Portál AbcLinuxu, 20. dubna 2024 05:24
* modul pro bridge v jadre mam
* openvpn v systemu taky
brctl addbr br0
openvpn --mktun --dev tap0
>Thu Dec 8 22:56:38 2005 TUN/TAP device tap0 opened
>Thu Dec 8 22:56:38 2005 Persist state set to: ON
brctl addif br0 tap0
brctl addif br0 eth0
ifconfig br0 up
eth0 ma spravnou ip adresu,ale uz se pres ni nikam nedostanu.
dik za kazdou radu
ip addr flush dev $DEVICE
.
#nahodis eth0 ifconfig eth0 up #nahodis tap0 openvpn --mktun --dev tap0 #udelas bridge brctl addbr br0 brctl addif br0 tap0 brctl addif br0 eth0 #nastavis interface br0 ifconfig br0 "ip" "netmask" up
#!/bin/bash
#################################
# Set up Ethernet bridge on Linux
# Requires: bridge-utils
#################################
# Define Bridge Interface
br="br0"
# Define list of TAP interfaces to be bridged,
# for example tap="tap0 tap1 tap2".
tap="tap0"
# Define physical ethernet interface to be bridged
# with TAP interface(s) above.
eth="eth0"
eth_ip="192.168.8.4"
eth_netmask="255.255.255.0"
eth_broadcast="192.168.8.255"
for t in $tap; do
openvpn --mktun --dev $t
done
brctl addbr $br
brctl addif $br $eth
for t in $tap; do
brctl addif $br $t
done
for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done
ifconfig $eth 0.0.0.0 promisc up
ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
server.configZa kazdou radu sem moc vdecnej. Moc sitarine nerozumim.:(port 1194 proto udp dev tap0 ca /root/certs_vpn/ca.crt cert /root/certs_vpn/server.crt key /root/certs_vpn/server.key # This file should be kept secret dh /root/certs_vpn/dh1024.pem ifconfig-pool-persist ipp.txt server-bridge 192.168.1.66 255.255.255.0 192.168.1.20 192.168.1.30 keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3
na firewallu mam povoleny prichozi spojeni na 1194 i pro tap0$IPTABLES -A KEEP_STATE -p udp --dport 1194 -j ACCEPT $IPTABLES -A INPUT -i tap0 -j ACCEPT $IPTABLES -A INPUT -i br0 -j ACCEPT $IPTABLES -A FORWARD -i br0 -j ACCEPT
bridg tvorim pres:br="br0" tap="tap0" # Define physical ethernet interface to be bridged # with TAP interface(s) above. eth="eth0" eth_ip="10.1.0.66" eth_netmask="255.255.255.0" eth_broadcast="10.1.0.255" echo "OpenVPN"; for t in $tap; do openvpn --mktun --dev $t; done echo "brctl"; brctl addbr $br brctl addif $br $eth for t in $tap; do brctl addif $br $t;done for t in $tap; doifconfig $t 0.0.0.0 promisc up;done ifconfig $eth 0.0.0.0 promisc up ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast
Tiskni Sdílej:
ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.