X-Git-Url: https://tinc-vpn.org/git/browse?p=wiki;a=blobdiff_plain;f=examples%2Fsimple-bridging-with-dhcp-server-side.mdwn;h=8ef726d9b1a2468450794986620935d29e3f7d7c;hp=4771d92c4d9259454f2deb3b32490bb8dbed0481;hb=4a8ff30c03c43d74b2870a9a4b8c832768f994e1;hpb=0e785f06f39116771060269debf80ce9ec249757 diff --git a/examples/simple-bridging-with-dhcp-server-side.mdwn b/examples/simple-bridging-with-dhcp-server-side.mdwn index 4771d92..8ef726d 100644 --- a/examples/simple-bridging-with-dhcp-server-side.mdwn +++ b/examples/simple-bridging-with-dhcp-server-side.mdwn @@ -1,314 +1,325 @@ -> [[!meta title="simple-bridging-with-dhcp-server-side"]] -> -> # Company: PowerCraft Technology -> # Author: Copyright Jelle de Jong -> # Note: Please send me an email if you enhanced the document -> # Date: 2010-05-24 -> # License: CC-BY-SA -> -> # This document is free documentation; you can redistribute it and/or -> # modify it under the terms of the Creative Commons Attribution Share -> # Alike as published by the Creative Commons Foundation; either version -> # 3.0 of the License, or (at your option) any later version. -> # -> # This document is distributed in the hope that it will be useful, -> # but WITHOUT ANY WARRANTY; without even the implied warranty of -> # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -> # Creative Commons BY-SA License for more details. -> # -> # http://creativecommons.org/licenses/by-sa/ -> -> #----------------------------------------------------------------------- -> -> # for commercial support contact me, part of the revenue go back to tinc -> -> #----------------------------------------------------------------------- -> -> # http://www.tinc-vpn.org/ -> # http://www.tinc-vpn.org/examples/bridging -> # http://www.tinc-vpn.org/documentation/tinc_toc -> -> #----------------------------------------------------------------------- -> -> # <@guus> Well all the tinc daemons together act like a single switcch -> # <@guus> And each node in the VPN is connected to a port of that switch -> # <@guus> And if you bridge the VPN interface with eth0, then it's like you plug a cable in a port of your eth0 LAN and the other end of that cable into the tinc switch -> -> #----------------------------------------------------------------------- -> -> unset LANG LANGUAGE LC_ALL -> apt-get update; apt-get dist-upgrade -> -> apt-cache show tinc -> apt-get install tinc -> apt-get install bridge-utils -> -> #----------------------------------------------------------------------- -> -> /etc/init.d/tinc stop -> -> #----------------------------------------------------------------------- -> -> # ls -hal /dev/net/tun -> crw-rw-rw- 1 root root 10, 200 May 20 20:07 /dev/net/tun -> -> # grep tinc /etc/services -> tinc 655/tcp # tinc control port -> tinc 655/udp -> -> cat /usr/share/doc/tinc/README.Debian -> zcat /usr/share/doc/tinc/README.gz | less -> zcat /usr/share/doc/tinc/NEWS.gz | less -> cat /usr/share/doc/tinc/examples/tinc-up -> w3m /usr/share/doc/tinc/tinc_0.html -> -> cat /etc/default/tinc -> less /etc/init.d/tinc -> -> #----------------------------------------------------------------------- -> -> vim /etc/default/tinc -> EXTRA="-d" -> cat /etc/default/tinc -> -> #----------------------------------------------------------------------- -> -> cat /etc/tinc/nets.boot -> echo 'powercraft01' | tee --append /etc/tinc/nets.boot -> cat /etc/tinc/nets.boot -> -> #----------------------------------------------------------------------- -> -> ls -hal /etc/tinc/scallab01/ -> mkdir --verbose /etc/tinc/powercraft01/ -> mkdir --verbose /etc/tinc/powercraft01/hosts/ -> touch /etc/tinc/powercraft01/tinc.conf -> -> #----------------------------------------------------------------------- -> -> vim /etc/network/interfaces -> -> # tinc-vpn: dhcp bridge -> auto br0 -> iface br0 inet static -> address 192.168.3.1 -> netmask 255.255.255.0 -> # pre-up /sbin/ifconfig eth2 hw ether 00:1b:21:61:af:d7 -> # pre-up /sbin/ifconfig eth2 0.0.0.0 -> # bridge_ports eth2 -> bridge_ports tun1 -> bridge_maxwait 1 -> bridge_fd 2.5 -> -> cat /etc/network/interfaces -> -> #----------------------------------------------------------------------- -> -> echo 'interface "br0" { -> request subnet-mask, broadcast-address, time-offset, -> host-name, netbios-scope, interface-mtu, ntp-servers; -> }' | tee --append /etc/dhcp3/dhclient.conf -> -> cat /etc/dhcp3/dhclient.conf -> -> #----------------------------------------------------------------------- -> -> vim /etc/dhcp3/dhcpd.conf -> -> subnet 192.168.3.0 netmask 255.255.255.0 { -> range 192.168.3.200 192.168.3.240; -> option routers 192.168.3.1; -> option domain-name-servers 192.168.3.1; -> } -> -> #----------------------------------------------------------------------- -> -> ifdown br0 -> ifup br0 -> -> #----------------------------------------------------------------------- -> -> vim /etc/default/dhcp3-server -> INTERFACES="vlan2 eth0 br0" # add the br0 to the correct location -> -> /etc/init.d/dhcp3-server restart -> ps aux | grep dhcp -> tail -n 400 -f /var/log/syslog -> -> #----------------------------------------------------------------------- -> -> ifconfig br0 -> route -n -> brctl show -> -> #----------------------------------------------------------------------- -> -> # ifconfig br0 -> br0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 -> inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0 -> inet6 addr: fe80::dc56:d3ff:fe1a:31df/64 Scope:Link -> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 -> RX packets:12 errors:0 dropped:0 overruns:0 frame:0 -> TX packets:14 errors:0 dropped:0 overruns:0 carrier:0 -> collisions:0 txqueuelen:0 -> RX bytes:2568 (2.5 KB) TX bytes:1536 (1.5 KB) -> -> # route -n -> Kernel IP routing table -> Destination Gateway Genmask Flags Metric Ref Use Iface -> 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 -> 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2 -> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 -> 84.245.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 -> 0.0.0.0 84.245.3.1 0.0.0.0 UG 100 0 0 eth1 -> -> # brctl show -> bridge name bridge id STP enabled interfaces -> br0 8000.000000000000 no -> -> #----------------------------------------------------------------------- -> -> echo 'AddressFamily = ipv4 -> Device = /dev/net/tun -> Interface = tun1 -> Mode = switch -> Name = server01' | tee /etc/tinc/powercraft01/tinc.conf -> -> cat /etc/tinc/powercraft01/tinc.conf -> chmod 640 /etc/tinc/powercraft01/tinc.conf -> ls -hal /etc/tinc/powercraft01/tinc.conf -> -> echo '#!/bin/sh -> ifconfig $INTERFACE 0.0.0.0 -> brctl addif br0 $INTERFACE' | tee /etc/tinc/powercraft01/tinc-up -> -> cat /etc/tinc/powercraft01/tinc-up -> chmod 750 /etc/tinc/powercraft01/tinc-up -> ls -hal /etc/tinc/powercraft01/tinc-up -> -> echo '#!/bin/sh -> brctl delif br0 $INTERFACE -> ifconfig $INTERFACE down' | tee /etc/tinc/powercraft01/tinc-down -> -> cat /etc/tinc/powercraft01/tinc-down -> chmod 750 /etc/tinc/powercraft01/tinc-down -> ls -hal /etc/tinc/powercraft01/tinc-down -> -> #----------------------------------------------------------------------- -> -> rm /etc/tinc/powercraft01/rsa_key.priv -> rm /etc/tinc/powercraft01/hosts/server01 -> tincd -n powercraft01 -K -> -> #----------------------------------------------------------------------- -> -> getent services | grep 656 -> -> #----------------------------------------------------------------------- -> -> vim /etc/tinc/powercraft01/hosts/server01 -> -> # add on head of file -> Compression = 9 -> PMTU = 1492 -> PMTUDiscovery = yes -> Port = 656 -> -> cat /etc/tinc/powercraft01/hosts/server01 -> -> #----------------------------------------------------------------------- -> -> /etc/init.d/tinc stop -> fg -> /usr/sbin/tincd --net powercraft01 --no-detach --debug=5 -> -> #----------------------------------------------------------------------- -> -> /etc/init.d/tinc restart -> tail --line=500 --follow /var/log/syslog -> -> #----------------------------------------------------------------------- -> -> ifconfig br0 -> ifconfig tun1 -> route -n -> brctl show br0 -> brctl showmacs br0 -> -> #----------------------------------------------------------------------- -> -> # ifconfig br0 -> br0 Link encap:Ethernet HWaddr 1e:eb:95:c3:04:d8 -> inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0 -> inet6 addr: fe80::dc56:d3ff:fe1a:31df/64 Scope:Link -> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 -> RX packets:17 errors:0 dropped:0 overruns:0 frame:0 -> TX packets:20 errors:0 dropped:0 overruns:0 carrier:0 -> collisions:0 txqueuelen:0 -> RX bytes:3328 (3.3 KB) TX bytes:2408 (2.4 KB) -> -> # ifconfig tun1 -> tun1 Link encap:Ethernet HWaddr 1e:eb:95:c3:04:d8 -> inet6 addr: fe80::1ceb:95ff:fec3:4d8/64 Scope:Link -> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 -> RX packets:8 errors:0 dropped:0 overruns:0 frame:0 -> TX packets:12 errors:0 dropped:0 overruns:0 carrier:0 -> collisions:0 txqueuelen:500 -> RX bytes:2627 (2.6 KB) TX bytes:1340 (1.3 KB) -> -> # route -n -> Kernel IP routing table -> Destination Gateway Genmask Flags Metric Ref Use Iface -> 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 -> 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2 -> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 -> 84.245.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 -> 0.0.0.0 84.245.3.1 0.0.0.0 UG 100 0 0 eth1 -> -> # brctl show br0 -> bridge name bridge id STP enabled interfaces -> br0 8000.1eeb95c304d8 no tun1 -> -> # brctl showmacs br0 -> port no mac addr is local? ageing timer -> 1 1e:eb:95:c3:04:d8 yes 0.00 -> 1 86:03:27:21:2e:60 no 44.19 -> -> #----------------------------------------------------------------------- -> -> ps aux | grep tincd -> tincd -n powercraft01 -kUSR2 -> tail -n 100 /var/log/syslog -> -> #----------------------------------------------------------------------- -> -> May 24 17:29:31 ashley tinc.powercraft01[11557]: Statistics for Linux tun/tap device (tap mode) /dev/net/tun: -> May 24 17:29:31 ashley tinc.powercraft01[11557]: total bytes in: 468 -> May 24 17:29:31 ashley tinc.powercraft01[11557]: total bytes out: 0 -> May 24 17:29:31 ashley tinc.powercraft01[11557]: Nodes: -> May 24 17:29:31 ashley tinc.powercraft01[11557]: server01 at MYSELF cipher 0 digest 0 maclength 0 compression 0 options 4 status 0018 nexthop server01 via server01 pmtu 1518 (min 0 max 1518) -> May 24 17:29:31 ashley tinc.powercraft01[11557]: End of nodes. -> May 24 17:29:31 ashley tinc.powercraft01[11557]: Edges: -> May 24 17:29:31 ashley tinc.powercraft01[11557]: End of edges. -> May 24 17:29:31 ashley tinc.powercraft01[11557]: Subnet list: -> May 24 17:29:31 ashley tinc.powercraft01[11557]: a2:63:0:96:a:c8#10 owner server01 -> May 24 17:29:31 ashley tinc.powercraft01[11557]: End of subnet list. -> -> #----------------------------------------------------------------------- -> -> tcpdump -n -i br0 broadcast -> tcpdump -n -i tun0 broadcast -> -> #----------------------------------------------------------------------- -> -> tcpdump -n -e -i br0 icmp -> tcpdump -A -p -n -i br0 port 80 -> tcpdump -A -p -n -i br0 -> -> tcpdump -i br0 host 84.245.3.195 -l -> -> #----------------------------------------------------------------------- -> -> cat /var/lib/dhcp3/dhcpd.leases -> -> #----------------------------------------------------------------------- + [[!meta title="simple-bridging-with-dhcp-server-side"]] + + # Company: PowerCraft Technology + # Author: Copyright Jelle de Jong + # Note: Please send me an email if you enhanced the document + # Date: 2010-05-24 / 2010-07-04 + # License: CC-BY-SA + + # This document is free documentation; you can redistribute it and/or + # modify it under the terms of the Creative Commons Attribution Share + # Alike as published by the Creative Commons Foundation; either version + # 3.0 of the License, or (at your option) any later version. + # + # This document is distributed in the hope that it will be useful, + # but WITHOUT ANY WARRANTY; without even the implied warranty of + # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + # Creative Commons BY-SA License for more details. + # + # https://creativecommons.org/licenses/by-sa/ + + #----------------------------------------------------------------------- + + # for commercial support contact me, part of the revenue go back to tinc + + #----------------------------------------------------------------------- + + # https://www.tinc-vpn.org/ + # https://www.tinc-vpn.org/examples/bridging + # https://www.tinc-vpn.org/documentation/tinc_toc + + #----------------------------------------------------------------------- + + # <@guus> Well all the tinc daemons together act like a single switcch + # <@guus> And each node in the VPN is connected to a port of that switch + # <@guus> And if you bridge the VPN interface with eth0, then it's like you plug a cable in a port of your eth0 LAN and the other end of that cable into the tinc switch + + #----------------------------------------------------------------------- + + unset LANG LANGUAGE LC_ALL + apt-get update; apt-get dist-upgrade + + apt-cache show tinc + apt-get install tinc + apt-get install bridge-utils + + #----------------------------------------------------------------------- + + /etc/init.d/tinc stop + + #----------------------------------------------------------------------- + + # ls -hal /dev/net/tun + crw-rw-rw- 1 root root 10, 200 May 20 20:07 /dev/net/tun + + # grep tinc /etc/services + tinc 655/tcp # tinc control port + tinc 655/udp + + cat /usr/share/doc/tinc/README.Debian + zcat /usr/share/doc/tinc/README.gz | less + zcat /usr/share/doc/tinc/NEWS.gz | less + cat /usr/share/doc/tinc/examples/tinc-up + w3m /usr/share/doc/tinc/tinc_0.html + + cat /etc/default/tinc + less /etc/init.d/tinc + + #----------------------------------------------------------------------- + + vim /etc/default/tinc + EXTRA="-d" + cat /etc/default/tinc + + #----------------------------------------------------------------------- + + cat /etc/tinc/nets.boot + echo 'powercraft01' | tee --append /etc/tinc/nets.boot + cat /etc/tinc/nets.boot + + #----------------------------------------------------------------------- + + ls -hal /etc/tinc/scallab01/ + mkdir --verbose /etc/tinc/powercraft01/ + mkdir --verbose /etc/tinc/powercraft01/hosts/ + touch /etc/tinc/powercraft01/tinc.conf + + #----------------------------------------------------------------------- + + vim /etc/network/interfaces + + # tinc-vpn: dhcp bridge + auto br0 + iface br0 inet static + address 192.168.3.1 + netmask 255.255.255.0 + # pre-up /sbin/ifconfig eth2 hw ether 00:1b:21:61:af:d7 + # pre-up /sbin/ifconfig eth2 0.0.0.0 + # bridge_ports eth2 + bridge_ports tun1 + bridge_maxwait 1 + bridge_fd 2.5 + post-up /bin/echo 1 > /proc/sys/net/ipv4/conf/br0/proxy_arp # optional + + cat /etc/network/interfaces + + #----------------------------------------------------------------------- + + echo 'interface "br0" { + request subnet-mask, broadcast-address, time-offset, + host-name, netbios-scope, interface-mtu, ntp-servers; + }' | tee --append /etc/dhcp3/dhclient.conf + + cat /etc/dhcp3/dhclient.conf + + #----------------------------------------------------------------------- + + vim /etc/dhcp3/dhcpd.conf + + subnet 192.168.3.0 netmask 255.255.255.0 { + range 192.168.3.200 192.168.3.240; + option routers 192.168.3.1; + option domain-name-servers 192.168.3.1; + } + + #----------------------------------------------------------------------- + + ifdown br0 + ifup br0 + + #----------------------------------------------------------------------- + + vim /etc/default/dhcp3-server + INTERFACES="vlan2 eth0 br0" # add the br0 to the correct location + + /etc/init.d/dhcp3-server restart + ps aux | grep dhcp + tail -n 400 -f /var/log/syslog + + #----------------------------------------------------------------------- + + ifconfig br0 + route -n + brctl show + + #----------------------------------------------------------------------- + + # ifconfig br0 + br0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 + inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0 + inet6 addr: fe80::dc56:d3ff:fe1a:31df/64 Scope:Link + UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 + RX packets:12 errors:0 dropped:0 overruns:0 frame:0 + TX packets:14 errors:0 dropped:0 overruns:0 carrier:0 + collisions:0 txqueuelen:0 + RX bytes:2568 (2.5 KB) TX bytes:1536 (1.5 KB) + + # route -n + Kernel IP routing table + Destination Gateway Genmask Flags Metric Ref Use Iface + 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 + 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2 + 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 + 84.245.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 + 0.0.0.0 84.245.3.1 0.0.0.0 UG 100 0 0 eth1 + + # brctl show + bridge name bridge id STP enabled interfaces + br0 8000.000000000000 no + + #----------------------------------------------------------------------- + + echo 'AddressFamily = ipv4 + Device = /dev/net/tun + Interface = tun1 + Mode = switch + Name = server01' | tee /etc/tinc/powercraft01/tinc.conf + + cat /etc/tinc/powercraft01/tinc.conf + chmod 640 /etc/tinc/powercraft01/tinc.conf + ls -hal /etc/tinc/powercraft01/tinc.conf + + echo '#!/bin/sh + ifconfig $INTERFACE 0.0.0.0 + route add -net 192.168.30.0 netmask 255.255.255.0 br0 # optional subnet + brctl addif br0 $INTERFACE' | tee /etc/tinc/powercraft01/tinc-up + + cat /etc/tinc/powercraft01/tinc-up + chmod 750 /etc/tinc/powercraft01/tinc-up + ls -hal /etc/tinc/powercraft01/tinc-up + + echo '#!/bin/sh + brctl delif br0 $INTERFACE + route del -net 192.168.30.0 netmask 255.255.255.0 br0 # optional subnet + ifconfig $INTERFACE down' | tee /etc/tinc/powercraft01/tinc-down + + cat /etc/tinc/powercraft01/tinc-down + chmod 750 /etc/tinc/powercraft01/tinc-down + ls -hal /etc/tinc/powercraft01/tinc-down + + #----------------------------------------------------------------------- + + rm /etc/tinc/powercraft01/rsa_key.priv + rm /etc/tinc/powercraft01/hosts/server01 + tincd -n powercraft01 -K + + #----------------------------------------------------------------------- + + getent services | grep 656 + + #----------------------------------------------------------------------- + + vim /etc/tinc/powercraft01/hosts/server01 + + # add on head of file + Compression = 9 + PMTU = 1492 + PMTUDiscovery = yes + Port = 656 + + cat /etc/tinc/powercraft01/hosts/server01 + + #----------------------------------------------------------------------- + + /etc/init.d/tinc stop + fg + /usr/sbin/tincd --net powercraft01 --no-detach --debug=5 + + #----------------------------------------------------------------------- + + /etc/init.d/tinc restart + tail --line=500 --follow /var/log/syslog + + #----------------------------------------------------------------------- + + ifconfig br0 + ifconfig tun1 + route -n + brctl show br0 + brctl showmacs br0 + + #----------------------------------------------------------------------- + + # ifconfig br0 + br0 Link encap:Ethernet HWaddr 1e:eb:95:c3:04:d8 + inet addr:192.168.3.1 Bcast:192.168.3.255 Mask:255.255.255.0 + inet6 addr: fe80::dc56:d3ff:fe1a:31df/64 Scope:Link + UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 + RX packets:17 errors:0 dropped:0 overruns:0 frame:0 + TX packets:20 errors:0 dropped:0 overruns:0 carrier:0 + collisions:0 txqueuelen:0 + RX bytes:3328 (3.3 KB) TX bytes:2408 (2.4 KB) + + # ifconfig tun1 + tun1 Link encap:Ethernet HWaddr 1e:eb:95:c3:04:d8 + inet6 addr: fe80::1ceb:95ff:fec3:4d8/64 Scope:Link + UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 + RX packets:8 errors:0 dropped:0 overruns:0 frame:0 + TX packets:12 errors:0 dropped:0 overruns:0 carrier:0 + collisions:0 txqueuelen:500 + RX bytes:2627 (2.6 KB) TX bytes:1340 (1.3 KB) + + # route -n + Kernel IP routing table + Destination Gateway Genmask Flags Metric Ref Use Iface + 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 + 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan2 + 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 + 84.245.3.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 + 0.0.0.0 84.245.3.1 0.0.0.0 UG 100 0 0 eth1 + + # brctl show br0 + bridge name bridge id STP enabled interfaces + br0 8000.1eeb95c304d8 no tun1 + + # brctl showmacs br0 + port no mac addr is local? ageing timer + 1 1e:eb:95:c3:04:d8 yes 0.00 + 1 86:03:27:21:2e:60 no 44.19 + + #----------------------------------------------------------------------- + + ps aux | grep tincd + tincd -n powercraft01 -kUSR2 + tail -n 100 /var/log/syslog + + #----------------------------------------------------------------------- + + May 24 17:29:31 ashley tinc.powercraft01[11557]: Statistics for Linux tun/tap device (tap mode) /dev/net/tun: + May 24 17:29:31 ashley tinc.powercraft01[11557]: total bytes in: 468 + May 24 17:29:31 ashley tinc.powercraft01[11557]: total bytes out: 0 + May 24 17:29:31 ashley tinc.powercraft01[11557]: Nodes: + May 24 17:29:31 ashley tinc.powercraft01[11557]: server01 at MYSELF cipher 0 digest 0 maclength 0 compression 0 options 4 status 0018 nexthop server01 via server01 pmtu 1518 (min 0 max 1518) + May 24 17:29:31 ashley tinc.powercraft01[11557]: End of nodes. + May 24 17:29:31 ashley tinc.powercraft01[11557]: Edges: + May 24 17:29:31 ashley tinc.powercraft01[11557]: End of edges. + May 24 17:29:31 ashley tinc.powercraft01[11557]: Subnet list: + May 24 17:29:31 ashley tinc.powercraft01[11557]: a2:63:0:96:a:c8#10 owner server01 + May 24 17:29:31 ashley tinc.powercraft01[11557]: End of subnet list. + + #----------------------------------------------------------------------- + + tcpdump -n -i br0 broadcast + tcpdump -n -i tun0 broadcast + + #----------------------------------------------------------------------- + + tcpdump -n -e -i br0 icmp + tcpdump -A -p -n -i br0 port 80 + tcpdump -A -p -n -i br0 + + tcpdump -i br0 host 84.245.3.195 -l + + #----------------------------------------------------------------------- + + cat /var/lib/dhcp3/dhcpd.leases + + #----------------------------------------------------------------------- + + # optional + export LAN01=vlan2 + export VPN02=br0 + # /sbin/iptables --append FORWARD --in-interface br0 --out-interface vlan2 --jump ACCEPT + /sbin/iptables --append FORWARD --in-interface ${VPN02} --source 192.168.3.150 --destination 192.168.2.206 --out-interface ${LAN01} --jump ACCEPT + + #-----------------------------------------------------------------------