_____ ___ ____ _____ |_ _| _|_ _| _ \| ____| | || '__| || |_) | _| | || | | || __/| |___ |_||_| |___|_| |_____| Trivial IP Encryption * Brief introduction ** What TrIPE does TrIPE is a fairly simple network protocol for securely transferring IP packets over hostile networks, using cryptography to ensure their secrecy and authenticity. It is used to construct `virtual private networks', which securely connect geographically separated hosts and physical networks into a single virtual network. The name stands for `Trivial IP Encryption'. The tripe suite, of which this file is part, consists of a server which implements this protocol, together with a number of utilities, scripts and ancillary services which assist in configuring and maintaining the server. ** Supported operating systems The main server ought to build on more or less any Unix-like operating system. The author only has Linux readily to hand, so it doesn't get tested much on other systems, but porting should be easy. The only nonportable aspect is the use of tunnel interfaces, though the server can fall back to using SLIP, which almost every Unix ought to be able to cope with. There is code already for dealing with Linux's TUN/TAP driver, and *BSD's tunnels (and an obsolete tun-like device the author wrote for Linux a long time ago). If other systems have similar devices, it should be easy to add support. A Windows port is a more daunting prospect. The author is currently considering a lash-up port using Cygwin and the OpenVPN Win32-tun driver, but hasn't started work. Other parts of the system are a bit more Linux specific. For example, the interface configuration script `tripe-ifup' exists only in a Linux-specific version. (Writing a new version for some other system is very straightforward, though.) The `pathmtu' utility is more problematic: I don't know how to do this well for *BSD, for example. Contributions are welcome! ** Licence The TrIPE suite is free software. You may modify and/or redistribute it, under the terms of the GNU General Public License, either version 2 or, at your option, any later version. There should be a copy of this licence included in the source distribution. Pre-built binary packages, e.g., for Debian GNU/Linux, may not include it, on the assumption that Debian already has a copy in /usr/share/common-licenses/GPL-2. There are no restrictions on the use of the network protocol. ** Finding out more There is fairly extensive documentation on the various components of the TrIPE suite. The tripe.7 manpage aims to provide an overview of the system, so it may be a good place to start reading. * Building the tripe suite from a source distribution ** Prerequisites In order to compile the tripe suite, you must have a number of other packages already installed. Package name Version Needed for mLib 2.5.0 S K V M + Catacomb 2.1.0 S K Python 2.4 K V M mLib-Python 1.0.0 V M Catacomb-Python 1.0.0 K PyGTK 2.12.0 M python-cdb 0.32 V Key: S: server (you really need this) K: key management utility V: peer connection services M: graphical monitor +: various other utilities The mLib and Catacomb libraries, and their Python bindings, are probably available from the same place you found this. ** Building and installing The source distribution should contain a `configure' script. In theory, it should be sufficient to run $ ./configure $ make $ make check $ sudo make install (or use your preferred means of attaining superuser privileges). If you don't want to clutter the source tree with object files, change to a clean directory and run $ SRCDIR/.configure $ make etc., where SRCDIR is where you put the sources. The configure script should make sensible choices about the tunnel devices available on your system. If it doesn't, you can force its hand by saying something like $ ./configure --with-tunnel="linux slip" There are also configure-time options for choosing default directories and filenames (e.g., where to find configuration files, where to write logs). These can all be overridden using command line options if necessary. For full details about the configure-time options, run $ ./configure --help A script to start and stop the server is generated as part of the build, as init/tripe-init. If you have a System V-style init, you can drop this script into /etc/init.d (or your equivalent), and link it into the relevant /etc/rc.d directories. ** Building from Git This section is mainly relevant to those who wish to participate in TrIPE development. If you just want to use the tripe suite, you're probably best off using a source distribution tarball. The author maintains the tripe sources using Git. The files checked into Git omit many files provided in distribution tarballs, because they're really maintained in separate projects. The first thing you need to do, then, is reconstruct these files. You need the following: cfd 1.3.4 Autoconf 2.61 Automake 1.8 Autoconf-archive 2007-05-12 Make sure that the `aclocal' program can find the macros in the Autoconf archive. Then run $ mdw-setup This ought, magically, to construct the `configure' script and all the Makefile.in files. You should now be able to build the system as if you had sources. The only thing which will still be missing is the `RELEASE' file, which just contains the package version number. Instead, tripe's build system will work this out by looking at your Git repository. * Contacting the author If you need want to complain about bugs, build problems, or missing features, or suggest improvements, or ask about how things work, send email to Mark Wooding Currently there is no mailing list for discussion of TrIPE development. If there seems to be sufficient interest, I'll set one up. Local variables: mode: outline fill-column: 72 End: