[Cerowrt-devel] wanted to map the babel network
Dave Taht
dave.taht at gmail.com
Sat Jun 13 12:30:55 EDT 2015
With graphviz. In particular I wanted to sort out what IPs were on
what boxes, given how dynamic those IPs now are.
1) learnt something about ssh tunneling today
I did not know before now that ssh could tunnel ipv4 and ipv6.
ssh -L 33124:[::1]:33123 babel at router # establish a tunnel -N -T also
telnet ::1 33124
telnet localhost 33124
will both give you access to the babel log port on the machine on the
other side (if specified with the babel -g 33123 option on that side)
What I had used to use before this was xinetd (for a pass through) or
xinetd + stunnel (for a secured connection). IP auth was not good
enough, and I abandoned stunnel due to the openssl dependency, so I
wanted to find another way to discover all the babel speakers and map
the network (a la link state) and output the results to graphviz (it
this already exists, pls let me know), in light of all the IPv4 and
IPv6 addresses per speaker being announced.
'course, the simplest way to establish connectivity ended up being:
ssh -W [::1]:33123 babel at router
BABEL 0.0 # but I wanted to get the software version
add self cake id 16:cc:20:ff:fe:e5:64:c2 # And pry apart what ips were local
add neighbour 5bb0f8 address fe80::260a:64ff:fecc:247d if wlan1 reach
dfae rxcost 342 txcost 256 cost 342 # and have no idea what 5bb0f8 is
...
and sorting out what IP's I have would be nice without further thought
(ihave ip X), but we can derive most of them via just promiscuously
connecting to every known babel announced ip on the network....
...
add neighbour 5bb0a8 address fe80::120d:7fff:fe64:c990 if wlan1 reach
ffff rxcost 256 txcost 528 cost 528
add neighbour 5bac50 address fe80::120d:7fff:fe64:c991 if eth1 reach
ffff rxcost 96 txcost 96 cost 96
...
2) I still wanted to lock down that babel user even more, ssh permits
this in authorized_keys, but it looks like dropbear doesn't.
no-pty, permitopen="[::1]:33123"
ok, well, off to look at babelweb... and maybe roll a bit of perl.
--
Dave Täht
What will it take to vastly improve wifi for everyone?
https://plus.google.com/u/0/explore/makewififast
More information about the Cerowrt-devel
mailing list