Erm ...
Link not working Brian. Sorry
Mark
On Thu, Sep 5, 2013 at 8:52 PM, Brian Rogers n1uro@n1uro.ampr.org wrote:
(Please trim inclusions from previous messages) _______________________________________________ http://n1uro.ampr.org/cgi-bin/safe-config.cgi will set up a *very* basic system for amprnet ipencap routing pending you have a tunnel interface already configured.
Field 1: 169.228.66.251 <- ucsd Field 2: 44.0.0.1 <- ucsd Field 3: 44.x.x.x <- your amprnet gw IP Field 4: eth0/wlan0/wifi0/etc
The rest gives you basic IPTable rules to allow IPEncap and ax25 frames through your firewall, route rules, and a basic route table. Load your favorite ripv2-daemon and configure it to populate "table 1" and you'll be off and running within the first rip broadcast (faster if you run the munge script - no need to wait for a broadcast).
Mine looks exactly as the cgi prints:
Add this to your rc.local, or whatever init script you wish to make:
# allow IPEncapsulation and ax25 frames to gate through... iptables -I INPUT 1 -j ACCEPT --proto 4 iptables -I INPUT 1 -j ACCEPT --proto 93 iptables -I OUTPUT 1 -j ACCEPT --proto 4 iptables -I OUTPUT 1 -j ACCEPT --proto 93 iptables -I FORWARD 1 -j ACCEPT --proto 4 iptables -I FORWARD 1 -j ACCEPT --proto 93 # Create a policy to encap forward to your host... ip rule add from 44/8 pref 1 table 1 ip rule add to 44/8 pref 1 table 1 # Now let's set the routing accordingly... ip route add 44/8 via 169.228.66.251 dev tunl0 onlink src 44.88.0.9 table 1 ip route add default via 169.228.66.251 dev tunl0 onlink table 1
*Whether or not you're SAFed (source address filtered) this should work for you. -- 73 de Brian Rogers - N1URO email: n1uro@n1uro.ampr.org Web: http://www.n1uro.net/ Ampr1: http://n1uro.ampr.org/ Ampr2: http://nos.n1uro.ampr.org Linux Amateur Radio Services axMail-Fax & URONode AmprNet coordinator for: Connecticut, Delaware, Maine, Massachusetts, New Hampshire, Pennsylvania, Rhode Island, and Vermont.