On Fri, Mar 12, 2004 at 01:42:51PM -0500, Steve Halasz wrote:
> I'm having some trouble trying to run tinc over GNU httptunnel. On
> server A I have:
>
> /etc/tinc/netname/tinc-up:
> #!/bin/sh
> ifconfig $INTERFACE 10.3.0.1 netmask 255.255.0.0
> /usr/bin/hts -F localhost:655 8888
>
> /etc/tinc/netname/hosts/A:
> Address = foo.com
> Subnet = 10.3.0.0/24
> TCPonly = yes
>
> /etc/tinc/netname/hosts/B:
> ConnectTo = A
> Subnet = 10.4.0.0/24
> TCPonly = yes
In tinc-up, you should change the netmask to 255.0.0.0 or add a route to
10.4.0.0/24.
> This setup worked fine before the firewall at B started blocking the
> port I was using. Now I am trying to get hts to forward port 655 to an
> http tunnel over port 8888. On B I have in tinc-up:
>
> /usr/bin/htc -P proxy.uncooperative.corp.com:8080 -F 655 foo.com:8888
[...]> Mar 12 13:11:16 A tinc.apa[5985]: Can't bind to 0.0.0.0 port 655/tcp:
> Address already in use
> Mar 12 13:11:16 A tinc.apa[5985]: Ready
>
> So it looks like hts is blocking tinc from connecting to port 655. What
> am I missing here?
First of all, those log messages are not about tinc trying to connect,
but rather setting up a socket for incoming connections. If your machine
has IPv6 support in the kernel, tinc will bind to port 655 on IPv6
first. On Linux this also makes the same socket listen on IPv4 as well
(this is deprecated behaviour). When tinc tries to bind to port 655 on
IPv4 this fails, but is harmless, what you see is just a warning.
You can prevent this from happening by adding "AddressFamily = ipv4"
to
tinc.conf.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus@sliepen.eu.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :
http://brouwer.uvt.nl/pipermail/tinc/attachments/20040415/078c030e/attachment.pgp