Skip to main content

how to setup vtun tunnel via ssh

install vtun

Download the vtun installation rpms (for centos)

wget http://mirror.optusnet.com.au/dag/redhat/el4/en/i386/dag/RPMS/lzo-1.08-4.2.el4.rf.i386.rpm
wget http://mirror.optusnet.com.au/dag/redhat/el4/en/i386/dag/RPMS/vtun-2.6-0.2.el4.rf.i386.rpm

# rpm -ivh lzo-1.08-4.2.el4.rf.i386.rpm
# rpm -ivh vtun-2.6-0.2.el4.rf.i386.rpm



/etc/vtund.conf on client


options {
port 5002; # Connect to this port.
timeout 60; # General timeout

# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipchains;
ip /sbin/ip;
}


work_to_home {
passwd password; # Password
type ether; # Ethernet tunnel
device tap1; # Device tap1
up {
# Connection is Up

# Assign IP address and netmask.
ifconfig "%% 10.1.0.2 netmask 255.255.255.0";
# Add route to net 192.168.0.0/24
route "add -net 192.168.0.0 netmask 255.255.255.0 gw 10.1.0.1";


};
down {
# Connection is Down

# Shutdown tap device
ifconfig "%% down";
};
}


/etc/vtund.conf on server

options {
port 5002; # Listen on this port.

# Syslog facility
syslog daemon;

# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipchains;
ip /sbin/ip;
}

# Default session options
default {
compress no; # Compression is off by default
speed 0; # By default maximum speed, NO shaping
}

work_to_home {
passwd password; # Password
type ether; # Ethernet tunnel
device tap1; # Device tap1
proto tcp; # UDP protocol
compress lzo:1; # LZO compression level 1
encrypt yes; # Encryption
stat yes; # Log connection statistic
keepalive yes; # Keep connection alive

up {
# Connection is Up

# Assign IP address
ifconfig "%% 10.1.0.1 netmask 255.255.255.0";

# Add route to net 10.2.0.0/24
route "add -net 131.242.216.0 netmask 255.255.255.0 gw 10.1.0.2";
route "add -net 203.9.184.0 netmask 255.255.255.0 gw 10.1.0.2";

# Enable masquerading for net 10.2.0.0.0/24
# firewall "-A forward -s 10.2.0.0/24 -d 0.0.0.0/0 -j MASQ";
};

down {
# Connection is Down

# Shutdown tap device.
ifconfig "%% down";

# Disable masquerading for net 10.2.0.0.0/24
# firewall "-D forward -s 10.2.0.0/24 -d 0.0.0.0/0 -j MASQ";
};
}


creating connection script for client

Some of this only needs to be done once. The last ssh command creates the sshd tunnel for vtund

echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding

iptables -A POSTROUTING -j MASQUERADE -t nat

vtund -n -f /etc/vtund.conf work_to_home localhost &

ssh -L 5002:localhost:5002 user@server

Comments

Post a Comment

Popular posts from this blog

Multiple Broadlink RM mini 3 integration using MQTT

Broadlink now has quite a lot of integration options almost out of the box. If you enable Broadlink IHC, you can directly link it to Alexa by giving the device a unique name.

There is a homebridge plug in for homekit integration but I haven't tried or tested this. https://lprhodes.github.io/slate/

I wanted to put the device in domoticz so I can have more control over what can trigger my broadlink. I decided to use broadlink-mqtt for this, which is a fairly easy method to trigger from any source.

Setup Instructions for broadlink-mqtt

1. git clone https://github.com/eschava/broadlink-mqtt

2. vi /home/pi/broadlink-mqtt/mqtt.conf

3. Update the mqtt.conf file with the device type set as multiple_lookup

device_type = 'multiple_lookup'
mqtt_multiple_subprefix_format = '{type}_{mac_nic}/'
4. Start the python script and check that it started and detected all the RM devices.
Check the log file to see what the IP / MAC addresses are. DEBUG Connected to RM2 Broadlink device at …
Post a Comment
Read more

Fibaro HCL Virtual Device Slider

How to setup Fibaro home center lite (HCL) slider for virtual devices.

As the Fibaro HCL does not support LUA. The question was how to update the number value of the slider to send to the HTTP string. Thanks to this site which is a really good reference https://www.vesternet.com/resources/application-notes/apnt-88/

The 2 use cases here are;

Sonos HTTP API Volume

To allow for volume control for all Sonos devices, add a virtual device with the IP address for SONOS HTTP API and specify the default port to 5005. Create Slider and put the following text into the string.

GET /volume/_sliderValue_ HTTP/1.10x0D0x0A0x0D0x0A


Domotiz Virtual Devices

GET /json.htm?type=command&param=switchlight&idx=XX&switchcmd=Set%20Level&level=_sliderValue_ HTTP/1.10x0D0x0A0x0D0x0A

Replace XX with the device ID.
Post a Comment
Read more

Restart Fibaro HCL when it stops working automatically

It seems that the Fibaro HCL seems to hang every now and then. Instead of trying to restart it regularly, which doesn't really work, as it's almost impossible to predict when this will happen.

This method checks that the HCL is actually running and in the event it stops working, trigger a script that will restart it.


1. Get a non Fibaro controlled power plug and scripts to control it.

I used a wifi smart plug, TP-link HS100 and downloaded the scripts from

https://blog.georgovassilis.com/2016/05/07/controlling-the-tp-link-hs100-wi-fi-smart-plug/

2. Create a bash script to restart the Fibaro, e.g. restart_fibaro.sh

#!/bin/bash

ip_addr=
scripts=

$scripts/tplink-smartplug.py -t $ip_addr -c off
sleep 10
$scripts/tplink-smartplug.py -t $ip_addr -c on


3. Create a test global variable in the Fibaro HCL

Go to the variables panel and create a test variable, e.g. Test


4. Add a cron entry to test that the Fibaro API is still working and restart if it's not.

The cron script is scheduled ev…
Post a Comment
Read more