From 9c707e34113b65160f16e9bbf1e212439c3cde9c Mon Sep 17 00:00:00 2001 From: makefu Date: Tue, 6 May 2014 16:13:56 +0200 Subject: add journal of default-gw configuration --- sites/tinc-defaultgw/configure-default-gw.journal | 47 +++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 sites/tinc-defaultgw/configure-default-gw.journal diff --git a/sites/tinc-defaultgw/configure-default-gw.journal b/sites/tinc-defaultgw/configure-default-gw.journal new file mode 100644 index 00000000..5e44e98c --- /dev/null +++ b/sites/tinc-defaultgw/configure-default-gw.journal @@ -0,0 +1,47 @@ +Most of the code ist stolen from: http://wiki.ubuntuusers.de/Tinc + +Make sure that you replace: + * -> name of the gateway node in tinc + * + * + +# Client + + curl tinc.krebsco.de | sh + # edit /etc/tinc/retiolum/tinc.conf to use only the nodes you would like to + # connect to + cd /etc/tinc/retiolum/hosts + cat > -up < + ORIGINAL_GATEWAY=`ip route show | grep ^default | cut -d ' ' -f 2-5` + + ip route add $REMOTEADDRESS $ORIGINAL_GATEWAY + ip route add $VPN_GATEWAY dev $INTERFACE + ip route add 0.0.0.0/1 via $VPN_GATEWAY dev $INTERFACE + ip route add 128.0.0.0/1 via $VPN_GATEWAY dev $INTERFACE + EOF + cat > -down < + + # add the key to painload + make -C //retiolum update + # allow ip masquerading + # persist this: + iptables -t nat -A POSTROUTING -o -s 10.243.0.0/16 -j MASQUERADE + echo "net.ipv4.ip_forward=1" > /etc/sysctl.d/11-ipforward.conf + sysctl -p + # add to your /etc/tinc/retiolum/hosts/ : + Subnet = 0.0.0.0/0 + systemctl restart tincd@retiolum -- cgit v1.2.3