Changeset 01073f7 for fedkit/fed-tun.pl
- Timestamp:
- Sep 22, 2008 2:15:46 PM (16 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02
- Children:
- 19cc408
- Parents:
- 7a8d667
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
fedkit/fed-tun.pl
r7a8d667 r01073f7 25 25 my $IFCONFIG = "/sbin/ifconfig"; 26 26 my $TMCC = "/usr/local/etc/emulab/tmcc"; 27 my $SSH = "/usr/local/bin/ssh"; 27 # If a special version of ssh is required, it will be installed in 28 # /usr/local/bin/ssh. Otherwise use the usual one. 29 my $SSH = -x "/usr/local/bin/ssh" ? "/usr/local/bin/ssh" : "/usr/bin/ssh"; 28 30 my $NC = "/usr/bin/nc"; 29 31 my $SSH_PORT = 22; … … 43 45 # dodge the port on the 44 46 # remote tunnel node. 47 die "Cannot exec $SSH" unless -x $SSH; 48 45 49 sub setup_bridging; 46 50 sub setup_tunnel_cfg; … … 140 144 } 141 145 142 # Both sides need to have GatewayPorts to beset. Copy the existing143 # sshd_config, making sure GatewayPorts is set to yes, replace the original,144 # and restart sshd.146 # Both sides need to have GatewayPorts and PermitTunnel set. Copy the existing 147 # sshd_config, making sure GatewayPorts and PermitTunnel are set to yes, 148 # replace the original, and restart sshd. 145 149 my $ports_on = 0; 150 my $tunnel_on = 0; 146 151 147 152 my $conf = new IO::File($sshd_config) || die "Can't open $sshd_config: $!\n"; … … 154 159 next; 155 160 }; 161 s/^\s*PermitTunnel.*/PermitTunnel yes/ && do { 162 print $new_conf $_ unless $tunnel_on++; 163 next; 164 }; 156 165 print $new_conf $_; 157 166 } 158 167 print $new_conf "GatewayPorts yes\n" unless $ports_on; 168 print $new_conf "PermitTunnel yes\n" unless $tunnel_on; 159 169 $conf->close(); 160 170 $new_conf->close(); … … 166 176 167 177 # Need these to make the Ethernet tap and bridge to work... 168 178 system("kldload /boot/kernel/bridgestp.ko") 179 if -r "/boot/kernel/bridgestp.ko"; 169 180 system("kldload /boot/kernel/if_bridge.ko"); 170 181 system("kldload /boot/kernel/if_tap.ko"); … … 240 251 system("$cmd"); # or die "Failed to run ssh"; 241 252 } 242 $cmd = "$SSH -w $count:$count -o \"StrictHostKeyChecking no\" " . 253 # The Tunnel option specifies the level to tunnel at. Ethernet creates 254 # a tap device rather than a tun device. Strict host key checking 255 # avoids asking the user to OK a strange host key. 256 $cmd = "$SSH -w $count:$count -o \"Tunnel ethernet\" " . 257 "-o \"StrictHostKeyChecking no\" " . 243 258 "$opts{'peer'} \"$remote_script_dir/fed-tun.pl " . 244 259 "$remote_config_file -r $addr $count\" & |";
Note: See TracChangeset
for help on using the changeset viewer.