search for: vpnmask

...h replaces the prefix=blah on the "make install" line with DESTDIR=blah. The prefix is correctly set for /usr, but is overridden with the current make install. DESTDIR is the clean way to relocate the installation into the debian/tmp build dir. The second patch strips the newline off $VPNMASK in the init.d script. The perl system() call sees the ifconfig call as two separate commands. --- tinc/debian/rules Sun May 21 18:40:41 2000 +++ tinc.new/debian/rules Sun Aug 20 16:16:50 2000 @@ -32,7 +32,7 @@ dh_clean -k dh_installdirs - $(MAKE) install prefix=`pwd`/debian/tmp/usr + $(MAKE...

...s a problem with tinc's boot scripts (at least the debian one, but that's fixed now). The netmask of the tap devices should be larger than the one specified with MyOwnVPNIP, because it must accept packets that are destined for other subnets. We have a new directive that goes into tinc.conf, VpnMask. Suppose our TOTAL vpn is 10.1.x.x/16, and our own subnet is 10.1.1.x/24, this should go into tinc.conf: MyOwnVPNIP = 10.1.1.1/24 VpnMask = 255.255.0.0 Ivo asked me to inform you about this, so you could adapt the RedHat boot scripts. Met vriendelijke groet, Guus Sliepen. --- TINC development l...

...ork, but 10.x.y.z addresses for tinc! Why is that? Tinc does not need it's own IP's, you just have to put the ones you are already using in the configuration file. > ==== Router A tinc.conf ==== > TapDevice = /dev/tap0 > ConnectTo = 216.63.158.19 > MyVirtualIP = 10.0.0.1/8 > VpnMask = 255.0.0.0 > AllowConnect = no > ============================ Your MyVirtualIP should be 10.0.0.1/24, not /8. The subnet the tincd on router A represents is a class C subnet. However, the VpnMask is different - it is used to tell the startup script what the scope of the ENTIRE private netwo...

Hello, I'm trying to set up a vpn using tinc, so I installed tinc with the rpm version on my firewall as a listener. Setting up the tap device is no problem. The file /etc/tinc/tinc.conf looks like: TapDevice = /dev/tap0 MyVirtualIP = 192.168.2.1/24 Vpnmask = 255.255.255.0 When I start the script /etc/rc.d/init.d/tinc start it says something about missing /etc/tinc/nets.boot file. In your documentation there's nothing mentioned about this file. What's it for and how is it configured? with kind regards, Johan laagland. -------------- next pa...

...nfig DEV="$(grep -i -e '^[[:space:]]*TapDevice' $CFG | sed 's/[[:space:]]//g; s/^.*=//g')" VPN="$(grep -i -e '^[[:space:]]*(MyOwnVPNIP|MyVirtualIP)' -E $CFG | sed 's/[[:space:]]//g; s/^.*=//g')" IFM="$(grep -i -e '^[[:space:]]*VPNMask' $CFG | sed 's/[[:space:]]//g; s/^.*=//g')" # TapDevice syntax validation [ -z "$DEV" ] && \ { MSG="TapDevice required!"; return 1; } [ $(echo $DEV | wc -l) -gt 1 ] && \ { MSG="multiple TapDevice entries not allowed!"...

I am using tinc1.0pre1 pre2 is not yet available on the tinc site. The Var. VpnMask is unknown in version pre1. Netmask is 255.0.0.0 on tap0 on both gateways. Still the problem that you can ping the gateway on the other network but not the machines behind it. I've used the rpm download. -----Original Message----- From: Guus Sliepen [mailto:guus@warande3094.warande.uu.nl] Sent...

...quot;; return 1; } echo $VPN | grep -q -x -E \ '([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}/[[:digit:]]{1,2}' || \ - { MSG="badly formed MyOwnVPNIP/MyVirtualIP address $VPN!"; return 1 } + { MSG="badly formed MyOwnVPNIP/MyVirtualIP address $VPN!"; return 1; } # VPNMask syntax validation [ $(echo $IFM | wc -l) -gt 1 ] && \ - { MSG="multiple VPNMask entries not allowed!"; return 1 } + { MSG="multiple VPNMask entries not allowed!"; return 1; }...

On Sun, 11 Jun 2000, gbarnett wrote: > Guus... I couldn't seem to get this to the mail list... could you post it > and/or answer it for me? Sure. > 2.3.4.5/tinc.conf > MyVirtualIP = 10.69.69.69/32 > TapDevice = /dev/tap0 > VPNMask = 255.255.255.0 Problem found (I think)! MyVirtualIP should be 10.69.69.69/29. Your VPNMask is correct. Idem for server B, where MyVirtualIP should be 10.69.69.73/29. MyVirtualIP not only tells the tincdaemons what IP address it has itself, but also the scope of the subnet it represents (and each...

G'day, I've just downloaded the tinc-1.0pre3 and compiled it - it seems to work fine. I tried your tinc start script in the redhat directory, first adding the MyOwnVPNIP = 10.1.3.1/16 VpnMask = 255.255.0.0 to my tinc.conf file as suggested. But now when TINC is invoked, tinc exits with the following error. [root@platypus tinc-1.0pre3]# /usr/local/sbin/tincd -n wurley.vpn Failed to read `/usr/local/etc/tinc/wurley.vpn/tinc.conf': No such file or directory [root@platypus tinc-1.0pr...

Hi, Although Im dutch too, Ill write this in english. I got a similar problem then the one on the helpforum. Ill paste my setup first server tincd.conf ---- ListenPort = 8089 MyOwnVPNIP = 192.168.100.1/24 #VpnMask = 255.255.255.0 TapDevice = /dev/tap0 Passphrases=/usr/local/etc/tinc/passphrases server tapdev ---- tap0 Link encap:Ethernet HWaddr FE:FD:C0:A8:6F:01 inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0 UP BROADCAST RUNNING NOARP MULTICAST MTU:1500 Metri...

...4/24 eth1 10.69.69.69/29 broadcast 10.69.69.71 tap0 10.69.69.69/24 broadcast 10.69.69.255 HWaddr fe:fd:0a:45:45:45 route: 10.69.69.64 * 255.255.255.248 eth1 10.69.69.0 * 255.255.255.0 tap0 1.2.3.0 * 255.255.255.0 eth0 2.3.4.5/tinc.conf MyVirtualIP = 10.69.69.69/32 TapDevice = /dev/tap0 VPNMask = 255.255.255.0 For server B: ifconfig : eth0 2.3.4.5/24 eth1 10.69.69.73/29 broadcast 10.69.69.79 tap0 10.69.69.73/24 broadcast 10.69.69.255 HWaddr fe:fd:0a:45:45:49 route: 10.69.69.72 * 255.255.255.248 eth1 10.69.69.0 * 255.255.255.0 tap0 2.3.4.0 * 255.255.255.0 eth0 1.2.3.4/tinc.conf...

...m to get there. Just to get things figured out I've got two machines on the same physical network, mach A: 192.168.0.1, mach B: 192.168.0.3. bcast is 192.168.0.255. Machine A /etc/tinc/tinc.conf ListenPort=655 MyOwnVPNIP=10.0.0.1/24 Passphrases=/etc/tinc/passphrases TapDevice=/dev/tap0 VpnMask=255.0.0.0 Machine A ifconfig ifconfig tap0 10.0.0.1 broadcast 10.255.255.255 netmask 255.0.0.0 Machine B /etc/tinc/tinc.conf ConnectTo=192.168.0.1 MyOwnVPNIP=10.0.0.2/24 Passphrases=/etc/tinc/passphrases TapDevice=/dev/tap0 VpnMask=255.0.0.0 Machine B ifconfig ifconfig tap0 10.0.0.2 broadca...

Although we (the authors of tinc) have done our best to make tinc as secure as possible, an unfortunate combination of encryption and key exchange techniques has created a hole in at least all versions of tinc >= 0.3, including the current CVS version. Exploit: If somebody can intercept the meta protocol to a host that is running a tinc daemon, it is possible to decrypt the passphrase, which

Although we (the authors of tinc) have done our best to make tinc as secure as possible, an unfortunate combination of encryption and key exchange techniques has created a hole in at least all versions of tinc >= 0.3, including the current CVS version. Exploit: If somebody can intercept the meta protocol to a host that is running a tinc daemon, it is possible to decrypt the passphrase, which

...nsert your own ip numbers instead of the placeholders, # and be sure to use your own passphrases. # See man tinc.conf(5) tincd(8) genauth(8), info tinc and # /usr/doc/tinc-1.0pre2/tinc.conf.sample TapDevice = /dev/tap0 #ConnectTo = peer.real.ip.number MyVirtualIP = 192.168.2.1/24 #AllowConnect = no VpnMask = 255.255.255.0 ifconfig (eth0 is internal): eth0 Link encap:Ethernet HWaddr 00:A0:24:81:B9:15 inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0 UP BROADCAST RUNNING MTU:1500 Metric:1 RX packets:1090148 errors:1 dropped:1 overruns:0 frame:2...

Hi all, 1.0pre2 is there. [ I just noticed the included ChangeLog is empty -- oh well. ] * This version has been internationalized; and a Dutch translation has been included. * Two configuration variables have been added: * VpnMask - the IP network mask for the entire VPN, not just our subnet (as given by MyVirtualIP). The Redhat and Debian packages use this variable in their system startup scripts, but it is ignored by tinc. * Hostnames - if set to `yes', look up the names of IP addresses trying to con...

Hi all, 1.0pre2 is there. [ I just noticed the included ChangeLog is empty -- oh well. ] * This version has been internationalized; and a Dutch translation has been included. * Two configuration variables have been added: * VpnMask - the IP network mask for the entire VPN, not just our subnet (as given by MyVirtualIP). The Redhat and Debian packages use this variable in their system startup scripts, but it is ignored by tinc. * Hostnames - if set to `yes', look up the names of IP addresses trying to con...

Hi all, I have used tinc to get a vpn up and running I am almost there but have some problems at the end. My config: Building A Network 10.0.0.0 netmask 255.255.255.0 gateway 10.0.0.30 tap0 device on gateway machine 10.0.0.31 Building B Network 10.2.0.0 netmask 255.255.255.0 gateway 10.2.0.154 tap0 device on gateway machine 10.2.0.155 from network A I can ping 10.2.0.154 but not the other