|
|
(41 intermediate revisions by 2 users not shown) |
Line 1: |
Line 1: |
− | <!--<div style="border:3px solid black; text-align:center; color:red;"><b>THIS DOCUMENTATION IS ONLY PARTIALLY FINISHED FOR CHAOSVPN 2.0!</b></div>-->
| |
| | | |
| | | |
− | ''HowTo on Netbsd 5.2''
| |
| | | |
| | | |
− | [[ChaosVPN:NetBSD 5.2 Howto]] | + | [[ChaosVPN:Netbsd NAT VPN router using chaosvpn and ipnat]] |
| | | |
− | = Install software =
| |
| | | |
− | The following is written assuming a fresh install of NetBSD 5.2 using the GENERIC kernel, with a pkgsrc repository already configured.
| + | [[ChaosVPN:Tims_NetBSD_chaosvpn_rc.d]] |
| | | |
− | == Install necessary helper programs from pkgsrc ==
| + | [[ChaosVPN:Tims_ipf_conf]] |
| | | |
− | # pkg_add tinc iproute libssl0.9.8 zlib1g
| + | [[ChaosVPN:Tims_netbsd_route_hack_attempt]] |
| | | |
| | | |
− | URHERE
| + | [[ChaosVPN:Tims_random_router_configs]] |
− | | |
− | needed to compile the chaosvpn-client if not using a precreated debian package for it:
| |
− | | |
− | # apt-get install build-essential git-core bison flex libssl-dev zlib1g-dev
| |
− | | |
− | == Install tinc ==
| |
− | | |
− | # apt-get install tinc
| |
− | | |
− | You need either the package from Debian squeeze/unstable, or a lenny backport like from [http://debian.sdinet.de/lenny/sdinet/tinc/ http://debian.sdinet.de/lenny/sdinet/tinc/]
| |
− | | |
− | This should be at least tinc version 1.0.13, but may work with 1.0.10 or later.
| |
− | | |
− | Or visit [http://tinc-vpn.org/ http://tinc-vpn.org/], download and build yourself -
| |
− | at a minimum ./configure, specify the parameter --sysconfdir=/etc, and check the binary in the script
| |
− |
| |
− | If the tinc installation gives the following error:
| |
− | | |
− | > ./MAKEDEV: don't know how to make device "tun"
| |
− | | |
− | Then create the device by hand:
| |
− | | |
− | # mkdir -p /dev/net
| |
− | # mknod /dev/net/tun c 10 200
| |
− | # chown root:root /dev/net/tun
| |
− | # chmod 600 /dev/net/tun
| |
− | | |
− | == Create config directory ==
| |
− | | |
− | # mkdir -p /etc/tinc/chaos
| |
− | | |
− | == Install our ChaosVPN software ==
| |
− | | |
− | === Compile for yourself from our git repository ===
| |
− | | |
− | Always needed to compile:
| |
− | | |
− | # git clone git://github.com/ryd/chaosvpn.git
| |
− | # cd chaosvpn
| |
− | | |
− | ==== way 1: create a git snapshot debian package ====
| |
− | | |
− | # make deb
| |
− | perhaps it throws an error about missing build dependencies, install these and retry.
| |
− | # sudo dpkg -i ../chaosvpn_2.0*.deb
| |
− | install the generated package file, replace filename above with real name.
| |
− | it is also possible to copy the generated .deb package to a different machine of the same
| |
− | architecture and install it there - no need to have a full compile environment
| |
− | on your router/firewall.
| |
− |
| |
− | ==== way 2: create debian package and install this ====
| |
− | | |
− | # debuild
| |
− | Answer the "This package has a Debian revision number but there does not seem to be
| |
− | an appropriate original tar file or .orig directory in the parent directory" with "y"
| |
− | # sudo dpkg -i ../chaosvpn_2.0*.deb
| |
− | install the generated package file, replace filename above with real name.
| |
− | | |
− | ==== way 3: just compile and install the raw binary ====
| |
− | | |
− | # make
| |
− | # sudo make install
| |
− | | |
− | = Get your new node added to the central configuration =
| |
− | | |
− | {{Template:ChaosVPNMailit}}
| |
− |
| |
− | | |
− | = Customize configfile =
| |
− | | |
− | edit the chaosvpn.conf in /etc/tinc/
| |
− | | |
− | $my_peerid = <nodename>
| |
− |
| |
− | $my_vpn_ip = 172.31.<your Subnet>.[1-255]
| |
− | | |
− | = Enable Starting of ChaosVPN =
| |
− | | |
− | If you installed ChaosVPN through our Debian packages it is not started by default.
| |
− | | |
− | To enable this edit the file /etc/default/chaosvpn and change the RUN= line to RUN="yes"
| |
− | | |
− | After all changes (re-)start the chaosvpn client:
| |
− | | |
− | # /etc/init.d/chaosvpn start
| |
− | | |
− | If you made everything correct there should now be a tinc daemon running, and the output of 'route -n' should show lots of routes pointing to the new 'chaos_vpn' network interface.
| |
− | | |
− | On other systems you have to take a look at our debian/init.d example script and adapt it for your environment.
| |
− | | |
− | = script in /etc/ppp/ip-up to autostart, or to restart from time to time via cron =
| |
− | | |
− | if you built a debian package and installed it the cron and ip-up parts are already setup, if you installed it manually with make install you have to do it yourself.
| |
− | | |
− | | |
− | and with luck, it will function beautifully! ;)
| |
− | | |
− | | |
− | todo:
| |
− | tons ;)
| |
− | test in particular, and adjust docs for other linux distros, and perhaps even with *bsd
| |
− | | |
− | [[Category:ChaosVPN]]
| |