生まれ変わる - umarekawaru

User Tools

Site Tools

Trace:
technical:vpn:tinc

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
technical:vpn:tinc [2022/09/12 19:16] jctechnical:vpn:tinc [2023/05/13 18:14] (current) – external edit 127.0.0.1
Line 1: Line 1:
 <markdown> <markdown>
-# Install +# Tinc VPN 
-# Generate Keys + 
-# Config +## Install Tinc 
-# Startup + 
-# Shell Script+### Arch Linux 
 + 
 +```bash 
 +sudo pacman -S tinc 
 +``` 
 + 
 +### Slackware Linux 
 + 
 +```bash 
 +wget https://slackbuilds.org/slackbuilds/15.0/network/tinc.tar.gz 
 +tar xzvf tinc.tar.gz 
 +cd tinc 
 +source tinc.info 
 +wget $DOWNLOAD 
 +sudo ./tinc.SlackBuild 
 +sudo installpkg tinc-1.0.36-x86_64-1_SBo.tgz 
 +``` 
 + 
 +## Generate Keys 
 + 
 +```bash 
 +tincd -n <netname> -K 
 +``` 
 + 
 +## Config 
 + 
 +Copy keys to `/etc/tinc/<netname>/
 + 
 + 
 +```bash 
 +sudo mkdir -p /etc/tinc/<netname>hosts 
 +cp rsa_key.* /etc/tinc/<netname>/ 
 +``` 
 + 
 + 
 +Create tinc-up and tinc-down scripts. 
 + 
 +`/etc/tinc/<netname>/tinc-up` 
 + 
 +``` 
 +#!/bin/bash 
 +TUN="<interface>" 
 +SUB="<network_address/subnet_mask>" 
 +IP="<ip_address/subnet_mask>" 
 + 
 +ip link set $TUN up 
 +ip addr add $IP dev tinc0 
 +ip route add $SUB dev tinc0 
 +``` 
 + 
 +`/etc/tinc/<netname>/tinc-down` 
 + 
 +``` 
 +#!/bin/bash 
 +TUN="<interface>" 
 +SUB="<network_address/subnet_mask>" 
 +IP="<ip_address/subnet_mask>"  
 + 
 +ip link set $TUN down 
 +ip route del $SUB dev $TUN  
 +ip addr del $IP dev $TUN  
 +``` 
 + 
 +Create tinc configuration 
 + 
 +`/etc/tinc/<netname>/tinc.conf` 
 + 
 +``` 
 +Name = <hostname>  
 +Device = /dev/net/tun 
 +AddressFamily = ipv4 
 +ConnectTo = <peer> 
 +Interface = <interface> 
 +Mode = router 
 +Port = <port> 
 +``` 
 + 
 +Add tinc peers 
 + 
 +`/etc/tinc/<netname>/hosts/<peer>
 + 
 +``` 
 +Subnet = <peer_ip_address> 
 +Address = <peer_wan_address> 
 + 
 +<Peer's RSA Public Key> 
 +``` 
 + 
 +## Startup 
 + 
 +Start tincd 
 + 
 +```bash 
 +VPN=$(ls /etc/tinc/
 +for VPN in $VPNS; do 
 +  echo "Starting tinc daemon for $VPN..." 
 +  /usr/sbin/tincd -n "$VPN" -d1 --logfile=/var/log/tinc."$VPN" 
 +done 
 +``` 
 + 
 +## Shell Script 
 + 
 +```bash 
 +#!/bin/sh 
 + 
 +VPNS=$(ls /etc/tinc) 
 + 
 +start () { 
 +        for VPN in $VPNS; do 
 +                echo "Starting tinc daemon for $VPN..." 
 +                /usr/sbin/tincd -n "$VPN" -d1 --logfile=/var/log/tinc."$VPN" 
 +        done 
 +
 + 
 +stop () { 
 +        for VPN in $VPNS; do 
 +                echo "Stopping tinc daemon for $VPN..." 
 +                /usr/sbin/tincd -n "$VPN"  -k 
 +        done 
 +
 + 
 +restart () { 
 +        stop 
 +        sleep 1 
 +        start 
 +
 + 
 +case "$1" in 
 +        ("start"
 +                start 
 +                ;; 
 +        ("stop"
 +                stop 
 +                ;; 
 +        ("restart"
 +                restart 
 +                ;; 
 +        (*) 
 +                echo "Usage: $0 <start|stop|restart>" 
 +                exit 1 
 +esac 
 + 
 +exit 0 
 + 
 +```
 </markdown> </markdown>
 +
technical/vpn/tinc.1663024567.txt.gz · Last modified: 2022/09/12 19:16 by jc

Page Tools