From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ob0-x235.google.com (mail-ob0-x235.google.com [IPv6:2607:f8b0:4003:c01::235]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 2D8C221F3AC for ; Sat, 13 Jun 2015 09:30:56 -0700 (PDT) Received: by obpc2 with SMTP id c2so11446242obp.3 for ; Sat, 13 Jun 2015 09:30:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=bHgi1wTiGA6jh+ukRI0/6o0Wk9LBgnjD8cxuI/lISYw=; b=FqWu1746cGbC4HG8mae5W5h+UnKeAf8BMwayf6eZ4QJoKtCFHSRZglP8M7A8YmbbWT 1CYEaSPtinTB1v1mvgjTQL7neSt0TzRgQSqMuhgG2K7vIH7LijyLUV+c36YqIQHmDoo/ 9cMgcx3R5TpSVO25JdKXD6kfp+0OUfWex33aOwXUYXHTVWXVCSdVQGLVbXYDZbsIZZw4 X8EAM3j5QwbNGHlIWIHdAtmMsjxPxnrqeQM3WmH2rTJ/xcdb/8TK/6aakAzjpJhmFuZH PWgm7VOz9jAYYgwecEOurhT87Earu3GEvuSBs3PRrZvx+oVA3rqeRr2Dz8U3kEQfN8yr n2Fg== MIME-Version: 1.0 X-Received: by 10.60.60.70 with SMTP id f6mr16743564oer.8.1434213055958; Sat, 13 Jun 2015 09:30:55 -0700 (PDT) Received: by 10.202.105.129 with HTTP; Sat, 13 Jun 2015 09:30:55 -0700 (PDT) Date: Sat, 13 Jun 2015 09:30:55 -0700 Message-ID: From: Dave Taht To: "babel-users@lists.alioth.debian.org" , "cerowrt-devel@lists.bufferbloat.net" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: [Cerowrt-devel] wanted to map the babel network X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Jun 2015 16:31:25 -0000 With graphviz. In particular I wanted to sort out what IPs were on what boxes, given how dynamic those IPs now are. 1) learnt something about ssh tunneling today I did not know before now that ssh could tunnel ipv4 and ipv6. ssh -L 33124:[::1]:33123 babel@router # establish a tunnel -N -T also telnet ::1 33124 telnet localhost 33124 will both give you access to the babel log port on the machine on the other side (if specified with the babel -g 33123 option on that side) What I had used to use before this was xinetd (for a pass through) or xinetd + stunnel (for a secured connection). IP auth was not good enough, and I abandoned stunnel due to the openssl dependency, so I wanted to find another way to discover all the babel speakers and map the network (a la link state) and output the results to graphviz (it this already exists, pls let me know), in light of all the IPv4 and IPv6 addresses per speaker being announced. 'course, the simplest way to establish connectivity ended up being: ssh -W [::1]:33123 babel@router BABEL 0.0 # but I wanted to get the software version add self cake id 16:cc:20:ff:fe:e5:64:c2 # And pry apart what ips were loca= l add neighbour 5bb0f8 address fe80::260a:64ff:fecc:247d if wlan1 reach dfae rxcost 342 txcost 256 cost 342 # and have no idea what 5bb0f8 is ... and sorting out what IP's I have would be nice without further thought (ihave ip X), but we can derive most of them via just promiscuously connecting to every known babel announced ip on the network.... ... add neighbour 5bb0a8 address fe80::120d:7fff:fe64:c990 if wlan1 reach ffff rxcost 256 txcost 528 cost 528 add neighbour 5bac50 address fe80::120d:7fff:fe64:c991 if eth1 reach ffff rxcost 96 txcost 96 cost 96 ... 2) I still wanted to lock down that babel user even more, ssh permits this in authorized_keys, but it looks like dropbear doesn't. no-pty, permitopen=3D"[::1]:33123" ok, well, off to look at babelweb... and maybe roll a bit of perl. --=20 Dave T=C3=A4ht What will it take to vastly improve wifi for everyone? https://plus.google.com/u/0/explore/makewififast