search for: protocol_subnet

Displaying 12 results from an estimated 12 matches for "protocol_subnet".

2005 Apr 13
3
Patch for tunnelserver mode in protocol_subnet.c
Hello, Here is a patch for protocol_subnet.c with two modifications : - in tunnelserver mode, tinc must check subnets in the ".../hosts/owner" config file, not in "c->config_tree" (which is the configuration of the meta-connection from which we receive the ADD_SUBNET message). - this checking can be made befor...
2015 Nov 24
1
Authenticating VPN addresses: a proposal
...h example, but there are others) > and it is not very flexible, but I would disagree that it is > unmanageable. In ChaosVPN we use StrictSubnets, and additionally the following patch on the core-nodes where (nearly) everyone connects to: (cut&paste whitespace damaged) diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c index 06dafbc..e2d4bfc 100644 --- a/src/protocol_subnet.c +++ b/src/protocol_subnet.c @@ -117,7 +117,9 @@ bool add_subnet_h(connection_t *c, const char *request) { if(strictsubnets) { logger(DEBUG_ALWAYS, LOG_WARNING, "Ignoring unauthorized %s...
2015 Nov 25
0
tinc exit when there is no internet?
...; and it is not very flexible, but I would disagree that it is > > unmanageable. > > In ChaosVPN we use StrictSubnets, and additionally the following patch > on the core-nodes where (nearly) everyone connects to: > > (cut&paste whitespace damaged) > > diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c > index 06dafbc..e2d4bfc 100644 > --- a/src/protocol_subnet.c > +++ b/src/protocol_subnet.c > @@ -117,7 +117,9 @@ bool add_subnet_h(connection_t *c, const char > *request) { > if(strictsubnets) { > logger(DEBUG_ALWAYS, LOG_WARNI...
2015 Nov 25
0
tinc exit when there is no internet?
...; and it is not very flexible, but I would disagree that it is > > unmanageable. > > In ChaosVPN we use StrictSubnets, and additionally the following patch > on the core-nodes where (nearly) everyone connects to: > > (cut&paste whitespace damaged) > > diff --git a/src/protocol_subnet.c b/src/protocol_subnet.c > index 06dafbc..e2d4bfc 100644 > --- a/src/protocol_subnet.c > +++ b/src/protocol_subnet.c > @@ -117,7 +117,9 @@ bool add_subnet_h(connection_t *c, const char > *request) { > if(strictsubnets) { > logger(DEBUG_ALWAYS, LOG_WARNI...
2015 Dec 07
2
Tinc & moving VMs accross network
On 7 December 2015 at 17:20, Florent B <florent at coppint.com> wrote: > I have a cluster of 5 nodes, running Proxmox 4, and Tinc as "virtual > switch" for my nodes : on each node, a bridge "vmbr1" where Tinc is > connected, provides me a secured network for my VMs (connected to that > bridge). > > When I move (hot move) a VM from a host to another, I
2008 Sep 30
1
Problem compiling tinc-1.0.8 on gcc-2.95
...inged = true; c->last_ping_time = now; return send_request(c, "%d", PING); @@ -139,7 +139,7 @@ { cp(); - c->status.pinged = false; + c->status.st.pinged = false; /* Succesful connection, reset timeout if this is an outgoing connection. */ diff -ubr tinc-1.0.8/src/protocol_subnet.c tinc-1.0.8.my/src/protocol_subnet.c --- tinc-1.0.8/src/protocol_subnet.c Wed Apr 26 15:53:05 2006 +++ tinc-1.0.8.my/src/protocol_subnet.c Thu Sep 25 11:19:53 2008 @@ -134,7 +134,7 @@ *(new = new_subnet()) = s; subnet_add(owner, new); - if(owner->status.reachable) + if(owner->status.st...
2015 Nov 22
5
Authenticating VPN addresses: a proposal
TL;DR: a proposal for a new tinc feature that allows nodes to filter ADD_SUBNET messages based on the metaconnection on which they are received, so that nodes can't impersonate each other's VPN Subnets. Similar to StrictSubnets in spirit, but way more flexible. BACKGROUND: THE ISSUE OF TRUST IN A TINC NETWORK In terms of metaconnections (I'm not discussing data tunnels here), one of
2015 Dec 07
0
Tinc & moving VMs accross network
...c() function) it looks like tinc is not really able to > migrate MAC addresses from one node to another in the way you'd > expect. It will add the MAC address to the new node, but will not > remove it from the other. It actually does, search for the comment "Fast handoff" in protocol_subnet.c. It should cause the old MAC entry to be removed in at most PingTimeout (which defaults to 5) seconds. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc...
2006 Jun 01
1
compile cvs trunk
...usr/local/share/locale\" -DLOCALSTATEDIR=\"/usr/local/var\" -g -O2 -o tincd conf.o connection.o edge.o event.o graph.o logger.o meta.o net.o net_packet.o net_setup.o net_socket.o netutl.o node.o process.o protocol.o protocol_auth.o protocol_edge.o protocol_misc.o protocol_key.o protocol_subnet.o route.o subnet.o tincd.o ../lib/libvpn.a -lcrypto -lz -llzo graph.o: In function `sssp_bfs':/usr/src/tinc/src/graph.c:278: undefined reference to `device' ... tincd.o: In function `main':/usr/src/tinc/src/tincd.c:504: undefined reference to `dump_device_stats' collect2: ld re...
2014 Nov 22
2
Tinc 1.0.24 build failed on OSX Mavericks
...in.o dummy_device.o edge.o event.o fake-getaddrinfo.o fake-getnameinfo.o getopt.o getopt1.o graph.o list.o logger.o meta.o multicast_device.o net.o net_packet.o net_setup.o net_socket.o netutl.o node.o pidfile.o process.o protocol.o protocol_auth.o protocol_edge.o protocol_misc.o protocol_key.o protocol_subnet.o raw_socket_device.o route.o subnet.o tincd.o utils.o xmalloc.o bsd/device.o -lcrypto -lz -llzo2 clang: warning: argument unused during compilation: '-pie' Undefined symbols for architecture x86_64: "_res_9_init", referenced from: _main_loop in net.o ld: symbo...
2010 Apr 06
1
"Mode Switch" and "Tunnelserver Yes" cause unnecessary traffic to clients (proposed patch)
...VPN with a statement like: Subnet = 10.0.0.0/8 But I should add every Mac address of the tap interfaces of the clients. This is not feasible, because I also guess these mac addresses change everytime a tap interface is created. What I did to fix my problem was to patch this file at line 109: src/protocol_subnet.c:109 deleting the if statement that was preventing to add "Subnets" So I just deleted from line 109 to 130. Of course this is a dirty hack that works in my particular setup. Now the ARP lookup on the server works fine. before the server was sending the traffic to ALL the clients, so w...
2003 Aug 04
1
OpenBSD 3.2 and Release 1
...nc/src/net_socket.c U tinc/src/netutl.c U tinc/src/netutl.h U tinc/src/node.c U tinc/src/node.h U tinc/src/process.c U tinc/src/process.h U tinc/src/protocol.c U tinc/src/protocol.h U tinc/src/protocol_auth.c U tinc/src/protocol_edge.c U tinc/src/protocol_key.c U tinc/src/protocol_misc.c U tinc/src/protocol_subnet.c U tinc/src/route.c U tinc/src/route.h U tinc/src/subnet.c U tinc/src/subnet.h U tinc/src/tincd.c cvs server: Updating tinc/src/cygwin U tinc/src/cygwin/device.c cvs server: Updating tinc/src/darwin U tinc/src/darwin/device.c cvs server: Updating tinc/src/freebsd U tinc/src/freebsd/device.c cvs se...