Commit graph

302 commits

Author SHA1 Message Date
Guus Sliepen
e4ff969a98 Fix for a DoS attack:
A remote user could telnet to the tinc daemon and type only this line:
 61 6 00000000/00000000:28f
 This would deny any packets to be sent to other tinc networks (except
 for to the hosts that run tincd's themselves). Solution is to skip
 hosts in lookup_conn() that have not been activated yet.
Fixed potential conn_list table corruption:
 If a new connection is accepted but a connection with the same subnet
 would already exist in the connection list, the OLD connection is
 terminated.
2000-05-27 19:04:12 +00:00
Guus Sliepen
4d71de15e8 Documentation updates. Removed all references to configuration variable
"AllowConnect", since it is NOT used in tinc. Added information about
"VpnMask". Elaborated a bit about "private" and "virtual" networks.
2000-05-27 13:21:20 +00:00
Ivo Timmermans
85e3c1f271 Updated by Lubomir Bulej and Mads Kiilerich: it uses /etc/tinc/nets.boot and the VpnMask directive in the config files. 2000-05-26 11:25:59 +00:00
Ivo Timmermans
3a6ffe6895 Create an empty /etc/tinc/nets.boot. 2000-05-21 23:01:28 +00:00
Ivo Timmermans
b9a86ec70e Use /etc/tinc/example as a base directory for an example. /etc/tinc/example/README points to /usr/share/doc/tinc/README.Debian. 2000-05-21 22:40:41 +00:00
Ivo Timmermans
63847abdfd Add an example of using VpnMask. 2000-05-21 22:38:01 +00:00
Ivo Timmermans
2469acc090 When VpnMask is not present in the config file, silently use $MSK as vpnmask. 2000-05-21 22:27:31 +00:00
Guus Sliepen
73b3e7ce03 Fixed last typo. Init.d now uses ifconfig command to set both the tap's IP
address as well as the correct route. Furthermore, if no VpnMask is given,
a default of 255.255.0.0 is chosen and a warning issued.
2000-05-21 22:21:38 +00:00
Guus Sliepen
2ad4f1cc5b Typo. 2000-05-21 22:08:21 +00:00
Guus Sliepen
e25fc3a3dc VpnMask truely works now. 2000-05-21 22:04:56 +00:00
Ivo Timmermans
9ec4decec1 Mask the vpn net with the vpn netmask, route would give an error if the netmask didn't match the net. 2000-05-19 01:17:32 +00:00
Ivo Timmermans
20e404ab57 Fixed typo. 2000-05-19 00:58:01 +00:00
Ivo Timmermans
44af1094be Updated copyright notice. 2000-05-19 00:33:44 +00:00
Ivo Timmermans
01352f4c52 Errors will not terminate the script or result in a nonzero exit code. 2000-05-19 00:15:37 +00:00
Ivo Timmermans
4ef2a8cfdb Include postinst in the distribution. 2000-05-19 00:14:34 +00:00
Ivo Timmermans
59ca017df4 Find networks in instead of . 2000-05-19 00:09:20 +00:00
Ivo Timmermans
0354962c98 Don't distribute the file files. 2000-05-18 23:33:44 +00:00
Ivo Timmermans
b56705e18c Version 1.0pre2-0.3 2000-05-18 23:28:51 +00:00
Ivo Timmermans
cbf6efb617 Create a default /etc/tinc/nets.boot after installation, containing all directories under /etc/tinc by default. 2000-05-18 23:18:54 +00:00
Ivo Timmermans
e7d583adfa Read /etc/tinc/nets.boot to find the networks that have to be started. 2000-05-18 23:09:31 +00:00
Ivo Timmermans
8d4ab991b8 This file is generated with dpkg-buildpackage. 2000-05-17 23:13:51 +00:00
Guus Sliepen
ffc79bcd20 TODO file reinstated:
- Append your name to items if you're working on them.
- Remove them if you fixed the problem/implemented that feature.
- Add any (suspected) bugs.
2000-05-16 16:07:15 +00:00
Ivo Timmermans
cdab82d6fb Use the new VpnMask directive to add a route to the rest of the VPN. 2000-05-16 14:34:44 +00:00
Guus Sliepen
85963f4c85 Stub for VpnMask config directive. 2000-05-16 13:09:15 +00:00
Ivo Timmermans
30aff5ea2a Look if the tap devices exist before bluntly remaking them. 2000-05-16 13:03:32 +00:00
Ivo Timmermans
0761eed64c *** empty log message *** 2000-05-16 07:56:05 +00:00
Ivo Timmermans
0a2e2b0c8d Depend on perl5. 2000-05-15 19:48:46 +00:00
Ivo Timmermans
7e817fcf0f Unlimited length in the config file, thanks to Cris van Pelt. 2000-05-15 18:28:45 +00:00
Ivo Timmermans
b18af982af Exit with zero status if is empty. 2000-05-15 17:15:52 +00:00
Ivo Timmermans
4711a87922 Updated to newer version. 2000-05-15 15:54:37 +00:00
Guus Sliepen
a0c4e7fe6d Test for existence of configured tinc networks. This will also make
first install of tinc possible without errors.
2000-05-15 09:41:34 +00:00
Ivo Timmermans
265bda08cd .deb version number 1.0pre2-0.4. 2000-05-14 23:03:37 +00:00
Ivo Timmermans
7a450d704b tincd->tinc
Delete libblowfish.y not be in the .deb.
2000-05-14 23:00:44 +00:00
Ivo Timmermans
7fbfa990fc Mention both upstream authors. 2000-05-14 22:59:47 +00:00
Ivo Timmermans
f7b04ea142 Add description, better dependancies. 2000-05-14 22:59:19 +00:00
Ivo Timmermans
9f07fe55dc Add initscript, tincd->tinc. 2000-05-14 22:58:47 +00:00
Ivo Timmermans
df10baa50c Inserted useful content. 2000-05-14 21:18:10 +00:00
Ivo Timmermans
6c722da77c Add shlibs control file for the blowfish library. 2000-05-14 21:14:23 +00:00
Ivo Timmermans
803f908078 Give IP address instead of hex number when connecting tcp socket failed. 2000-05-14 21:07:16 +00:00
Ivo Timmermans
4b1a1c2123 Changed version to 1.0pre2. 2000-05-14 21:04:53 +00:00
Ivo Timmermans
ca900d388b Version 1.0pre1-0.1. 2000-05-14 20:58:34 +00:00
Ivo Timmermans
7d433ebd76 Add check for mpz_powm in libgmp3. 2000-05-14 20:56:41 +00:00
Ivo Timmermans
de09916ead Only print an error with send_termreq if debug_lvl is 2 or more. 2000-05-14 13:50:10 +00:00
Guus Sliepen
9d023b1f2e Fixed typos. 2000-05-14 13:06:52 +00:00
Guus Sliepen
e20e143f1e Changed ping behaviour (backwards compatible). If we don't have any data
to send, we don't need to check if the connection is still alive.
Furthermore, if we receive any kind of data from the other end, we know
it's alive, so we don't need to check it either. So, PING requests are
only sent if we send packets but there is no response.
2000-05-14 13:02:20 +00:00
Guus Sliepen
ee96ccabbb Cleanups. 2000-05-14 12:22:42 +00:00
Guus Sliepen
8caa1b9d75 Proxymode removed. 2000-05-14 11:39:18 +00:00
Ivo Timmermans
269067bb22 Perl version of the system startup script. 2000-05-13 00:54:27 +00:00
Ivo Timmermans
12adf1af54 Deleted the protocol description. 2000-05-12 13:31:00 +00:00
Guus Sliepen
d0ba34ccae Added new config variable "ProxyMode". If enabled, all outgoing packets
are sent to the uplink (ConnectTo), which will have to forward them for
us (kernel should do that). This is for people behind firewalls.
2000-05-08 18:44:15 +00:00