1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
Tunnel-configurer version 1.8
Client-server IP tunnel configuration via the same IP tunnel.
-- vtund.conf --
# ifconfig replacement by wrapper
options {
...
#ifconfig /sbin/ifconfig;
ifconfig /usr/bin/tun-cfg;
...
# Usual ifconfig example (tun-cfg doesn't break it):
# On server
host0 {
passwd K@bI$D0x;
up {
ifconfig "%d 10.10.0.1 pointopoint 10.10.8.8";
};
}
# On client
host0 {
passwd K@bI$D0x;
up {
ifconfig "%d 10.10.8.8 pointopoint 10.10.0.1";
ip "route add 10.10.10.0/24 dev %d";
ip "route add 10.10.0.0/24 dev %d";
};
}
# And same one with parameters transmission:
# Server example #1, without tun-cfg.conf and names
host1 {
passwd K@bI$D0x;
up {
ifconfig "-tun %d local 10.10.0.1 send 10.10.10.5 10.10.10.0/24 10.10.0.0/24";
};
}
# Server example #2, with tun-cfg.conf and client's domain name
host1 {
passwd K@bI$D0x;
up {
ifconfig "-tun %d send host1.vpn";
};
}
# Client example, getting all parameters from server
host1 {
passwd K@bI$D0x;
up {
ifconfig "-tun %d get metric 100";
};
}
-- Common definion's file /etc/tun-cfg.conf (useful for server) --
# defaults
PORT=68
MTU=1500
TIMEOUT=10
# the address of server for all hosts (example)
LOCAL=server.vpn
# routes for sending to clients (example)
ROUTES='10.10.10.0/24 10.10.0.0/24'
# kill connection on server side if client still not configured
ABORT=yes
# No client's callback to server, confirmation by ping
CALLBACK=0
-- Command-line description --
ifconfig wrapper:
tun-cfg <'ifconfig' options>
Server:
tun-cfg -tun <interface> send|-s <client_addr> [OPTIONS] [<client-side routes>]
Client:
tun-cfg -tun <interface> get|-g|listen [OPTIONS] [<'ip route' options>][-6|v6 <options>]
Addresses of client and server may be specified by IP, by name, or by
comma-separated list of IPv4,IPv6,names with v4,v6,no4,no6 modifiers.
All names will be resolved on server side, and only first IPv4 and IPv6 will be used:
10.1.0.1 -> 10.1.0.1
10.1.0.1,fc00::1001:1 -> 10.1.0.1 fc00::1001:1
host.vpn -> 10.1.0.4 fc00::1001:4
host.vpn,v4 -> 10.1.0.4
host.vpn,v6 -> fc00::1001:4
Routes may be specified by IPv4/mask, IPv6/mask,
default (for IPv4), defaultv6 or default6 (for IPv6).
OPTIONS:
port|-P <port> : default=68
mtu|-m <MTU> : default=1500, 0=no change
forcemtu|+m <MTU> : Don't get MTU from server (client only)
local|-l <addr>|-: Force/skip local address (server only)
noaddr|-a : Don't modify any IPv4 addresses on interface
no6addr|-A : Don't modify any IPv6 addresses on interface
nopeer|-p : Don't set peer address (IPv4)
peer|+p : Add a route to peer instead of peer address (IPv4)
noroutes|-r : server - Don't send any routes from config
: client - Don't get IPv4 routes from server
no6routes|-R : Don't get IPv6 routes from server (client only)
timeout|-t <sec> : default=10, 0=endless
callback|-c <port> : Confirmation by sending 'Ok' to the server, instead of ping
abort|-k : Abort connection after timeout
keep|-K : ... or don't do it
nofork|-B | nobg | nobackground
NOTE:
By default, tun-cfg forks to background to prevent vtund from endless waiting
for tun-cfg termination, if the connection fails during configuration progress.
|