CentOS 8 tinc安装信息和示例配置文件

 网络技术  Add comments
4月 122021
 

 

包信息

[root@tinc ~]# dnf info tinc
Last metadata expiration check: 0:01:55 ago on Mon 12 Apr 2021 01:44:09 AM UTC.
Installed Packages
Name         : tinc
Version      : 1.0.36
Release      : 2.el8
Architecture : x86_64
Size         : 629 k
Source       : tinc-1.0.36-2.el8.src.rpm
Repository   : @System
From repo    : epel
Summary      : A virtual private network daemon
URL          : http://www.tinc-vpn.org/
License      : GPLv2+
Description  : tinc is a Virtual Private Network (VPN) daemon that uses tunnelling
             : and encryption to create a secure private network between hosts on
             : the Internet. Because the tunnel appears to the IP level network
             : code as a normal network device, there is no need to adapt any
             : existing software. This tunnelling allows VPN sites to share
             : information with each other over the Internet without exposing any
             : information to others.

[root@tinc ~]#

安装路径

[root@tinc ~]# rpm -lq tinc
/usr/lib/.build-id
/usr/lib/.build-id/ec
/usr/lib/.build-id/ec/f0a564e8d20e169bed52480a235992928751ed
/usr/lib/systemd/system/tinc.service
/usr/lib/systemd/system/tinc@.service
/usr/sbin/tincd
/usr/share/doc/tinc
/usr/share/doc/tinc/AUTHORS
/usr/share/doc/tinc/COPYING.README
/usr/share/doc/tinc/NEWS
/usr/share/doc/tinc/README
/usr/share/doc/tinc/THANKS
/usr/share/doc/tinc/sample-config
/usr/share/doc/tinc/sample-config/hosts
/usr/share/doc/tinc/sample-config/hosts/alpha
/usr/share/doc/tinc/sample-config/hosts/beta
/usr/share/doc/tinc/sample-config/rsa_key.priv
/usr/share/doc/tinc/sample-config/tinc-down
/usr/share/doc/tinc/sample-config/tinc-up
/usr/share/doc/tinc/sample-config/tinc.conf
/usr/share/doc/tinc/texinfo.tex
/usr/share/info/tinc.info.gz
/usr/share/licenses/tinc
/usr/share/licenses/tinc/COPYING
/usr/share/man/man5/tinc.conf.5.gz
/usr/share/man/man8/tincd.8.gz
[root@tinc ~]#

服务配置文件示例

https://www.tinc-vpn.org/documentation/Main-configuration-variables.html#Main-configuration-variables
[root@tinc ~]# cat /usr/share/doc/tinc/sample-config/tinc.conf
# Sample tinc configuration file

# This is a comment.
# Spaces and tabs are eliminated.
# The = sign isn't strictly necessary any longer, though you may want
# to leave it in as it improves readability :)
# Variable names are treated case insensitive.

# The name of this tinc host. Required.
Name = alpha

# The internet host to connect with.
# Comment these out to make yourself a listen-only connection
# You must use the name of another tinc host.
# May be used multiple times for redundance.
ConnectTo = beta

# The tap device tinc will use.
# /dev/tap0 for ethertap, FreeBSD or OpenBSD
# /dev/tun0 for Solaris
# /dev/net/tun for Linux tun/tap
Device = /dev/net/tun
[root@tinc ~]#

主机配置文件示例

https://www.tinc-vpn.org/documentation/Host-configuration-variables.html#Host-configuration-variables
[root@tinc ~]# cat /usr/share/doc/tinc/sample-config/hosts/alpha
# Sample host configuration file

# The real IP address of this tinc host. Can be used by other tinc hosts.
Address = 123.234.35.67

# Portnumber for incoming connections. Default is 655.
Port = 655

# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.1.0/24

# The public key generated by `tincd -n example -K' is stored here
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
[root@tinc ~]#
[root@tinc ~]# cat /usr/share/doc/tinc/sample-config/hosts/beta
# Sample host configuration file
# This file was generated by host beta.

# The real IP address of this tinc host. Can be used by other tinc hosts.
Address = 123.45.67.189

# Portnumber for incoming connections. Default is 655.
Port = 6500

# Subnet on the virtual private network that is local for this host.
Subnet = 192.168.2.0/24

# The public key generated by `tincd -n example -K' is stored here
-----BEGIN RSA PUBLIC KEY-----
...
-----END RSA PUBLIC KEY-----
[root@tinc ~]#

启动和停止脚本示例(使用ifconfig命令依赖net-tools包)

[root@tinc ~]# cat /usr/share/doc/tinc/sample-config/tinc-up
#!/bin/sh
# This file sets up the tap device.
# It gives you the freedom to do anything you want with it.
# Use the correct name for the tap device:
# The environment variable $INTERFACE is set to the right name
# on most platforms, but if it doesn't work try to set it manually.

# Give it the right ip and netmask. Remember, the subnet of the
# tap device must be larger than that of the individual Subnets
# as defined in the host configuration file!
ifconfig $INTERFACE 192.168.1.1 netmask 255.255.0.0
[root@tinc ~]#
[root@tinc ~]# cat /usr/share/doc/tinc/sample-config/tinc-down
#!/bin/sh
# This file closes down the tap device.

ifconfig $INTERFACE down
[root@tinc ~]#

使用ip命令示例

#!/bin/sh
ip link set $INTERFACE up
ip addr add 10.0.0.1/32 dev $INTERFACE
ip route add 10.0.0.0/24 dev $INTERFACE
#!/bin/sh
ip route del 10.0.0.0/24 dev $INTERFACE
ip addr del 10.0.0.1/32 dev $INTERFACE
ip link set $INTERFACE down

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据