Dieses Wiki ist ein Archiv bis 2023. Das aktuelle Wiki findet sich unter https://wiki.hamburg.ccc.de/

Difference between revisions of "User:Othtim"

From CCCHHWiki
Jump to: navigation, search
(Create config directory)
m
 
(35 intermediate revisions by 2 users not shown)
Line 1: Line 1:
<!--<div style="border:3px solid black; text-align:center; color:red;"><b>THIS DOCUMENTATION IS ONLY PARTIALLY FINISHED FOR CHAOSVPN 2.0!</b></div>-->
 
  
  
''HowTo on Netbsd 5.2''
 
  
  
[[ChaosVPN:NetBSD 5.2 Howto]]
+
[[ChaosVPN:Netbsd NAT VPN router using chaosvpn and ipnat]]
  
= Install software =
 
  
The following is written assuming a fresh install of NetBSD 5.2 using the GENERIC kernel, with a pkgsrc repository and networking already configured.
+
[[ChaosVPN:Tims_NetBSD_chaosvpn_rc.d]]
  
== Install necessary programs from pkgsrc ==
+
[[ChaosVPN:Tims_ipf_conf]]
  
# pkg_add  tinc  (will add lzo as a dependancy)
+
[[ChaosVPN:Tims_netbsd_route_hack_attempt]]
# pkg_add  zlib
 
# pkg_add  bison (will install m4 as a dependancy)
 
# pkg_add  flex
 
# pkg_add  openssl
 
  
we will also need to install git. Installing git from pkgsrc brings in a long list of other packages (mostly related to Perl) which I list below.
 
  
# pkg_add  scmgit
+
[[ChaosVPN:Tims_random_router_configs]]
 
 
adds the following packages as dependancies:
 
 
 
scmgit-base
 
scmgit-docs
 
tcl
 
tk
 
scmgit-gitk
 
perl-5
 
p5-Error
 
p5-MIME-Base64
 
p5-TimeDate
 
p5-MailTools
 
p5-Digest-SHA
 
p5-Digest-MD5
 
p5-Digest-HMAC
 
p5-Net-IP
 
p5-Sockets
 
p5-Net-DNS
 
p5-IO-Socket-INET6
 
p5-Email-Valid
 
p5-Net-LibIDN
 
p5-Net-SSLeay
 
p5-IO-Socket-SSL
 
p5-Net-SMTP
 
p5-GSSAPI
 
p5-Authen-SASL
 
libffi
 
python27
 
curl
 
 
 
== Create config directory ==
 
 
 
# mkdir -p /usr/pkgsrc/etc/tinc/chaos
 
 
 
== Install our ChaosVPN software ==
 
 
 
=== Compile for yourself from our git repository ===
 
 
 
Always needed to compile:
 
 
 
# git clone git://github.com/ryd/chaosvpn.git
 
# cd chaosvpn
 
 
 
==== way 1: create a git snapshot debian package ====
 
 
 
# make deb
 
  perhaps it throws an error about missing build dependencies, install these and retry.
 
# sudo dpkg -i ../chaosvpn_2.0*.deb
 
  install the generated package file, replace filename above with real name.
 
  it is also possible to copy the generated .deb package to a different machine of the same
 
  architecture and install it there - no need to have a full compile environment
 
  on your router/firewall.
 
 
 
==== way 2: create debian package and install this ====
 
 
 
# debuild
 
  Answer the "This package has a Debian revision number but there does not seem to be
 
  an appropriate original tar file or .orig directory in the parent directory" with "y"
 
# sudo dpkg -i ../chaosvpn_2.0*.deb
 
  install the generated package file, replace filename above with real name.
 
 
 
==== way 3: just compile and install the raw binary ====
 
 
 
# make
 
# sudo make install
 
 
 
= Get your new node added to the central configuration =
 
 
 
{{Template:ChaosVPNMailit}}
 
 
 
 
= Customize configfile =
 
 
 
edit the chaosvpn.conf in /etc/tinc/
 
 
 
$my_peerid = <nodename>
 
 
$my_vpn_ip = 172.31.<your Subnet>.[1-255]
 
 
 
= Enable Starting of ChaosVPN =
 
 
 
If you installed ChaosVPN through our Debian packages it is not started by default.
 
 
 
To enable this edit the file /etc/default/chaosvpn and change the RUN= line to RUN="yes"
 
 
 
After all changes (re-)start the chaosvpn client:
 
 
 
# /etc/init.d/chaosvpn start
 
 
 
If you made everything correct there should now be a tinc daemon running, and the output of 'route -n' should show lots of routes pointing to the new 'chaos_vpn' network interface.
 
 
 
On other systems you have to take a look at our debian/init.d example script and adapt it for your environment.
 
 
 
= script in /etc/ppp/ip-up to autostart, or to restart from time to time via cron =
 
 
 
if you built a debian package and installed it the cron and ip-up parts are already setup, if you installed it manually with make install you have to do it yourself.
 
 
 
 
 
and with luck, it will function beautifully! ;)
 
 
 
 
 
todo:
 
tons ;)
 
test in particular, and adjust docs for other linux distros, and perhaps even with *bsd
 
 
 
[[Category:ChaosVPN]]
 

Latest revision as of 07:11, 8 December 2013