free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Mesh tunnel

Bob Mottram 8 years ago
parent
14a521e770
commit
d7784143f0
2 changed files with 117 additions and 0 deletions
Split View Show Diff Stats
  1. 111
    0
      src/freedombone-app-batman
  2. 6
    0
      src/freedombone-image-mesh

+ 111
- 0
src/freedombone-app-batman View File 

@@ -137,6 +137,117 @@ function mesh_install_batman {
137 137 
     chroot "$rootdir" systemctl enable batman
138 138 
 }
139 139
140 
+function install_mesh_tunnel {
141 
+    # https://sudoroom.org/wiki/Mesh/Relay_setup
142 
+    chroot "$rootdir" apt-get -yq install xl2tpd l2tpns
143 
+    chroot "$rootdir" apt-get -yq install iproute bridge-utils libnetfilter-conntrack3 python-dev libevent-dev ebtables python-pip git
144 
+
145 
+    git clone https://github.com/wlanslovenija/tunneldigger $rootdir/opt/tunneldigger
146 
+    cd $rootdir/opt/tunneldigger/client
147 
+    chroot "$rootdir" make
148 
+    if [ ! -f $rootdir/opt/tunneldigger/client/l2tp_client ]; then
149 
+        echo $'tunneldigger failed to build client'
150 
+        exit 823563
151 
+    fi
152 
+    cd $rootdir/opt/tunneldigger/broker
153 
+    chroot "$rootdir" pip install -r requirements.txt
154 
+    echo 'l2tp_core' >> $rootdir/etc/modules
155 
+    echo 'l2tp_eth' >> $rootdir/etc/modules
156 
+    echo 'l2tp_netlink' >> $rootdir/etc/modules
157 
+
158 
+    echo '#!/bin/sh' > $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
159 
+    echo 'INTERFACE="$3"' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
160 
+    echo 'ifconfig $INTERFACE up' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
161 
+    echo 'batctl if add $INTERFACE' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
162 
+    echo 'if [ `cat /sys/class/net/bat0/operstate` != "up" ]; then' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
163 
+    echo "  ipv4addr=\$(ip -o -f inet addr show dev \"eth0\" | awk '{print \$4}' | awk 'END {print}' | awk -F '/' '{print \$1}')" >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
164 
+    echo '  ifconfig bat0 $ipv4addr netmask 255.0.0.0 up' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
165 
+    echo 'fi' >> $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
166 
+    chmod +x $rootdir/opt/tunneldigger/broker/scripts/up_hook.sh
167 
+
168 
+    echo '[broker]' > $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
169 
+    echo '; IP address the broker will listen and accept tunnels on' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
170 
+    echo 'address=127.0.0.1' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
171 
+    echo '; Ports where the broker will listen on' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
172 
+    echo "port=53,123,8942" >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
173 
+    echo '; Interface with that IP address' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
174 
+    echo 'interface=lo' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
175 
+    echo '; Maximum number of tunnels that will be allowed by the broker' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
176 
+    echo 'max_tunnels=1024' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
177 
+    echo '; Tunnel port base' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
178 
+    echo 'port_base=20000' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
179 
+    echo '; Tunnel id base' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
180 
+    echo 'tunnel_id_base=100' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
181 
+    echo '; Namespace (for running multiple brokers); note that you must also' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
182 
+    echo '; configure disjunct ports, and tunnel identifiers in order for' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
183 
+    echo '; namespacing to work' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
184 
+    echo 'namespace=default' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
185 
+    echo '; check if all kernel module are loaded. Do not check for built-ins.' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
186 
+    echo 'check_modules=true' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
187 
+    echo '' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
188 
+    echo '[log]' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
189 
+    echo '; Log filename' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
190 
+    echo 'filename=tunneldigger-broker.log' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
191 
+    echo '; Verbosity' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
192 
+    echo 'verbosity=DEBUG' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
193 
+    echo '; Should IP addresses be logged or not' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
194 
+    echo 'log_ip_addresses=false' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
195 
+    echo '' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
196 
+    echo '[hooks]' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
197 
+    echo '; Arguments to the session.{up,pre-down,down} hooks are as follows:' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
198 
+    echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
199 
+    echo ';    <tunnel_id> <session_id> <interface> <mtu> <endpoint_ip> <endpoint_port> <local_port>' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
200 
+    echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
201 
+    echo '; Arguments to the session.mtu-changed hook are as follows:' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
202 
+    echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
203 
+    echo ';    <tunnel_id> <session_id> <interface> <old_mtu> <new_mtu>' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
204 
+    echo ';' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
205 
+    echo '' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
206 
+    echo '; Called after the tunnel interface goes up' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
207 
+    echo 'session.up=/opt/tunneldigger/broker/scripts/up_hook.sh' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
208 
+    echo '; Called just before the tunnel interface goes down' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
209 
+    echo 'session.pre-down=' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
210 
+    echo '; Called after the tunnel interface goes down' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
211 
+    echo 'session.down=' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
212 
+    echo '; Called after the tunnel MTU gets changed because of PMTU discovery' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
213 
+    echo 'session.mtu-changed=' >> $rootdir/opt/tunneldigger/broker/l2tp_broker.cfg
214 
+
215 
+    echo '[Unit]' > $rootdir/etc/systemd/system/tunneldigger.service
216 
+    echo 'Description=TunnelDigger Broker' >> $rootdir/etc/systemd/system/tunneldigger.service
217 
+    echo 'After=syslog.target' >> $rootdir/etc/systemd/system/tunneldigger.service
218 
+    echo 'After=network.target' >> $rootdir/etc/systemd/system/tunneldigger.service
219 
+    echo '' >> $rootdir/etc/systemd/system/tunneldigger.service
220 
+    echo '[Service]' >> $rootdir/etc/systemd/system/tunneldigger.service
221 
+    echo 'Type=simple' >> $rootdir/etc/systemd/system/tunneldigger.service
222 
+    echo 'User=root' >> $rootdir/etc/systemd/system/tunneldigger.service
223 
+    echo 'Group=root' >> $rootdir/etc/systemd/system/tunneldigger.service
224 
+    echo 'WorkingDirectory=/opt/tunneldigger/broker' >> $rootdir/etc/systemd/system/tunneldigger.service
225 
+    echo 'ExecStart=/opt/tunneldigger/broker/l2tp_broker.py l2tp_broker.cfg' >> $rootdir/etc/systemd/system/tunneldigger.service
226 
+    echo 'Restart=always' >> $rootdir/etc/systemd/system/tunneldigger.service
227 
+    echo 'RestartSec=60' >> $rootdir/etc/systemd/system/tunneldigger.service
228 
+    echo '' >> $rootdir/etc/systemd/system/tunneldigger.service
229 
+    echo '[Install]' >> $rootdir/etc/systemd/system/tunneldigger.service
230 
+    echo 'WantedBy=multi-user.target' >> $rootdir/etc/systemd/system/tunneldigger.service
231 
+
232 
+    echo '#!/bin/bash' > $rootdir/usr/bin/meshtunnel
233 
+    echo 'if [ ! $1 ]; then' >> $rootdir/usr/bin/meshtunnel
234 
+    echo '    echo "Syntax: meshtunnel [from external IP] [to external IP]"' >> $rootdir/usr/bin/meshtunnel
235 
+    echo '    exit 1' >> $rootdir/usr/bin/meshtunnel
236 
+    echo 'fi' >> $rootdir/usr/bin/meshtunnel
237 
+    echo 'if [ ! $2 ]; then' >> $rootdir/usr/bin/meshtunnel
238 
+    echo '    echo "Syntax: meshtunnel [from external IP] [to external IP]"' >> $rootdir/usr/bin/meshtunnel
239 
+    echo '    exit 2' >> $rootdir/usr/bin/meshtunnel
240 
+    echo 'fi' >> $rootdir/usr/bin/meshtunnel
241 
+    echo '' >> $rootdir/usr/bin/meshtunnel
242 
+    echo 'sed -i "s|address=.*|address=$1|g" /opt/tunneldigger/broker/l2tp_broker.cfg' >> $rootdir/usr/bin/meshtunnel
243 
+    echo 'systemctl restart tunneldigger' >> $rootdir/usr/bin/meshtunnel
244 
+    echo 'sleep 3' >> $rootdir/usr/bin/meshtunnel
245 
+    echo 'cd /opt/tunneldigger/client' >> $rootdir/usr/bin/meshtunnel
246 
+    echo './l2tp_client -f -u foo -l ${2}:53 -i l2tp' >> $rootdir/usr/bin/meshtunnel
247 
+    echo 'exit 0' >> $rootdir/usr/bin/meshtunnel
248 
+    chmod +x $rootdir/usr/bin/meshtunnel
249 
+}
250 
+
140 251 
 function install_batman {
141 252 
     if [ $INSTALLING_MESH ]; then
142 253 
         mesh_install_batman

+ 6
- 0
src/freedombone-image-mesh View File 

@@ -554,6 +554,12 @@ function setup_tahoelafs {
554 554 
     echo $'Configured Tahoe-LAFS' >> $INSTALL_LOG
555 555 
 }
556 556
557 
+function setup_tunneldigger {
558 
+    systemctl enable tunneldigger
559 
+    systemctl daemon-reload
560 
+    systemctl start tunneldigger
561 
+}
562 
+
557 563 
 # whether to reset the identity
558 564 
 set_new_identity=
559 565 
 if [ $2 ]; then