Handy Linux script for tunnel creation
Carmen Sandiego on Wednesday, 08 October 2003 13:22:17
I wrote this script and it might be handy for others too.
have fun.
Robert Nagtegaal
robert@masikh.vslcatena.nl
#!/bin/sh
#
# Copyright (C)2003 Robert Nagtegaal
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
# last modification: 08-10-2003
# added tunnel up check.
# modification: 06-10-2003
# wrote this script from scratch
#
# To-Do:
#
# Make it possible to administer multiple tunnels.
# Make a gentoo version.
#
###
# Please fill in the following variable
#
###
BROKER="AMS-IX"# Name of your broker (cosmetic purpose)
Loc_IPv4="132.229.1.1" # Local IPv4 address.
PoP_IPv4="213.197.27.252" # PoP's IPv4 address.
Loc_IPv6="2001:838::2/64" # Local IPv6 endpoint address.
PoP_IPv6="2001:838::1" # PoP's IPv6 endpoint address.
Not_local="2000::/3"# Ipv6 address ~= ipv4 0.0.0.0
Interface_local="sit0"# which sit devices to use
Interface_remote="sit1"#
MTU="1280"# Tunnel's MTU size
IFCONFIG="/sbin/ifconfig"# Binary locations
ROUTE="/sbin/route"#
IPTUNNEL="/sbin/iptunnel"#
###############################################################################
#
# DO NOT CHANGE ANYTHING BEYOND HERE !!!
#
###
case "$1" in
start)
# Test if we really got IPv6 support in the kernel. If not present,
# this script tries to load the kernel module else it bails out with a
# warning.
#
###
if ! [ -f /proc/net/if_inet6 ]
then echo "ERROR: No IPv6 support in you kernel. Trying to load kernel module." 1>&2; modprobe ipv6;
fi
if ! [ -f /proc/net/if_inet6 ]
then echo "ERROR: No IPv6 support. Sorry I can't continue." 1>&2; exit 1;
fi
# Test if tunnel is not already up
#
###
up=`(set \`"$IFCONFIG" | grep "$Interface_remote"\`;echo $1)` 1>&2
if [ "$up" = "$Interface_remote" ]
then echo "ERROR: Tunnel already up using: $Interface_remote" 1>&2; exit 1;
fi
# Setting up the tunnel.
#
###
$IFCONFIG sit0 tunnel ::$PoP_IPv4 mtu 1280 up && \
$IFCONFIG sit1 add $Loc_IPv6 mtu 1280 up && \
$ROUTE -A inet6 add $Not_local gw $PoP_IPv6 dev sit1 && \
echo "Tunnel to $BROKER establised." || \
{ echo "ERROR: Failed to establise a tunnel to $BROKER." 1>&2; $0 stop; exit 1; }
;;
stop)
# Bringing the tunnel down.
#
###
$IFCONFIG sit1 down
$IFCONFIG sit0 down && \
echo "IPv6 tunnel deleted." || \
{ echo "ERROR: Failed to bring IPv6 tunnel with $Interface_remote down." 1>&2; exit 1; }
;;
restart|reload)
$0 stop && $0 start
;;
*)
echo "GNU (C)2003 Robert Nagtegaal.";echo
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac
exit 0
Handy Linux script for tunnel creation
Jeroen Massar on Wednesday, 08 October 2003 22:56:32
Check the FAQ which contains the iproute version, iproute simply uses 1 device.
Next to that:
Not_local="2000::/3" # Ipv6 address ~= ipv4 0.0.0.0 Is wrong as ::/0 is the default route for IPv6.
2000::/3 only encompasses the global unicast routable space.
Though one needs either a USAGI or 2.4.20+ to use ::/0 on a linux box that is configured for forwarding.
I also wonder why you want to copyright and gpl such a script as it has been done before for many distributions and by many people. Also see Peter Bieringer's Linux IPv6 HOWTO
Handy Linux script for tunnel creation
Carmen Sandiego on Wednesday, 08 October 2003 23:50:02
I just it might be handy and could not find (did not bother to seek?) any thing usefull. Nothing else. Why GPL? Old habit. Sorry not need to offend you what so ever.
Have nice day.
Robert Nagtegaal
Post Scriptum. I sended a email today to the maintainers of this project. They kindly requested NOT TO do so. My appollogies to those.
Posting is only allowed when you are logged in. |