Re: [gentoo-embedded] GNAP+VPN=PROBLEMS

[Natanael Copa <mlists@tanael.org>]

I'm not sure if this is the proper place to suggest this but, anyway...

I have a bootable proof-of-concept CD, build from gnetoo-embedded, that
probably could do what you want without you needing compiling anything.

fetch latest iso from http://jv.lmdata.org/alpine/hardened/isoimages/

This is totally undocumented (still alfa, but I think you should be able
to use it). All runtimes are installed in RAM so you need at least 64MB,
probably more.

boot the cd.

configure your network (debian/busybox style)
in /etc/network/interfaces. You can install nano or vim runtimes for
that with:

  apk_add openvpn

(You migh want to install dhcpcd or pump for dhcp. busybox internal
doesnt work because of no /share/ directory containing the scripts)

install openvpn runtimes:

  apk_add openvpn

configure openvpn (you might want to install bash for running the
openvpn scripts: apk_add bash)

bridgeutils are available with:

  apk_add bridge-utils

shorewall is available with:

  apk_add shorewall

Now as soon you reboot you would lose your configs so you would want to
store it on floppy or usb.

To add files to the save-to-writeable-media-list use:

  lbu_add FILE...

for example:

  lbu_add /etc/resolv.conf /etc/network/interfaces /etc/ssl /etc/openvpn

To really preform the write to floppy, use:

  lbu_commit floppy

You could store configs to usb stick too but then you will need usbd.

  apk_add usbd
  /etc/init.d/usbd start
  modprobe ub
  lbu_commit usb

Now next reboot, everythign in the lbu_add'ed files will be restored and
all pacakges installed will be reinstalled during boot.

make symblinks in /etc/rc2.d and add those links to local backup list
with lbu_add and the services will be started too.

For manpages on apk_add apk_delete and friends, visit
http://apk-tools.sf.net

I know atleast one person using this cd for openvpn.

On ons, 2005-12-28 at 19:09 +0000, João Brázio wrote:
> Dear Thierry,
> It works great but now I've got another problem, I'm trying to compile
> GNAP with nylon, a sock proxy and the following error occurs:
> 
> File: myspecs/extensions.conf
>   extensions: nylon
> 
>   nylon/packlist: nylon libevent 
>   nylon/cleanup: /usr/share
> 
> Portage:
> http://mirrors.tds.net/gentoo/snapshots/portage-20051227.tar.bz2
> 
> 
> # gnap_make -t extensions -e myspecs -p portage-20051227.tar.bz2
> GNAP Core Building tool gnap_make version 1.8.2
>  * Checking parameters...
> [ ok ]
>  * 'livecd-stage1' or 'extensions' was selected without 'stage3'. 
>  * Should I use the seed stage as stage3 result ? [N]: y
>  * The following targets will be called:
>  * [extensions]
>  * Preparing portage snapshot...
> [ ok ]
>  * [extensions] stage start...
> [ ok ] 
>  *   Building nylon extension...
> [ !! ]
>  * Extension build failed, see ./gnap_make-20051228.err and .out for
> det  [ !! ]
>  * Cleaning temporary directories...
> [ ok ] 
> Build failed, try man gnap_make for more help
> 
> 
> # cat gnap_make-20051228.err
> >>> Regenerating /etc/ld.so.cache...
> 
> 
> Performing Global Updates: /usr/portage/profiles/updates/4Q-2005
> (Could take a couple of minutes if you have a lot of binary
> packages.) 
>   .='update pass'  *='binary update'  @='/var/db move'
>   s='/var/db SLOT move' S='binary SLOT move'
> p='update /etc/portage/package.*'
> 
> 
> # cat gnap_make-20051228.out
> ........................
> Calculating dependencies 
> 
> !!! Problem in sys-apps/portage dependencies.
> !!! [Errno 38] Function not implemented:
> '/var/cache/edb/dep//usr/portage/sys-apps/.update.8098.portage-2.0.53'
> exceptions
> Calculating dependencies
> 
> !!! Problem in net-proxy/nylon dependencies. 
> !!! [Errno 38] Function not implemented:
> '/var/cache/edb/dep//usr/portage/net-proxy/.update.8144.nylon-1.2-r2'
> exceptions
> Gentoo Catalyst, version 1.1.10.10
> Copyright 2003-2005 The Gentoo Foundation 
> Distributed under the GNU General Public License version 2
> 
> Using command line specified Catalyst configuration
> file, /etc/catalyst/catalyst.conf
> Setting storedir to config file value "/var/tmp/catalyst" 
> Setting portdir to default value "/usr/portage"
> Setting distdir to config file value "/usr/portage/distfiles"
> Setting options to config file value "pkgcache kerncache"
> Setting sharedir to config file value "/usr/lib/catalyst" 
> Package cache support enabled.
> Kernel cache support enabled.
> 
>         WARNING: No value set for key: grp/use
>         deleting key: grp/use
> 
> Building natively for x86
> Checking for processes running in chroot and killing them. 
> Running command
> "/bin/bash /usr/lib/catalyst/targets/support/kill-chroot-pids.sh"
> Running action sequence: dir_setup
> Setting up directories...
> Running action sequence: unpack_and_bind
> Unpacking stage tarball... 
> Running command "/bin/tar
> xjpf /var/tmp/catalyst/builds/gnap/stage3-x86-20051228.tar.bz2
> -C /var/tmp/catalyst/tmp/gnap/grp-x86-20051228"
> Unpacking portage tree snapshot...
> Running command "/bin/tar xjpf /var/tmp/catalyst/snapshots/portage-
> 20051228.tar.bz2 -C /var/tmp/catalyst/tmp/gnap/grp-x86-20051228/usr"
> Configuring profile link...
> Running command "rm
> -f /var/tmp/catalyst/tmp/gnap/grp-x86-20051228/etc/make.profile"
> Running command "ln
> -sf ../usr/portage/profiles/uclibc/x86/hardened /var/tmp/catalyst/tmp/gnap/grp-x86-20051228/etc/make.profile" 
> Running action sequence: chroot_setup
> Setting up chroot...
> Running command
> "cp /etc/resolv.conf /var/tmp/catalyst/tmp/gnap/grp-x86-20051228/etc"
> Running command
> "mv /var/tmp/catalyst/tmp/gnap/grp-x86-20051228/etc/hosts /var/tmp/catalyst/tmp/gnap/grp-x86-20051228/etc/hosts.bck" 
> Running command
> "cp /etc/hosts /var/tmp/catalyst/tmp/gnap/grp-x86-20051228/etc/hosts"
> Running command "rm
> -f /var/tmp/catalyst/tmp/gnap/grp-x86-20051228/etc/make.conf"
> Running action sequence: setup_environment 
> Running action sequence: run_local
> Running command "/bin/bash /usr/lib/catalyst/targets/grp/grp.sh run
> pkgset nylon 'nylon' 'libevent'"
> 
> Traceback (most recent call last):
>   File "modules/grp_target.py", line 44, in run_local 
>     cmd("/bin/bash "+self.settings["sharedir"]+\
>   File "/usr/lib/catalyst/modules/catalyst_support.py", line 102, in
> cmd
>     raise CatalystError,myexc
> CatalystError: <unprintable instance object> 
> None
> 
> !!! catalyst: GRP build aborting due to error.
> 
> On 12/28/05, Thierry Carrez <koon@gentoo.org> wrote:
>         João Brázio wrote:
>         
>         > I've been trying to configure GNAP as a VPN server without
>         any success. 
>         >
>         > I want to allow 10 clients connected to the VPN server at
>         the same time
>         > and each one of them should have a different local IP
>         address. This is
>         > possible to do with a bridge.
>         
>         This is also possible to do without a bridge, using OpenVPN
>         2.0 "server"
>         mode. See http://openvpn.net/howto.html
>         
>         > I need to create br0 bridge with eth0 with tap0. The problem
>         is that I 
>         > can't see the interfaces when I do ifconfig -a altought i
>         can see 
>         > /dev/net/tun so I think TUN/TAP module is loaded.
>         
>         GNAP vanilla kernel is missing bridge support.
>         
>         > Can this be done with a vanilla GNAP system ?
>         > How is supposed to use the USE_VPN flag on GNAP, p2p VPN or
>         a 
>         > Server-to-many solution ?
>         
>         USE_VPN triggers the use of OpenVPN. It supports both modes.
>         
>         --
>         Thierry Carrez (Koon)
>         GNAP Developer
>         --
>         gentoo-embedded@gentoo.org mailing list
>         
> 
> 
> 
> -- 
> 
> Cumprimentos,
> João Brázio.

-- 
gentoo-embedded@gentoo.org mailing list