[Wien] freifunk-openwrt-autoupdate-1.7.4.8-0xff-markit-full.trx + tunnel | koennte man 0xff-openvpn-webif ueberarbeiten?
Petr Koval
(spam-protected)
Do Dez 2 12:01:24 CET 2010
http://ipkg.funkfeuer.at/autoupdate/freifunk-openwrt-autoupdate-1.7.4.8-0xff-markit-full.trx
Software:
ip
wl
wificonf
kernel
base-files
freifunk-webadmin
freifunk-upload
freifunk-mtdkill
freifunk-rdate
freifunk-olsrd
dropbear
freifunk-webadmin-0xff
0xff-olsr
freifunk-recommended-de
xyssl
freifunk-dnsmasq
libncurses
horst
iptraf
libpcap
freifunk-tcpdump
zlib
librrd1
rrdcgi1
rrdtool1
rrdcollect
freifunk-statistics-de
wl-adv
netperfbin
freifunk-netperf-de
xrelayd
freifunk-secureadmin-de
webif-nettools
Install:
openvpn-nossl
Verwaltung: Software 2
Downloading
http://ipkg.funkfeuer.at/ipkg/freifunk/packages/kmod-tun_2.4.30-brcm_mipsel.ipk
...
kmod-tun_2.4.30-brcm 0% | | 0
--:-- ETA
kmod-tun_2.4.30-brcm 100% |*****************************| 5246
00:00 ETA
Connecting to ipkg.funkfeuer.at[193.238.157.7]:80
Done.
Unpacking kmod-tun...Done.
Configuring kmod-tun...Done.
Downloading
http://ipkg.funkfeuer.at/ipkg/freifunk/packages/openvpn-nossl_2.1.1_mipsel.ipk
...
openvpn-nossl_2.1.1_ 0% | | 0
--:-- ETA
openvpn-nossl_2.1.1_ 1% | | 1024
01:11 ETA
openvpn-nossl_2.1.1_ 1% | | 1024
02:25 ETA
openvpn-nossl_2.1.1_ 1% | | 1024
03:35 ETA
openvpn-nossl_2.1.1_ 22% |****** | 16896
00:13 ETA
openvpn-nossl_2.1.1_ 28% |******** | 21504
00:12 ETA
openvpn-nossl_2.1.1_ 69% |******************** | 52224
00:02 ETA
openvpn-nossl_2.1.1_ 100% |*****************************| 74665
00:00 ETA
Connecting to ipkg.funkfeuer.at[193.238.157.7]:80
Done.
Unpacking openvpn-nossl...Done.
Configuring openvpn-nossl...Done.
Install:
0xff-openvpn-webif
ipkg_depends: Warning: openvpn-nossl-nolzo mentioned in dependency but no
package found in /usr/lib/ipkg/lists
Downloading
http://ipkg.funkfeuer.at/ipkg/freifunk/packages/busybox-awk_1.0.1_mipsel.ipk
...
busybox-awk_1.0.1_mi 0% | | 0
--:-- ETA
busybox-awk_1.0.1_mi 22% |****** | 5120
00:03 ETA
busybox-awk_1.0.1_mi 22% |****** | 5120
00:07 ETA
busybox-awk_1.0.1_mi 28% |******** | 6656
00:07 ETA
busybox-awk_1.0.1_mi 28% |******** | 6656
00:09 ETA
busybox-awk_1.0.1_mi 55% |*************** | 12800
00:04 ETA
busybox-awk_1.0.1_mi 55% |*************** | 12800
00:04 ETA
busybox-awk_1.0.1_mi 100% |*****************************| 23086
00:00 ETA
Connecting to ipkg.funkfeuer.at[193.238.157.7]:80
Done.
Unpacking busybox-awk...Done.
Configuring busybox-awk...Done.
Downloading
http://ipkg.funkfeuer.at/ipkg/freifunk/packages/busybox-crontab_1.0.1_mipsel.ipk
...
busybox-crontab_1.0. 0% | | 0
--:-- ETA
busybox-crontab_1.0. 100% |*****************************| 6687
00:00 ETA
Connecting to ipkg.funkfeuer.at[193.238.157.7]:80
Done.
Unpacking busybox-crontab...Done.
Configuring busybox-crontab...Done.
Downloading
http://ipkg.funkfeuer.at/ipkg/freifunk/packages/freifunk-iptables-missing_1.7.4_mipsel.ipk
...
freifunk-iptables-mi 0% | | 0
--:-- ETA
freifunk-iptables-mi 100% |*****************************| 6484
00:00 ETA
Connecting to ipkg.funkfeuer.at[193.238.157.7]:80
Done.
Unpacking freifunk-iptables-missing...Done.
Configuring freifunk-iptables-missing...Done.
Downloading
http://ipkg.funkfeuer.at/ipkg/freifunk/packages/freifunk-openwrt-compat_1.7.4_mipsel.ipk
...
freifunk-openwrt-com 0% | | 0
--:-- ETA
freifunk-openwrt-com 14% |**** | 14336
00:05 ETA
freifunk-openwrt-com 29% |******** | 28672
00:04 ETA
freifunk-openwrt-com 41% |*********** | 40448
00:04 ETA
freifunk-openwrt-com 49% |************** | 47616
00:04 ETA
freifunk-openwrt-com 56% |**************** | 54784
00:03 ETA
freifunk-openwrt-com 82% |*********************** | 79872
00:01 ETA
freifunk-openwrt-com 90% |************************** | 87040
00:00 ETA
freifunk-openwrt-com 94% |*************************** | 91648
00:00 ETA
freifunk-openwrt-com 100% |*****************************| 96634
00:00 ETA
Connecting to ipkg.funkfeuer.at[193.238.157.7]:80
Done.
Unpacking freifunk-openwrt-compat...Done.
Configuring freifunk-openwrt-compat...Done.
Downloading
http://ipkg.funkfeuer.at/ipkg/freifunk/packages/tcpdump_3.9.4-1_mipsel.ipk
...
tcpdump_3.9.4-1_mips 0% | | 0
--:-- ETA
tcpdump_3.9.4-1_mips 8% |** | 23040
00:10 ETA
tcpdump_3.9.4-1_mips 16% |**** | 43520
00:09 ETA
tcpdump_3.9.4-1_mips 21% |****** | 56320
00:10 ETA
tcpdump_3.9.4-1_mips 22% |****** | 57856
00:13 ETA
tcpdump_3.9.4-1_mips 28% |******** | 73728
00:12 ETA
tcpdump_3.9.4-1_mips 35% |********** | 90112
00:11 ETA
tcpdump_3.9.4-1_mips 39% |*********** | 98 KB
00:10 ETA
tcpdump_3.9.4-1_mips 50% |************** | 128 KB
00:07 ETA
tcpdump_3.9.4-1_mips 55% |*************** | 139 KB
00:07 ETA
tcpdump_3.9.4-1_mips 55% |*************** | 139 KB
00:08 ETA
tcpdump_3.9.4-1_mips 59% |***************** | 150 KB
00:07 ETA
tcpdump_3.9.4-1_mips 63% |****************** | 160 KB
00:06 ETA
tcpdump_3.9.4-1_mips 70% |******************** | 176 KB
00:05 ETA
tcpdump_3.9.4-1_mips 75% |********************* | 189 KB
00:04 ETA
tcpdump_3.9.4-1_mips 79% |********************** | 199 KB
00:03 ETA
tcpdump_3.9.4-1_mips 81% |*********************** | 205 KB
00:03 ETA
tcpdump_3.9.4-1_mips 86% |************************ | 216 KB
00:02 ETA
tcpdump_3.9.4-1_mips 89% |************************* | 225 KB
00:02 ETA
tcpdump_3.9.4-1_mips 98% |**************************** | 246 KB
00:00 ETA
tcpdump_3.9.4-1_mips 100% |*****************************| 251 KB
00:00 ETA
Connecting to ipkg.funkfeuer.at[193.238.157.7]:80
Done.
Unpacking tcpdump...Done.
Configuring tcpdump...Done.
Downloading
http://ipkg.funkfeuer.at/ipkg/1.6/0xff-openvpn-webif_1.5.3_mipsel.ipk ...
0xff-openvpn-webif_1 0% | | 0
--:-- ETA
0xff-openvpn-webif_1 100% |*****************************| 5816
00:00 ETA
Connecting to ipkg.funkfeuer.at[193.238.157.7]:80
Done.
ipkg_depends: Warning: openvpn-nossl-nolzo mentioned in dependency but no
package found in /usr/lib/ipkg/lists
Unpacking 0xff-openvpn-webif...Done.
Configuring 0xff-openvpn-webif...Done.
Software:
ip
wl
wificonf
kernel
base-files
freifunk-webadmin
freifunk-upload
freifunk-mtdkill
freifunk-rdate
freifunk-olsrd
dropbear
freifunk-webadmin-0xff
0xff-olsr
freifunk-recommended-de
xyssl
freifunk-dnsmasq
libncurses
horst
iptraf
libpcap
freifunk-tcpdump
zlib
librrd1
rrdcgi1
rrdtool1
rrdcollect
freifunk-statistics-de
wl-adv
netperfbin
freifunk-netperf-de
xrelayd
freifunk-secureadmin-de
webif-nettools
kmod-tun
openvpn-nossl
busybox-awk
busybox-crontab
freifunk-iptables-missing
freifunk-openwrt-compat
tcpdump
0xff-openvpn-webif
Vor der Änderung:
login as: root
(spam-protected)'s password:
BusyBox v1.01 (2010.08.29-10:07+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.
_______ ________ __
( ).-----.-----.-----.) ) ) ).----.) )
( - )) _ ) -__) )) ) ) )) _)) _)
(_______)) __)_____)__)__))________))__) )____)
)__) F R E I F U N K F I R M W A R E
(spam-protected):~# cat /etc/init.d/S42openvpn
#!/bin/sh -e
DAEMON=/usr/sbin/openvpn
CONFIG_DIR=/var/etc/openvpn
VPN_IF=tap0
test -x $DAEMON || exit 0
test -d $CONFIG_DIR || mkdir $CONFIG_DIR
start_vpn () {
ff_openvpn_active="$(nvram get ff_openvpn_active)"
ff_openvpn_host="$(nvram get ff_openvpn_host)"
ff_openvpn_proto="$(nvram get ff_openvpn_proto)"
ff_openvpn_port="$(nvram get ff_openvpn_port)"
ff_openvpn_secret="$(nvram get ff_openvpn_secret)"
ff_openvpn_ip="$(nvram get ff_openvpn_ip)"
ff_openvpn_netmask="$(nvram get ff_openvpn_netmask)"
ff_openvpn_noolsr="$(nvram get ff_openvpn_noolsr)"
if [ ! "$ff_openvpn_active" = "1" ]; then
echo -n " OpenVPN not activated"
echo
exit 0
fi
test -z "$ff_openvpn_host" && exit 0
test -z "$ff_openvpn_port" && exit 0
test -z "$ff_openvpn_ip" && exit 0
test -z "$ff_openvpn_netmask" && exit 0
#create OpenVPN config
cat>$CONFIG_DIR/$VPN_IF.conf<<EOM
dev $VPN_IF
proto $ff_openvpn_proto
remote $ff_openvpn_host
port $ff_openvpn_port
ifconfig $ff_openvpn_ip $ff_openvpn_netmask
route-up /etc/openvpn/openvpn-webif-route-up.sh
up /etc/openvpn/openvpn-webif-if-up.sh
down /etc/openvpn/openvpn-webif-if-down.sh
up-restart
verb 3
EOM
if [ "$ff_openvpn_secret" = "1" ] && [ -f /etc/openvpn/$VPN_IF.secret ]; then
cat>>$CONFIG_DIR/$VPN_IF.conf<<EOM
secret /etc/openvpn/$VPN_IF.secret"
auth sha1
cipher none
EOM
fi
#create OLSRd config
if [ "$ff_openvpn_noolsr" = "1" ]; then
echo > /tmp/etc/local.olsrd.conf-openvpn
else
ff_ip4broad=$(nvram get ff_ip4broad)
test -n "$ff_ip4broad" && ff_ip4broad="Ip4Broadcast $(nvram get
ff_ip4broad)"
ff_openvpn_lq="$(nvram get ff_openvpn_lq)"
test -n "$ff_openvpn_lq" && ff_lqmult="LinkQualityMult default
$ff_openvpn_lq"
SPEED=$(nvram get ff_olsrspeed)
test -z "$SPEED" && SPEED=5
if [ "0" != "$(nvram get ff_fisheye)" ];then
TCINT=$(( 2 * SPEED / 3 ))
else
TCINT=$(( 2 * SPEED ))
fi
cat>/tmp/etc/local.olsrd.conf-openvpn<<EOM
# this file is automatically generated by openvpn-webif,
# to define your own settings use /etc/local.olsrd.conf
Interface "$VPN_IF"
{
HelloInterval $(( 1 * SPEED )).0
HelloValidityTime $(( 25 * SPEED )).0
TcInterval $TCINT.0
TcValidityTime $(( 75 * SPEED )).0
MidInterval $(( 5 * SPEED )).0
MidValidityTime $(( 75 * SPEED )).0
HnaInterval $(( 5 * SPEED )).0
HnaValidityTime $(( 75 * SPEED )).0
$ff_ip4broad
$ff_lqmult
}
EOM
fi
$DAEMON --daemon --writepid /var/run/openvpn.$VPN_IF.pid --config
$CONFIG_DIR/$VPN_IF.conf --cd $CONFIG_DIR || echo -n " FAILED->"
echo -n " $VPN_IF"
}
stop_vpn () {
kill `cat /var/run/openvpn.$VPN_IF.pid` || true
rm /var/run/openvpn.$VPN_IF.pid
}
case "$1" in
start)
echo -n "Starting openvpn:"
start_vpn
echo "."
;;
stop)
echo -n "Stopping openvpn:"
if test -e /var/run/openvpn.$VPN_IF.pid ; then
stop_vpn
echo -n " $VPN_IF"
else
echo -n " not running: $VPN_IF"
fi
echo "."
;;
restart)
$0 stop
sleep 1
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart}" >&2
exit 1
;;
esac
exit 0
(spam-protected):~#
Nach der Änderung:
login as: root
(spam-protected)'s password:
BusyBox v1.01 (2010.08.29-10:07+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.
_______ ________ __
( ).-----.-----.-----.) ) ) ).----.) )
( - )) _ ) -__) )) ) ) )) _)) _)
(_______)) __)_____)__)__))________))__) )____)
)__) F R E I F U N K F I R M W A R E
(spam-protected):~# cat /etc/init.d/S42openvpn
#!/bin/sh -e
DAEMON=/usr/sbin/openvpn
CONFIG_DIR=/var/etc/openvpn
VPN_IF=tap0
test -x $DAEMON || exit 0
test -d $CONFIG_DIR || mkdir $CONFIG_DIR
start_vpn () {
ff_openvpn_active="$(nvram get ff_openvpn_active)"
ff_openvpn_host="$(nvram get ff_openvpn_host)"
ff_openvpn_proto="$(nvram get ff_openvpn_proto)"
ff_openvpn_port="$(nvram get ff_openvpn_port)"
ff_openvpn_secret="$(nvram get ff_openvpn_secret)"
ff_openvpn_ip="$(nvram get ff_openvpn_ip)"
ff_openvpn_netmask="$(nvram get ff_openvpn_netmask)"
ff_openvpn_noolsr="$(nvram get ff_openvpn_noolsr)"
if [ ! "$ff_openvpn_active" = "1" ]; then
echo -n " OpenVPN not activated"
echo
exit 0
fi
test -z "$ff_openvpn_host" && exit 0
test -z "$ff_openvpn_port" && exit 0
test -z "$ff_openvpn_ip" && exit 0
test -z "$ff_openvpn_netmask" && exit 0
#create OpenVPN config
cat>$CONFIG_DIR/$VPN_IF.conf<<EOM
dev $VPN_IF
proto $ff_openvpn_proto
remote $ff_openvpn_host
port $ff_openvpn_port
ifconfig $ff_openvpn_ip $ff_openvpn_netmask
route-up /etc/openvpn/openvpn-webif-route-up.sh
up /etc/openvpn/openvpn-webif-if-up.sh
down /etc/openvpn/openvpn-webif-if-down.sh
up-restart
comp-lzo
script-security 2
verb 3
EOM
if [ "$ff_openvpn_secret" = "1" ] && [ -f /etc/openvpn/$VPN_IF.secret ]; then
cat>>$CONFIG_DIR/$VPN_IF.conf<<EOM
secret /etc/openvpn/$VPN_IF.secret"
auth sha1
cipher none
EOM
fi
#create OLSRd config
if [ "$ff_openvpn_noolsr" = "1" ]; then
echo > /tmp/etc/local.olsrd.conf-openvpn
else
ff_ip4broad=$(nvram get ff_ip4broad)
test -n "$ff_ip4broad" && ff_ip4broad="Ip4Broadcast $(nvram get
ff_ip4broad)"
ff_openvpn_lq="$(nvram get ff_openvpn_lq)"
test -n "$ff_openvpn_lq" && ff_lqmult="LinkQualityMult default
$ff_openvpn_lq"
SPEED=$(nvram get ff_olsrspeed)
test -z "$SPEED" && SPEED=5
if [ "0" != "$(nvram get ff_fisheye)" ];then
TCINT=$(( 2 * SPEED / 3 ))
else
TCINT=$(( 2 * SPEED ))
fi
cat>/tmp/etc/local.olsrd.conf-openvpn<<EOM
# this file is automatically generated by openvpn-webif,
# to define your own settings use /etc/local.olsrd.conf
Interface "$VPN_IF"
{
HelloInterval $(( 1 * SPEED )).0
HelloValidityTime $(( 25 * SPEED )).0
TcInterval $TCINT.0
TcValidityTime $(( 75 * SPEED )).0
MidInterval $(( 5 * SPEED )).0
MidValidityTime $(( 75 * SPEED )).0
HnaInterval $(( 5 * SPEED )).0
HnaValidityTime $(( 75 * SPEED )).0
$ff_ip4broad
$ff_lqmult
}
EOM
fi
$DAEMON --daemon --writepid /var/run/openvpn.$VPN_IF.pid --config
$CONFIG_DIR/$VPN_IF.conf --cd $CONFIG_DIR || echo -n " FAILED->"
echo -n " $VPN_IF"
}
stop_vpn () {
kill `cat /var/run/openvpn.$VPN_IF.pid` || true
rm /var/run/openvpn.$VPN_IF.pid
}
case "$1" in
start)
echo -n "Starting openvpn:"
start_vpn
echo "."
;;
stop)
echo -n "Stopping openvpn:"
if test -e /var/run/openvpn.$VPN_IF.pid ; then
stop_vpn
echo -n " $VPN_IF"
else
echo -n " not running: $VPN_IF"
fi
echo "."
;;
restart)
$0 stop
sleep 1
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart}" >&2
exit 1
;;
esac
exit 0
(spam-protected):~#
Geändert:
im Bereich
#create OpenVPN config
comp-lzo
script-security 2
hinzugefügt.
Jan 1 00:00:07 (none) kern.info kernel: Universal TUN/TAP device driver
1.5 (C)1999-2002 Maxim Krasnyansky
Jan 1 00:00:13 (none) kern.notice openvpn[443]: OpenVPN 2.1.1
mipsel-linux [LZO2] [EPOLL] built on Aug 29 2010
Jan 1 00:00:13 (none) kern.warn openvpn[443]: NOTE: the current
--script-security setting may allow this configuration to call
user-defined scripts
Jan 1 00:00:13 (none) kern.warn openvpn[443]: ******* WARNING *******:
OpenVPN built without OpenSSL -- encryption and authentication features
disabled -- all data will be tunnelled as cleartext
Jan 1 00:00:13 (none) kern.notice openvpn[443]: LZO compression initialized
Jan 1 00:00:13 (none) kern.notice openvpn[443]: TUN/TAP device tap0 opened
Jan 1 00:00:13 (none) kern.notice openvpn[443]: TUN/TAP TX queue length
set to 100
Jan 1 00:00:13 (none) kern.notice openvpn[443]: /usr/sbin/ip link set dev
tap0 up mtu 1500
Jan 1 00:00:13 (none) kern.notice openvpn[443]: /usr/sbin/ip addr add dev
tap0 78.41.112.211/24 broadcast 78.41.112.255
Jan 1 00:00:13 (none) kern.notice openvpn[443]:
/etc/openvpn/openvpn-webif-if-up.sh tap0 1500 1533 78.41.112.211
255.255.255.0 init
Jan 1 00:00:14 (none) kern.notice openvpn[443]: Data Channel MTU parms [
L:1533 D:1450 EF:1 EB:135 ET:32 EL:0 AF:14/1 ]
Jan 1 00:00:14 (none) kern.notice openvpn[501]: Socket Buffers:
R=[32767->65534] S=[32767->65534]
Jan 1 00:00:14 (none) kern.notice openvpn[501]: UDPv4 link local (bound):
[undef]:5012
Jan 1 00:00:14 (none) kern.notice openvpn[501]: UDPv4 link remote:
78.41.115.228:5012
Jan 1 00:00:22 (none) user.notice olsr/init: olsr/system: Starting olsrd...
Dec 31 12:00:01 (none) kern.info olsrd[928]: Writing '1' (was 1) to
/proc/sys/net/ipv4/ip_forward
Dec 31 12:00:01 (none) kern.info olsrd[928]: Writing '0' (was 0) to
/proc/sys/net/ipv4/conf/all/send_redirects
Dec 31 12:00:01 (none) kern.info olsrd[928]: Writing '0' (was 0) to
/proc/sys/net/ipv4/conf/eth1/send_redirects
Dec 31 12:00:01 (none) kern.info olsrd[928]: Writing '0' (was 1) to
/proc/sys/net/ipv4/conf/eth1/rp_filter
Dec 31 12:00:01 (none) kern.info olsrd[928]: Adding interface eth1
Dec 31 12:00:01 (none) kern.info olsrd[928]: New main address: 78.41.113.100
Dec 31 12:00:01 (none) kern.info olsrd[928]: Writing '0' (was 0) to
/proc/sys/net/ipv4/conf/vlan1/send_redirects
Dec 31 12:00:01 (none) kern.info olsrd[928]: Writing '0' (was 1) to
/proc/sys/net/ipv4/conf/vlan1/rp_filter
Dec 31 12:00:01 (none) kern.info olsrd[928]: Adding interface vlan1
Dec 31 12:00:01 (none) kern.info olsrd[928]: Writing '0' (was 0) to
/proc/sys/net/ipv4/conf/tap0/send_redirects
Dec 31 12:00:01 (none) kern.info olsrd[928]: Writing '0' (was 1) to
/proc/sys/net/ipv4/conf/tap0/rp_filter
Dec 31 12:00:01 (none) kern.info olsrd[928]: Adding interface tap0
Dec 31 12:00:01 (none) kern.info olsrd[928]: olsr.org -
0.6.1-git_da798d9-hash_d41d8cd98f00b204e9800998ecf8427e - successfully
started
Dec 31 12:00:08 (none) kern.notice openvpn[501]: Peer Connection Initiated
with 78.41.115.228:5012
Dec 31 12:00:08 (none) kern.notice openvpn[501]: Initialization Sequence
Completed
Nachbarn:
...
tap0 tunnel kryptavpn 0.00 1.000 1.000 1.000
lg Petr
Mehr Informationen über die Mailingliste Wien