Hello everybody, I have just released tinc 1.0pre4. Changes: - New authentication protocol (better security, and faster too). - TCPonly and IndirectData are back (but not fully tested). - Documentation revised, it's really up to date with the released package now. - tincd -K now stores public/private keys in PEM format, but keys of 1.0pre3 can still be used. - Faster and more secure encryption of tunneled packets. - Stresstested to see if it handles large VPNs with more than 100 sites (it does). Again, due to the large changes in the protocols this version does not work together with older versions. However, you don't have to change the configuration files this time. Most of the things we wanted to include in 1.0 are done now, so this might very well be the last prerelease. The only things that have to be tested are the TCPonly and IndirectData options and the FreeBSD and Solaris ports (any help will be greatly appreciated). Thanks, the Tinc Development Team. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.warande.net> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010525/57167977/attachment.pgp
#include <hallo.h>
Guus Sliepen wrote on Fri May 25, 2001 um 10:22:23PM:
Some notes:
- Ethertap is still available in 2.4.x., the option becomes visible (in
"Network devices") if you enable "netlink" in
"Networking options".
- Tun/Tap is not really compatible with Ethertap, is it? The last time I
tried a was not able to get connection.
- Tun/Tap creates a network interface when a programm requests it from
the driver, right? So we have no tap interface at boottime, and the
iface must be configured after tinc is started, right? You could add
an option like "post-exec", so "ifup tap0" is executed on
success.
Alternatively, distribution maintainers could provide this in their
init scripts, but I would prefer the first option.
Gr{us,eeting}s,
Eduard.
--
If you can't view this e-mail, <a href="foo">click
here.</a>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
Url :
http://brouwer.uvt.nl/pipermail/tinc/attachments/20010527/7a77f37a/attachment.pgp
On Sun, May 27, 2001 at 10:41:30AM +0200, Eduard Bloch wrote:> Some notes: > > - Ethertap is still available in 2.4.x., the option becomes visible (in > "Network devices") if you enable "netlink" in "Networking options".Correct, but it did not function correctly in 2.4 last time I checked.> - Tun/Tap is not really compatible with Ethertap, is it? The last time I > tried a was not able to get connection.It is compatible, you can connect tinc daemons with mixed ethertap and tun/tap drivers. I run such a setup myself.> - Tun/Tap creates a network interface when a programm requests it from > the driver, right? So we have no tap interface at boottime, and the > iface must be configured after tinc is started, right? You could add > an option like "post-exec", so "ifup tap0" is executed on success. > Alternatively, distribution maintainers could provide this in their > init scripts, but I would prefer the first option.Read the documentation, and look for the "tinc-up" script :). -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.warande.net> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010527/dd5aa245/attachment.pgp
#include <hallo.h> Guus Sliepen wrote on Sun May 27, 2001 um 03:35:02PM:> Correct, but it did not function correctly in 2.4 last time I checked.But it did the last time I checked, with 2.4.2 or so.> It is compatible, you can connect tinc daemons with mixed ethertap and tun/tap > drivers. I run such a setup myself.Good.> > an option like "post-exec", so "ifup tap0" is executed on success. > > Alternatively, distribution maintainers could provide this in their > > init scripts, but I would prefer the first option. > > Read the documentation, and look for the "tinc-up" script :).That is where I would insert the ifconfig and/or ifup calls. Unfortunately, Debian package does not use this feature yet. Gr{us,eeting}s, Eduard. -- "The three principal virtues of a programmer are Laziness, Impatience, and Hubris" (from the man-page for perl). -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 240 bytes Desc: not available Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010528/60212882/attachment.pgp
On Mon, May 28, 2001 at 06:44:46PM +0200, Eduard Bloch wrote:> > Read the documentation, and look for the "tinc-up" script :). > > That is where I would insert the ifconfig and/or ifup calls. > Unfortunately, Debian package does not use this feature yet.Probably because the Debian package is version 1.0pre3, not pre4. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus@sliepen.warande.net> -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://brouwer.uvt.nl/pipermail/tinc/attachments/20010528/ebc102b8/attachment.pgp