/usr/share/doc/secvpn/examples/secvpn.conf.3 is in secvpn 2.23.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 | #
# Example 3: secvpn having one lan-card and connect 11 subnets in a
# tree structure
#
#
# [secvpn1]
# A.A.A.1
# _____________/ | \_____________
# / | \
# [secvpn2] [secvpn3] [secvpn4]
# B.B.B.1 C.C.C.1 D.D.D.1
# / | \ | \ | \
# [secvpn5] [secvpn6] [secvpn7] [secvpn8] [secvpn9] [secvpn10] [secvpn11]
# E.E.E.1 F.F.F.1 G.G.G.1 H.H.H.1 I.I.I.1 J.J.J.1 K.K.K.1
#
# ToDo:
# There are 11 Subnets. The hosts of all subnets should be able to
# communicate secure with the hosts of all other subnets.
# All secvpns have only one LAN-Card. The routing
# should be automatically set. For example if E.E.E.7 pings I.I.I.9 the
# encrypted ping will should go the way E.E.E.7->E.E.E.1->B.B.B.1->
# A.A.A.1->C.C.C.1->I.I.I.1->I.I.I.9.
#
THIS_IS="`hostname`"
VPNS="secvpn1->secvpn2 secvpn1->secvpn3 secvpn1->secvpn4 \
secvpn2->secvpn5 secvpn2->secvpn6 secvpn2->secvpn7 \
secvpn3->secvpn8 secvpn3->secvpn9 \
secvpn4->secvpn10 secvpn4->secvpn11"
CRYPT_MASK="255.255.255.0"
SSHPORT="22"
secvpn1() { GOOD_ONES="A.A.A.0/24"; GOOD_IP="A.A.A.1"; }
secvpn2() { GOOD_ONES="B.B.B.0/24"; GOOD_IP="B.B.B.1"; }
secvpn3() { GOOD_ONES="C.C.C.0/24"; GOOD_IP="C.C.C.1"; }
secvpn4() { GOOD_ONES="D.D.D.0/24"; GOOD_IP="D.D.D.1"; }
secvpn5() { GOOD_ONES="E.E.E.0/24"; GOOD_IP="E.E.E.1"; }
secvpn6() { GOOD_ONES="F.F.F.0/24"; GOOD_IP="F.F.F.1"; }
secvpn7() { GOOD_ONES="G.G.G.0/24"; GOOD_IP="G.G.G.1"; }
secvpn8() { GOOD_ONES="H.H.H.0/24"; GOOD_IP="H.H.H.1"; }
secvpn9() { GOOD_ONES="I.I.I.0/24"; GOOD_IP="I.I.I.1"; }
secvpn10() { GOOD_ONES="J.J.J.0/24"; GOOD_IP="J.J.J.1"; }
secvpn11() { GOOD_ONES="K.K.K.0/24"; GOOD_IP="K.K.K.1"; }
vpn_secvpn1_secvpn2()
{
# -----------
# | secvpn1 |----------------+
# ----------- |
# | |
# | # ppp-DEV
T_BAD_IP="A.A.A.1"; T_CRYPT_IP="10.1.1.1"
# | |
# | # ppp-DEV
O_BAD_IP="B.B.B.1"; O_CRYPT_IP="10.1.1.2"
# | |
# ----------- |
# | secvpn2 |----------------+
# -----------
# |
O_GOOD_ONES="E.E.E.0/24 F.F.F.0/24 G.G.G.0/24"
}
vpn_secvpn1_secvpn3()
{
# ppp-DEV
T_BAD_IP="A.A.A.1"; T_CRYPT_IP="10.1.1.3"
# ppp-DEV
O_BAD_IP="C.C.C.1"; O_CRYPT_IP="10.1.1.4"
O_GOOD_ONES="H.H.H.0/24 I.I.I.0/24"
}
vpn_secvpn1_secvpn4() { echo "do it yourself"; }
vpn_secvpn2_secvpn5()
{
T_GOOD_ONES="A.A.A.0/24 C.C.C.0/24 D.D.D.0/24 \
H.H.H.0/24 I.I.I.0/24 J.J.J.0/24 K.K.K.0/24"
# ppp-DEV
T_BAD_IP="B.B.B.1"; T_CRYPT_IP="10.1.1.5"
# ppp-DEV
O_BAD_IP="E.E.E.1"; O_CRYPT_IP="10.1.1.6"
}
vpn_secvpn2_secvpn6() { echo "do it yourself"; }
vpn_secvpn2_secvpn7() { echo "do it yourself"; }
vpn_secvpn3_secvpn8() { echo "do it yourself"; }
vpn_secvpn3_secvpn9() { echo "do it yourself"; }
vpn_secvpn4_secvpn10() { echo "do it yourself"; }
vpn_secvpn4_secvpn11() { echo "do it yourself"; }
|