mirror of https://github.com/dswd/vpncloud.git
Compare commits
No commits in common. "bd839534e01f40189ed0739c2a19b4ebe3ae2f87" and "0e764df560dfcb13de9096ae4020f806b10cb6e0" have entirely different histories.
bd839534e0
...
0e764df560
|
@ -2,10 +2,6 @@
|
||||||
|
|
||||||
This project follows [semantic versioning](http://semver.org).
|
This project follows [semantic versioning](http://semver.org).
|
||||||
|
|
||||||
### UNRELEASED
|
|
||||||
|
|
||||||
- [changed] Changed documentation
|
|
||||||
|
|
||||||
### v2.0.0 (2020-10-30)
|
### v2.0.0 (2020-10-30)
|
||||||
|
|
||||||
- [added] **Add strong crypto, complete rewrite of crypto system**
|
- [added] **Add strong crypto, complete rewrite of crypto system**
|
||||||
|
|
10
README.md
10
README.md
|
@ -9,15 +9,7 @@ establishes an encrypted fully-meshed VPN network in a peer-to-peer manner.
|
||||||
It can work on TUN devices (IP based) and TAP devices (Ethernet based).
|
It can work on TUN devices (IP based) and TAP devices (Ethernet based).
|
||||||
Tunneling traffic between two nodes can be as easy as:
|
Tunneling traffic between two nodes can be as easy as:
|
||||||
|
|
||||||
$> vpncloud -c REMOTE_HOST:PORT -p 'mypassword' --ip 10.0.0.1/24
|
$> vpncloud -c REMOTE_HOST:PORT -p 'mypassword' --ip 10.0.0.1/24
|
||||||
|
|
||||||
or as config file:
|
|
||||||
|
|
||||||
crypto:
|
|
||||||
password: mysecret
|
|
||||||
ip: 10.0.0.1
|
|
||||||
peers:
|
|
||||||
- REMOTE_HOST:PORT
|
|
||||||
|
|
||||||
For more information, please see the [Website](https://vpncloud.ddswd.de) or the [Forum](https://groups.google.com/forum/#!forum/vpncloud).
|
For more information, please see the [Website](https://vpncloud.ddswd.de) or the [Forum](https://groups.google.com/forum/#!forum/vpncloud).
|
||||||
|
|
||||||
|
|
|
@ -80,7 +80,7 @@ mode: normal
|
||||||
# MAC address. The prefix length is the number of significant front bits that
|
# MAC address. The prefix length is the number of significant front bits that
|
||||||
# distinguish the subnet from other subnets. Example: `10.1.1.0/24`.
|
# distinguish the subnet from other subnets. Example: `10.1.1.0/24`.
|
||||||
# Note: Several entries can be separated by spaces.
|
# Note: Several entries can be separated by spaces.
|
||||||
#claims:
|
#claims
|
||||||
# - 10.1.1.0/24
|
# - 10.1.1.0/24
|
||||||
|
|
||||||
# Whether to automatically claim the configured IP on tun devices
|
# Whether to automatically claim the configured IP on tun devices
|
||||||
|
|
|
@ -156,7 +156,7 @@ fn setup_device(config: &Config) -> TunTapDevice {
|
||||||
}
|
}
|
||||||
if let Ok(val) = device.get_rp_filter() {
|
if let Ok(val) = device.get_rp_filter() {
|
||||||
if val != 1 {
|
if val != 1 {
|
||||||
warn!("Your networking configuration might be affected by a vulnerability (https://vpncloud.ddswd.de/docs/security/cve-2019-14899/), please change your rp_filter setting to 1 (currently {}).", val);
|
warn!("Your networking configuration might be affected by a vulnerability (https://seclists.org/oss-sec/2019/q4/122), please change your rp_filter setting to 1 (currently {}).", val);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
device
|
device
|
||||||
|
@ -256,10 +256,7 @@ fn main() {
|
||||||
try_fail!(fs::rename(&file, format!("{}.orig", file)), "Failed to rename original file: {:?}");
|
try_fail!(fs::rename(&file, format!("{}.orig", file)), "Failed to rename original file: {:?}");
|
||||||
info!("Writing new config back into {}", file);
|
info!("Writing new config back into {}", file);
|
||||||
let f = try_fail!(File::create(&file), "Failed to open config file: {:?}");
|
let f = try_fail!(File::create(&file), "Failed to open config file: {:?}");
|
||||||
try_fail!(
|
try_fail!(fs::set_permissions(&file, fs::Permissions::from_mode(0o600)), "Failed to set permissions on file: {:?}");
|
||||||
fs::set_permissions(&file, fs::Permissions::from_mode(0o600)),
|
|
||||||
"Failed to set permissions on file: {:?}"
|
|
||||||
);
|
|
||||||
try_fail!(serde_yaml::to_writer(f, &new_config), "Failed to write converted config: {:?}");
|
try_fail!(serde_yaml::to_writer(f, &new_config), "Failed to write converted config: {:?}");
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue