This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
vpn-ssh-tap [2020/07/25 01:34] robm |
vpn-ssh-tap [2020/08/06 11:48] (current) robm [VPN via SSH TAP interfaces] |
||
---|---|---|---|
Line 3: | Line 3: | ||
Useful to run the following on both local and remote, to get a sense of what's happening: | Useful to run the following on both local and remote, to get a sense of what's happening: | ||
- | < | + | * '' |
- | bridge monitor | + | * '' |
- | </ | + | * '' |
+ | * '' | ||
VM, where eth1 is connected to the network I want to make my RPi appear in: | VM, where eth1 is connected to the network I want to make my RPi appear in: | ||
+ | |||
+ | Vagrantfile (based on using [[https:// | ||
< | < | ||
- | ip link add br0 up type bridge | + | # -*- mode: ruby -*- |
- | ip address add 192.168.167.134/ | + | # vi: set ft=ruby : |
- | ip address flush dev eth1 # Remove eth1's addresses completely | + | |
- | ip link set eth1 master br0 # Attach eth1 to the bridge | + | |
- | </ | + | |
- | Raspberry Pi: | + | BRIDGE_ADAPTORS=[ |
+ | "en0: Wi-Fi (AirPort)", | ||
+ | " | ||
+ | " | ||
+ | # Add your OS's default here | ||
+ | ] | ||
- | <code> | + | Vagrant.configure(" |
- | sudo ip link add br0 up type bridge | + | config.vm.box = " |
- | sudo ssh \ | + | config.vm.network " |
- | -o PermitLocalCommand=yes \ | + | |
- | -o " | + | config.vm.provider " |
- | -o Tunnel=ethernet \ | + | # Cf. http:// |
- | -w 5:5 \ | + | prl.customize [" |
- | -t \ | + | " |
- | root@192.168.167.237 | + | " |
- | "ip link set tap5 up master br0" | + | " |
+ | " | ||
+ | prl.customize [" | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | " | ||
+ | end | ||
+ | |||
+ | config.vm.provision " | ||
+ | privileged: true, | ||
+ | inline: | ||
+ | # Secure Shell daemon configuration changes | ||
+ | echo " | ||
+ | echo " | ||
+ | systemctl reload sshd | ||
+ | |||
+ | # Root account is disabled by default (password begins with literal ' | ||
+ | # so we'll change the password to re-enable the account | ||
+ | usermod -p ' | ||
+ | |||
+ | # Install GadgetPi' | ||
+ | # requiring an operator | ||
+ | umask 0077 | ||
+ | mkdir / | ||
+ | echo " | ||
+ | " >> / | ||
+ | |||
+ | # Enable acting as a router (forwarding packets) | ||
+ | echo "" | ||
+ | echo " | ||
+ | sysctl --load / | ||
+ | SHELL | ||
+ | |||
+ | config.vm.post_up_message = << | ||
+ | Run the following on this VM: | ||
+ | |||
+ | ETH1_IP=192.168.167.100/ | ||
+ | sudo ip link add br0 up type bridge | ||
+ | sudo ip address add ${ETH1_IP} dev br0 # Copy the address and netmask of eth1 | ||
+ | sudo ip address flush dev eth1 # Remove eth1's addresses completely | ||
+ | sudo ip link set eth1 master br0 # Attach eth1 to the bridge | ||
+ | |||
+ | Run the following on the GadgetPi: | ||
+ | |||
+ | REMOTE_HOST=192.168.167.237 | ||
+ | sudo ip link add br0 up type bridge | ||
+ | sudo ip link set eth0 up master br0 | ||
+ | | ||
+ | -o PermitLocalCommand=yes | ||
+ | -o " | ||
+ | -o Tunnel=ethernet | ||
+ | -w 5:5 \\ | ||
+ | -t \\ | ||
+ | root@${REMOTE_HOST} \\ | ||
+ | "ip link set tap5 up master br0" | ||
+ | EOF | ||
+ | end | ||
</ | </ | ||
+ | ===== Debugging ===== | ||
+ | |||
+ | I found [[https:// |