|
|
(35 intermediate revisions by 2 users not shown) |
Line 1: |
Line 1: |
− | <!--<div style="border:3px solid black; text-align:center; color:red;"><b>THIS DOCUMENTATION IS ONLY PARTIALLY FINISHED FOR CHAOSVPN 2.0!</b></div>-->
| |
| | | |
| | | |
− | ''HowTo on Netbsd 5.2''
| |
| | | |
| | | |
− | [[ChaosVPN:NetBSD 5.2 Howto]] | + | [[ChaosVPN:Netbsd NAT VPN router using chaosvpn and ipnat]] |
| | | |
− | = Install software =
| |
| | | |
− | The following is written assuming a fresh install of NetBSD 5.2 using the GENERIC kernel, with a pkgsrc repository and networking already configured.
| + | [[ChaosVPN:Tims_NetBSD_chaosvpn_rc.d]] |
| | | |
− | == Install necessary programs from pkgsrc ==
| + | [[ChaosVPN:Tims_ipf_conf]] |
| | | |
− | # pkg_add tinc (will add lzo as a dependancy)
| + | [[ChaosVPN:Tims_netbsd_route_hack_attempt]] |
− | # pkg_add zlib
| |
− | # pkg_add bison (will install m4 as a dependancy)
| |
− | # pkg_add flex
| |
− | # pkg_add openssl
| |
| | | |
− | we will also need to install git. Installing git from pkgsrc brings in a long list of other packages (mostly related to Perl) which I list below.
| |
| | | |
− | # pkg_add scmgit
| + | [[ChaosVPN:Tims_random_router_configs]] |
− | | |
− | adds the following packages as dependancies:
| |
− | | |
− | scmgit-base
| |
− | scmgit-docs
| |
− | tcl
| |
− | tk
| |
− | scmgit-gitk
| |
− | perl-5
| |
− | p5-Error
| |
− | p5-MIME-Base64
| |
− | p5-TimeDate
| |
− | p5-MailTools
| |
− | p5-Digest-SHA
| |
− | p5-Digest-MD5
| |
− | p5-Digest-HMAC
| |
− | p5-Net-IP
| |
− | p5-Sockets
| |
− | p5-Net-DNS
| |
− | p5-IO-Socket-INET6
| |
− | p5-Email-Valid
| |
− | p5-Net-LibIDN
| |
− | p5-Net-SSLeay
| |
− | p5-IO-Socket-SSL
| |
− | p5-Net-SMTP
| |
− | p5-GSSAPI
| |
− | p5-Authen-SASL
| |
− | libffi
| |
− | python27
| |
− | curl
| |
− | | |
− | == Create config directory ==
| |
− | | |
− | # mkdir -p /usr/pkgsrc/etc/tinc/chaos
| |
− | | |
− | == Install our ChaosVPN software ==
| |
− | | |
− | === Compile for yourself from our git repository ===
| |
− | | |
− | Always needed to compile:
| |
− | | |
− | # git clone git://github.com/ryd/chaosvpn.git
| |
− | # cd chaosvpn
| |
− | | |
− | ==== way 1: create a git snapshot debian package ====
| |
− | | |
− | # make deb
| |
− | perhaps it throws an error about missing build dependencies, install these and retry.
| |
− | # sudo dpkg -i ../chaosvpn_2.0*.deb
| |
− | install the generated package file, replace filename above with real name.
| |
− | it is also possible to copy the generated .deb package to a different machine of the same
| |
− | architecture and install it there - no need to have a full compile environment
| |
− | on your router/firewall.
| |
− |
| |
− | ==== way 2: create debian package and install this ====
| |
− | | |
− | # debuild
| |
− | Answer the "This package has a Debian revision number but there does not seem to be
| |
− | an appropriate original tar file or .orig directory in the parent directory" with "y"
| |
− | # sudo dpkg -i ../chaosvpn_2.0*.deb
| |
− | install the generated package file, replace filename above with real name.
| |
− | | |
− | ==== way 3: just compile and install the raw binary ====
| |
− | | |
− | # make
| |
− | # sudo make install
| |
− | | |
− | = Get your new node added to the central configuration =
| |
− | | |
− | {{Template:ChaosVPNMailit}}
| |
− |
| |
− | | |
− | = Customize configfile =
| |
− | | |
− | edit the chaosvpn.conf in /etc/tinc/
| |
− | | |
− | $my_peerid = <nodename>
| |
− |
| |
− | $my_vpn_ip = 172.31.<your Subnet>.[1-255]
| |
− | | |
− | = Enable Starting of ChaosVPN =
| |
− | | |
− | If you installed ChaosVPN through our Debian packages it is not started by default.
| |
− | | |
− | To enable this edit the file /etc/default/chaosvpn and change the RUN= line to RUN="yes"
| |
− | | |
− | After all changes (re-)start the chaosvpn client:
| |
− | | |
− | # /etc/init.d/chaosvpn start
| |
− | | |
− | If you made everything correct there should now be a tinc daemon running, and the output of 'route -n' should show lots of routes pointing to the new 'chaos_vpn' network interface.
| |
− | | |
− | On other systems you have to take a look at our debian/init.d example script and adapt it for your environment.
| |
− | | |
− | = script in /etc/ppp/ip-up to autostart, or to restart from time to time via cron =
| |
− | | |
− | if you built a debian package and installed it the cron and ip-up parts are already setup, if you installed it manually with make install you have to do it yourself.
| |
− | | |
− | | |
− | and with luck, it will function beautifully! ;)
| |
− | | |
− | | |
− | todo:
| |
− | tons ;)
| |
− | test in particular, and adjust docs for other linux distros, and perhaps even with *bsd
| |
− | | |
− | [[Category:ChaosVPN]]
| |