From 0fa31a96e8d8ba22627a49a8cada02e911a5bf5e Mon Sep 17 00:00:00 2001 Message-Id: <0fa31a96e8d8ba22627a49a8cada02e911a5bf5e.1714996707.git.mdw@distorted.org.uk> From: Mark Wooding Date: Sat, 17 May 2003 11:04:38 +0000 Subject: [PATCH] Ship new configuration and startup kit. Organization: Straylight/Edgeware From: mdw --- Makefile.am | 11 +++++++-- README | 51 ++++++++++++++++++++++++++++++++++++++++ configure.in | 7 ++++-- tripe-init.in | 65 +++++++++++++++++++++++++++++++++++++++++++++++++++ tripe.conf | 40 +++++++++++++++++++++++++++++++ 5 files changed, 170 insertions(+), 4 deletions(-) create mode 100644 README create mode 100755 tripe-init.in create mode 100644 tripe.conf diff --git a/Makefile.am b/Makefile.am index e1420ab0..af461141 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,6 +1,6 @@ ## -*-makefile-*- ## -## $Id: Makefile.am,v 1.6 2003/04/23 12:53:28 mdw Exp $ +## $Id: Makefile.am,v 1.7 2003/05/17 11:04:38 mdw Exp $ ## ## Makefile for TrIPE ## @@ -28,6 +28,9 @@ ##----- Revision history ---------------------------------------------------- ## ## $Log: Makefile.am,v $ +## Revision 1.7 2003/05/17 11:04:38 mdw +## Ship new configuration and startup kit. +## ## Revision 1.6 2003/04/23 12:53:28 mdw ## New pkstream program. ## @@ -53,7 +56,9 @@ SUBDIRS = doc CATACOMB_LIBS = @CATACOMB_LIBS@ tun = @tun@ -bin_PROGRAMS = tripe tripectl tripe-mitm pkstream +sbin_PROGRAMS = tripe +bin_PROGRAMS = tripectl tripe-mitm pkstream +noinst_SCRIPTS = tripe-init tripe_SOURCES = \ tripe.c tripe.h \ admin.c peer.c tun-$(tun).c \ @@ -71,4 +76,6 @@ tripe_mitm_LDADD = $(CATACOMB_LIBS) pkstream_SOURCES = \ pkstream.c +EXTRA_DIST = tripe.conf + ##----- That's all, folks --------------------------------------------------- diff --git a/README b/README new file mode 100644 index 00000000..9188e9f1 --- /dev/null +++ b/README @@ -0,0 +1,51 @@ +TRIPE + +Installation notes + + Standard GNU Autoconf fare. + + ./configure + make + make install + + I've now added a startup script, `tripe-init'. The Makefile + doesn't install it anywhere, but if you want to use it in your + boot sequence: + + * If you use a SysV-like init, drop `tripe-init' in as + `/etc/init.d/tripe' (or wherever -- Tru64 users and similar + will want `/sbin/init.d/tripe'; RedHat users want + `/etc/rc.d/init.d/tripe' for some bizarre reason), and put + in symlinks to make it run, just after your networking + starts up. + + On my Debian box, I used + + update-rc.d tripe defaults 55 85 + + to set up the links. + + * If you use a BSD-like init, put `tripe-init' in /usr/sbin, + and run + + /usr/sbin/tripe-init start + + from the init script at some appropriate time. + + Automake is a bit crap and won't have set the execute bit on + `tripe-init', so you'll need to do that. Sorry. + + Also, it's a good idea to copy `tripe.conf' into + `/etc/tripe.conf'. Then fill in the options that you want. + + Finally, populate the directory `/var/lib/tripe/peers' with + scripts to set up peers. This kind of thing is all that's + needed: + + #! /bin/sh + + set -e + tripectl add PEER PEER-ADDR 22003 + ifname=`tripectl ifname PEER` + ifconfig $ifname LOCAL pointopoint REMOTE + route add -net RNET netmask RMASK gw REMOTE diff --git a/configure.in b/configure.in index 803b48c6..9c26ae02 100644 --- a/configure.in +++ b/configure.in @@ -1,6 +1,6 @@ dnl -*-fundamental-*- dnl -dnl $Id: configure.in,v 1.10 2003/05/16 10:00:59 mdw Exp $ +dnl $Id: configure.in,v 1.11 2003/05/17 11:04:38 mdw Exp $ dnl dnl Configuration script for TrIPE dnl @@ -28,6 +28,9 @@ dnl Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. dnl ----- Revision history -------------------------------------------------- dnl dnl $Log: configure.in,v $ +dnl Revision 1.11 2003/05/17 11:04:38 mdw +dnl Ship new configuration and startup kit. +dnl dnl Revision 1.10 2003/05/16 10:00:59 mdw dnl Version bump. dnl @@ -102,6 +105,6 @@ AC_SUBST(tun) mdw_MLIB(2.0.0) mdw_CATACOMB(2.0.0, [CFLAGS="$CFLAGS $CATACOMB_CFLAGS"]) -AC_OUTPUT(Makefile doc/Makefile) +AC_OUTPUT(Makefile doc/Makefile tripe-init) dnl ----- That's all, folks ------------------------------------------------- diff --git a/tripe-init.in b/tripe-init.in new file mode 100755 index 00000000..4d286aab --- /dev/null +++ b/tripe-init.in @@ -0,0 +1,65 @@ +#! /bin/sh +# +# tripe init script +# suitable for direct use in most SysV-style inits + +prefix=@prefix@ +exec_prefix=@exec_prefix@ +bindir=@bindir@ +sbindir=@sbindir@ + +set -e + +[ -f /etc/tripe.conf ] && . /etc/tripe.conf +: ${TRIPEDIR=/var/lib/tripe} +export TRIPEDIR + +: ${tripe=$sbindir/tripe} +: ${tripectl=$bindir/tripectl} +PATH=/usr/bin:/usr/sbin:/bin:/sbin:$bindir +export PATH + +case "$1" in + start) + echo -n "Starting TrIPE VPN daemon:" + if $tripectl help >/dev/null 2>/dev/null; then + echo " already running" + exit 0 + fi + $tripectl -D -f ${tripelog-tripe.log} -p $tripe -s \ + ${addr+-S-b}$addr \ + ${port+-S-p}${port} \ + ${user+-S-u}${user} \ + ${group+-S-g}${group} \ + ${trace+-S-T}${trace} \ + ${miscopts} + for i in 1 2 3 4 give-up; do + $tripectl help >/dev/null 2>/dev/null && break + sleep 1 + done + if [ $i = give-up ]; then + echo " wouldn't start" + exit 1 + fi + echo -n " tripe" + for i in $TRIPEDIR/peers/*; do + name=`basename $i` + $i + echo -n " $name" + done + echo " done" + ;; + stop) + echo -n "Stopping TrIPE VPN daemon:" + $tripectl quit + echo " done" + ;; + restart | force-reload) + sh $0 stop + sh $0 start + ;; + *) + echo >&2 "usage: $0 start|stop|restart|force-reload" + exit 1 + ;; +esac diff --git a/tripe.conf b/tripe.conf new file mode 100644 index 00000000..3ca4edb0 --- /dev/null +++ b/tripe.conf @@ -0,0 +1,40 @@ +# tripe configuration file +# +# this is sourced as a Bourne shell script by tripe-init + +# The directory you want tripe to work in. This is where it will search for +# keyrings, and where its admin socket and logfile are kept. +# TRIPEDIR=/var/lib/tripe + +# The address you want tripe to bind to. By default, tripe will accept +# packets to any address acceptable to the host, and send packets from the +# most appropriate address for the destination; setting this means it will +# (a) only accept packets destined for the named address, and (b) send +# packets from the named address. The latter is probably more useful. +# addr=MYHOST + +# The UDP port you want tripe to use. I've chosen 22003 which isn't reserved +# in any way. I chose it because it's the first two bytes of the RIPEMD-160 +# hash of the string `TrIPE'. If you don't set a port, tripe gets the kernel +# to choose a port it's not using right now, and you have to dig it out by +# saying `tripectl port'. +# port=22003 + +# The user to run as once tripe has initialized. The user (or group -- see +# `group' below) must be able to open new tunnel interfaces. +# user=tripe + +# The group to run as once tripe has initialized. See caveats for `user' +# above. +# group=tripe + +# Trace options to pass to tripe. The default is no tracing. The setting +# `A-cp' gives maxmimum possible verbosity without leaking important +# secrets. +# trace=A-cp + +# Any other options to pass on to tripectl. +# miscopts= + +# Logfile to write to. The default is `tripe.log' in the working directory. +# logfile=tripe.log -- [mdw]