With pleasure we announce the release of tinc version 1.1pre12. Here is
a summary of the changes:
* Added a "--syslog" option to force logging to syslog even if running
in the foreground.
* Fixes and improvements to the DecrementTTL function.
* Improved PMTU discovery and UDP keepalive probes.
* More efficient relaying of UDP packets through intermediate nodes.
* Improved compatibility with newer TAP-Win32 drivers.
* Added support for UPnP.
* Allow tinc to be compiled without LibreSSL or OpenSSL (this drops
compatibility with nodes running 1.0.x).
* Added a "fsck" command to check the configuration files for
problems.
* Tinc "start" now checks whether the daemon really started
succesfully,
and displays error messages otherwise.
* Added systemd service files.
* Use the recvmmsg() function if available.
* Support ToS/Diffserv on IPv6 connections.
* Updated support for BSD tun/tap devices.
* Added support for OS X utun interfaces.
* Dropped support for Windows 2000.
* Initial support for generating a tinc-up script from an invitation.
* Many small fixes, documentation updates.
Thanks to Etienne Dechamps, thorkill, Vittorio Gambaletta, Martin
Weinelt, Sven-Haegar Koch, Florian Klink, LunnarShadow, Dato Sim?,
Jo-Philipp Wich, Jochen Voss, Nathan Stratton Treadway, Pierre Emeriaud,
xentec, Samuel Thibault and Michael Tokarev for their contributions to
this version of tinc.
Please note that although tinc 1.1pre12 is backwards compatible with
tinc 1.0.x, it is NOT compatible with tinc 1.1pre1 through 1.1pre10.
Starting with tinc 1.1pre12, the Windows installer now provides both 32
bit and 64 bit binaries, and will automatically install the right ones
for your computer. Please note that you might need to move your existing
tinc configuration files from "C:\Program Files (x86)\tinc" to
"C:\Program Files\tinc".
The new protocol used in tinc 1.1 is mostly stabilized now, so that
means I will probably release an 1.1.0 soon. There is still a lot of
things that are on my TODO list for tinc 1.1, but most of it can be done
after an 1.1.0 release.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL:
<http://www.tinc-vpn.org/pipermail/tinc/attachments/20160424/ff396a70/attachment.sig>
Guus: Great job. I would love to see a library version of Tinc for linux. Kind of like an API instead of configuration files. Don't have time right now, but maybe one day I will re-factor the code for library orientation. It would have a single unix socket with a JSON API. I use Tinc on linux Ubuntu 15.10 x64 for all my vpn stuff. It allows Elastic Search and RethinkDB to survive in the wild. Cheers, md On 4/24/2016 6:16 AM, Guus Sliepen wrote:> With pleasure we announce the release of tinc version 1.1pre12. Here is > a summary of the changes: > > * Added a "--syslog" option to force logging to syslog even if running > in the foreground. > * Fixes and improvements to the DecrementTTL function. > * Improved PMTU discovery and UDP keepalive probes. > * More efficient relaying of UDP packets through intermediate nodes. > * Improved compatibility with newer TAP-Win32 drivers. > * Added support for UPnP. > * Allow tinc to be compiled without LibreSSL or OpenSSL (this drops > compatibility with nodes running 1.0.x). > * Added a "fsck" command to check the configuration files for problems. > * Tinc "start" now checks whether the daemon really started succesfully, > and displays error messages otherwise. > * Added systemd service files. > * Use the recvmmsg() function if available. > * Support ToS/Diffserv on IPv6 connections. > * Updated support for BSD tun/tap devices. > * Added support for OS X utun interfaces. > * Dropped support for Windows 2000. > * Initial support for generating a tinc-up script from an invitation. > * Many small fixes, documentation updates. > > Thanks to Etienne Dechamps, thorkill, Vittorio Gambaletta, Martin > Weinelt, Sven-Haegar Koch, Florian Klink, LunnarShadow, Dato Sim?, > Jo-Philipp Wich, Jochen Voss, Nathan Stratton Treadway, Pierre Emeriaud, > xentec, Samuel Thibault and Michael Tokarev for their contributions to > this version of tinc. > > Please note that although tinc 1.1pre12 is backwards compatible with > tinc 1.0.x, it is NOT compatible with tinc 1.1pre1 through 1.1pre10. > > Starting with tinc 1.1pre12, the Windows installer now provides both 32 > bit and 64 bit binaries, and will automatically install the right ones > for your computer. Please note that you might need to move your existing > tinc configuration files from "C:\Program Files (x86)\tinc" to > "C:\Program Files\tinc". > > The new protocol used in tinc 1.1 is mostly stabilized now, so that > means I will probably release an 1.1.0 soon. There is still a lot of > things that are on my TODO list for tinc 1.1, but most of it can be done > after an 1.1.0 release. > > > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160424/978a23b5/attachment.html>
On Sun, Apr 24, 2016 at 07:03:40AM -0600, md at rpzdesign.com wrote:> Great job.Thanks!> I would love to see a library version of Tinc for linux.Well, there is MeshLink (https://github.com/meshlink/meshlink), which allows you to add all the mesh features of tinc into an application. But that's maybe not what you want?> Kind of like an API instead of configuration files.With tinc 1.1, you have the CLI, which you could call an API.> It would have a single unix socket with a JSON API.The tinc 1.1 daemon has a unix socket that you can use to control it. It's not using JSON though, and it still relies a lot on configuration files; the CLI mostly changes the configuration files and uses the UNIX socket to tell the daemon to reload them. But if you could show me some mock-ups of requests and responses that you would be able to do, that would be very interesting! -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160424/38f2febb/attachment.sig>
>Updated support for BSD tun/tap devices.It is broken on FreeBSD tun. tcpdump on tun, 09:05:07.458988 IP0 bad-hlen 0 On Sun, Apr 24, 2016 at 8:16 PM, Guus Sliepen <guus at tinc-vpn.org> wrote:> With pleasure we announce the release of tinc version 1.1pre12. Here is > a summary of the changes: > > * Added a "--syslog" option to force logging to syslog even if running > in the foreground. > * Fixes and improvements to the DecrementTTL function. > * Improved PMTU discovery and UDP keepalive probes. > * More efficient relaying of UDP packets through intermediate nodes. > * Improved compatibility with newer TAP-Win32 drivers. > * Added support for UPnP. > * Allow tinc to be compiled without LibreSSL or OpenSSL (this drops > compatibility with nodes running 1.0.x). > * Added a "fsck" command to check the configuration files for problems. > * Tinc "start" now checks whether the daemon really started succesfully, > and displays error messages otherwise. > * Added systemd service files. > * Use the recvmmsg() function if available. > * Support ToS/Diffserv on IPv6 connections. > * Updated support for BSD tun/tap devices. > * Added support for OS X utun interfaces. > * Dropped support for Windows 2000. > * Initial support for generating a tinc-up script from an invitation. > * Many small fixes, documentation updates. > > Thanks to Etienne Dechamps, thorkill, Vittorio Gambaletta, Martin > Weinelt, Sven-Haegar Koch, Florian Klink, LunnarShadow, Dato Sim?, > Jo-Philipp Wich, Jochen Voss, Nathan Stratton Treadway, Pierre Emeriaud, > xentec, Samuel Thibault and Michael Tokarev for their contributions to > this version of tinc. > > Please note that although tinc 1.1pre12 is backwards compatible with > tinc 1.0.x, it is NOT compatible with tinc 1.1pre1 through 1.1pre10. > > Starting with tinc 1.1pre12, the Windows installer now provides both 32 > bit and 64 bit binaries, and will automatically install the right ones > for your computer. Please note that you might need to move your existing > tinc configuration files from "C:\Program Files (x86)\tinc" to > "C:\Program Files\tinc". > > The new protocol used in tinc 1.1 is mostly stabilized now, so that > means I will probably release an 1.1.0 soon. There is still a lot of > things that are on my TODO list for tinc 1.1, but most of it can be done > after an 1.1.0 release. > > -- > Met vriendelijke groet / with kind regards, > Guus Sliepen <guus at tinc-vpn.org> > > _______________________________________________ > tinc mailing list > tinc at tinc-vpn.org > https://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc >-- @hshh
On Wed, Apr 27, 2016 at 05:15:57PM +0800, hshh wrote:> >Updated support for BSD tun/tap devices. > It is broken on FreeBSD tun. > > tcpdump on tun, > 09:05:07.458988 IP0 bad-hlen 0Can you show me your tinc.conf and tinc-up script? Also, which version of FreeBSD are you using? -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20160427/12cc2e06/attachment.sig>