Difference between revisions of "ChaosVPN"

From Technologia Incognita
Jump to: navigation, search
(Created page with "{{Project |ProjectSkills=Networking, |ProjectStatus=Active |ProjectNiche=Community |ProjectPurpose=World domination }} == Description == ChaosVPN is a VPN initiative by CC...")
 
Line 1: Line 1:
 
{{Project
 
{{Project
|ProjectSkills=Networking,  
+
|ProjectSkills=Networking,
 
|ProjectStatus=Active
 
|ProjectStatus=Active
 
|ProjectNiche=Community
 
|ProjectNiche=Community
Line 14: Line 14:
 
ChaosVPN can do V4 and V6, currently our setup only offers V4.
 
ChaosVPN can do V4 and V6, currently our setup only offers V4.
 
we have the subnet 172.31.186.0/23 available for our space as is registered here: [http://wiki.hamburg.ccc.de/ChaosVPN:IPRanges#Standard_Subnets ChaosVPN IPRanges]
 
we have the subnet 172.31.186.0/23 available for our space as is registered here: [http://wiki.hamburg.ccc.de/ChaosVPN:IPRanges#Standard_Subnets ChaosVPN IPRanges]
 +
 +
You can claim your own IP within the subnet when using VLAN ID 9, when you do, use DHCP or claim an IP on the wiki by making a machine page.
 +
 +
== Source routing ==
 +
 +
If you want to be on ChaosVPN but also on the TechInc network, you can follow the following steps to do source based routing:
 +
(for debian)
 +
add to /etc/iproute2/rt_tables
 +
'''10    chaosvpn'''
 +
 +
make a small script in /root/source_routing.sh
 +
#!/bin/bash
 +
SOURCE=$1
 +
TARGET=$2
 +
TABLEID=$3
 +
/sbin/ip route add default via $TARGET table $TABLEID
 +
/sbin/ip rule add from $SOURCE table $TABLEID
 +
 +
make it executable:
 +
chmod +x /root/source_routing.sh
 +
 +
Suggested for /etc/network/interfaces
 +
auto eth0.9
 +
iface eth0.9 inet static
 +
    mtu 1200
 +
    vlan-raw-device eth0
 +
    address 172.31.186.x
 +
    netmask 255.255.255.0
 +
    post-up /root/source-routing.sh 172.31.186.x 172.31.186.1
 +
 +
Where x is your machine ID, or use whatever your IP you ended up with.
 +
 +
Or take a look at: https://www.linuxquestions.org/questions/linux-software-2/iptables-source-ip-based-gateway-route-681522/
 +
 +
If you want to do target based, take a look at http://wiki.hamburg.ccc.de/ChaosVPN:IPRanges for which subnets exists or use 172.31.186.1 as your default gateway.

Revision as of 22:52, 9 June 2013

Projects
Participants
Skills Networking
Status Active
Niche Community
Purpose World domination

Description

ChaosVPN is a VPN initiative by CCC Hamburg to interconnect hackers: ChaosVPN

Currently Nyancat is connected to this network, a vlan will be made available to the TechInc network so people can access it and/or provide services on it. If desired we can also NAT to it.

IP Space

ChaosVPN can do V4 and V6, currently our setup only offers V4. we have the subnet 172.31.186.0/23 available for our space as is registered here: ChaosVPN IPRanges

You can claim your own IP within the subnet when using VLAN ID 9, when you do, use DHCP or claim an IP on the wiki by making a machine page.

Source routing

If you want to be on ChaosVPN but also on the TechInc network, you can follow the following steps to do source based routing: (for debian) add to /etc/iproute2/rt_tables

10    chaosvpn

make a small script in /root/source_routing.sh

#!/bin/bash
SOURCE=$1
TARGET=$2
TABLEID=$3
/sbin/ip route add default via $TARGET table $TABLEID
/sbin/ip rule add from $SOURCE table $TABLEID

make it executable:

chmod +x /root/source_routing.sh

Suggested for /etc/network/interfaces

auto eth0.9
iface eth0.9 inet static
    mtu 1200
    vlan-raw-device eth0
    address 172.31.186.x
    netmask 255.255.255.0
    post-up /root/source-routing.sh 172.31.186.x 172.31.186.1

Where x is your machine ID, or use whatever your IP you ended up with.

Or take a look at: https://www.linuxquestions.org/questions/linux-software-2/iptables-source-ip-based-gateway-route-681522/

If you want to do target based, take a look at http://wiki.hamburg.ccc.de/ChaosVPN:IPRanges for which subnets exists or use 172.31.186.1 as your default gateway.