-
Notifications
You must be signed in to change notification settings - Fork 1
/
n2n-client.sh
executable file
·231 lines (194 loc) · 5.76 KB
/
n2n-client.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
#!/bin/bash
## dependency: files/n2n
cd `dirname $0`
. ./common.sh
#set -x
usage="
Prepares peer-to-peer vpn 'n2n' server or node on
Usage:
$(basename $0) <supernode ip:port> [--network_name <network_name>] [--ifname <ifname>]
[--mac <mac address>] [--password <password>]
[--help] [--debug] [--log <output file>]
where
<ip address[:port]> - IP address and port to the supernode.
E.g. 139.162.181.142:5000. Port must be the same as the supernode.
--network-name - Name of the n2n community. All edges within the same community
appear on the same LAN (layer 2 network segment).
Community name is 16 bytes in length.
Defaults to 'My_n2n_network'
--ifname - Name of the virtual network device. Defaults to 'edge0'.
--mac - Sets the MAC address of the node.
Without this, edge command will randomly generate a MAC address.
In fact, hardcoding a static MAC address for a VPN interface is
highly recommended. Otherwise, in case you restart edge
daemon on a node, ARP cache of other peers will be polluted
due to a newly generated MAC addess, and they will not send
traffic to the node until the polluted ARP entry is evicted.
Default 'auto', which will randomize MAC address.
--name - Name of the service, needed if you intent to install more than one.
Defaults to n2n.
--supernode-service <name> - Name of the supernode service. Required, if the supernode for this
VPN runs on the same host. It will make sure, that the client starts
after the supernode boots.
--password - Password needed to join the network.
--ip - IP address in the private network of the node, or 'dhcp'.
Default to 'dhcp'
--debug - Flag that sets debugging mode.
--log - Path to the log file that will log all meaningful commands
Example2:
Will use existing DHCP server on the n2n network
$(basename $0) 172.104.148.166:5535 --password 'szakal' --network-name SiecAdama
"
server_address=$1
supernode_service=""
shift
if [ -z "$server_address" ]; then
echo "$usage"
exit 1
fi
parse_URI ${server_address}
if [ -z "${ip}" ]; then
echo "Cannot find address of the server in ${server_address}"
echo "$usage"
exit 1
fi
supernode_ip=${ip}
if [ -z "${port}" ]; then
echo "Cannot find UDP port of the server in ${server_address}"
echo "$usage"
exit 1
fi
supernode_port=${port}
service_name="edge"
network_name="SiecAdama"
ifname="edge0"
our_ip="dhcp"
mac="auto"
while [[ $# > 0 ]]
do
key="$1"
shift
case $key in
--debug)
debug=1
;;
--log)
log=$1
shift
;;
--network-name)
network_name="$1"
shift
;;
--name)
service_name="$1"
shift
;;
--ifname)
ifname="$1"
errcho "Option --ifname is not supported now, because the init scripts that come with Ubuntu don't."
exit 1
shift
;;
--supernode-service)
supernode_service="$1"
shift
;;
--mac)
mac="$1"
shift
;;
--password)
password="$1"
shift
;;
--help)
echo "$usage"
exit 0
;;
--ip)
our_ip="$1"
shift
;;
-*)
echo "Error: Unknown option: $1" >&2
echo "$usage" >&2
exit 1
;;
esac
done
if [ -n "$debug" ]; then
if [ -z "$log" ]; then
log=/dev/stdout
fi
external_opts="--debug"
fi
if [[ "$mac" == "auto" ]]; then
mac=$(random_mac 02)
fi
if [ -z "$password" ]; then
errcho "No password given. Without the password the service cannot run.\nThe password will be saved in plaintext in /etc/default/n2n with restrictive read permissions."
exit 1
fi
ubuntu_ver=$(get_ubuntu_version)
pattern='([[:digit:]]{2})([[:digit:]]{2})'
if [[ "${ubuntu_ver}" =~ $pattern ]]; then
file_link="http://apt-stable.ntop.org/${BASH_REMATCH[1]}.${BASH_REMATCH[2]}/all/apt-ntop-stable.deb"
file_name="n2n-$(get_ubuntu_codename)-repo.deb"
else
errcho "Something wrong with get_ubuntu_version"
exit 1
fi
install_apt_package_file "${file_name}" apt-ntop-stable "${file_link}" && flag_need_apt_update=1 do_update
install_apt_package n2n
config="--tun-device ${ifname}
--community ${network_name}
-k ${password}
-m ${mac}
--supernode-list ${supernode_ip}:${supernode_port}
"
if [ "${our_ip}" == "dhcp" ]; then
config="${config} -r
-a dhcp:0.0.0.0"
else
config="${config} -a ${our_ip}"
fi
textfile /etc/n2n/${service_name}.conf "${config}" root
set -x
systemd_file="[Unit]
Description=n2n edge process
After=network-online.target syslog.target ${supernode_service}
Requires=${supernode_service}
[Service]
Type=simple
ExecStartPre=
ExecStart=/usr/sbin/edge /etc/n2n/${service_name}.conf -f
Restart=on-abnormal
RestartSec=5
[Install]
WantedBy=multi-user.target
Alias=
"
textfile /etc/systemd/system/${service_name}.service "${systemd_file}" root
if [ "${our_ip}" == "dhcp" ]; then
systemd_file="[Unit]
Description=DHCP Client for ${ifname}
Documentation=man:dhclient(8)
BindsTo=${service_name}.service
After=${service_name}.target network.online.target network.target
[Service]
Type=forking
PIDFile=/var/run/dhclient-${ifname}.pid
ExecStart=/sbin/dhclient ${ifname} -pf /var/run/dhclient-${ifname}.pid
[Install]
WantedBy=multi-user.target
"
textfile /etc/systemd/system/${service_name}_dhcpd.service "${systemd_file}" root
logexec sudo systemctl daemon-reload
logexec sudo service ${service_name}_dhcpd restart
logexec sudo systemctl enable ${service_name}_dhcpd.service
else
logexec sudo service ${service_name} restart
fi
logexec sudo systemctl enable ${service_name}.service
exit 0