![首頁 Logo Keith ]p !!](/themes/mytheme/logo.png){kind=logo}
最後更新: 2021-09-09
介紹
HomePage: http://vtun.sourceforge.net/setup.html
Install
yum install vtun # Centos 6 EPEL
- /etc/vtund.conf
- /usr/sbin/vtund
- /etc/rc.d/init.d/vtund
apt-get install vtun
- /etc/vtund.conf
- /usr/sbin/vtund
- /etc/init.d/vtun
Doc
- man 5 vtund.conf
- man 8 vtund
Basic Config
IP tunnel:
type tun;
proto udp;
keepalive yes;
up {
ifconfig "%% xxxxxxx";
};# options - General options.
# default - default session options.
# session - Session options.
準備
log: /etc/rsyslog.conf
# Daemon daemon.* /var/log/daemon.log
service rsyslog restart
firewall: /etc/sysconfig/iptables
# VPN -A INPUT -m state --state NEW -i tun9 -j ACCEPT
service iptables restart
Server
/etc/vtund.conf
# General options
options {
port 5000; # Listen on this port. Default 5000
bindaddr { iface lo; }; # Listen only on loopback device.
# Syslog facility
syslog daemon;
timeout 60; # General VTun timeout
# Path to various programs
ppp /usr/sbin/pppd;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/iptables;
ip /sbin/ip;
}# Default session options
default {
compress no; # Compression is off by default
# Default method is zlib:1 (1~9, 1 = best speed)
speed 0; # Ignored by the client. By default maximum speed, kilobits/second
# 8,16,32,64,128,256,etc
stat yes; # log statistic counters every 5 minutes
}"speed" value:
valus speed
100 185 kBit
200 384 kBit
300 564 kBit
400 765 kBit
# Session options:
# TUN example. Session 'cobra'.
# 所有設定不用 '
cobra {
passwd Ma&^TU; # Password, 一定要英文字行先 !!
type tun; # IP tunnel
device tun9 # tunXX, By default, automatically select available "XX" (方便 fw 設定)
proto udp; # UDP protocol, 另有 tcp
compress lzo:9; # LZO compression level 9
encrypt yes; # Encryption
# Default method is 'blowfish128ecb'
keepalive yes; # Keep connection alive yes => '30:4' (interval:count)
timeout 5; # default 60
stat yes; # /var/log/vtund/session_name
up {
# Connection is Up
# 10.3.0.1 - local, 10.3.0.2 - remote
ifconfig "%% 10.3.0.1 pointopoint 10.3.0.2 mtu 1450";
};
}Remark:
%% (double percent) - same as %d
%d - TUN or TAP device or TTY port name
Server only opts:
- proto
- keepalive
- compress
- encrypt
- speed
# 設定好後, 就可以 start 它
/etc/init.d/vtund start
OR
vtund -s
Checking:
ps aux | grep vtun
vtund[s]: waiting for connections on port 5000
Client log:
vtund[26666]: Session MyTun[MyServer] opened vtund[26666]: LZO compression[level 9] initialized vtund[26666]: Traffic shaping(speed 200K) initialized.
mini working config:
options {
port 5000;
bindaddr { iface eth0; };
syslog daemon;
ifconfig /sbin/ifconfig;
}
default {
compress lzo:9;
encrypt no;
speed 100;
stat yes;
}
MyTun {
proto tcp;
passwd abcde;
type tun;
device tun9;
keepalive 5:4;
up {
ifconfig "%% 10.3.0.1 pointopoint 10.3.0.2 mtu 1450";
}
}Testing:
ps aux | grep vtund
vtund[s]: waiting for connections on port 5000
Client
# General options
options {
port 5000; # Connect to this port
syslog daemon;
ifconfig /sbin/ifconfig;
}# Session options:
# TUN example. Session 'cobra'.
MyTun {
timeout 5; # Connect timeout, Default is 30 seconds
proto tcp;
persist yes; # Persist mode, Reconnect to the server after connection termination (每 timeout 就會 connect 一次)
passwd Ma&^TU; # Password
type tun;
device tun9; # Device tun1, By default device will automatically select available
stat yes;
up {
ifconfig "%% 10.3.0.2 pointopoint 10.3.0.1 mtu 1450";
};
}mini working config:
options {
syslog daemon;
port 1194;
ifconfig /sbin/ifconfig;
}
MyTun {
timeout 5;
proto tcp;
persist yes;
passwd ????????????????;
type tun;
device tun9;
stat yes;
up {
ifconfig "%% 10.3.0.2 pointopoint 10.3.0.1 mtu 1450";
};
}
vtund daemon
Common opts:
-f file # Read config file(/etc/vtund.conf)
-n # Do not become daemon.
# Start Server
vtund -s
-s # Run as the server.
-P port # Default TCP 5000
# Start Client
Usage:
vtund [ -f file ] [ -P port ] [ -p ] [ -t timeout ] [ -n ] < section > < server address >
-p # Reconnect to the server after connection termination
-t timeout # Connect timeout Default is 30 seconds.
-P port
i.e.
vtund -n MyTun MyServer
Log
錯 pw
vtund[25772]: VTun client ver 3.X 11/12/2010 started vtund[25772]: Connecting to MyServer vtund[25772]: Connection denied by MyServer
成功
vtund[25775]: VTun client ver 3.X 11/12/2010 started vtund[25775]: Connecting to MyServer vtund[25775]: Remote Server sends <TuS100L5> . vtund[25775]: Session MyTun[MyServer] opened vtund[25775]: LZO compression[level 5] initialized vtund[25775]: Traffic shaping(speed 100K) initialized.
P.S.
當 Service Down 時, 那 Interface 都會 down.
UP / DOWN
up {}
# after connection has been established
# Start shell and untar files from
# stdin(pipe tunnel).
# program path arguments [wait]
program /bin/sh "-c 'cd /tmp; tar xf -";
down {}
list of programs to run after connection has been terminated.
Performance Test
pure:
64 bytes from MyServer (x.x.x.x): icmp_seq=3 ttl=56 time=4.12 ms 64 bytes from MyServer (x.x.x.x): icmp_seq=4 ttl=56 time=4.02 ms 64 bytes from MyServer (x.x.x.x): icmp_seq=5 ttl=56 time=4.00 ms 64 bytes from MyServer (x.x.x.x): icmp_seq=6 ttl=56 time=4.08 ms 64 bytes from MyServer (x.x.x.x): icmp_seq=7 ttl=56 time=4.14 ms 64 bytes from MyServer (x.x.x.x): icmp_seq=8 ttl=56 time=4.07 ms
vpn:
64 bytes from 10.3.0.1: icmp_seq=6 ttl=64 time=4.47 ms 64 bytes from 10.3.0.1: icmp_seq=7 ttl=64 time=4.46 ms 64 bytes from 10.3.0.1: icmp_seq=8 ttl=64 time=4.65 ms 64 bytes from 10.3.0.1: icmp_seq=9 ttl=64 time=4.44 ms 64 bytes from 10.3.0.1: icmp_seq=10 ttl=64 time=4.62 ms 64 bytes from 10.3.0.1: icmp_seq=11 ttl=64 time=4.54 ms
LZO
* very fast decompression
* deals acceptably with non-compressible data(only expanding incompressible data by a maximum of 1/64 of the original size)
