[gentoo-user] VPN vs LAN address hostname resolution

[gentoo-user] VPN vs LAN address hostname resolution

[Samuraiii]

Hello,

I am trying to get hostname address resolution on my LAN and VPN with
one serious problem:
I have two "networks" eg. 10.1.1.0 and 10.2.2.0 which are representing
local address space for LAN (10.1.1.0/8) and VPN address space (10.2.2.0/8).
Every host has its own address "suffix" (eg. host foo has LAN address
10.1.1.3 and vpn address 10.2.2.3).
I would like to setup some sort resolution which would account for
availability of host on LAN:
If host foo is in same LAN and host bar the connection would be carried
through LAN interface with LAN address and NOT (as avahi is trying to
do) using VPN connection which is connecting through remote server and
is therefore *a lot* slower than LAN connection.
The LAN address is not available always but VPN is.


So my question is there something which would do this almost same as
avahi but would be capable of prioritizing interface/address?
 
Thank you for advice in advance
S

Re: [gentoo-user] VPN vs LAN address hostname resolution

[Michael Orlitzky]

On 05/22/13 12:36, Samuraiii wrote:
> Hello,
> 
> I am trying to get hostname address resolution on my LAN and VPN with
> one serious problem:
> I have two "networks" eg. 10.1.1.0 and 10.2.2.0 which are representing
> local address space for LAN (10.1.1.0/8) and VPN address space (10.2.2.0/8).

This isn't two networks, it's one network and you've got the VPN space
overlapping the LAN space. To oversimplify a little, Don't Do That.

Use a separate subnet for the VPN. Then traffic to the VPN will be
routed over the VPN interface as intended, but traffic to the LAN will
be routed over the LAN interface. This is what you want, but right now
the VPN and the LAN are the same network, so "routing to the LAN" is the
same as "routing to the VPN", and your network stack doesn't know what
to do with it.

Re: [gentoo-user] VPN vs LAN address hostname resolution

[Michael Mol]

[-- Attachment #1: Type: text/plain, Size: 1247 bytes --]

On 05/22/2013 01:36 PM, Michael Orlitzky wrote:
> On 05/22/13 12:36, Samuraiii wrote:
>> Hello,
>>
>> I am trying to get hostname address resolution on my LAN and VPN with
>> one serious problem:
>> I have two "networks" eg. 10.1.1.0 and 10.2.2.0 which are representing
>> local address space for LAN (10.1.1.0/8) and VPN address space (10.2.2.0/8).
> This isn't two networks, it's one network and you've got the VPN space
> overlapping the LAN space. To oversimplify a little, Don't Do That.
>
> Use a separate subnet for the VPN. Then traffic to the VPN will be
> routed over the VPN interface as intended, but traffic to the LAN will
> be routed over the LAN interface. This is what you want, but right now
> the VPN and the LAN are the same network, so "routing to the LAN" is the
> same as "routing to the VPN", and your network stack doesn't know what
> to do with it.
>
>

To be clear, replacing /8 with /24 would do this:

10.1.1.0/8, as a "network", is really just 10.0.0.0/8. This is also true
of 10.2.2.0/8. The bits after the first 8 are irrelevant, since a /8 is
being used. Use /24 instead, in this case.

It would be good for Samuraiii to read up:

http://www.tcpipguide.com/free/t_IPAddressing.htm



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 555 bytes --]

Re: [gentoo-user] VPN vs LAN address hostname resolution

[Samuraiii]

[-- Attachment #1: Type: text/plain, Size: 2264 bytes --]


On 2013-05-22 19:52, Michael Mol wrote:
> On 05/22/2013 01:36 PM, Michael Orlitzky wrote:
>> On 05/22/13 12:36, Samuraiii wrote:
>>> Hello,
>>>
>>> I am trying to get hostname address resolution on my LAN and VPN with
>>> one serious problem:
>>> I have two "networks" eg. 10.1.1.0 and 10.2.2.0 which are representing
>>> local address space for LAN (10.1.1.0/8) and VPN address space (10.2.2.0/8).
>> This isn't two networks, it's one network and you've got the VPN space
>> overlapping the LAN space. To oversimplify a little, Don't Do That.
>>
>> Use a separate subnet for the VPN. Then traffic to the VPN will be
>> routed over the VPN interface as intended, but traffic to the LAN will
>> be routed over the LAN interface. This is what you want, but right now
>> the VPN and the LAN are the same network, so "routing to the LAN" is the
>> same as "routing to the VPN", and your network stack doesn't know what
>> to do with it.
>>
>>
> To be clear, replacing /8 with /24 would do this:
>
> 10.1.1.0/8, as a "network", is really just 10.0.0.0/8. This is also true
> of 10.2.2.0/8. The bits after the first 8 are irrelevant, since a /8 is
> being used. Use /24 instead, in this case.
>
> It would be good for Samuraiii to read up:
>
> http://www.tcpipguide.com/free/t_IPAddressing.htm
>
>
I'm sorry for mistake the subnet mask for both spaces IS 255.255.255.0.
so it is not overlapping at all.
I apologise for my mistake in notation.
still this is not (mainly) problem with routing but problem with
assigning name to address.
If I had superfast internet connection I would not mind and just use vpn
address space.
So basically i need to assign lan address to computer (laptop) which is
in same location (LAN) as other machines. And vpn address on all other
computers.

to illustrate:

hostname: foo
Location:1
address eth0: 10.1.1.3
address tap0: 10.2.2.3

hotname: bar
Location: 1
addresses are irrelevant
hosts entry for foo is 10.1.1.3 *(this is what I want to update if foo
moves to location 2 to 10.2.2.3)*

hosname baz
Location: 2
addresses are irrelevant
Hosts entry for foo is 10.2.2.3 *(this is what I want to update if foo
moves to location 2 to 10.1.1.3)*

Thank you or patience
S



[-- Attachment #2: Type: text/html, Size: 3013 bytes --]

Re: [gentoo-user] VPN vs LAN address hostname resolution

[Michael Mol]

[-- Attachment #1.1: Type: text/plain, Size: 2793 bytes --]

On 05/22/2013 02:30 PM, Samuraiii wrote:
>
> On 2013-05-22 19:52, Michael Mol wrote:
>> On 05/22/2013 01:36 PM, Michael Orlitzky wrote:
>>> On 05/22/13 12:36, Samuraiii wrote:
>>>> Hello,
>>>>
>>>> I am trying to get hostname address resolution on my LAN and VPN with
>>>> one serious problem:
>>>> I have two "networks" eg. 10.1.1.0 and 10.2.2.0 which are representing
>>>> local address space for LAN (10.1.1.0/8) and VPN address space (10.2.2.0/8).
>>> This isn't two networks, it's one network and you've got the VPN space
>>> overlapping the LAN space. To oversimplify a little, Don't Do That.
>>>
>>> Use a separate subnet for the VPN. Then traffic to the VPN will be
>>> routed over the VPN interface as intended, but traffic to the LAN will
>>> be routed over the LAN interface. This is what you want, but right now
>>> the VPN and the LAN are the same network, so "routing to the LAN" is the
>>> same as "routing to the VPN", and your network stack doesn't know what
>>> to do with it.
>>>
>>>
>> To be clear, replacing /8 with /24 would do this:
>>
>> 10.1.1.0/8, as a "network", is really just 10.0.0.0/8. This is also true
>> of 10.2.2.0/8. The bits after the first 8 are irrelevant, since a /8 is
>> being used. Use /24 instead, in this case.
>>
>> It would be good for Samuraiii to read up:
>>
>> http://www.tcpipguide.com/free/t_IPAddressing.htm
>>
>>
> I'm sorry for mistake the subnet mask for both spaces IS 255.255.255.0.
> so it is not overlapping at all.
> I apologise for my mistake in notation.
> still this is not (mainly) problem with routing but problem with
> assigning name to address.
> If I had superfast internet connection I would not mind and just use
> vpn address space.
> So basically i need to assign lan address to computer (laptop) which
> is in same location (LAN) as other machines. And vpn address on all
> other computers.
>
> to illustrate:
>
> hostname: foo
> Location:1
> address eth0: 10.1.1.3
> address tap0: 10.2.2.3
>
> hotname: bar
> Location: 1
> addresses are irrelevant
> hosts entry for foo is 10.1.1.3 *(this is what I want to update if foo
> moves to location 2 to 10.2.2.3)*
>
> hosname baz
> Location: 2
> addresses are irrelevant
> Hosts entry for foo is 10.2.2.3 *(this is what I want to update if foo
> moves to location 2 to 10.1.1.3)*
>
> Thank you or patience
> S
>
>

What you're trying to accomplish is painfully difficult with IPv4. (If
you were using IPv6, I'd just point you at gai.conf, but AFAIK there is
no analog for IPv4.)

You may be far better served using a different VPN topology. (i.e.
n2n+IPsec, or having a VPN routing point at your network gateway)

(That said, if anyone knows a better way to do this, I'll be taking
notes, too...)

[-- Attachment #1.2: Type: text/html, Size: 3943 bytes --]

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 555 bytes --]

Re: [gentoo-user] VPN vs LAN address hostname resolution

[Michael Orlitzky]

On 05/22/13 14:30, Samuraiii wrote:
> I'm sorry for mistake the subnet mask for both spaces IS 255.255.255.0.
> so it is not overlapping at all.
> I apologise for my mistake in notation.
> still this is not (mainly) problem with routing but problem with
> assigning name to address.
> If I had superfast internet connection I would not mind and just use vpn
> address space.
> So basically i need to assign lan address to computer (laptop) which is
> in same location (LAN) as other machines. And vpn address on all other
> computers.
> 
> to illustrate:
> 
> hostname: foo
> Location:1
> address eth0: 10.1.1.3
> address tap0: 10.2.2.3
> 
> hotname: bar
> Location: 1
> addresses are irrelevant
> hosts entry for foo is 10.1.1.3 *(this is what I want to update if foo
> moves to location 2 to 10.2.2.3)*
> 
> hosname baz
> Location: 2
> addresses are irrelevant
> Hosts entry for foo is 10.2.2.3 *(this is what I want to update if foo
> moves to location 2 to 10.1.1.3)*
> 

Which machines are joined to the VPN? For a location-to-location VPN,
the simplest thing to do would be to have your gateway routers
participate in the VPN and handle the routing appropriately. That way if
you're on the LAN at location 1 and you send a packet to another machine
on the same LAN (using its VPN address), the gateway router knows to
send the packet right back onto the LAN. No configuration necessary on
the hosts. You can use the same VPN addresses at both locations.

If that's not possible, set up a DNS resolver at each location and
return the appropriate (local or VPN) address.

Re: [gentoo-user] VPN vs LAN address hostname resolution

[Samuraiii]

On 2013-05-22 20:52, Michael Orlitzky wrote:
> On 05/22/13 14:30, Samuraiii wrote:
>> I'm sorry for mistake the subnet mask for both spaces IS 255.255.255.0.
>> so it is not overlapping at all.
>> I apologise for my mistake in notation.
>> still this is not (mainly) problem with routing but problem with
>> assigning name to address.
>> If I had superfast internet connection I would not mind and just use vpn
>> address space.
>> So basically i need to assign lan address to computer (laptop) which is
>> in same location (LAN) as other machines. And vpn address on all other
>> computers.
>>
>> to illustrate:
>>
>> hostname: foo
>> Location:1
>> address eth0: 10.1.1.3
>> address tap0: 10.2.2.3
>>
>> hotname: bar
>> Location: 1
>> addresses are irrelevant
>> hosts entry for foo is 10.1.1.3 *(this is what I want to update if foo
>> moves to location 2 to 10.2.2.3)*
>>
>> hosname baz
>> Location: 2
>> addresses are irrelevant
>> Hosts entry for foo is 10.2.2.3 *(this is what I want to update if foo
>> moves to location 2 to 10.1.1.3)*
>>
> Which machines are joined to the VPN? For a location-to-location VPN,
> the simplest thing to do would be to have your gateway routers
> participate in the VPN and handle the routing appropriately. That way if
> you're on the LAN at location 1 and you send a packet to another machine
> on the same LAN (using its VPN address), the gateway router knows to
> send the packet right back onto the LAN. No configuration necessary on
> the hosts. You can use the same VPN addresses at both locations.
>
> If that's not possible, set up a DNS resolver at each location and
> return the appropriate (local or VPN) address.
>
>
 The only result I got was a script which every 5 minutes checked all
possible addresses of given machine (my "network" is not big at all -
only eight machines and one network printer). So checking around 20
addreses is not big deal - but this approach feels clumsy and not
scalable to bigger networks (as have other users from list to deal with).

Script was just checking (by sftp with public ssh keys for unprivileged
account) if LAN (eth or wifi) address is up and if not it just assigned
address to hostname from vpn range (it did not accounted if machine is
up or down). And the just write new /etc/hosts.
Central dns is possible only in one part of network - only one machine
runs 24/7.
For me personally is not problem to remember where am I - but other
users need names instead of adresses.

Routers on both sides are just simple boxes which support only built-in
dhcp.
Central DNS and/or routed VPN does not solve problem of compute not in
any of "known" networks.

S  

Re: [gentoo-user] VPN vs LAN address hostname resolution

[Michael Orlitzky]

On 05/22/13 15:35, Samuraiii wrote:
>  The only result I got was a script which every 5 minutes checked all
> possible addresses of given machine (my "network" is not big at all -
> only eight machines and one network printer). So checking around 20
> addreses is not big deal - but this approach feels clumsy and not
> scalable to bigger networks (as have other users from list to deal with).
> 
> Script was just checking (by sftp with public ssh keys for unprivileged
> account) if LAN (eth or wifi) address is up and if not it just assigned
> address to hostname from vpn range (it did not accounted if machine is
> up or down). And the just write new /etc/hosts.
> Central dns is possible only in one part of network - only one machine
> runs 24/7.

Can't this be changed? If you're running a script to update 20 hosts
files regularly, you're reinventing what DNS already does.


> 
> Routers on both sides are just simple boxes which support only built-in
> dhcp.
> Central DNS and/or routed VPN does not solve problem of compute not in
> any of "known" networks.

Both would solve the problem.

If the routers are the VPN gateways as well, you could decide e.g. that
a certain chunk of the VPN space belongs to location 1, and then have
the router at location 1 do the appropriate thing (all packets travel
through it, after all). This can be done directly with some VPN
software, or you can translate the addresses on the fly with iptables.

With a DNS server at each physical location, you just have the DNS
server at location 1 return the local (location 1) address instead of
the VPN address for any hostnames physically located at location 1.

Re: [gentoo-user] VPN vs LAN address hostname resolution

[Alex]

Hi,

On Wed, May 22, 2013 at 09:35:30PM +0200, Samuraiii wrote:
> Script was just checking (by sftp with public ssh keys for unprivileged
> account) if LAN (eth or wifi) address is up and if not it just assigned
> address to hostname from vpn range (it did not accounted if machine is
> up or down). And the just write new /etc/hosts.
>
I'm using something similar but more sophisticated. On my machines I have
two hosts files, one for vpn, one for lan. Everytime I activate vpn on my
machine, a symlink to the "vpn" hosts is created. Upon deactivation of my vpn
the symlink points to the "normal" hosts. It looks like this:

lrwxrwxrwx 1 root root   17 Feb  3 23:24 /etc/hosts -> /etc/hosts.normal
-rw-r--r-- 1 root root 1354 Feb 19 04:49 /etc/hosts.normal
-rw-r--r-- 1 root root 1420 Feb  3 16:09 /etc/hosts.vpn

I use OpenVPN for my vpn, which calls the scripts up.sh and down.sh during
de/activation. I simply put a appropriate "ln" command at the end of these scripts.

Sure not the best solution, but if you only have a few machines it is good
and simple enough.

-- 
regards
 alex

Re: [gentoo-user] VPN vs LAN address hostname resolution

[William Kenworthy]

I am doing something sort of similar ... use a routing protocol and set
the metrics to make the LAN more attractive so it will get used over the
wifi.  Use dhcp to update dns.

I was using ospf (quagga), dns and ISC dhcp which auto-updates bind.
This is "transparent" to the the hosts, is a pain to set up but then
just works.

Pinning addresses makes like life very difficult though as dhcp wont
update dns so Ive gone back to manually setting up the dns side for some
hosts :(

BillK


On 23/05/13 02:52, Michael Orlitzky wrote:
> On 05/22/13 14:30, Samuraiii wrote:
>> I'm sorry for mistake the subnet mask for both spaces IS 255.255.255.0.
>> so it is not overlapping at all.
>> I apologise for my mistake in notation.
>> still this is not (mainly) problem with routing but problem with
>> assigning name to address.
>> If I had superfast internet connection I would not mind and just use vpn
>> address space.
>> So basically i need to assign lan address to computer (laptop) which is
>> in same location (LAN) as other machines. And vpn address on all other
>> computers.
>>
>> to illustrate:
>>
>> hostname: foo
>> Location:1
>> address eth0: 10.1.1.3
>> address tap0: 10.2.2.3
>>
>> hotname: bar
>> Location: 1
>> addresses are irrelevant
>> hosts entry for foo is 10.1.1.3 *(this is what I want to update if foo
>> moves to location 2 to 10.2.2.3)*
>>
>> hosname baz
>> Location: 2
>> addresses are irrelevant
>> Hosts entry for foo is 10.2.2.3 *(this is what I want to update if foo
>> moves to location 2 to 10.1.1.3)*
>>
> 
> Which machines are joined to the VPN? For a location-to-location VPN,
> the simplest thing to do would be to have your gateway routers
> participate in the VPN and handle the routing appropriately. That way if
> you're on the LAN at location 1 and you send a packet to another machine
> on the same LAN (using its VPN address), the gateway router knows to
> send the packet right back onto the LAN. No configuration necessary on
> the hosts. You can use the same VPN addresses at both locations.
> 
> If that's not possible, set up a DNS resolver at each location and
> return the appropriate (local or VPN) address.
> 
> 

Re: [gentoo-user] VPN vs LAN address hostname resolution

[covici]

Michael Mol <mikemol@gmail.com> wrote:

> On 05/22/2013 01:36 PM, Michael Orlitzky wrote:
> > On 05/22/13 12:36, Samuraiii wrote:
> >> Hello,
> >>
> >> I am trying to get hostname address resolution on my LAN and VPN with
> >> one serious problem:
> >> I have two "networks" eg. 10.1.1.0 and 10.2.2.0 which are representing
> >> local address space for LAN (10.1.1.0/8) and VPN address space (10.2.2.0/8).
> > This isn't two networks, it's one network and you've got the VPN space
> > overlapping the LAN space. To oversimplify a little, Don't Do That.
> >
> > Use a separate subnet for the VPN. Then traffic to the VPN will be
> > routed over the VPN interface as intended, but traffic to the LAN will
> > be routed over the LAN interface. This is what you want, but right now
> > the VPN and the LAN are the same network, so "routing to the LAN" is the
> > same as "routing to the VPN", and your network stack doesn't know what
> > to do with it.
> >
> >
> 
> To be clear, replacing /8 with /24 would do this:
> 
> 10.1.1.0/8, as a "network", is really just 10.0.0.0/8. This is also true
> of 10.2.2.0/8. The bits after the first 8 are irrelevant, since a /8 is
> being used. Use /24 instead, in this case.
> 
> It would be good for Samuraiii to read up:
> 
> http://www.tcpipguide.com/free/t_IPAddressing.htm

OK, I see now, never mind my previous post.

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

         John Covici
         covici@ccs.covici.com

Re: [gentoo-user] VPN vs LAN address hostname resolution

[covici]

Michael Orlitzky <michael@orlitzky.com> wrote:

> On 05/22/13 12:36, Samuraiii wrote:
> > Hello,
> > 
> > I am trying to get hostname address resolution on my LAN and VPN with
> > one serious problem:
> > I have two "networks" eg. 10.1.1.0 and 10.2.2.0 which are representing
> > local address space for LAN (10.1.1.0/8) and VPN address space (10.2.2.0/8).
> 
> This isn't two networks, it's one network and you've got the VPN space
> overlapping the LAN space. To oversimplify a little, Don't Do That.
> 
> Use a separate subnet for the VPN. Then traffic to the VPN will be
> routed over the VPN interface as intended, but traffic to the LAN will
> be routed over the LAN interface. This is what you want, but right now
> the VPN and the LAN are the same network, so "routing to the LAN" is the
> same as "routing to the VPN", and your network stack doesn't know what
> to do with it.
> 

OK, why are they the same network?  Looks like two separate networks to
me, but I am very interested if I am wrong.


-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

         John Covici
         covici@ccs.covici.com

[gentoo-user] Re: VPN vs LAN address hostname resolution

[Samuraiii]

[-- Attachment #1: Type: text/plain, Size: 2324 bytes --]

If someone is intrested here is second (undebugged) incarnation of my
hostnames updater script:

#!/bin/sh
#verze 2.0.0_2013-05-31
lock=/var/run/hostnames-updater.pid
shmm="/dev/shm/hosts"

clean () {
    rm $lock
    rm $shmm
}
trap clean SIGHUP SIGINT SIGTERM

/bin/echo $$ > $lock
while /bin/true
    tst(){
    x=0
    if $3 = $(/usr/bin/ssh-keyscan -p $2 $5 2>/dev/null|/bin/sed 's/.*\
ssh-.*\ //g'|/usr/bin/whirpooldeep)
    then
        x=$5
    elif /usr/bin/test $1 -gt 2
    then
        if $3 = $(/usr/bin/ssh-keyscan -p $2 $6 2>/dev/null|/bin/sed
's/.*\ ssh-.*\ //g'|/usr/bin/whirlpooldeep)
        then
            x=$6
        else
            x=$4
        fi
    else
        x=$4
    fi
    }

#host testing line is as folows
#tst <number of addresses to try - some hosts do have wl and eth
interface)> \
#<output of  ssh-keyscan -p <port> <address> 2>/dev/null|/bin/sed 's/.*\
ssh-.*\ //g'|/usr/bin/whirlpooldeep> \
#<fallback address - eg. vpn one> <address 2> <address n>

####################host 1
tst <address count n> <port> <hash> <address 1 > ... <address n> 2>&1
>/dev/null
host1=$x


#lets create hosts file
/bin/echo "# /etc/hosts: Local Host Database
#
# This file describes a number of aliases-to-address mappings for the for
# local hosts that share this file.
#
# In the presence of the domain name service or NIS, this file may not be
# consulted at all; see /etc/host.conf for the resolution order.
#

# IPv4 and IPv6 localhost aliases
127.0.0.1    $(hostname).local $(hostname) localhost
::1        localhost

#
# Imaginary network.
    $host1        host1
#    Last update $(date --rfc-3339)

#
#
# According to RFC 1918, you can use the following IP networks for private
# nets which will never be connected to the Internet:
#
#       10.0.0.0        -   10.255.255.255
#       172.16.0.0      -   172.31.255.255
#       192.168.0.0     -   192.168.255.255
#
# In case you want to be able to connect directly to the Internet (i.e. not
# behind a NAT, ADSL router, etc...), you need real official assigned
# numbers.  Do not try to invent your own network numbers but instead
get one
# from your network provider (if any) or from your regional registry (ARIN,
# APNIC, LACNIC, RIPE NCC, or AfriNIC.)
#
" > $shmm
/bin/mv $shmm /etc/hosts
/usr/bin/sleep 300
done


I hope I helps someone
S

[-- Attachment #2: Type: text/html, Size: 3468 bytes --]

[gentoo-user] Re: VPN vs LAN address hostname resolution

[Samuraiii]

[-- Attachment #1: Type: text/plain, Size: 2286 bytes --]

I am terribly sorry but i posted wrong version (one from clipboard not
actually right one so again).
You can edit what you want (eg hashing or anything else). I don't know
how to stop it from init.d script gracefully  (for now I have there kill
-9 pid). I thing the problem is in the loop (while /bin/true).

#!/bin/sh
#verze 2.0.0_2013-05-31
lock=/var/run/hostnames-updater.pid
shmm="/dev/shm/hosts"

clean () {
    rm $lock
    rm $shmm
}
trap clean SIGHUP SIGINT SIGTERM

/bin/echo $$ > $lock
while /bin/true
    do
    tst(){
    x=0
    if /usr/bin/test $3 = $(/usr/bin/ssh-keyscan -p $2 $5
2>/dev/null|/bin/sed 's/.*\ ssh-.*\ //g'|/usr/bin/whirlpooldeep)
    then
        x=$5
    elif /usr/bin/test $1 -gt 2
    then
        if /usr/bin/test $3 = $(/usr/bin/ssh-keyscan -p $2 $6
2>/dev/null|/bin/sed 's/.*\ ssh-.*\ //g'|/usr/bin/whirlpooldeep)
        then
            x=$6
        else
            x=$4
        fi
    else
        x=$4
    fi
    }

####################host1
tst <address count> <port> <hash> <fallback address> <address 1> ...
<addressn> 2>&1 >/dev/null
host1=$x
####################AJA




/bin/echo "# /etc/hosts: Local Host Database
#
# This file describes a number of aliases-to-address mappings for the for
# local hosts that share this file.
#
# In the presence of the domain name service or NIS, this file may not be
# consulted at all; see /etc/host.conf for the resolution order.
#

# IPv4 and IPv6 localhost aliases
127.0.0.1    $(hostname).local $(hostname) localhost
::1        localhost

#
# Imaginary network.
    $host1        hostname1
#    Last update $(date --rfc-3339=ns)

#
#
# According to RFC 1918, you can use the following IP networks for private
# nets which will never be connected to the Internet:
#
#       10.0.0.0        -   10.255.255.255
#       172.16.0.0      -   172.31.255.255
#       192.168.0.0     -   192.168.255.255
#
# In case you want to be able to connect directly to the Internet (i.e. not
# behind a NAT, ADSL router, etc...), you need real official assigned
# numbers.  Do not try to invent your own network numbers but instead
get one
# from your network provider (if any) or from your regional registry (ARIN,
# APNIC, LACNIC, RIPE NCC, or AfriNIC.)
#
" > $shmm
/bin/mv $shmm /etc/hosts
/usr/bin/sleep 120
done

[-- Attachment #2: Type: text/html, Size: 3354 bytes --]