Try to improve the documentation concerning the "tun" interface. Take note

that that kernel module must be loaded and IP forwarding enabled. Also add
slight improvements to the "tunconfig" script so that sudo /sbin/ifconfig
and sudo /sbin/iptables are really supported for current user if not root.
This commit is contained in:
gbeauche 2005-05-14 16:08:17 +00:00
parent 722eedd6e2
commit fd61ad2b0c
2 changed files with 38 additions and 9 deletions

View File

@ -442,6 +442,12 @@ ether <ethernet card description>
instead of sending packets via physical media writes them to instead of sending packets via physical media writes them to
the user space program. the user space program.
Prerequesties:
- Make sure the "tun" kernel module is loaded
# modprobe tun
- Make sure IP Fordwarding is enabled on your system
# echo 1 >/proc/sys/net/ipv4/ip_forward
A virtual network configuration script is required and the A virtual network configuration script is required and the
default is /usr/local/BasiliskII/tunconfig unless you specify default is /usr/local/BasiliskII/tunconfig unless you specify
a different file with the "etherconfig" item. a different file with the "etherconfig" item.

View File

@ -11,13 +11,23 @@
# If the linux box is configured as a firewall, the rules below might # If the linux box is configured as a firewall, the rules below might
# need some adjustments. # need some adjustments.
# #
# The IP Tunnel driver requires IP forwarding to be enabled. Run as root:
#
# echo 1 >/proc/sys/net/ipv4/ip_forward
#
########################################################################### ###########################################################################
SUDO=/usr/bin/sudo SUDO=/usr/bin/sudo
IFCONFIG=/sbin/ifconfig
IPTABLES=/sbin/iptables IPTABLES=/sbin/iptables
######################################################### #########################################################
[[ "x$1" = "x-n" ]] && {
DONT_EXECUTE=yes
shift 1
}
TUN_DEV=$1 TUN_DEV=$1
ACTION=$2 ACTION=$2
@ -31,22 +41,35 @@ TUN_HOST=172.20.$NET_NUM.1
######################################################### #########################################################
[[ $# = 2 ]] || { [[ $# = 2 ]] || {
echo "Usage: tunconfig iface up|down" echo "Usage: tunconfig [-n] iface up|down"
exit 2 exit 2
} }
[[ "`id -u`" = "0" ]] && { [[ "`id -u`" = "0" ]] && {
echo "---> $SUDO not necessary." 1>&2 echo "---> $SUDO not necessary." 1>&2
SUDO="" SUDO=""
} }
[[ -x $IPTABLES ]] && { [[ -x $IPTABLES ]] || {
IPTABLES="$SUDO $IPTABLES"
} || {
echo "---> $IPTABLES not found." 1>&2 echo "---> $IPTABLES not found." 1>&2
IPTABLES=/bin/true exit 1
} }
if [ -n "$SUDO" ]; then
$SUDO -l | grep -q "NOPASSWD: $IFCONFIG" || {
echo "---> Missing sudo NOPASSWD: $IFCONFIG." 1>&2
exit 1
}
$SUDO -l | grep -q "NOPASSWD: $IPTABLES" || {
echo "---> Missing sudo NOPASSWD: $IPTABLES." 1>&2
exit 1
}
IFCONFIG="$SUDO $IFCONFIG"
IPTABLES="$SUDO $IPTABLES"
fi
[[ "x$DONT_EXECUTE" = "xyes" ]] && exit 0
$IPTABLES -L -n -t nat > /dev/null || exit 1 $IPTABLES -L -n -t nat > /dev/null || exit 1
######################################################### #########################################################
@ -62,7 +85,7 @@ $IPTABLES -L -n -t nat > /dev/null || exit 1
######################################################### #########################################################
[[ "$ACTION" = down ]] && { [[ "$ACTION" = down ]] && {
$SUDO /sbin/ifconfig $TUN_DEV down $IFCONFIG $TUN_DEV down
} }
######################################################### #########################################################
@ -70,7 +93,7 @@ $IPTABLES -L -n -t nat > /dev/null || exit 1
######################################################### #########################################################
[[ "$ACTION" = up ]] && { [[ "$ACTION" = up ]] && {
$SUDO /sbin/ifconfig $TUN_DEV $TUN_HOST $IFCONFIG $TUN_DEV $TUN_HOST
# masquerade the tun network # masquerade the tun network
$IPTABLES -t nat -A POSTROUTING -s $TUN_NET -d ! $TUN_NET -j MASQUERADE $IPTABLES -t nat -A POSTROUTING -s $TUN_NET -d ! $TUN_NET -j MASQUERADE