====== tinc ======                 
{{tag> penis}}
http://share.euer.krebsco.de/ < graphs


### Tinc Bauen(oder einfach nix nehmen)
    ## on nix/nixos
      # get nix: curl https://nixos.org/nix/install | sh
nix-env -iA tinc_pre


    ##Andere Systeme 
         #Dependencies
    Packetnamen aus Debian/Ubuntu:
    ncurses-dev liblzo2-dev libreadline-dev libssl-dev
    
    #compile tinc_pre (on every system)
    # Aus den Repos
       git clone git://tinc-vpn.org/tinc
       cd tinc
       git branch -av (list all branches)
       #Version 1.1 auschecken
       git checkout -b 1.1 origin/1.1
       #Configure File Generieren
       autoconf
    #Release Version von der Website
wget http://www.tinc-vpn.org/packages/tinc-1.1pre11.tar.gz
tar -xvzf tinc-1.1pre11.tar.gz
cd tinc-1.1pre11
    #Einrichten
      ./configure --prefix=/usr --sysconfdir=/etc !NOCHMAL ÜBERPRÜFEN!
      #Bauen
      make (-j4 wenn du nen quadcore hast)
      sudo make install 

###Einrichten

##Server:
sudo tinc -n shack init
sudo tinc -n shack start
tinc -n shack add Address 195.154.108.70
tinc -n shack add Subnet 10.10.10.1/32
tinc -n shack edit tinc-up
#!/bin/sh
ip link set $INTERFACE up
ip -4 addr add 10.10.10.1/32 dev $INTERFACE
ip -4 route add 10.10.10.0/24 dev $INTERFACE
#                       ^ our new internal network
#firewall:
Open Port (655)

########################
# new node via invite (tinc-pre)
########################

## generate Invite on server:
tinc -n shack invite bob

## on client:
    
    #invites:
        pastebin... siehe "generate Invite on server:"

curl <invite-url> | tinc -n shack join
tinc -n shack add Subnet 10.10.10.11/32
#Jedes device in tinc braucht seine eigene Addresse!
Akker: tinc -n shack add Subnet 10.10.10.12/32
Quiering: tinc -n shack add Subnet 10.10.10.13/32


# create tinc-up
curl lpaste.net/raw/146438 > /etc/tinc/shack/tinc-up
chmod +x /etc/tinc/shack/tinc-up
tinc -n shack start


/etc/tinc/shack/tinc-up


## Visualization
http://share.euer.krebsco.de
- https://github.com/thorkill/tinc-vis



# Route internet durch tinc
# TODO: ipv6
    tinc -n gw Address <real-ip>
    tinc -n gw add Subnet 10.241.241.1/32
    tinc -n gw add Subnet 0.0.0.0/0
    tinc -n gw edit tinc-up
        iptables -t nat -A POSTROUTING -o eth0 -s 10.241.241.0/24 -j MASQUERADE
         ip link set $INTERFACE up
         ip -4 addr add 10.241.241.1/32 dev $INTERFACE
         ip -4 route add 10.241.241.0/24 dev $INTERFACE