Changeset 01073f7
- Timestamp:
- Sep 22, 2008 2:15:46 PM (16 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02
- Children:
- 19cc408
- Parents:
- 7a8d667
- Location:
- fedkit
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
fedkit/fed-tun.pl
r7a8d667 r01073f7 25 25 my $IFCONFIG = "/sbin/ifconfig"; 26 26 my $TMCC = "/usr/local/etc/emulab/tmcc"; 27 my $SSH = "/usr/local/bin/ssh"; 27 # If a special version of ssh is required, it will be installed in 28 # /usr/local/bin/ssh. Otherwise use the usual one. 29 my $SSH = -x "/usr/local/bin/ssh" ? "/usr/local/bin/ssh" : "/usr/bin/ssh"; 28 30 my $NC = "/usr/bin/nc"; 29 31 my $SSH_PORT = 22; … … 43 45 # dodge the port on the 44 46 # remote tunnel node. 47 die "Cannot exec $SSH" unless -x $SSH; 48 45 49 sub setup_bridging; 46 50 sub setup_tunnel_cfg; … … 140 144 } 141 145 142 # Both sides need to have GatewayPorts to beset. Copy the existing143 # sshd_config, making sure GatewayPorts is set to yes, replace the original,144 # and restart sshd.146 # Both sides need to have GatewayPorts and PermitTunnel set. Copy the existing 147 # sshd_config, making sure GatewayPorts and PermitTunnel are set to yes, 148 # replace the original, and restart sshd. 145 149 my $ports_on = 0; 150 my $tunnel_on = 0; 146 151 147 152 my $conf = new IO::File($sshd_config) || die "Can't open $sshd_config: $!\n"; … … 154 159 next; 155 160 }; 161 s/^\s*PermitTunnel.*/PermitTunnel yes/ && do { 162 print $new_conf $_ unless $tunnel_on++; 163 next; 164 }; 156 165 print $new_conf $_; 157 166 } 158 167 print $new_conf "GatewayPorts yes\n" unless $ports_on; 168 print $new_conf "PermitTunnel yes\n" unless $tunnel_on; 159 169 $conf->close(); 160 170 $new_conf->close(); … … 166 176 167 177 # Need these to make the Ethernet tap and bridge to work... 168 178 system("kldload /boot/kernel/bridgestp.ko") 179 if -r "/boot/kernel/bridgestp.ko"; 169 180 system("kldload /boot/kernel/if_bridge.ko"); 170 181 system("kldload /boot/kernel/if_tap.ko"); … … 240 251 system("$cmd"); # or die "Failed to run ssh"; 241 252 } 242 $cmd = "$SSH -w $count:$count -o \"StrictHostKeyChecking no\" " . 253 # The Tunnel option specifies the level to tunnel at. Ethernet creates 254 # a tap device rather than a tun device. Strict host key checking 255 # avoids asking the user to OK a strange host key. 256 $cmd = "$SSH -w $count:$count -o \"Tunnel ethernet\" " . 257 "-o \"StrictHostKeyChecking no\" " . 243 258 "$opts{'peer'} \"$remote_script_dir/fed-tun.pl " . 244 259 "$remote_config_file -r $addr $count\" & |"; -
fedkit/fed-tun.ucb.pl
r7a8d667 r01073f7 22 22 use IO::File; 23 23 use IO::Pipe; 24 use File::Copy; 24 25 25 26 my $IFCONFIG = "/sbin/ifconfig"; 26 27 my $TMCC = "/usr/local/etc/emulab/tmcc"; 27 my $SSH = "/usr/local/bin/ssh"; 28 # If a special version of ssh is required, it will be installed in 29 # /usr/local/bin/ssh. Otherwise use the usual one. 30 my $SSH = -x "/usr/local/bin/ssh" ? "/usr/local/bin/ssh" : "/usr/bin/ssh"; 28 31 my $NC = "/usr/bin/nc"; 29 32 my $SSH_PORT = 22; … … 42 45 # dodge the port on the 43 46 # remote tunnel node. 47 48 die "Cannot exec $SSH" unless -x $SSH; 49 44 50 sub setup_bridging; 45 51 sub setup_tunnel_cfg; … … 132 138 } 133 139 134 # Both sides need to have GatewayPorts to be set. Copy the existing 135 # sshd_config, making sure GatewayPorts is set to yes, replace the original, 136 # and restart sshd. 140 141 # Both sides need to have GatewayPorts and PermitTunnel set. Copy the existing 142 # sshd_config, making sure GatewayPorts and PermitTunnel are set to yes, 143 # replace the original, and restart sshd. 137 144 my $ports_on = 0; 145 my $tunnel_on = 0; 138 146 139 147 my $conf = new IO::File($sshd_config) || die "Can't open $sshd_config: $!\n"; … … 146 154 next; 147 155 }; 156 s/^\s*PermitTunnel.*/PermitTunnel yes/ && do { 157 print $new_conf $_ unless $tunnel_on++; 158 next; 159 }; 148 160 print $new_conf $_; 149 161 } 150 162 print $new_conf "GatewayPorts yes\n" unless $ports_on; 163 print $new_conf "PermitTunnel yes\n" unless $tunnel_on; 151 164 $conf->close(); 152 165 $new_conf->close(); … … 159 172 160 173 # Need these to make the Ethernet tap and bridge to work... 161 174 system("kldload /boot/kernel/bridgestp.ko") 175 if -r "/boot/kernel/bridgestp.ko"; 162 176 system("kldload /boot/kernel/if_bridge.ko"); 163 177 system("kldload /boot/kernel/if_tap.ko"); … … 220 234 # the expected single line of output when the tunnel is connected. 221 235 222 print "$SSH -w $count:$count $ssh_port_fwds -o \"StrictHostKeyChecking no\" $opts{'peer'} \"$remote_script_dir/fed-tun.pl $remote_config_file -r $addr $count\"\n" if $debug; 223 open($SSHCMD[$count], "$SSH -w $count:$count $ssh_port_fwds -o \"StrictHostKeyChecking no\" $opts{'peer'} \"$remote_script_dir/fed-tun.pl $remote_config_file -r $addr $count\" |") or die "Failed to run ssh"; 236 # The Tunnel option specifies the level to tunnel at. Ethernet creates 237 # a tap device rather than a tun device. Strict host key checking 238 # avoids asking the user to OK a strange host key. 239 my $cmd = "$SSH -w $count:$count -o \"Tunnel ethernet\" " . 240 "-o \"StrictHostKeyChecking no\" " . 241 "$opts{'peer'} \"$remote_script_dir/fed-tun.pl " . 242 "$remote_config_file -r $addr $count\" & |"; 243 244 print "$cmd\n" if $debug; 245 open($SSHCMD[$count], $cmd) or die "Failed to run ssh"; 224 246 225 247 my $check = <$SSHCMD[$count]>; # Make sure something ran...
Note: See TracChangeset
for help on using the changeset viewer.