I don't know.. It seems that anyone had try to made work tinc with lollipop. Even googoling i don't found anything about this argoument. Andrea Squeri Il 27/mar/2015 06:55 "Tatsuyuki Ishi" <ishitatsuyuki at gmail.com> ha scritto:> SELinux is considered as the biggest problem. > > On Thu, Mar 26, 2015, 22:37 Andrea Squeri <andrea.squeri at gmail.com> wrote: > >> Yes. The problem is lollipop. I tried to install tinc on my brother's >> device which mount a cyano 10.1( android 4.2.2) and it works. >> I don't understand which is the problem with lollipop. Is there a >> firewall that block the packets? >> >> Andrea Squeri >> If you are running Lollipop / Android 5.x on your Nexus 5, then you are >> probably seeing the same issue I was with it. lollipop seems to change >> networking quite a bit in that it's using iptables / and `ip rule list` >> extensively for per-user settings. >> I think >> http://www.linux.org/threads/debugging-nat-prerouting-issues-iptables.7136/ >> is relevant if you see running in to the same issue, it's confusing quite a >> lot of folks. I was unable to get tinc-gui (or even tincd manually and >> tinkering via adb shell) to work so I've downgraded my S5 to a 4.4.2 rom. >> I'm not sure if coming up with a fancy tinc-up is the solution or someone >> with the ability to get tinc compatible with the official Android VPN API >> that a lot of the openvpn apps are using now. >> You might be able to draw some inspiration from >> https://github.com/offensive-security/kali-nethunter/blob/master/utils/manna/start-nat-full-lollipop.sh >> but I haven't tried it since I've been back on 4.4.2. >> >> On Wed, Mar 25, 2015 at 5:15 AM, Andrea Squeri <andrea.squeri at gmail.com> >> wrote: >> >>> Hi, First sorry for my bad English. >>> I made a vpn wtih tinc for link my home and my two office. In Addition I >>> want to configure my android device to link with my vpn. >>> The topology of the net is this: >>> >>> cubox(a linux machine in my home with vpn address 192.168.0.20) >>> groppalbero (a linux machine in my second office with vpn address >>> 192.168.0.40) >>> imac(a mac machine in my first office with vpn address 192.168.0.50) >>> nexus5(my android device with vpn address 192.168.0.80) >>> >>> I have configurate all machine and now they all works except the android >>> device. >>> On this I use ?Tinc Gui? app for configure it. When I start the tinc >>> daemon it connect to the configured host and the tun0 interface in created >>> and configured, but i can ping with any hosts >>> and any host can ping my android device. the result of ping IS NOT a >>> network unavailable response. In fact it block un operation and from the >>> tinc gui log I can see that the packet are received by my android device. >>> I suspect that can be a problem for the route but I can?t understand >>> which the problem is. >>> >>> For information paste the configuration from cubic and android device: >>> >>> CUBOX : >>> >>> -------------------------------------------------------------------------------------------------------- >>> andre at cubox vpnalma]$ cat tinc.conf >>> # Sample tinc configuration file >>> >>> # This is a comment. >>> # Spaces and tabs are eliminated. >>> # The = sign isn't strictly necessary any longer, though you may want >>> # to leave it in as it improves readability :) >>> # Variable names are treated case insensitive. >>> >>> # The name of this tinc host. Required. >>> Name = cubox >>> >>> # The internet host to connect with. >>> # Comment these out to make yourself a listen-only connection >>> # You must use the name of another tinc host. >>> # May be used multiple times for redundance. >>> #ConnectTo = vaio >>> #ConnectTo = groppalbero >>> #ConnectTo = imac >>> #ConnectTo = servermarcy >>> >>> # The tap device tinc will use. >>> # Default is /dev/tap0 for ethertap or FreeBSD, >>> # /dev/tun0 for Solaris and OpenBSD, >>> # and /dev/net/tun for Linux tun/tap device. >>> Device = /dev/net/tun >>> [andre at cubox vpnalma]$ cat tinc-up >>> #!/bin/sh >>> # This file sets up the tap device. >>> # It gives you the freedom to do anything you want with it. >>> # Use the correct name for the tap device: >>> # The environment variable $INTERFACE is set to the right name >>> # on most platforms, but if it doesn't work try to set it manually. >>> >>> # Give it the right ip and netmask. Remember, the subnet of the >>> # tap device must be larger than that of the individual Subnets >>> # as defined in the host configuration file! >>> ifconfig $INTERFACE 192.168.0.20 netmask 255.255.255.0 >>> #ip link set $INTERFACE up >>> #ip addr add 192.168.0.20/32 dev $INTERFACE >>> #ip route add 192.168.0.0/24 dev $INTERFACE >>> [andre at cubox vpnalma]$ cat hosts/cubox >>> #iample host configuration file >>> # This file was generated by host beta. >>> >>> # The real IP address of this tinc host. Can be used by other tinc hosts. >>> Address = 10.0.0.7 >>> Address = almaliberty.duckdns.org >>> # Portnumber for incoming connections. Default is 655. >>> Port = 655 >>> >>> # Subnet on the virtual private network that is local for this host. >>> Subnet = 192.168.0.20/32 >>> ???????????????????????????????????????????????????? >>> The network is so configurated: >>> >>> ?????????????????????????????????????????????????????????????????????????????? >>> >>> [andre at cubox vpnalma]$ ifconfig >>> eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 >>> inet 10.0.0.7 netmask 255.255.255.0 broadcast 10.0.0.255 >>> inet6 fe80::d263:b4ff:fe00:6a6b prefixlen 64 scopeid 0x20<link> >>> ether d0:63:b4:00:6a:6b txqueuelen 1000 (Ethernet) >>> RX packets 63975281 bytes 142504956 (135.9 MiB) >>> RX errors 0 dropped 2 overruns 0 frame 0 >>> TX packets 35826176 bytes 2648965717 (2.4 GiB) >>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >>> >>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 >>> inet 127.0.0.1 netmask 255.0.0.0 >>> inet6 ::1 prefixlen 128 scopeid 0x10<host> >>> loop txqueuelen 0 (Local Loopback) >>> RX packets 167609 bytes 76370891 (72.8 MiB) >>> RX errors 0 dropped 0 overruns 0 frame 0 >>> TX packets 167609 bytes 76370891 (72.8 MiB) >>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >>> >>> vpnalma: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 >>> inet 192.168.0.20 netmask 255.255.255.0 destination >>> 192.168.0.20 >>> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 >>> txqueuelen 500 (UNSPEC) >>> RX packets 8876 bytes 1765584 (1.6 MiB) >>> RX errors 0 dropped 0 overruns 0 frame 0 >>> TX packets 5939 bytes 2394177 (2.2 MiB) >>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >>> >>> [andre at cubox vpnalma]$ route >>> Kernel IP routing table >>> Destination Gateway Genmask Flags Metric Ref Use >>> Iface >>> default router.asus.com 0.0.0.0 UG 1024 0 0 >>> eth0 >>> 10.0.0.0 * 255.255.255.0 U 0 0 0 >>> eth0 >>> router.asus.com * 255.255.255.255 UH 1024 0 0 >>> eth0 >>> 192.168.0.0 * 255.255.255.0 U 0 0 0 >>> vpnalma >>> [andre at cubox vpnalma]$ >>> >>> ?????????????????????????????????????????????????????????????????? >>> >>> ON THE ANDROIDE DEVICE SIDE I HAVE THIS CONFG: >>> >>> >>> u0_a167 at hammerhead:/ $ su >>> root at hammerhead:/ # cd sdcard/tinc/vpnalma >>> at tinc.conf < >>> # Sample tinc configuration file >>> >>> # This is a comment. >>> # Spaces and tabs are eliminated. >>> # The = sign isn't strictly necessary any longer, though you may want >>> # to leave it in as it improves readability :) >>> # Variable names are treated case insensitive. >>> >>> # The name of this tinc host. Required. >>> Name = nexus5 >>> >>> # The internet host to connect with. >>> # Comment these out to make yourself a listen-only connection >>> # You must use the name of another tinc host. >>> # May be used multiple times for redundance. >>> ConnectTo = cubox >>> ConnectTo = groppalbero >>> ConnectTo = imac >>> # The tap device tinc will use. >>> # Default is /dev/tap0 for ethertap or FreeBSD, >>> # /dev/tun0 for Solaris and OpenBSD, >>> # and /dev/net/tun for Linux tun/tap device. >>> #Mode = switch >>> Device = /dev/tun >>> #DeviceType = tap >>> #Interface = tap0 >>> #echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/rp_filter >>> ScriptsInterpreter = /system/bin/sh >>> root at hammerhead:/sdcard/tinc/vpnalma # cat tinc-up >>> #!/bin/sh >>> # This file sets up the tap device. >>> # It gives you the freedom to do anything you want with it. >>> # Use the correct name for the tap device: >>> # The environment variable $INTERFACE is set to the right name >>> # on most platforms, but if it doesn't work try to set it manually. >>> >>> # Give it the right ip and netmask. Remember, the subnet of the >>> # tap device must be larger than that of the individual Subnets >>> # as defined in the host configuration file! >>> ifconfig $INTERFACE 192.168.0.80 netmask 255.255.255.0 >>> #echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/rp_filter >>> #ip link set $INTERFACE up >>> #ip addr add 192.168.0.80/24 dev $INTERFACE >>> #ip route add 192.168.0.0/24 dev $INTERFACE >>> root at hammerhead:/sdcard/tinc/vpnalma # hosts/nexus5 >>> sh: hosts/nexus5: can't execute: Permission denied >>> at hosts/nexus5 < >>> # Sample host configuration file >>> >>> # The real IP address of this tinc host. Can be used by other tinc hosts. >>> >>> # Portnumber for incoming connections. Default is 655. >>> #Port = 655 >>> >>> # Subnet on the virtual private network that is local for this host. >>> Subnet = 192.168.0.80/32 >>> >>> -----BEGIN RSA PUBLIC KEY----- >>> >>> -----END RSA PUBLIC KEY----- >>> >>> root at hammerhead:/sdcard/tinc/vpnalma # ip addr >>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN >>> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 >>> inet 127.0.0.1/8 scope host lo >>> inet6 ::1/128 scope host >>> valid_lft forever preferred_lft forever >>> 2: rmnet0: <UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen >>> 1000 >>> link/[530] >>> inet 10.183.70.124/29 scope global rmnet0 >>> inet6 fe80::7561:c093:ea26:5781/64 scope link >>> valid_lft forever preferred_lft forever >>> 3: rmnet1: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>> link/[530] >>> 4: rmnet2: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>> link/[530] >>> 5: rmnet3: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>> link/[530] >>> 6: rmnet4: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>> link/[530] >>> 7: rmnet5: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>> link/[530] >>> 8: rmnet6: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>> link/[530] >>> 9: rmnet7: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>> link/[530] >>> 10: rev_rmnet0: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>> qlen 1000 >>> link/ether a2:f5:64:5f:9d:05 brd ff:ff:ff:ff:ff:ff >>> 11: rev_rmnet1: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>> qlen 1000 >>> link/ether ea:f8:93:71:83:a1 brd ff:ff:ff:ff:ff:ff >>> 12: rev_rmnet2: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>> qlen 1000 >>> link/ether 2a:84:3a:f5:3b:f0 brd ff:ff:ff:ff:ff:ff >>> 13: rev_rmnet3: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>> qlen 1000 >>> link/ether 4a:d5:f8:77:cb:80 brd ff:ff:ff:ff:ff:ff >>> 14: rev_rmnet4: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>> qlen 1000 >>> link/ether 16:db:e7:e3:f4:39 brd ff:ff:ff:ff:ff:ff >>> 15: rev_rmnet5: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>> qlen 1000 >>> link/ether 46:3a:94:70:f0:5f brd ff:ff:ff:ff:ff:ff >>> 16: rev_rmnet6: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>> qlen 1000 >>> link/ether 62:2c:a9:03:e9:4d brd ff:ff:ff:ff:ff:ff >>> 17: rev_rmnet7: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>> qlen 1000 >>> link/ether f6:8e:08:a1:aa:10 brd ff:ff:ff:ff:ff:ff >>> 18: rev_rmnet8: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>> qlen 1000 >>> link/ether 72:92:60:5c:e6:7c brd ff:ff:ff:ff:ff:ff >>> 19: sit0: <NOARP> mtu 1480 qdisc noop state DOWN >>> link/sit 0.0.0.0 brd 0.0.0.0 >>> 20: p2p0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN >>> qlen 1000 >>> link/ether 8e:3a:e3:18:bb:55 brd ff:ff:ff:ff:ff:ff >>> 21: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN >>> qlen 1000 >>> link/ether 8c:3a:e3:18:bb:55 brd ff:ff:ff:ff:ff:ff >>> 23: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc >>> pfifo_fast state UNKNOWN qlen 500 >>> link/none >>> inet 192.168.0.80/24 scope global tun0 >>> >>> >>> root at hammerhead:/sdcard/tinc/vpnalma # ip route >>> 10.183.70.120/29 dev rmnet0 proto kernel scope link src 10.183.70.124 >>> 10.206.56.132 via 10.183.70.125 dev rmnet0 src 10.183.70.124 >>> 10.207.43.46 via 10.183.70.125 dev rmnet0 src 10.183.70.124 >>> 192.168.0.0/24 dev tun0 proto kernel scope link src 192.168.0.80 >>> >>> >>> root at hammerhead:/sdcard/tinc/vpnalma # ping 192.168.0.20 >>> PING 192.168.0.20 (192.168.0.20) 56(84) bytes of data. >>> ^C >>> --- 192.168.0.20 ping statistics --- >>> 10 packets transmitted, 0 received, 100% packet loss, time 9003ms >>> >>> 1|root at hammerhead:/sdcard/tinc/vpnalma # >>> >>> >>> ???????????????????????????????????????????????????????????????????????????????? >>> >>> From the tinc gui log that I can?t copy and paste , I see that the >>> device in connected to cubic but i can?t ping with it. >>> -- >>> Andrea Squeri >>> Inviato con Sparrow <http://www.sparrowmailapp.com/?sig> >>> >>> >>> _______________________________________________ >>> tinc mailing list >>> tinc at tinc-vpn.org >>> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>> >>> >> >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org >> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org >> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150327/712b45c7/attachment-0001.html>
I think it's more of a routing issue than anything explicitly blocking it, they use a new 'ip rule list' and per user settings that aren't well documented yet either, but where exactly to point I don't know. I haven't messed with android 5 much yet, it seems not ready enough yet for daily use, there isn't a single snapshot in the cyanogenmod repos, for example. So maybe it's worth to just stick with Android 4 for now? Met vriendelijke groet / Kind regards, Alexander Ypema On 27 March 2015 at 08:16, Andrea Squeri <andrea.squeri at gmail.com> wrote:> I don't know.. It seems that anyone had try to made work tinc with > lollipop. Even googoling i don't found anything about this argoument. > > Andrea Squeri > Il 27/mar/2015 06:55 "Tatsuyuki Ishi" <ishitatsuyuki at gmail.com> ha > scritto: > > SELinux is considered as the biggest problem. >> >> On Thu, Mar 26, 2015, 22:37 Andrea Squeri <andrea.squeri at gmail.com> >> wrote: >> >>> Yes. The problem is lollipop. I tried to install tinc on my brother's >>> device which mount a cyano 10.1( android 4.2.2) and it works. >>> I don't understand which is the problem with lollipop. Is there a >>> firewall that block the packets? >>> >>> Andrea Squeri >>> If you are running Lollipop / Android 5.x on your Nexus 5, then you are >>> probably seeing the same issue I was with it. lollipop seems to change >>> networking quite a bit in that it's using iptables / and `ip rule list` >>> extensively for per-user settings. >>> I think >>> http://www.linux.org/threads/debugging-nat-prerouting-issues-iptables.7136/ >>> is relevant if you see running in to the same issue, it's confusing quite a >>> lot of folks. I was unable to get tinc-gui (or even tincd manually and >>> tinkering via adb shell) to work so I've downgraded my S5 to a 4.4.2 rom. >>> I'm not sure if coming up with a fancy tinc-up is the solution or someone >>> with the ability to get tinc compatible with the official Android VPN API >>> that a lot of the openvpn apps are using now. >>> You might be able to draw some inspiration from >>> https://github.com/offensive-security/kali-nethunter/blob/master/utils/manna/start-nat-full-lollipop.sh >>> but I haven't tried it since I've been back on 4.4.2. >>> >>> On Wed, Mar 25, 2015 at 5:15 AM, Andrea Squeri <andrea.squeri at gmail.com> >>> wrote: >>> >>>> Hi, First sorry for my bad English. >>>> I made a vpn wtih tinc for link my home and my two office. In Addition >>>> I want to configure my android device to link with my vpn. >>>> The topology of the net is this: >>>> >>>> cubox(a linux machine in my home with vpn address 192.168.0.20) >>>> groppalbero (a linux machine in my second office with vpn address >>>> 192.168.0.40) >>>> imac(a mac machine in my first office with vpn address 192.168.0.50) >>>> nexus5(my android device with vpn address 192.168.0.80) >>>> >>>> I have configurate all machine and now they all works except the >>>> android device. >>>> On this I use ?Tinc Gui? app for configure it. When I start the tinc >>>> daemon it connect to the configured host and the tun0 interface in created >>>> and configured, but i can ping with any hosts >>>> and any host can ping my android device. the result of ping IS NOT a >>>> network unavailable response. In fact it block un operation and from the >>>> tinc gui log I can see that the packet are received by my android device. >>>> I suspect that can be a problem for the route but I can?t understand >>>> which the problem is. >>>> >>>> For information paste the configuration from cubic and android device: >>>> >>>> CUBOX : >>>> >>>> -------------------------------------------------------------------------------------------------------- >>>> andre at cubox vpnalma]$ cat tinc.conf >>>> # Sample tinc configuration file >>>> >>>> # This is a comment. >>>> # Spaces and tabs are eliminated. >>>> # The = sign isn't strictly necessary any longer, though you may want >>>> # to leave it in as it improves readability :) >>>> # Variable names are treated case insensitive. >>>> >>>> # The name of this tinc host. Required. >>>> Name = cubox >>>> >>>> # The internet host to connect with. >>>> # Comment these out to make yourself a listen-only connection >>>> # You must use the name of another tinc host. >>>> # May be used multiple times for redundance. >>>> #ConnectTo = vaio >>>> #ConnectTo = groppalbero >>>> #ConnectTo = imac >>>> #ConnectTo = servermarcy >>>> >>>> # The tap device tinc will use. >>>> # Default is /dev/tap0 for ethertap or FreeBSD, >>>> # /dev/tun0 for Solaris and OpenBSD, >>>> # and /dev/net/tun for Linux tun/tap device. >>>> Device = /dev/net/tun >>>> [andre at cubox vpnalma]$ cat tinc-up >>>> #!/bin/sh >>>> # This file sets up the tap device. >>>> # It gives you the freedom to do anything you want with it. >>>> # Use the correct name for the tap device: >>>> # The environment variable $INTERFACE is set to the right name >>>> # on most platforms, but if it doesn't work try to set it manually. >>>> >>>> # Give it the right ip and netmask. Remember, the subnet of the >>>> # tap device must be larger than that of the individual Subnets >>>> # as defined in the host configuration file! >>>> ifconfig $INTERFACE 192.168.0.20 netmask 255.255.255.0 >>>> #ip link set $INTERFACE up >>>> #ip addr add 192.168.0.20/32 dev $INTERFACE >>>> #ip route add 192.168.0.0/24 dev $INTERFACE >>>> [andre at cubox vpnalma]$ cat hosts/cubox >>>> #iample host configuration file >>>> # This file was generated by host beta. >>>> >>>> # The real IP address of this tinc host. Can be used by other tinc >>>> hosts. >>>> Address = 10.0.0.7 >>>> Address = almaliberty.duckdns.org >>>> # Portnumber for incoming connections. Default is 655. >>>> Port = 655 >>>> >>>> # Subnet on the virtual private network that is local for this host. >>>> Subnet = 192.168.0.20/32 >>>> ???????????????????????????????????????????????????? >>>> The network is so configurated: >>>> >>>> ?????????????????????????????????????????????????????????????????????????????? >>>> >>>> [andre at cubox vpnalma]$ ifconfig >>>> eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 >>>> inet 10.0.0.7 netmask 255.255.255.0 broadcast 10.0.0.255 >>>> inet6 fe80::d263:b4ff:fe00:6a6b prefixlen 64 scopeid >>>> 0x20<link> >>>> ether d0:63:b4:00:6a:6b txqueuelen 1000 (Ethernet) >>>> RX packets 63975281 bytes 142504956 (135.9 MiB) >>>> RX errors 0 dropped 2 overruns 0 frame 0 >>>> TX packets 35826176 bytes 2648965717 (2.4 GiB) >>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >>>> >>>> lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 >>>> inet 127.0.0.1 netmask 255.0.0.0 >>>> inet6 ::1 prefixlen 128 scopeid 0x10<host> >>>> loop txqueuelen 0 (Local Loopback) >>>> RX packets 167609 bytes 76370891 (72.8 MiB) >>>> RX errors 0 dropped 0 overruns 0 frame 0 >>>> TX packets 167609 bytes 76370891 (72.8 MiB) >>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >>>> >>>> vpnalma: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 >>>> inet 192.168.0.20 netmask 255.255.255.0 destination >>>> 192.168.0.20 >>>> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 >>>> txqueuelen 500 (UNSPEC) >>>> RX packets 8876 bytes 1765584 (1.6 MiB) >>>> RX errors 0 dropped 0 overruns 0 frame 0 >>>> TX packets 5939 bytes 2394177 (2.2 MiB) >>>> TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 >>>> >>>> [andre at cubox vpnalma]$ route >>>> Kernel IP routing table >>>> Destination Gateway Genmask Flags Metric Ref Use >>>> Iface >>>> default router.asus.com 0.0.0.0 UG 1024 0 >>>> 0 eth0 >>>> 10.0.0.0 * 255.255.255.0 U 0 0 0 >>>> eth0 >>>> router.asus.com * 255.255.255.255 UH 1024 0 >>>> 0 eth0 >>>> 192.168.0.0 * 255.255.255.0 U 0 0 0 >>>> vpnalma >>>> [andre at cubox vpnalma]$ >>>> >>>> ?????????????????????????????????????????????????????????????????? >>>> >>>> ON THE ANDROIDE DEVICE SIDE I HAVE THIS CONFG: >>>> >>>> >>>> u0_a167 at hammerhead:/ $ su >>>> root at hammerhead:/ # cd sdcard/tinc/vpnalma >>>> at tinc.conf < >>>> # Sample tinc configuration file >>>> >>>> # This is a comment. >>>> # Spaces and tabs are eliminated. >>>> # The = sign isn't strictly necessary any longer, though you may want >>>> # to leave it in as it improves readability :) >>>> # Variable names are treated case insensitive. >>>> >>>> # The name of this tinc host. Required. >>>> Name = nexus5 >>>> >>>> # The internet host to connect with. >>>> # Comment these out to make yourself a listen-only connection >>>> # You must use the name of another tinc host. >>>> # May be used multiple times for redundance. >>>> ConnectTo = cubox >>>> ConnectTo = groppalbero >>>> ConnectTo = imac >>>> # The tap device tinc will use. >>>> # Default is /dev/tap0 for ethertap or FreeBSD, >>>> # /dev/tun0 for Solaris and OpenBSD, >>>> # and /dev/net/tun for Linux tun/tap device. >>>> #Mode = switch >>>> Device = /dev/tun >>>> #DeviceType = tap >>>> #Interface = tap0 >>>> #echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/rp_filter >>>> ScriptsInterpreter = /system/bin/sh >>>> root at hammerhead:/sdcard/tinc/vpnalma # cat tinc-up >>>> #!/bin/sh >>>> # This file sets up the tap device. >>>> # It gives you the freedom to do anything you want with it. >>>> # Use the correct name for the tap device: >>>> # The environment variable $INTERFACE is set to the right name >>>> # on most platforms, but if it doesn't work try to set it manually. >>>> >>>> # Give it the right ip and netmask. Remember, the subnet of the >>>> # tap device must be larger than that of the individual Subnets >>>> # as defined in the host configuration file! >>>> ifconfig $INTERFACE 192.168.0.80 netmask 255.255.255.0 >>>> #echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/rp_filter >>>> #ip link set $INTERFACE up >>>> #ip addr add 192.168.0.80/24 dev $INTERFACE >>>> #ip route add 192.168.0.0/24 dev $INTERFACE >>>> root at hammerhead:/sdcard/tinc/vpnalma # hosts/nexus5 >>>> sh: hosts/nexus5: can't execute: Permission denied >>>> at hosts/nexus5 < >>>> # Sample host configuration file >>>> >>>> # The real IP address of this tinc host. Can be used by other tinc >>>> hosts. >>>> >>>> # Portnumber for incoming connections. Default is 655. >>>> #Port = 655 >>>> >>>> # Subnet on the virtual private network that is local for this host. >>>> Subnet = 192.168.0.80/32 >>>> >>>> -----BEGIN RSA PUBLIC KEY----- >>>> >>>> -----END RSA PUBLIC KEY----- >>>> >>>> root at hammerhead:/sdcard/tinc/vpnalma # ip addr >>>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN >>>> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 >>>> inet 127.0.0.1/8 scope host lo >>>> inet6 ::1/128 scope host >>>> valid_lft forever preferred_lft forever >>>> 2: rmnet0: <UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen >>>> 1000 >>>> link/[530] >>>> inet 10.183.70.124/29 scope global rmnet0 >>>> inet6 fe80::7561:c093:ea26:5781/64 scope link >>>> valid_lft forever preferred_lft forever >>>> 3: rmnet1: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>>> link/[530] >>>> 4: rmnet2: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>>> link/[530] >>>> 5: rmnet3: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>>> link/[530] >>>> 6: rmnet4: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>>> link/[530] >>>> 7: rmnet5: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>>> link/[530] >>>> 8: rmnet6: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>>> link/[530] >>>> 9: rmnet7: <> mtu 2000 qdisc noop state DOWN qlen 1000 >>>> link/[530] >>>> 10: rev_rmnet0: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>>> qlen 1000 >>>> link/ether a2:f5:64:5f:9d:05 brd ff:ff:ff:ff:ff:ff >>>> 11: rev_rmnet1: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>>> qlen 1000 >>>> link/ether ea:f8:93:71:83:a1 brd ff:ff:ff:ff:ff:ff >>>> 12: rev_rmnet2: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>>> qlen 1000 >>>> link/ether 2a:84:3a:f5:3b:f0 brd ff:ff:ff:ff:ff:ff >>>> 13: rev_rmnet3: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>>> qlen 1000 >>>> link/ether 4a:d5:f8:77:cb:80 brd ff:ff:ff:ff:ff:ff >>>> 14: rev_rmnet4: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>>> qlen 1000 >>>> link/ether 16:db:e7:e3:f4:39 brd ff:ff:ff:ff:ff:ff >>>> 15: rev_rmnet5: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>>> qlen 1000 >>>> link/ether 46:3a:94:70:f0:5f brd ff:ff:ff:ff:ff:ff >>>> 16: rev_rmnet6: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>>> qlen 1000 >>>> link/ether 62:2c:a9:03:e9:4d brd ff:ff:ff:ff:ff:ff >>>> 17: rev_rmnet7: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>>> qlen 1000 >>>> link/ether f6:8e:08:a1:aa:10 brd ff:ff:ff:ff:ff:ff >>>> 18: rev_rmnet8: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN >>>> qlen 1000 >>>> link/ether 72:92:60:5c:e6:7c brd ff:ff:ff:ff:ff:ff >>>> 19: sit0: <NOARP> mtu 1480 qdisc noop state DOWN >>>> link/sit 0.0.0.0 brd 0.0.0.0 >>>> 20: p2p0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN >>>> qlen 1000 >>>> link/ether 8e:3a:e3:18:bb:55 brd ff:ff:ff:ff:ff:ff >>>> 21: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN >>>> qlen 1000 >>>> link/ether 8c:3a:e3:18:bb:55 brd ff:ff:ff:ff:ff:ff >>>> 23: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc >>>> pfifo_fast state UNKNOWN qlen 500 >>>> link/none >>>> inet 192.168.0.80/24 scope global tun0 >>>> >>>> >>>> root at hammerhead:/sdcard/tinc/vpnalma # ip route >>>> 10.183.70.120/29 dev rmnet0 proto kernel scope link src >>>> 10.183.70.124 >>>> 10.206.56.132 via 10.183.70.125 dev rmnet0 src 10.183.70.124 >>>> 10.207.43.46 via 10.183.70.125 dev rmnet0 src 10.183.70.124 >>>> 192.168.0.0/24 dev tun0 proto kernel scope link src 192.168.0.80 >>>> >>>> >>>> root at hammerhead:/sdcard/tinc/vpnalma # ping 192.168.0.20 >>>> PING 192.168.0.20 (192.168.0.20) 56(84) bytes of data. >>>> ^C >>>> --- 192.168.0.20 ping statistics --- >>>> 10 packets transmitted, 0 received, 100% packet loss, time 9003ms >>>> >>>> 1|root at hammerhead:/sdcard/tinc/vpnalma # >>>> >>>> >>>> ???????????????????????????????????????????????????????????????????????????????? >>>> >>>> From the tinc gui log that I can?t copy and paste , I see that the >>>> device in connected to cubic but i can?t ping with it. >>>> -- >>>> Andrea Squeri >>>> Inviato con Sparrow <http://www.sparrowmailapp.com/?sig> >>>> >>>> >>>> _______________________________________________ >>>> tinc mailing list >>>> tinc at tinc-vpn.org >>>> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>>> >>>> >>> >>> _______________________________________________ >>> tinc mailing list >>> tinc at tinc-vpn.org >>> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>> >>> _______________________________________________ >>> tinc mailing list >>> tinc at tinc-vpn.org >>> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >>> >> >> _______________________________________________ >> tinc mailing list >> tinc at tinc-vpn.org >> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >> >> > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150327/3d8ff4cb/attachment-0001.html>
I switch to lollipop 4 months ago and I never had issue. So for my opinion it is ready for daily use. Before try tinc I had my vpn implemented with openvpn, and it works great on lollipop. I switch to tinc because i prefer a mash vpn topology versus a client/server topology. -- Andrea Squeri Inviato con Sparrow (http://www.sparrowmailapp.com/?sig) Il giorno venerd? 27 marzo 2015, alle ore 11:57, Alexander Ypema ha scritto:> I think it's more of a routing issue than anything explicitly blocking it, they use a new 'ip rule list' and per user settings that aren't well documented yet either, but where exactly to point I don't know. I haven't messed with android 5 much yet, it seems not ready enough yet for daily use, there isn't a single snapshot in the cyanogenmod repos, for example. So maybe it's worth to just stick with Android 4 for now? > > Met vriendelijke groet / Kind regards, > Alexander Ypema > On 27 March 2015 at 08:16, Andrea Squeri <andrea.squeri at gmail.com (mailto:andrea.squeri at gmail.com)> wrote: > > I don't know.. It seems that anyone had try to made work tinc with lollipop. Even googoling i don't found anything about this argoument. > > Andrea Squeri > > Il 27/mar/2015 06:55 "Tatsuyuki Ishi" <ishitatsuyuki at gmail.com (mailto:ishitatsuyuki at gmail.com)> ha scritto: > > > > > SELinux is considered as the biggest problem. > > > On Thu, Mar 26, 2015, 22:37 Andrea Squeri <andrea.squeri at gmail.com (mailto:andrea.squeri at gmail.com)> wrote: > > > > Yes. The problem is lollipop. I tried to install tinc on my brother's device which mount a cyano 10.1( android 4.2.2) and it works. > > > > I don't understand which is the problem with lollipop. Is there a firewall that block the packets? > > > > Andrea Squeri > > > > If you are running Lollipop / Android 5.x on your Nexus 5, then you are probably seeing the same issue I was with it. lollipop seems to change networking quite a bit in that it's using iptables / and `ip rule list` extensively for per-user settings. > > > > I think http://www.linux.org/threads/debugging-nat-prerouting-issues-iptables.7136/ is relevant if you see running in to the same issue, it's confusing quite a lot of folks. I was unable to get tinc-gui (or even tincd manually and tinkering via adb shell) to work so I've downgraded my S5 to a 4.4.2 rom. I'm not sure if coming up with a fancy tinc-up is the solution or someone with the ability to get tinc compatible with the official Android VPN API that a lot of the openvpn apps are using now. > > > > You might be able to draw some inspiration from https://github.com/offensive-security/kali-nethunter/blob/master/utils/manna/start-nat-full-lollipop.sh but I haven't tried it since I've been back on 4.4.2. > > > > > > > > On Wed, Mar 25, 2015 at 5:15 AM, Andrea Squeri <andrea.squeri at gmail.com (mailto:andrea.squeri at gmail.com)> wrote: > > > > > Hi, First sorry for my bad English. > > > > > I made a vpn wtih tinc for link my home and my two office. In Addition I want to configure my android device to link with my vpn. > > > > > The topology of the net is this: > > > > > > > > > > cubox(a linux machine in my home with vpn address 192.168.0.20) > > > > > groppalbero (a linux machine in my second office with vpn address 192.168.0.40) > > > > > imac(a mac machine in my first office with vpn address 192.168.0.50) > > > > > nexus5(my android device with vpn address 192.168.0.80) > > > > > > > > > > I have configurate all machine and now they all works except the android device. > > > > > On this I use ?Tinc Gui? app for configure it. When I start the tinc daemon it connect to the configured host and the tun0 interface in created and configured, but i can ping with any hosts > > > > > and any host can ping my android device. the result of ping IS NOT a network unavailable response. In fact it block un operation and from the tinc gui log I can see that the packet are received by my android device. > > > > > I suspect that can be a problem for the route but I can?t understand which the problem is. > > > > > > > > > > For information paste the configuration from cubic and android device: > > > > > > > > > > CUBOX : > > > > > -------------------------------------------------------------------------------------------------------- > > > > > andre at cubox vpnalma]$ cat tinc.conf > > > > > # Sample tinc configuration file > > > > > > > > > > # This is a comment. > > > > > # Spaces and tabs are eliminated. > > > > > # The = sign isn't strictly necessary any longer, though you may want > > > > > # to leave it in as it improves readability :) > > > > > # Variable names are treated case insensitive. > > > > > > > > > > # The name of this tinc host. Required. > > > > > Name = cubox > > > > > > > > > > # The internet host to connect with. > > > > > # Comment these out to make yourself a listen-only connection > > > > > # You must use the name of another tinc host. > > > > > # May be used multiple times for redundance. > > > > > #ConnectTo = vaio > > > > > #ConnectTo = groppalbero > > > > > #ConnectTo = imac > > > > > #ConnectTo = servermarcy > > > > > > > > > > # The tap device tinc will use. > > > > > # Default is /dev/tap0 for ethertap or FreeBSD, > > > > > # /dev/tun0 for Solaris and OpenBSD, > > > > > # and /dev/net/tun for Linux tun/tap device. > > > > > Device = /dev/net/tun > > > > > [andre at cubox vpnalma]$ cat tinc-up > > > > > #!/bin/sh > > > > > # This file sets up the tap device. > > > > > # It gives you the freedom to do anything you want with it. > > > > > # Use the correct name for the tap device: > > > > > # The environment variable $INTERFACE is set to the right name > > > > > # on most platforms, but if it doesn't work try to set it manually. > > > > > > > > > > # Give it the right ip and netmask. Remember, the subnet of the > > > > > # tap device must be larger than that of the individual Subnets > > > > > # as defined in the host configuration file! > > > > > ifconfig $INTERFACE 192.168.0.20 netmask 255.255.255.0 > > > > > #ip link set $INTERFACE up > > > > > #ip addr add 192.168.0.20/32 (http://192.168.0.20/32) dev $INTERFACE > > > > > #ip route add 192.168.0.0/24 (http://192.168.0.0/24) dev $INTERFACE > > > > > [andre at cubox vpnalma]$ cat hosts/cubox > > > > > #iample host configuration file > > > > > # This file was generated by host beta. > > > > > > > > > > # The real IP address of this tinc host. Can be used by other tinc hosts. > > > > > Address = 10.0.0.7 > > > > > Address = almaliberty.duckdns.org (http://almaliberty.duckdns.org) > > > > > # Portnumber for incoming connections. Default is 655. > > > > > Port = 655 > > > > > > > > > > # Subnet on the virtual private network that is local for this host. > > > > > Subnet = 192.168.0.20/32 (http://192.168.0.20/32) > > > > > ???????????????????????????????????????????????????? > > > > > The network is so configurated: > > > > > ?????????????????????????????????????????????????????????????????????????????? > > > > > > > > > > [andre at cubox vpnalma]$ ifconfig > > > > > eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 > > > > > inet 10.0.0.7 netmask 255.255.255.0 broadcast 10.0.0.255 > > > > > inet6 fe80::d263:b4ff:fe00:6a6b prefixlen 64 scopeid 0x20<link> > > > > > ether d0:63:b4:00:6a:6b txqueuelen 1000 (Ethernet) > > > > > RX packets 63975281 bytes 142504956 (135.9 MiB) > > > > > RX errors 0 dropped 2 overruns 0 frame 0 > > > > > TX packets 35826176 bytes 2648965717 (2.4 GiB) > > > > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > > > > > > > lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 > > > > > inet 127.0.0.1 netmask 255.0.0.0 > > > > > inet6 ::1 prefixlen 128 scopeid 0x10<host> > > > > > loop txqueuelen 0 (Local Loopback) > > > > > RX packets 167609 bytes 76370891 (72.8 MiB) > > > > > RX errors 0 dropped 0 overruns 0 frame 0 > > > > > TX packets 167609 bytes 76370891 (72.8 MiB) > > > > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > > > > > > > vpnalma: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 > > > > > inet 192.168.0.20 netmask 255.255.255.0 destination 192.168.0.20 > > > > > unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC) > > > > > RX packets 8876 bytes 1765584 (1.6 MiB) > > > > > RX errors 0 dropped 0 overruns 0 frame 0 > > > > > TX packets 5939 bytes 2394177 (2.2 MiB) > > > > > TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 > > > > > > > > > > [andre at cubox vpnalma]$ route > > > > > Kernel IP routing table > > > > > Destination Gateway Genmask Flags Metric Ref Use Iface > > > > > default router.asus.com (http://router.asus.com) 0.0.0.0 UG 1024 0 0 eth0 > > > > > 10.0.0.0 * 255.255.255.0 U 0 0 0 eth0 > > > > > router.asus.com (http://router.asus.com) * 255.255.255.255 UH 1024 0 0 eth0 > > > > > 192.168.0.0 * 255.255.255.0 U 0 0 0 vpnalma > > > > > [andre at cubox vpnalma]$ > > > > > > > > > > > > > > > ?????????????????????????????????????????????????????????????????? > > > > > > > > > > ON THE ANDROIDE DEVICE SIDE I HAVE THIS CONFG: > > > > > > > > > > > > > > > u0_a167 at hammerhead:/ $ su > > > > > root at hammerhead:/ # cd sdcard/tinc/vpnalma > > > > > at tinc.conf < > > > > > # Sample tinc configuration file > > > > > # This is a comment. > > > > > # Spaces and tabs are eliminated. > > > > > # The = sign isn't strictly necessary any longer, though you may want > > > > > # to leave it in as it improves readability :) > > > > > # Variable names are treated case insensitive. > > > > > # The name of this tinc host. Required. > > > > > Name = nexus5 > > > > > # The internet host to connect with. > > > > > # Comment these out to make yourself a listen-only connection > > > > > # You must use the name of another tinc host. > > > > > # May be used multiple times for redundance. > > > > > ConnectTo = cubox > > > > > ConnectTo = groppalbero > > > > > ConnectTo = imac > > > > > # The tap device tinc will use. > > > > > # Default is /dev/tap0 for ethertap or FreeBSD, > > > > > # /dev/tun0 for Solaris and OpenBSD, > > > > > # and /dev/net/tun for Linux tun/tap device. > > > > > #Mode = switch > > > > > Device = /dev/tun > > > > > #DeviceType = tap > > > > > #Interface = tap0 > > > > > #echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/rp_filter > > > > > ScriptsInterpreter = /system/bin/sh > > > > > root at hammerhead:/sdcard/tinc/vpnalma # cat tinc-up > > > > > #!/bin/sh > > > > > # This file sets up the tap device. > > > > > # It gives you the freedom to do anything you want with it. > > > > > # Use the correct name for the tap device: > > > > > # The environment variable $INTERFACE is set to the right name > > > > > # on most platforms, but if it doesn't work try to set it manually. > > > > > # Give it the right ip and netmask. Remember, the subnet of the > > > > > # tap device must be larger than that of the individual Subnets > > > > > # as defined in the host configuration file! > > > > > ifconfig $INTERFACE 192.168.0.80 netmask 255.255.255.0 > > > > > #echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/rp_filter > > > > > #ip link set $INTERFACE up > > > > > #ip addr add 192.168.0.80/24 (http://192.168.0.80/24) dev $INTERFACE > > > > > #ip route add 192.168.0.0/24 (http://192.168.0.0/24) dev $INTERFACE > > > > > root at hammerhead:/sdcard/tinc/vpnalma # hosts/nexus5 > > > > > sh: hosts/nexus5: can't execute: Permission denied > > > > > at hosts/nexus5 < > > > > > # Sample host configuration file > > > > > # The real IP address of this tinc host. Can be used by other tinc hosts. > > > > > # Portnumber for incoming connections. Default is 655. > > > > > #Port = 655 > > > > > # Subnet on the virtual private network that is local for this host. > > > > > Subnet = 192.168.0.80/32 (http://192.168.0.80/32) > > > > > -----BEGIN RSA PUBLIC KEY----- > > > > > > > > > > -----END RSA PUBLIC KEY----- > > > > > root at hammerhead:/sdcard/tinc/vpnalma # ip addr > > > > > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN > > > > > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > > > > > inet 127.0.0.1/8 (http://127.0.0.1/8) scope host lo > > > > > inet6 ::1/128 scope host > > > > > valid_lft forever preferred_lft forever > > > > > 2: rmnet0: <UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 > > > > > link/[530] > > > > > inet 10.183.70.124/29 (http://10.183.70.124/29) scope global rmnet0 > > > > > inet6 fe80::7561:c093:ea26:5781/64 scope link > > > > > valid_lft forever preferred_lft forever > > > > > 3: rmnet1: <> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/[530] > > > > > 4: rmnet2: <> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/[530] > > > > > 5: rmnet3: <> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/[530] > > > > > 6: rmnet4: <> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/[530] > > > > > 7: rmnet5: <> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/[530] > > > > > 8: rmnet6: <> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/[530] > > > > > 9: rmnet7: <> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/[530] > > > > > 10: rev_rmnet0: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/ether a2:f5:64:5f:9d:05 brd ff:ff:ff:ff:ff:ff > > > > > 11: rev_rmnet1: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/ether ea:f8:93:71:83:a1 brd ff:ff:ff:ff:ff:ff > > > > > 12: rev_rmnet2: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/ether 2a:84:3a:f5:3b:f0 brd ff:ff:ff:ff:ff:ff > > > > > 13: rev_rmnet3: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/ether 4a:d5:f8:77:cb:80 brd ff:ff:ff:ff:ff:ff > > > > > 14: rev_rmnet4: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/ether 16:db:e7:e3:f4:39 brd ff:ff:ff:ff:ff:ff > > > > > 15: rev_rmnet5: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/ether 46:3a:94:70:f0:5f brd ff:ff:ff:ff:ff:ff > > > > > 16: rev_rmnet6: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/ether 62:2c:a9:03:e9:4d brd ff:ff:ff:ff:ff:ff > > > > > 17: rev_rmnet7: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/ether f6:8e:08:a1:aa:10 brd ff:ff:ff:ff:ff:ff > > > > > 18: rev_rmnet8: <BROADCAST,MULTICAST> mtu 2000 qdisc noop state DOWN qlen 1000 > > > > > link/ether 72:92:60:5c:e6:7c brd ff:ff:ff:ff:ff:ff > > > > > 19: sit0: <NOARP> mtu 1480 qdisc noop state DOWN > > > > > link/sit 0.0.0.0 brd 0.0.0.0 > > > > > 20: p2p0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000 > > > > > link/ether 8e:3a:e3:18:bb:55 brd ff:ff:ff:ff:ff:ff > > > > > 21: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000 > > > > > link/ether 8c:3a:e3:18:bb:55 brd ff:ff:ff:ff:ff:ff > > > > > 23: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500 > > > > > link/none > > > > > inet 192.168.0.80/24 (http://192.168.0.80/24) scope global tun0 > > > > > > > > > > root at hammerhead:/sdcard/tinc/vpnalma # ip route > > > > > 10.183.70.120/29 (http://10.183.70.120/29) dev rmnet0 proto kernel scope link src 10.183.70.124 > > > > > 10.206.56.132 via 10.183.70.125 dev rmnet0 src 10.183.70.124 > > > > > 10.207.43.46 via 10.183.70.125 dev rmnet0 src 10.183.70.124 > > > > > 192.168.0.0/24 (http://192.168.0.0/24) dev tun0 proto kernel scope link src 192.168.0.80 > > > > > > > > > > root at hammerhead:/sdcard/tinc/vpnalma # ping 192.168.0.20 > > > > > PING 192.168.0.20 (192.168.0.20) 56(84) bytes of data. > > > > > ^C > > > > > --- 192.168.0.20 ping statistics --- > > > > > 10 packets transmitted, 0 received, 100% packet loss, time 9003ms > > > > > 1|root at hammerhead:/sdcard/tinc/vpnalma # > > > > > ???????????????????????????????????????????????????????????????????????????????? > > > > > From the tinc gui log that I can?t copy and paste , I see that the device in connected to cubic but i can?t ping with it. > > > > > > > > > > -- > > > > > Andrea Squeri > > > > > Inviato con Sparrow (http://www.sparrowmailapp.com/?sig) > > > > > > > > > > > > > > > _______________________________________________ > > > > > tinc mailing list > > > > > tinc at tinc-vpn.org (mailto:tinc at tinc-vpn.org) > > > > > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > > > > > > > > > > > > > > > > > _______________________________________________ > > > > tinc mailing list > > > > tinc at tinc-vpn.org (mailto:tinc at tinc-vpn.org) > > > > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > > > > > > > > _______________________________________________ > > > > tinc mailing list > > > > tinc at tinc-vpn.org (mailto:tinc at tinc-vpn.org) > > > > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > > > > > > _______________________________________________ > > > tinc mailing list > > > tinc at tinc-vpn.org (mailto:tinc at tinc-vpn.org) > > > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > > > > > > > _______________________________________________ > > tinc mailing list > > tinc at tinc-vpn.org (mailto:tinc at tinc-vpn.org) > > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org (mailto:tinc at tinc-vpn.org) > http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150327/4d5e5a3c/attachment-0001.html>