From: "Joel Wirāmu Pauling" <joel@aenertia.net>
To: "Eric S. Johansson" <esj@eggo.org>
Cc: cerowrt-devel <cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] vpn fw question
Date: Fri, 3 Oct 2014 15:21:03 +1300 [thread overview]
Message-ID: <CAKiAkGRDokFPiDpet3=saB9vhFxfwFyLdkDe7G9gm_YcsR8Jow@mail.gmail.com> (raw)
In-Reply-To: <542E06E6.5050102@eggo.org>
In Cerowrt the various net devices have been relabeled; as per here :
http://www.bufferbloat.net/projects/cerowrt/wiki/Device_naming_scheme
I usually add a new device via Luci (call it somethingvpn) and select
custom device (tap0 or tun0).
Than add a new Firewall zone (VPN)
I tend to edit the /etc/config/openvpn and just point it at a custom
config (and set that entry to enabled).
Reboot and then fiddle the firewall zone forwarding mappings as appropriate.
Remember that unless you are going to be advertising routes on cerowrt
to your internet clients you will actually want to set the vpn zone as
masqueraded.
-Joel
On 3 October 2014 15:16, Eric S. Johansson <esj@eggo.org> wrote:
>
> On 10/2/2014 10:02 PM, Dave Taht wrote:
>>
>> You just add the appropriate commands to /etc/config/openvpn, or so I
>> thought.
>
> one would think. I'll have to try backfitting my .ovpn config into uci. see
> of that changes anything
>
>> logread dmesg
>
> Thu Oct 2 21:58:59 2014 daemon.notice netifd: wan6 (12721): Command failed:
> Unknown error
>
> not what I'm looking for but if you can give me a hint of where to start
> looking, I'll take a stab at fixing it. yes, I'm reading up on netifd. :-)
> still haven't found an explanation for the @ge00.
>
>
>
>
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
next prev parent reply other threads:[~2014-10-03 2:21 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-03 1:32 Eric S. Johansson
2014-10-03 2:02 ` Dave Taht
2014-10-03 2:16 ` Eric S. Johansson
2014-10-03 2:21 ` Joel Wirāmu Pauling [this message]
2014-10-03 2:24 ` Joel Wirāmu Pauling
2014-10-03 2:33 ` Joel Wirāmu Pauling
2014-10-03 2:36 ` Dave Taht
2014-10-03 2:38 ` Joel Wirāmu Pauling
2014-10-03 2:41 ` Joel Wirāmu Pauling
2014-10-03 3:05 ` Eric S. Johansson
2014-10-03 3:38 ` Dave Taht
2014-10-03 4:09 ` Dave Taht
2014-10-03 4:12 ` Eric S. Johansson
2014-10-03 4:32 ` Dave Taht
2014-10-03 5:38 ` Eric S. Johansson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAKiAkGRDokFPiDpet3=saB9vhFxfwFyLdkDe7G9gm_YcsR8Jow@mail.gmail.com' \
--to=joel@aenertia.net \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=esj@eggo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox