max-sequence-skew 10;
};
-include /etc/secnet/sites
+include /etc/secnet/sites.conf
# Here you must list all the VPN sites that you wish to communicate with.
# The /etc/secnet/sites file contains information on all reachable sites;
# contains public keys for all sites.
sites
- site(example-vpn/some-site),
- site(example-vpn/some-other-site),
- site(example-vpn/a-third-site);
+ site(vpn-data/example/location1/site1),
+ site(vpn-data/example/location2/site1),
+ site(vpn-data/example/location2/site2);
# If you want to communicate with all the VPN sites, you can use something
# like the following instead:
-# sites map(site,makelist(example-vpn));
+# sites map(site,vpn/example/all-sites);
+
+# If you want to communicate with a subset of locations, try the following:
+
+# sites map(site,vpn/example/location1,vpn/example/location2);
no-disconnect-hup
no-suppress-args
cd ~/secnet/sites-test/
-execute ~/secnet/secnet/make-secnet-sites.py -u vpnheader groupfiles sites
+execute ~/secnet/make-secnet-sites.py -u vpnheader groupfiles sites
This program is part of secnet. It relies on the "ipaddr" library from
Cendio Systems AB.
import os
import ipaddr
-VERSION="0.1.3"
+VERSION="0.1.4"
class vpn:
def __init__(self,name):
def __init__(self,w):
self.w=w
def out(self):
- return 'netlink-options "soft";'
+ return '# netlink-options "soft";'
def complain(msg):
global complaints
print "caller not in group %s"%group
sys.exit(1)
f=open(header)
- pfile(header,f.readlines())
+ headerinput=f.readlines()
f.close()
+ pfile(header,headerinput)
userinput=sys.stdin.readlines()
pfile("user input",userinput)
else:
if service:
# Put the user's input into their group file, and rebuild the main
# sites file
- f=open(groupfiledir+"-tmp/"+group,'w')
+ f=open(groupfiledir+"/T"+group,'w')
f.write("# Section submitted by user %s, %s\n"%
(user,time.asctime(time.localtime(time.time()))))
f.write("# Checked by make-secnet-sites.py version %s\n\n"%VERSION)
for i in userinput: f.write(i)
f.write("\n")
f.close()
- os.rename(groupfiledir+"-tmp/"+group,groupfiledir+"/"+group)
- # XXX rebuild main sites file!
+ os.rename(groupfiledir+"/T"+group,groupfiledir+"/R"+group)
+ f=open(sitesfile+"-tmp",'w')
+ f.write("# sites file autogenerated by make-secnet-sites.py\n")
+ f.write("# generated %s, invoked by %s\n"%
+ (time.asctime(time.localtime(time.time())),user))
+ f.write("# use make-secnet-sites.py to turn this file into a\n")
+ f.write("# valid /etc/secnet/sites.conf file\n\n")
+ for i in headerinput: f.write(i)
+ files=os.listdir(groupfiledir)
+ for i in files:
+ if i[0]=='R':
+ j=open(groupfiledir+"/"+i)
+ f.write(j.read())
+ j.close()
+ f.write("# end of sites file\n")
+ f.close()
+ os.rename(sitesfile+"-tmp",sitesfile)
else:
outputsites(of)
~ian / secnet.git / commitdiff