Displaying 20 results from an estimated 200 matches similar to: "tincctl patches"
2007 Oct 18
0
[PATCH] Use credentials and permissions on control socket where available
There are at least three cases:
* Linux: check credentials and pid from client;
restrict permissions from server
* BSD: check credentials only from client; restrict permissions from server
* Solaris: wide open
---
configure.in | 4 ++--
src/control.c | 11 ++++++++++-
src/control_common.h | 1 +
src/tincctl.c | 38 ++++++++++++++++++++++++++++++++++----
4
2012 Dec 28
4
tincctl localhost timeout
First off, thanks to all who have made tinc possible and continue to work
developing it. I hope perhaps in time I can become a useful part of this
community. :) I'm having an interesting issue with tincctl and was hoping
someone could shed some light on it. Everything seems to work correctly when
I build for OSX; however on linux and windows builds, I always receive
connection
2007 Oct 18
0
[PATCH] Use a control socket directory to restrict access
This approach is more complex than I'd like, but it works even on Solaris,
which has neither credential passing nor permissions on the socket itself.
---
src/control.c | 82 +++++++++++++++++++++++++++++++++++++++-----------
src/control_common.h | 1 +
src/tincctl.c | 67 +++++++++++++++++++++++++++++++++--------
src/tincd.c | 2 +-
4 files changed, 120
2008 Dec 23
2
Signal tinc under Windows
Hello,
I am new to tinc and I have read in the docs that one can "signal" tinc with
various options. How to achieve this under Windows?
Any assistance/pointers appreciated.
Apologies, my original post was mailed from another account, hence it was
rejected.
Thanks
Graham Smith
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2013 Jan 13
4
tinc 1.1pre4 on Win7x64 --mlock prevents service from starting
c:\APPS\TINC\tincd.exe --mlock --net=mynet --config=C:\APPS\tinc\mynet
Without --mlock, the service starts OK.
With --mlock, the service fails to start.
2012 Dec 02
1
Query node status
Hello folks,
for monitoring purposes I need to query the network status in order to get all a list of all "online" nodes (that are connected to the network right now). How can I do so?
Thanks in advance,
Keep smiling
yanosz
2024 Apr 25
3
NSD 4.10.0rc1 pre-release
NSD 4.10.0rc1 is available:
https://nlnetlabs.nl/downloads/nsd/nsd-4.10.0rc1.tar.gz
sha256 ad476e82eee5bdabc985e071cabe6a68263dd02eac6278ce2f81798b8c08f19f
pgp https://nlnetlabs.nl/downloads/nsd/nsd-4.10.0rc1.tar.gz.asc
Version 4.10.0 integrates simdzone and drops the Flex+Bison zone
parser.
NSD used a Flex+Bison based zone parser since version 1.4.0. The parser
served NSD well, but zones have
2017 Sep 12
2
purge doesn't remove dead nodes
Hi
We have several stale nodes in our tinc network and I'd like to remove
these.
These nodes show up in graph dumps as red nodes, indicating they are
unreachable.
We run: tinc -n <vpn-name> purge
Nothing happens. If we tail the logs at /var/log/syslog, we dont see an ack
or message concerning the purge either. The dead nodes still show up in the
graphs and their certs are still
2018 Dec 11
3
subnet flooded with lots of ADD_EDGE request
Hello,
We're suffering from sporadic network blockage(read: unable to ping
other nodes) with 1.1-pre17. Before upgrading to the 1.1-pre release,
the same network blockage also manifested itself in a pure 1.0.33
network.
The log shows that there are a lot of "Got ADD_EDGE from nodeX
(192.168.0.1 port 655) which does not match existing entry" and it
turns out that the mismatches
2013 Jan 13
1
tinc 1.1pre4 on Win7x64 coughs on #comment in first line of host file
I have the habit of putting the name of the host within the host file
as a comment usually on the first line. Helps when files are renamed
and tracking. The new version exports Name = victor and so the old
comment style is not necessary. I would think the new version should
still simply ignore lines that begin with the '#' character.
For example, a normal host file named victor that
2017 Sep 13
2
purge doesn't remove dead nodes
>
> Maybe I should allow the reachable keyword for the dump graph command as
> well, so you can do:
>
> tincctl -n <netname> dump reachable graph
>
> ...and not see any nodes which are unreachable. Is that what you want?
This would help since dead nodes do not clutter the visual representation.
What are the effects, if any, of dead nodes in the hosts/ dir?
Thanks
2009 Mar 22
2
GraphDumpFile - Feature request
Hi Guus,
I've been a huge fan of the GraphDumpFile parameter in tinc -- it certainly
beats sending USR2 to tincd, and ploughing through syslog to figure out which
nodes are connected.
Could I request that GraphDumpFile dumps a little more data to the file,
namely, the subnet; changing the output file from (for example):
digraph {
nodeA [label = "nodeA"];
2013 Jan 24
3
Conflicting Default Values. A trusts B. B trusts EvilNode. Does that mean A trusts EvilNode?
*You should repeat this for all nodes you ConnectTo, or which ConnectTo
you. However, remember that you do not need to ConnectTo all nodes in the
VPN; it is only necessary to create one or a few meta-connections, after
the connections are made tinc will learn about all the other nodes in the
VPN, and will automatically make other connections as necessary. *
The above is from the docs. Assuming
2012 Nov 09
1
Does tinc have any plan to add radius accounting/authentication(or flowing overview)?
Hi,
I use tinc-vpn to create private mesh vpn networks between office and house in different locations and it works really well. But somehow I'm considering if there were any possibility to add radius support for single node traffic management.
I does think it will be really difficult to implement such functions as a feature of a mesh network,because all of the traffic was initiated end to
2013 Feb 10
1
tinc 1.1pre. How to automatically start vpn tunnels? How to change the installation/config path to the same as tinc 1.0.x version from ubuntu repository?
Hi!
I have compiled and installed tinc 1.1pre5 on a ubuntu machine.
With the tinc 1.0.x version that is included in the ubuntu repository I am used to having the config files in /etc/tinc/ and where each vpn has a own directory.
The file nets.boot placed in /etc/tinc where I can specify which vpn tunnels that is going to start automatically.
How can I get the vpn tunnels to start automatically
2013 Jul 09
1
Release plans for 1.1?
Hello,
I'm looking forward for release 1.1 esp. tincctl. Are there any release plans yet?
Thanks,
Keep smiling
yanosz
2013 Apr 22
1
[Announcement] Tinc version 1.0.21 and 1.1pre7 released
Because of a security vulnerability in tinc that was recently discovered, we
hereby release tinc versions 1.0.21 and 1.1pre7. Here is a summary of the
changes in tinc 1.0.21:
* Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
Here is a summary of the changes in tinc 1.1pre7:
* Fixed large latencies on Windows.
* Renamed the tincctl tool to tinc.
* Simplified changing the
2013 Apr 22
1
[Announcement] Tinc version 1.0.21 and 1.1pre7 released
Because of a security vulnerability in tinc that was recently discovered, we
hereby release tinc versions 1.0.21 and 1.1pre7. Here is a summary of the
changes in tinc 1.0.21:
* Drop packets forwarded via TCP if they are too big (CVE-2013-1428).
Here is a summary of the changes in tinc 1.1pre7:
* Fixed large latencies on Windows.
* Renamed the tincctl tool to tinc.
* Simplified changing the
2017 Mar 08
1
Suspicious code in net_socket.c
For my opinion, special function not needed, because at first time, oai set
to NULL, freeaddrinfo tried to free each ai, until occurance of ai_next ==
NULL.
But it works. Linux, Windows, coordinator with white IP, other nodes behind
NAT's (1 or two NAT's, only direct connections allowed).
There are some problems with MinGW make, at least - mingw-64 from Fedora 25.
1. No definition for
2007 Jul 20
1
Bugginess since crypto changes
I'm looking over the tinc-1.1 branch again. I'm getting some errors that
I haven't been able to track down yet. tinc sometimes crashes either on
its own (I think after a timeout has fired?) or when I
hit ctrl-C. I've seen a few different behaviors in particular, as
reported by valgrind. Dumps below.
I suspected the bufferevent changes, but I haven't gotten any revision
before