Displaying 20 results from an estimated 314 matches for "tun0".
Did you mean:
tun
2003 Apr 25
2
firewalling help/audit
...d like to be sure not
to make any mistake.
Thanks a lot in advance.
Antoine
Here is my ruleset:
#!/bin/sh
# Firewall Command
fwcmd="/sbin/ipfw"
# Flush out the list before we begin.
${fwcmd} -f flush
# Stop spoofing
${fwcmd} add deny all from 192.168.0.0:255.255.255.0 to any in via tun0
### ${fwcmd} add deny all from ${outside_net}:${outside_mask} to any in via
vr0 ### Disabled --> dynamic @ip
# Stop RFC1918 nets on the outside interface
${fwcmd} add deny all from any to 10.0.0.0/8 via tun0
${fwcmd} add deny all from any to 172.16.0.0/12 via tun0
${fwcmd} add deny all from an...
2003 Jul 03
1
ipv6 dialup: "nd6_lookup: failed to lookup" problem (4.8-REL)
Hi all,
I try to receive an ipv6 address for my PPP link via autoconf
(against Cisco machine), but there is a problem I'm unable to solve so
far. I can see cisco's Router-Advertisement containing prefix etc.,
but no IP adress is assigned to tun0 interface. Anyone succesful in
IPv6 over dial-up PPP connection? When I manually assign IPv6 address,
connection works. My system is 4.8-RELEASE, PPP Version 3.1 - Apr 3
2003.
axxem.hide:~# rtsol -d -D tun0
link-layer address option has null length on tun0. Treat as not included.
checking if tun0...
2004 Oct 10
0
weird problem with ip+snat+tun0
i have a box with 2 real interfaces and one more virtual
eth0 - to the internet (193....
eth1 - to the local net (192.168..)
tun0 - to another ISP
the routing is: all the free/local classes i send them directly on eth0,
the rest of the internet i send throw tun0
the admin from tun0 wants me to snat all the packets with my end of the
ip-tun0-interface
and i snat all the trafic that go to local/free nets
the problem is that...
2005 Feb 07
9
Zoning Out
I''m getting my zones confused. Help.
I need to have a bunch of systems using OpenVPN to gain an IP in the
virtual subnet 10.100.1.0/24, on interface tun0.
I will then route whole subnets to those IPs, like 10.100.2.0/24 via
10.100.1.12, etc.
I want to have a policy for:
- all hosts behind tun0
- all hosts in 10.100.1.0/24
- individual subnets being routed through IPs in 10.100.1.0/24
So, I think I need:
interfaces:
- tun0
hosts:
remote1 tu...
2005 Aug 19
2
Binding to Tun0 device
...lo all,
We have a few aliased Ethernet addresses on our server and if I do not
use the Bind statement in the "Global" section then the NMBD seems to
try to bind to all of the addresses.
We are actually using OpenVPN which make the connections just fine on a
172.16.x.x subnet to "tun0" device.
The problem is that Samba does not seem to find the tun0 device and
reports that there are no network cards available if I use the:
Bind Interfaces Only = True
Interfaces tun0 172.16.0.1
How can I just bind Samba to the tun0 device?
Also, with my home machine on the 192.168.x.x s...
2006 Nov 11
5
src/etc/rc.firewall simple ${fw_pass} tcp from any to any established
...established
from src/etc/rc.firewall case - simple. Which solved it.
But I was scared, not undertstand what the established bit did, &
how easily an attacker might fake something, etc.
I found adding these tighter rules instead worked for me
${fwcmd} tcp from any http to me established in via tun0
${fwcmd} tcp from me to any http established out via tun0
Should I still be worrying about established ?
Julian
--
Julian Stacey. BSD Unix C Net Consultancy, Munich/Muenchen http://berklix.com
Mail Ascii, not HTML. Ihr Rauch = mein allergischer Kopfschmerz.
http://berklix.org/free-softwar...
2015 Dec 06
3
openvpn + routing
Hello,
i have a little question.
My system:
ip route:
0.0.0.0/1 via 10.8.0.5 dev tun0
default via 192.168.2.1 dev br0 proto static metric 425
10.8.0.1 via 10.8.0.5 dev tun0
10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6
88.198.140.127 via 192.168.2.1 dev br0
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.101
metric 425
192.168.122.0/24 dev virbr0 pr...
2007 Mar 15
1
Openvpn routing problem
...his is what I have after the tunnel is brought up:
SERVER (A.A.A.A)
Arx:~# ip addr
...
3: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:04:e2:09:6c:ea brd ff:ff:ff:ff:ff:ff
inet 192.168.13.1/24 brd 192.168.13.255 scope global eth1
...
5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,10000> mtu 1500 qdisc
pfifo_fast qlen 100
link/[65534]
inet 10.0.13.1 peer 10.0.13.2/32 scope global tun0
Arx:~# ip route
A.A.A.B dev ppp0 proto kernel scope link src A.A.A.A
10.0.13.2 dev tun0 proto kernel scope link src 10.0.13.1
10.0.13.0...
2005 Jul 08
1
gre tunnel between networks with same subnet
.... Here are some numbers: eth1 on Box A
is 192.168.1.1/24, eth1 on Box B is 192.168.1.31/24.
On Box B there are 4 NICs, 3 of them (including eth1)
are bridged, with the bridge interface being br0
(192.168.1.31 is actually assigned to br0, not eth1).
I''ve read the lartc howto, so I created a tun0
interface on both boxes: ip tunnel add tun0 mode gre
remote remote_ip_here local local_ip_here ttl 255; ip
link set tun0 up. The problem is what do I do from
here? Do I bridge tun0 and eth1 on Box A and add tun0
to br0 on Box B? Or do I just enable proxy_arp for
eth1 and tun0 on Box A and for br0 a...
2016 Mar 03
2
issue with tinc and libvirt / Network is already in use by interface tun0
2004 Oct 08
4
Problem with VPN routing from internal network
Hi folks,
I have the two firewalls (Slackware current) in differnt cities connected via OpenVPN.
I can ping the network behind server firewall from client firewall server.
But how to route/iptable network traffic from the network behind client firewall to see the netwrok behind server firewall?
Thank you
Remus
2015 Jan 22
1
Help linking subnets
...tinc configurazion of 2
subnets, now my goal is to add 2 more subnets and comunicate.
I might seem dumb at this point but honestly I don't work in IT or
Networking stuff, and so I dont have that deep knowledge.
A little explanation of my configuration is
HOST A (VPN server)
Public IP: 1.2.3.4
tun0 Subnet = 192.168.10.0/24
tun0 IP = 192.168.10.1
HOST B (VPN Client configured in a Raspberry Pi)
eth0 NET = 192.168.2.10 255.255.255.0 gw 192.168.2.1
tun0 Subnet = 192.168.10.0/24
tun0 Subnet = 192.168.2.0/24
HOST C (VPN Client configured in a Raspberry Pi)
eth0 NET = 192.168.1.101 255.255.255...
2009 Apr 06
2
help needed for freebsd
Hi,
I'm trying to run tinc 1.0.9 on freebsd 7.1-RELEASE-p4.
I tried:
Device=/dev/net/tun0
DeviceType=tun
I tried it without the device-line, i tried the other
devicetype-options, none of them work. With all of them I get the
following error:
30311: open("/dev/net/tun0",O_RDWR|O_NONBLOCK,05024360414) = 3 (0x3)
30311: ioctl(3,TUNSIFHEAD,0xbfbfec58) ERR#45 'Operation not s...
2017 Dec 29
2
OpenVPN server and firewalld
...hen modify firewall-cmd rule and add your port/proto
>
> e.g.
> firewall-cmd --zone=<INSERT YOUR ZONE> --add-port=11193/tcp
That opens the physical Ethernet interface to allow the raw SSL
connection from the client into the server. It doesn't open a connection
for the tunnel (tun0 interface) that's been created by the OpenVPN
service to forward packets to the internal LAN zone.
I tried adding the tun0 interface to the internal zone and firewall-cmd
told me tun0 was managed by NetworkManager. After that it didn't show
tun0 as a member of any zone.
#? firewall-cmd...
2015 May 21
2
IPv6 subnet routing
I have 2 nodes nodeA and nodeB
I'm using tinc 1.1pre11
-- nodeA(fd80:2015:2105:abcd::1) :
$ ip -6 route
fd80:2015:2105:abcd::1 dev tun0 proto kernel metric 256
fd80:2015:2105:adcd::/64 dev tun0 metric 1024
fe80::/64 dev eth0 proto kernel metric 256
$ ping6 fd80:2015:2105:abcd::1
PING fd80:2015:2105:abcd::1(fd80:2015:2105:abcd::1) 56 data bytes
64 bytes from fd80:2015:2105:abcd::1: icmp_seq=1 ttl=64 time=0.020 ms
$ ping6 fd80...
2015 Jan 24
1
tinc Digest, Vol 123, Issue 11
....0.0 178.62.128.1 0.0.0.0 UG 0 0 0 eth0
10.129.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
178.62.128.0 0.0.0.0 255.255.192.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
a route from HOST B shows:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
0.0.0.0...
2013 Apr 10
1
What about port 2048 for GRE(47) packaged in ip protocol
?
? ? Hi, all:?
? ? ? ? I'm playing with Gre Tunnel programming in centos 6.
? ? ? ??
? ? ? ? I wrote my program in these steps:?
? ? ? ? a, open /dev/net/tun ?device and ioctl with?TUNSETIFF, get fd to tun device, say "tun0";
? ? ? ? b, create one socket and use it to set tun0's ?ip address, namyly?SIOCSIFADDR and?SIOCSIFDSTADDR; and then turn it up;
? ? ? ? c, create one raw socket to send things which got from the tun0 device to other machine, and to receive packages which should be?feeded into the tun0 dev...
2008 Mar 26
8
Hub/Spoke OpenVPN can't communicate from Client A to Client B - FORWARD:REJECT:IN=tun0 OUT=tun0
...bytes=32 time=335ms TTL=127
So as you can see the link is up and shorewall does let through the connections to the local server subnet. On checking /var/log/messages i can see shorewall has dropped packets destined for 192.168.10.1:
Mar 26 04:33:10 router-hq kernel: Shorewall:FORWARD:REJECT:IN=tun0 OUT=tun0 SRC=172.16.1.6 DST=192.168.10.1 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=31895 PROTO=ICMP TYPE=8 CODE=0 ID=1 SEQ=25270
Mar 26 04:33:11 router-hq kernel: Shorewall:FORWARD:REJECT:IN=tun0 OUT=tun0 SRC=172.16.1.6 DST=192.168.10.1 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=31898 PROTO=ICMP TYPE=8 CODE=0...
2014 Dec 26
0
unable to have smb listen on NIC tun0 or 10/8 IP addres
Hi everybody and merry Chrissy!
I have smb listening to two interfaces and with tun0 this failed.
Package was from Debian 7 - 2:3.6.6-6+deb7u4
# smbclient //10.9.8.1/public -Unot_a_user
Enter not_a_user's password:
Connection to 10.9.8.1 failed (Error NT_STATUS_CONNECTION_REFUSED)
# smbclient //127.0.0.1/public -Unot_a_user
Enter not_a_user's password:
Domain=[WORKGROUP...
2005 Nov 29
0
fwmark port - dual adsl line
...-
eth0 (adsl 1) eth1 (adsl 2)
| |
| |
| |
| |
-----------------
| |
| Gateway |
| |
-----------------
|
|
|
tun0
Below is my iptables scripting to mark certain ports:
-
# eMule
$IPTABLES -t mangle -A PREROUTING -i tun0 -p tcp -m
multiport --destination-ports 4242,4661,4662,4663,4711
-j MARK -set-mark 11
$IPTABLES -t mangle -A PREROUTING -i tun0 -p udp -m
multiport --destination-ports 4672 -j MARK -set-mar...