Bürokraten, Administratoren

3.747

Bearbeitungen

Änderungen

VPN zentral-Server-skript (Quelltext anzeigen)

Version vom 6. März 2007, 17:02 Uhr

Navigationsmenü

Suche