|
|
(13 intermediate revisions by 2 users not shown) |
Line 1: |
Line 1: |
− | <!--<div style="border:3px solid black; text-align:center; color:red;"><b>THIS DOCUMENTATION IS ONLY PARTIALLY FINISHED FOR CHAOSVPN 2.0!</b></div>-->
| |
| | | |
| | | |
| | | |
− | = Install software =
| |
| | | |
− | The following is written assuming a fresh install of NetBSD 5.2 using the GENERIC kernel, with a pkgsrc repository and networking already configured.
| + | [[ChaosVPN:Netbsd NAT VPN router using chaosvpn and ipnat]] |
| | | |
− | == Install necessary programs from pkgsrc ==
| |
| | | |
− | # pkg_add tinc (will add lzo as a dependancy)
| + | [[ChaosVPN:Tims_NetBSD_chaosvpn_rc.d]] |
− | # pkg_add zlib
| |
− | # pkg_add bison (will install m4 as a dependancy)
| |
− | # pkg_add flex
| |
− | # pkg_add openssl
| |
− | # pkg_add gmake
| |
| | | |
− | we will also need to install git. Installing git from pkgsrc brings in a long list of other packages (mostly related to Perl) which I list below.
| + | [[ChaosVPN:Tims_ipf_conf]] |
| | | |
− | # pkg_add scmgit
| + | [[ChaosVPN:Tims_netbsd_route_hack_attempt]] |
| | | |
− | adds the following packages as dependancies:
| |
| | | |
− | scmgit-base
| + | [[ChaosVPN:Tims_random_router_configs]] |
− | scmgit-docs
| |
− | tcl
| |
− | tk
| |
− | scmgit-gitk
| |
− | perl-5
| |
− | p5-Error
| |
− | p5-MIME-Base64
| |
− | p5-TimeDate
| |
− | p5-MailTools
| |
− | p5-Digest-SHA
| |
− | p5-Digest-MD5
| |
− | p5-Digest-HMAC
| |
− | p5-Net-IP
| |
− | p5-Sockets
| |
− | p5-Net-DNS
| |
− | p5-IO-Socket-INET6
| |
− | p5-Email-Valid
| |
− | p5-Net-LibIDN
| |
− | p5-Net-SSLeay
| |
− | p5-IO-Socket-SSL
| |
− | p5-Net-SMTP
| |
− | p5-GSSAPI
| |
− | p5-Authen-SASL
| |
− | libffi
| |
− | python27
| |
− | curl
| |
− | | |
− | == Create config directory ==
| |
− | | |
− | # mkdir -p /usr/pkgsrc/etc/tinc/chaos
| |
− | | |
− | == InstallChaosVPN ==
| |
− | | |
− | | |
− | | |
− | === Security concerns ===
| |
− | | |
− | It’s best to create a new, non-root user specifically for running ChaosVPN. This user will need to be listed in the '''sudoers''' file, and will need to be a member of the '''wheel''' group, so you can run the <code>sudo</code> and <code>su</code> commands, respectively. In the file <code>/usr/pkg/etc/tinc/chaosvpn.conf</code>, change the option '''$tincd_user''' to that new user.
| |
− | | |
− | === Get the ChaosVPN source from the git repository ===
| |
− | | |
− | Always needed to compile:
| |
− | | |
− | $ git clone git://github.com/ryd/chaosvpn.git
| |
− | $ cd chaosvpn
| |
− | | |
− | | |
− | | |
− | === Editing the Makefile ===
| |
− | | |
− | We are actually kind of using the FreeBSD install options, since there is no NetBSD specific install at this time. So we will have to edit the Makefile (and various other configurations).
| |
− | | |
− | Navigate to the directory where you installed git information for chaosvpn. Open the Makefile with your favorite text editor, and change the following lines:
| |
− | | |
− | '''line 7'''
| |
− | ifneq (,$(findstring FreeBSD,$(OS)))
| |
− | ''needs to change to:''
| |
− | ifneq (,$(findstring '''NetBSD''',$(OS)))
| |
− | | |
− | '''line 10'''
| |
− | PREFIX?=/usr/local
| |
− | ''needs to change to:''
| |
− | PREFIX?='''/usr/pkg'''
| |
− | | |
− | '''line 11'''
| |
− | TINCDIR?=/usr/local/etc/tinc
| |
− | ''needs to change to:''
| |
− | TINCDIR?='''/usr/pkg/etc/tinc'''
| |
− | | |
− | '''line 93'''
| |
− | install -m 0755 freebsd.rc.d $(DESTDIR)$(PREFIX)/etc/rc.d/chaosvpn
| |
− | ''needs to change to:''
| |
− | '''install -m 0755 freebsd.rc.d /etc/rc.d/chaosvpn''''''
| |
− | | |
− | | |
− | | |
− | === Build and Install the application ===
| |
− | | |
− | After editing the makefile, we need to make and install the application.
| |
− | | |
− | $ gmake
| |
− | $ su -
| |
− | # gmake bsdinstall
| |
− | | |
− | | |
− | | |
− | === Editing the Configuration Files ===
| |
− | | |
− | Open up /usr/pkg/etc/tinc/chaosvpn.conf using your favorite text editor. Change the following lines:
| |
− | | |
− | '''line 48'''
| |
− | $tincd_bin = "/usr/local/sbin/tincd";
| |
− | ''needs to change to:''
| |
− | $tincd_bin = '''"/usr/pkg/sbin/tincd"''';
| |
− | | |
− | '''line 80'''
| |
− | $base = "/usr/local/etc/tinc/$networkname";
| |
− | ''needs to change to:''
| |
− | $base = '''"/usr/pkg/etc/tinc/$networkname"''';
| |
− | | |
− | | |
− | And now you're good to go!
| |
− | | |
− | | |
− | | |
− | | |
− | = Get your new node added to the central configuration =
| |
− | | |
− | {{Template:ChaosVPNMailit}}
| |
− |
| |
− | | |
− | | |
− | | |
− | = Enable Starting of ChaosVPN =
| |
− | | |
− | | |
− | | |
− | | |
− | = Uninstall =
| |
− | | |
− | But why would you want to? :)
| |
− | | |
− | rm /etc/rc.d/chaosvpn
| |
− | rm /usr/pkg/sbin/chaosvpn
| |
− | rm -rf /usr/pkg/etc/tinc/*
| |
− | | |
− | | |
− | | |
− | | |
− | | |
− | | |
− | | |
− | | |
− | [[Category:ChaosVPN]] | |