-> [[!meta title="simple-bridging-with-dhcp-server-side"]]
->
-> # Company: PowerCraft Technology
-> # Author: Copyright Jelle de Jong <jelledejong@powercraft.nl>
-> # Note: Please send me an email if you enhanced the document
-> # Date: 2010-05-24 / 2010-07-04
-> # License: CC-BY-SA
->
-> # This document is free documentation; you can redistribute it and/or
-> # modify it under the terms of the Creative Commons Attribution Share
-> # Alike as published by the Creative Commons Foundation; either version
-> # 3.0 of the License, or (at your option) any later version.
-> #
-> # This document is distributed in the hope that it will be useful,
-> # but WITHOUT ANY WARRANTY; without even the implied warranty of
-> # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-> # Creative Commons BY-SA License for more details.
-> #
-> # http://creativecommons.org/licenses/by-sa/
->
-> #-----------------------------------------------------------------------
->
-> # for commercial support contact me, part of the revenue go back to tinc
->
-> #-----------------------------------------------------------------------
->
-> # http://www.tinc-vpn.org/
-> # http://www.tinc-vpn.org/examples/bridging
-> # http://www.tinc-vpn.org/documentation/tinc_toc
->
-> #-----------------------------------------------------------------------
->
-> # <@guus> Well all the tinc daemons together act like a single switcch
-> # <@guus> And each node in the VPN is connected to a port of that switch
-> # <@guus> And if you bridge the VPN interface with eth0, then it's like you plug a cable in a port of your eth0 LAN and the other end of that cable into the tinc switch
->
-> #-----------------------------------------------------------------------
->
-> unset LANG LANGUAGE LC_ALL
-> apt-get update; apt-get dist-upgrade
->
-> apt-cache show tinc
-> apt-get install tinc
-> apt-get install bridge-utils
->
-> #-----------------------------------------------------------------------
->
-> /etc/init.d/tinc stop
->
-> #-----------------------------------------------------------------------
->
-> # ls -hal /dev/net/tun
-> crw-rw-rw- 1 root root 10, 200 May 20 20:07 /dev/net/tun
->
-> # grep tinc /etc/services
-> tinc 655/tcp # tinc control port
-> tinc 655/udp
->
-> cat /usr/share/doc/tinc/README.Debian
-> zcat /usr/share/doc/tinc/README.gz | less
-> zcat /usr/share/doc/tinc/NEWS.gz | less
-> cat /usr/share/doc/tinc/examples/tinc-up
-> w3m /usr/share/doc/tinc/tinc_0.html
->
-> cat /etc/default/tinc
-> less /etc/init.d/tinc
->
-> #-----------------------------------------------------------------------
->
-> vim /etc/default/tinc
-> EXTRA="-d"
-> cat /etc/default/tinc
->
-> #-----------------------------------------------------------------------
->
-> cat /etc/tinc/nets.boot
-> echo 'powercraft01' | tee --append /etc/tinc/nets.boot
-> cat /etc/tinc/nets.boot
->
-> #-----------------------------------------------------------------------
->
-> ls -hal /etc/tinc/scallab01/
-> mkdir --verbose /etc/tinc/powercraft01/
-> mkdir --verbose /etc/tinc/powercraft01/hosts/
-> touch /etc/tinc/powercraft01/tinc.conf
->
-> #-----------------------------------------------------------------------
->
-> vim /etc/network/interfaces
->
-> # tinc-vpn: dhcp bridge
-> auto br0
-> iface br0 inet static
-> address 192.168.3.1
-> netmask 255.255.255.0
-> # pre-up /sbin/ifconfig eth2 hw ether 00:1b:21:61:af:d7
-> # pre-up /sbin/ifconfig eth2 0.0.0.0
-> # bridge_ports eth2
-> bridge_ports tun1
-> bridge_maxwait 1
-> bridge_fd 2.5
-> post-up /bin/echo 1 > /proc/sys/net/ipv4/conf/br0/proxy_arp # optional
->
-> cat /etc/network/interfaces
->
-> #-----------------------------------------------------------------------
->
-> echo 'interface "br0" {
-> request subnet-mask, broadcast-address, time-offset,
-> host-name, netbios-scope, interface-mtu, ntp-servers;
-> }' | tee --append /etc/dhcp3/dhclient.conf
->
-> cat /etc/dhcp3/dhclient.conf
->
-> #-----------------------------------------------------------------------
->
-> vim /etc/dhcp3/dhcpd.conf
->
-> subnet 192.168.3.0 netmask 255.255.255.0 {
-> range 192.168.3.200 192.168.3.240;
-> option routers 192.168.3.1;
-> option domain-name-servers 192.168.3.1;
-> }
->
-> #-----------------------------------------------------------------------
->
-> ifdown br0
-> ifup br0
->
-> #-----------------------------------------------------------------------
->
-> vim /etc/default/dhcp3-server
-> INTERFACES="vlan2 eth0 br0" # add the br0 to the correct location
->
-> /etc/init.d/dhcp3-server restart
-> ps aux | grep dhcp
-> tail -n 400 -f /var/log/syslog
->
-> #-----------------------------------------------------------------------
->
-> ifconfig br0
-> route -n
-> brctl show
->
-> #-----------------------------------------------------------------------
->
-> # ifconfig br0
-> br0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
-> inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0
-> inet6 addr: fe80::dc56:d3ff:fe1a:31df/64 Scope:Link
-> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
-> RX packets:12 errors:0 dropped:0 overruns:0 frame:0
-> TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
-> collisions:0 txqueuelen:0
-> RX bytes:2568 (2.5 KB) TX bytes:1536 (1.5 KB)
->
-> # route -n
-> Kernel IP routing table
-> Destination Gateway Genmask Flags Metric Ref Use Iface
-> 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
-> 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2
-> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
-> 84.245.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
-> 0.0.0.0 84.245.3.1 0.0.0.0 UG 100 0 0 eth1
->
-> # brctl show
-> bridge name bridge id STP enabled interfaces
-> br0 8000.000000000000 no
->
-> #-----------------------------------------------------------------------
->
-> echo 'AddressFamily = ipv4
-> Device = /dev/net/tun
-> Interface = tun1
-> Mode = switch
-> Name = server01' | tee /etc/tinc/powercraft01/tinc.conf
->
-> cat /etc/tinc/powercraft01/tinc.conf
-> chmod 640 /etc/tinc/powercraft01/tinc.conf
-> ls -hal /etc/tinc/powercraft01/tinc.conf
->
-> echo '#!/bin/sh
-> ifconfig $INTERFACE 0.0.0.0
-> route add -net 192.168.30.0 netmask 255.255.255.0 br0 # optional subnet
-> brctl addif br0 $INTERFACE' | tee /etc/tinc/powercraft01/tinc-up
->
-> cat /etc/tinc/powercraft01/tinc-up
-> chmod 750 /etc/tinc/powercraft01/tinc-up
-> ls -hal /etc/tinc/powercraft01/tinc-up
->
-> echo '#!/bin/sh
-> brctl delif br0 $INTERFACE
-> route del -net 192.168.30.0 netmask 255.255.255.0 br0 # optional subnet
-> ifconfig $INTERFACE down' | tee /etc/tinc/powercraft01/tinc-down
->
-> cat /etc/tinc/powercraft01/tinc-down
-> chmod 750 /etc/tinc/powercraft01/tinc-down
-> ls -hal /etc/tinc/powercraft01/tinc-down
->
-> #-----------------------------------------------------------------------
->
-> rm /etc/tinc/powercraft01/rsa_key.priv
-> rm /etc/tinc/powercraft01/hosts/server01
-> tincd -n powercraft01 -K
->
-> #-----------------------------------------------------------------------
->
-> getent services | grep 656
->
-> #-----------------------------------------------------------------------
->
-> vim /etc/tinc/powercraft01/hosts/server01
->
-> # add on head of file
-> Compression = 9
-> PMTU = 1492
-> PMTUDiscovery = yes
-> Port = 656
->
-> cat /etc/tinc/powercraft01/hosts/server01
->
-> #-----------------------------------------------------------------------
->
-> /etc/init.d/tinc stop
-> fg
-> /usr/sbin/tincd --net powercraft01 --no-detach --debug=5
->
-> #-----------------------------------------------------------------------
->
-> /etc/init.d/tinc restart
-> tail --line=500 --follow /var/log/syslog
->
-> #-----------------------------------------------------------------------
->
-> ifconfig br0
-> ifconfig tun1
-> route -n
-> brctl show br0
-> brctl showmacs br0
->
-> #-----------------------------------------------------------------------
->
-> # ifconfig br0
-> br0 Link encap:Ethernet HWaddr 1e:eb:95:c3:04:d8
-> inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0
-> inet6 addr: fe80::dc56:d3ff:fe1a:31df/64 Scope:Link
-> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
-> RX packets:17 errors:0 dropped:0 overruns:0 frame:0
-> TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
-> collisions:0 txqueuelen:0
-> RX bytes:3328 (3.3 KB) TX bytes:2408 (2.4 KB)
->
-> # ifconfig tun1
-> tun1 Link encap:Ethernet HWaddr 1e:eb:95:c3:04:d8
-> inet6 addr: fe80::1ceb:95ff:fec3:4d8/64 Scope:Link
-> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
-> RX packets:8 errors:0 dropped:0 overruns:0 frame:0
-> TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
-> collisions:0 txqueuelen:500
-> RX bytes:2627 (2.6 KB) TX bytes:1340 (1.3 KB)
->
-> # route -n
-> Kernel IP routing table
-> Destination Gateway Genmask Flags Metric Ref Use Iface
-> 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
-> 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2
-> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
-> 84.245.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
-> 0.0.0.0 84.245.3.1 0.0.0.0 UG 100 0 0 eth1
->
-> # brctl show br0
-> bridge name bridge id STP enabled interfaces
-> br0 8000.1eeb95c304d8 no tun1
->
-> # brctl showmacs br0
-> port no mac addr is local? ageing timer
-> 1 1e:eb:95:c3:04:d8 yes 0.00
-> 1 86:03:27:21:2e:60 no 44.19
->
-> #-----------------------------------------------------------------------
->
-> ps aux | grep tincd
-> tincd -n powercraft01 -kUSR2
-> tail -n 100 /var/log/syslog
->
-> #-----------------------------------------------------------------------
->
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: Statistics for Linux tun/tap device (tap mode) /dev/net/tun:
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: total bytes in: 468
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: total bytes out: 0
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: Nodes:
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: server01 at MYSELF cipher 0 digest 0 maclength 0 compression 0 options 4 status 0018 nexthop server01 via server01 pmtu 1518 (min 0 max 1518)
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: End of nodes.
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: Edges:
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: End of edges.
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: Subnet list:
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: a2:63:0:96:a:c8#10 owner server01
-> May 24 17:29:31 ashley tinc.powercraft01[11557]: End of subnet list.
->
-> #-----------------------------------------------------------------------
->
-> tcpdump -n -i br0 broadcast
-> tcpdump -n -i tun0 broadcast
->
-> #-----------------------------------------------------------------------
->
-> tcpdump -n -e -i br0 icmp
-> tcpdump -A -p -n -i br0 port 80
-> tcpdump -A -p -n -i br0
->
-> tcpdump -i br0 host 84.245.3.195 -l
->
-> #-----------------------------------------------------------------------
->
-> cat /var/lib/dhcp3/dhcpd.leases
->
-> #-----------------------------------------------------------------------
->
-> # optional
-> export LAN01=vlan2
-> export VPN02=br0
-> # /sbin/iptables --append FORWARD --in-interface br0 --out-interface vlan2 --jump ACCEPT
-> /sbin/iptables --append FORWARD --in-interface ${VPN02} --source 192.168.3.150 --destination 192.168.2.206 --out-interface ${LAN01} --jump ACCEPT
->
-> #-----------------------------------------------------------------------
+ [[!meta title="simple-bridging-with-dhcp-server-side"]]
+
+ # Company: PowerCraft Technology
+ # Author: Copyright Jelle de Jong <jelledejong@powercraft.nl>
+ # Note: Please send me an email if you enhanced the document
+ # Date: 2010-05-24 / 2010-07-04
+ # License: CC-BY-SA
+
+ # This document is free documentation; you can redistribute it and/or
+ # modify it under the terms of the Creative Commons Attribution Share
+ # Alike as published by the Creative Commons Foundation; either version
+ # 3.0 of the License, or (at your option) any later version.
+ #
+ # This document is distributed in the hope that it will be useful,
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ # Creative Commons BY-SA License for more details.
+ #
+ # http://creativecommons.org/licenses/by-sa/
+
+ #-----------------------------------------------------------------------
+
+ # for commercial support contact me, part of the revenue go back to tinc
+
+ #-----------------------------------------------------------------------
+
+ # http://www.tinc-vpn.org/
+ # http://www.tinc-vpn.org/examples/bridging
+ # http://www.tinc-vpn.org/documentation/tinc_toc
+
+ #-----------------------------------------------------------------------
+
+ # <@guus> Well all the tinc daemons together act like a single switcch
+ # <@guus> And each node in the VPN is connected to a port of that switch
+ # <@guus> And if you bridge the VPN interface with eth0, then it's like you plug a cable in a port of your eth0 LAN and the other end of that cable into the tinc switch
+
+ #-----------------------------------------------------------------------
+
+ unset LANG LANGUAGE LC_ALL
+ apt-get update; apt-get dist-upgrade
+
+ apt-cache show tinc
+ apt-get install tinc
+ apt-get install bridge-utils
+
+ #-----------------------------------------------------------------------
+
+ /etc/init.d/tinc stop
+
+ #-----------------------------------------------------------------------
+
+ # ls -hal /dev/net/tun
+ crw-rw-rw- 1 root root 10, 200 May 20 20:07 /dev/net/tun
+
+ # grep tinc /etc/services
+ tinc 655/tcp # tinc control port
+ tinc 655/udp
+
+ cat /usr/share/doc/tinc/README.Debian
+ zcat /usr/share/doc/tinc/README.gz | less
+ zcat /usr/share/doc/tinc/NEWS.gz | less
+ cat /usr/share/doc/tinc/examples/tinc-up
+ w3m /usr/share/doc/tinc/tinc_0.html
+
+ cat /etc/default/tinc
+ less /etc/init.d/tinc
+
+ #-----------------------------------------------------------------------
+
+ vim /etc/default/tinc
+ EXTRA="-d"
+ cat /etc/default/tinc
+
+ #-----------------------------------------------------------------------
+
+ cat /etc/tinc/nets.boot
+ echo 'powercraft01' | tee --append /etc/tinc/nets.boot
+ cat /etc/tinc/nets.boot
+
+ #-----------------------------------------------------------------------
+
+ ls -hal /etc/tinc/scallab01/
+ mkdir --verbose /etc/tinc/powercraft01/
+ mkdir --verbose /etc/tinc/powercraft01/hosts/
+ touch /etc/tinc/powercraft01/tinc.conf
+
+ #-----------------------------------------------------------------------
+
+ vim /etc/network/interfaces
+
+ # tinc-vpn: dhcp bridge
+ auto br0
+ iface br0 inet static
+ address 192.168.3.1
+ netmask 255.255.255.0
+ # pre-up /sbin/ifconfig eth2 hw ether 00:1b:21:61:af:d7
+ # pre-up /sbin/ifconfig eth2 0.0.0.0
+ # bridge_ports eth2
+ bridge_ports tun1
+ bridge_maxwait 1
+ bridge_fd 2.5
+ post-up /bin/echo 1 > /proc/sys/net/ipv4/conf/br0/proxy_arp # optional
+
+ cat /etc/network/interfaces
+
+ #-----------------------------------------------------------------------
+
+ echo 'interface "br0" {
+ request subnet-mask, broadcast-address, time-offset,
+ host-name, netbios-scope, interface-mtu, ntp-servers;
+ }' | tee --append /etc/dhcp3/dhclient.conf
+
+ cat /etc/dhcp3/dhclient.conf
+
+ #-----------------------------------------------------------------------
+
+ vim /etc/dhcp3/dhcpd.conf
+
+ subnet 192.168.3.0 netmask 255.255.255.0 {
+ range 192.168.3.200 192.168.3.240;
+ option routers 192.168.3.1;
+ option domain-name-servers 192.168.3.1;
+ }
+
+ #-----------------------------------------------------------------------
+
+ ifdown br0
+ ifup br0
+
+ #-----------------------------------------------------------------------
+
+ vim /etc/default/dhcp3-server
+ INTERFACES="vlan2 eth0 br0" # add the br0 to the correct location
+
+ /etc/init.d/dhcp3-server restart
+ ps aux | grep dhcp
+ tail -n 400 -f /var/log/syslog
+
+ #-----------------------------------------------------------------------
+
+ ifconfig br0
+ route -n
+ brctl show
+
+ #-----------------------------------------------------------------------
+
+ # ifconfig br0
+ br0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
+ inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0
+ inet6 addr: fe80::dc56:d3ff:fe1a:31df/64 Scope:Link
+ UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
+ RX packets:12 errors:0 dropped:0 overruns:0 frame:0
+ TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
+ collisions:0 txqueuelen:0
+ RX bytes:2568 (2.5 KB) TX bytes:1536 (1.5 KB)
+
+ # route -n
+ Kernel IP routing table
+ Destination Gateway Genmask Flags Metric Ref Use Iface
+ 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
+ 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2
+ 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
+ 84.245.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
+ 0.0.0.0 84.245.3.1 0.0.0.0 UG 100 0 0 eth1
+
+ # brctl show
+ bridge name bridge id STP enabled interfaces
+ br0 8000.000000000000 no
+
+ #-----------------------------------------------------------------------
+
+ echo 'AddressFamily = ipv4
+ Device = /dev/net/tun
+ Interface = tun1
+ Mode = switch
+ Name = server01' | tee /etc/tinc/powercraft01/tinc.conf
+
+ cat /etc/tinc/powercraft01/tinc.conf
+ chmod 640 /etc/tinc/powercraft01/tinc.conf
+ ls -hal /etc/tinc/powercraft01/tinc.conf
+
+ echo '#!/bin/sh
+ ifconfig $INTERFACE 0.0.0.0
+ route add -net 192.168.30.0 netmask 255.255.255.0 br0 # optional subnet
+ brctl addif br0 $INTERFACE' | tee /etc/tinc/powercraft01/tinc-up
+
+ cat /etc/tinc/powercraft01/tinc-up
+ chmod 750 /etc/tinc/powercraft01/tinc-up
+ ls -hal /etc/tinc/powercraft01/tinc-up
+
+ echo '#!/bin/sh
+ brctl delif br0 $INTERFACE
+ route del -net 192.168.30.0 netmask 255.255.255.0 br0 # optional subnet
+ ifconfig $INTERFACE down' | tee /etc/tinc/powercraft01/tinc-down
+
+ cat /etc/tinc/powercraft01/tinc-down
+ chmod 750 /etc/tinc/powercraft01/tinc-down
+ ls -hal /etc/tinc/powercraft01/tinc-down
+
+ #-----------------------------------------------------------------------
+
+ rm /etc/tinc/powercraft01/rsa_key.priv
+ rm /etc/tinc/powercraft01/hosts/server01
+ tincd -n powercraft01 -K
+
+ #-----------------------------------------------------------------------
+
+ getent services | grep 656
+
+ #-----------------------------------------------------------------------
+
+ vim /etc/tinc/powercraft01/hosts/server01
+
+ # add on head of file
+ Compression = 9
+ PMTU = 1492
+ PMTUDiscovery = yes
+ Port = 656
+
+ cat /etc/tinc/powercraft01/hosts/server01
+
+ #-----------------------------------------------------------------------
+
+ /etc/init.d/tinc stop
+ fg
+ /usr/sbin/tincd --net powercraft01 --no-detach --debug=5
+
+ #-----------------------------------------------------------------------
+
+ /etc/init.d/tinc restart
+ tail --line=500 --follow /var/log/syslog
+
+ #-----------------------------------------------------------------------
+
+ ifconfig br0
+ ifconfig tun1
+ route -n
+ brctl show br0
+ brctl showmacs br0
+
+ #-----------------------------------------------------------------------
+
+ # ifconfig br0
+ br0 Link encap:Ethernet HWaddr 1e:eb:95:c3:04:d8
+ inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0
+ inet6 addr: fe80::dc56:d3ff:fe1a:31df/64 Scope:Link
+ UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
+ RX packets:17 errors:0 dropped:0 overruns:0 frame:0
+ TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
+ collisions:0 txqueuelen:0
+ RX bytes:3328 (3.3 KB) TX bytes:2408 (2.4 KB)
+
+ # ifconfig tun1
+ tun1 Link encap:Ethernet HWaddr 1e:eb:95:c3:04:d8
+ inet6 addr: fe80::1ceb:95ff:fec3:4d8/64 Scope:Link
+ UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
+ RX packets:8 errors:0 dropped:0 overruns:0 frame:0
+ TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
+ collisions:0 txqueuelen:500
+ RX bytes:2627 (2.6 KB) TX bytes:1340 (1.3 KB)
+
+ # route -n
+ Kernel IP routing table
+ Destination Gateway Genmask Flags Metric Ref Use Iface
+ 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 br0
+ 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2
+ 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
+ 84.245.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
+ 0.0.0.0 84.245.3.1 0.0.0.0 UG 100 0 0 eth1
+
+ # brctl show br0
+ bridge name bridge id STP enabled interfaces
+ br0 8000.1eeb95c304d8 no tun1
+
+ # brctl showmacs br0
+ port no mac addr is local? ageing timer
+ 1 1e:eb:95:c3:04:d8 yes 0.00
+ 1 86:03:27:21:2e:60 no 44.19
+
+ #-----------------------------------------------------------------------
+
+ ps aux | grep tincd
+ tincd -n powercraft01 -kUSR2
+ tail -n 100 /var/log/syslog
+
+ #-----------------------------------------------------------------------
+
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: Statistics for Linux tun/tap device (tap mode) /dev/net/tun:
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: total bytes in: 468
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: total bytes out: 0
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: Nodes:
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: server01 at MYSELF cipher 0 digest 0 maclength 0 compression 0 options 4 status 0018 nexthop server01 via server01 pmtu 1518 (min 0 max 1518)
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: End of nodes.
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: Edges:
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: End of edges.
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: Subnet list:
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: a2:63:0:96:a:c8#10 owner server01
+ May 24 17:29:31 ashley tinc.powercraft01[11557]: End of subnet list.
+
+ #-----------------------------------------------------------------------
+
+ tcpdump -n -i br0 broadcast
+ tcpdump -n -i tun0 broadcast
+
+ #-----------------------------------------------------------------------
+
+ tcpdump -n -e -i br0 icmp
+ tcpdump -A -p -n -i br0 port 80
+ tcpdump -A -p -n -i br0
+
+ tcpdump -i br0 host 84.245.3.195 -l
+
+ #-----------------------------------------------------------------------
+
+ cat /var/lib/dhcp3/dhcpd.leases
+
+ #-----------------------------------------------------------------------
+
+ # optional
+ export LAN01=vlan2
+ export VPN02=br0
+ # /sbin/iptables --append FORWARD --in-interface br0 --out-interface vlan2 --jump ACCEPT
+ /sbin/iptables --append FORWARD --in-interface ${VPN02} --source 192.168.3.150 --destination 192.168.2.206 --out-interface ${LAN01} --jump ACCEPT
+
+ #-----------------------------------------------------------------------