From f15810b52a0848a6793408e2d745dd16254dd576 Mon Sep 17 00:00:00 2001
From: ohrensessel <git@ohrensessel.net>
Date: Fri, 2 Jan 2015 13:01:37 +0100
Subject: [PATCH 01/42] remove hamburg 31C3 gateway
thank you for a nice congress and a nice freifunk assembly
---
hosts/hamburg31 | 11 -----------
1 file changed, 11 deletions(-)
delete mode 100644 hosts/hamburg31
diff --git a/hosts/hamburg31 b/hosts/hamburg31
deleted file mode 100644
index 2498972..0000000
--- a/hosts/hamburg31
+++ /dev/null
@@ -1,11 +0,0 @@
-Address = 31c3.icvpn.hamburg.freifunk.net
-Port = 656
-
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEAwxJL8dxTEgfM/oSOzZivDL2NxOtplh6yCusY+cbH5u+x1aRWhfbe
-ZBv37xYGXQq1Gx+SX9zASsj50AX/XK634+NQWCHVVcBtcB8VDMA3d4WAnDtvvdwA
-L/uZQzFuWzi60Y76LZZJXmvICxatHYO+1TUUdHyxnInLjVVFotKsmNRm5T4EwOoj
-US414QvjO3Z8Hdmv8N/mA4RsMfJ7udrIbf7Rbne0w+Tfy7qgeYu1knNYcTObSHSe
-JXf0byElmtlCXP/B+/gocvCFAXg87JVrVN8OxoZgF6GvH5GYOD/nz63uQ/SXc6P7
-qsIfCa/XW2J5Jgt7DIfjQImjII55udo7DwIDAQAB
------END RSA PUBLIC KEY-----
From e7766f20a1bfd75c8935c30f0806b2389f511c68 Mon Sep 17 00:00:00 2001
From: hhansen06 <hhansen06@googlemail.com>
Date: Sun, 11 Jan 2015 23:52:50 +0100
Subject: [PATCH 02/42] added Community FFDH
---
hosts/diepholz1 | 10 ++++++++++
1 file changed, 10 insertions(+)
create mode 100644 hosts/diepholz1
diff --git a/hosts/diepholz1 b/hosts/diepholz1
new file mode 100644
index 0000000..10547c2
--- /dev/null
+++ b/hosts/diepholz1
@@ -0,0 +1,10 @@
+Address = gw1.freifunk-dh.de
+Port = 655
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA3SOeCXMYhCyoBXd4LhJDEdq8afDcdT2+kX+8Cnv5HHMWfKv0PodZ
+1zwPl04D3e7MJ+F73YXOIV6zAdEpwXMW6h15qg3r5vL+ZPKY/ywYnb3c1CIOe2C8
+2rJoo9ynjJJt3rbrSc2qOkKFcEfSZWPn2cs9IiaX/tgZaPwpc/KDjPQ5kQ9AwVJk
+2jMhuBHQClPUw/szHwkultrkRehQ7+H/lq7VMXdxfBHBh6Vtk6KX6N8S7NXYcKbG
+Gk52yzLnlmGLxqJbPBBg68o54EEPsS9HUe4oKRkhYoHduQu3OTL4oFZTTXqVmaxB
+JSXyXDFbJPMPNoSsC2F2D9bfPswIfH/efQIDAQAB
+-----END RSA PUBLIC KEY-----
\ No newline at end of file
From 3e10988aa6bcde320680664975a34d9855fc0b48 Mon Sep 17 00:00:00 2001
From: Kai 'wusel' Siering <wusel+src@uu.org>
Date: Tue, 13 Jan 2015 20:00:28 +0100
Subject: [PATCH 03/42] Adding Mueritz1
---
hosts/mueritz_bgp1 | 11 +++++++++++
1 file changed, 11 insertions(+)
create mode 100644 hosts/mueritz_bgp1
diff --git a/hosts/mueritz_bgp1 b/hosts/mueritz_bgp1
new file mode 100644
index 0000000..dd8b597
--- /dev/null
+++ b/hosts/mueritz_bgp1
@@ -0,0 +1,11 @@
+Address = gw05.4830.org
+Port = 655
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAuizkPDLiPvMxnom5i6RG0ijqT9tKmuAFWdMT8FIPoP+d4x0M+1WF
+F8tPZk6Si1t7AX9Cp4ZhPHbbwvSXb/P4Q2VLX2w0A9F67bZQFUBKCaGdRuFPXd2/
+aPr2mQQFB0agA5rkQgegRVbFhKhxGE3UMLhP2DYkfTSI7Yw0oyzGOnSK1Jga5Y9Z
+8W/sxPxj0rpAt/NFfl88qI9aiOYmOD8aFu+spQnNi9/K2yXVdYul0w7w2KAnCyjq
+QWZbNzxFT6Lnlr4YnpuN3Yd81eeThPbH9of2wdMKyJSL6cYM+zZxCeniscspWrRw
+3LPyinT/hEHLChkrQY507QQWXCM588yZeQIDAQAB
+-----END RSA PUBLIC KEY-----
From e7f03c384c8f62d2bc471cb867bc8a7926dcb205 Mon Sep 17 00:00:00 2001
From: Kai 'wusel' Siering <wusel+src@uu.org>
Date: Mon, 26 Jan 2015 01:32:35 +0100
Subject: [PATCH 04/42] New key
---
hosts/gueterslohbgp2 | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/hosts/gueterslohbgp2 b/hosts/gueterslohbgp2
index 5b1fae6..a508444 100644
--- a/hosts/gueterslohbgp2
+++ b/hosts/gueterslohbgp2
@@ -1,10 +1,10 @@
Address = bgp2.guetersloh.freifunk.net
-----BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEAx3TChQ0jKU/VZOJAnAxFk8IGLowzvhmtAVZrli6JjXp2hyGS0hrC
-ZS/aZzQhpqeEmAVgqUJSOicIVT2hwyieyZXEM+fPgfEmD04ZDVjSFpjEPdJCp5iC
-rFU8saEg2c/MBnKAOl6YwjYUCADpjGpFrIvgGIv70OnFRzToQDAOZoW06Ka7OPnk
-XBAtpzamQpfKjjER5OPkRvj9Ne8KcUHo1vkJO/X4BkuFSOA2HQHYXdLKfPxcBijv
-XI+9imHtVCZzvU45XkUpOZ8GC8o4z2FszBjsh8skG2DoPckCe8Hz8S+Ajxl1xelG
-5wQ3SZ8gEj5NnP+OY/3OjUkJwsG/CAyAYQIDAQAB
+MIIBCgKCAQEAwNqFwx5UvkekzqCArb2BBFBqtdRbOsY5WlL58qXPVm6buVqZhy0R
+ZZ497YrX82L3K97sFZ/1jFa/YsY9n6E912Zcca5GxY7ln/wrkO8mSfvCq1KCUpv9
+/00cQxTf+AVlHvryWDupxPasO29wb6b5ftd3HXR1lG/eg3YXmXMAFnWr7wYnrFwW
+1YP9YW1cJRZw9AjQ7Y1X2ETa4JkcjCjY7R7hVoJFoVqjf5JLBpqGy/swETrQB0Ln
+ZpSRSrmfMhf1dIIYnYLoqH9og6ypl6vAqYAOwN9KIFTODK7uXW9ARVyor9I9R4cC
+cMtg3bB/QyS+GJDyvYCGJn/ZL6TrSOw7WwIDAQAB
-----END RSA PUBLIC KEY-----
From 4c453a1b945b5433ce1af4d0442f4357731fa4ff Mon Sep 17 00:00:00 2001
From: strehi <freifunk@inti.inka.de>
Date: Mon, 26 Jan 2015 13:33:28 +0100
Subject: [PATCH 05/42] Karlsruhe2 added
---
hosts/karlsruhe2 | 15 +++++++++++++++
1 file changed, 15 insertions(+)
create mode 100644 hosts/karlsruhe2
diff --git a/hosts/karlsruhe2 b/hosts/karlsruhe2
new file mode 100644
index 0000000..59500a6
--- /dev/null
+++ b/hosts/karlsruhe2
@@ -0,0 +1,15 @@
+Address = albufer1.ffka.net
+
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEAv3w8au8y75sWMzfi1sRzOjI/f+7Gak0qqHcGAQGd+TCwF88OgGDk
+c7TUQJfUG1FcLSiEMKUSKyokFBU6qbzrnwxsK+/foEGrcde4CKaJ1/q+wxL1lRu0
+/12ZVIvr6rMHugjD7XfRbHaUoH1p6ki1+mpwRiLKgKimYxaKoTTJGzkR5Gkabu59
+J7zq6NhzDl+n4usI16Hd2rCtdvG5txDQJvnQTXS4oaidYMDbOulAK+FmDSwkPIcU
+uaGELGD1eMDKR6e/cp3DqTLG54GgmxamL1i44iGwOWfFGC+JfeNEcS/FgOzIhTrR
+a8SRnwJ7FnfqaOee0Ktht1iRmuhJQxtrgusi++WII77SC9jH1kZw2bqh60YbQVlh
+szNPfbpu/TRiqlduDJDmmJgXDG0J3eSvzLWT1D+qXG5Swk7R04VYLCh/oXHAiHol
+l/3D7423tcW51hq316if/9ncfXpKXcdQiEIjmhVt1vi7FQk+1lwmTOKXBAAXnZDb
+7zO2aY1p7YncAudL1CP3oQPazWQHW+2XmLvnOL5guBb/3LL/3CltwBUAz6zfm2Pj
+YKNiQJG5+YBZaPAIy+y4mhDbh9TIO3Zw0eNt4jinu7486iWstkjj+V8E7fWkTBZd
+t2kGBpR5xOVsd8ettZr5pDni9n/e/SJasizsqGjsQnPjWqEUj+wZKn8CAwEAAQ==
+-----END RSA PUBLIC KEY-----
From 61743d7acddd0cafdd65d9c6e787ec45c7d58f38 Mon Sep 17 00:00:00 2001
From: thomasDOTde <thomas@drewermann.org>
Date: Sun, 1 Feb 2015 02:06:50 +0100
Subject: [PATCH 06/42] added 103.freifunk-moehne.de
---
hosts/moehne103 | 15 +++++++++++++++
1 file changed, 15 insertions(+)
create mode 100644 hosts/moehne103
diff --git a/hosts/moehne103 b/hosts/moehne103
new file mode 100644
index 0000000..a07102e
--- /dev/null
+++ b/hosts/moehne103
@@ -0,0 +1,15 @@
+address = 103.freifunk-moehne.de
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEAzBMf2LQ7pa12n6VwBMUhMlJ0OXq6QYpPjfJpzJM4mnZ5j4oecpuN
+Y1WO3FcbMuvU87eVNUUe+qetK1EuneqFadw4vILI5RNFYoWolqHqEDZmO2rLe9QK
+T/CGYcLUi0SAOlXhXtPOod6XY+wcYJC8bq/tZDp/kWUbrwPJ+pl/bIAjex8WddaV
+REJEayNvbgy5ehQ9+2JYHm1RSPfsz5UXD6hcgcKbQyqZZfvuL/r1WWQ+7gednVR9
+ZQwgenLCVBZRDs5K7rH0oyv3VrY3SYJijoBTuTLcLiso9s7jJn9gsbv3DtyqkRXD
+nhxGGFAfpMk1i4lcf40l9xkoCjiajRvcpCHuXUddl1TNVUXUd6KcciRHLLlqM/hr
+Od0QzuW3PGvWHqTPinSvtkwIh+7t2LUlDsH1QfB2FOHppYbjci3YpwnLWJUlzuAh
+mAJRM+jBiofKlWnJiU3nnncs58+bGgqhBO8b7F2pjoT5j9qqvOzgZnYAN+g+kvWJ
+Abq0eWodCcvLmcbiycVP2HzI/A4lhRGjjvfFLRmLO7R6ZO5iXuBoM6W4AKwoxJrw
+SBpf04nphfWBsez1QW6YqxxsTEDI1+y43VQmu1DVxhrQwexldRaMNLpyNVDZzZCv
+hmPpPDJLfdAlr3ld78aBZHVAB5mCOygPuNHbtxnTc3xMWW+zDVeBQvcCAwEAAQ==
+-----END RSA PUBLIC KEY-----
+
From 6a65b62e379107d78a36d414b530a95df5db5e82 Mon Sep 17 00:00:00 2001
From: thomasDOTde <thomas@drewermann.org>
Date: Tue, 3 Feb 2015 12:18:59 +0100
Subject: [PATCH 07/42] added 003.freifunk-moehne.de
---
hosts/moehne003 | 15 +++++++++++++++
1 file changed, 15 insertions(+)
create mode 100644 hosts/moehne003
diff --git a/hosts/moehne003 b/hosts/moehne003
new file mode 100644
index 0000000..da668eb
--- /dev/null
+++ b/hosts/moehne003
@@ -0,0 +1,15 @@
+address = 003.freifunk-moehne.de
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEAt9L7wOZhCIIoRZSFE+AiQ6evhH+I7z2duDULC3COb8EorKZzaFse
+cTCfaOdZ6+cbraqFOiwAzigSf6CoaE8XdnSsWcowQGfESL+CJopoC3Be8h3Cz7ct
+mWz+XmuRl6hHOKqGKxWRxihHQs5zdhF3k/iloWbBqozgKfqqaD8qkeKF32Fn14Ze
+UUm7hWQgicyemGGZhBE3dluV9svN/XmAFty2r05y03wnHB37jc9RdegW3TcNSO4m
+Y9K/q7pXQiA9TwoSpOEv+tKzWoVPf6Rp2ZXZb64vgl+tBnjvT8URL+EiYDHz0LTa
+EuhHuK8pulXOQ5rZ1WmzuQDHBZWVMOLsiAepNd/zMXVpbp5CHpMW0zAbCDwtSdIv
+qKODY28jWPvIxKK+7RyVaIehGrtu38zkelLYBaGuDUI6WLPkF8nM1BuJj69e47cF
+NccaZah1wDIHk7WCCSUs9vPCb+rsNoDJUMm0/2dYG4dbDKJVCve6aYfEddlOxlTW
+7wtjv592H9KGmf7+xMrcOt9Wvc1eDVvSrf6Ld9nv5Myd03YGYJau5JPPoyDVfCnI
+MI8OMdNbEggXBSFFvlkU63JLgJGecuzJsVmb1MJjOMTuzOTl3WUvME8mtCdzZA53
+LrQCHKBfQsK4V5MNURxvmMrLytUfEzjjMsP65HCiaEz9GCsNliNvuCcCAwEAAQ==
+-----END RSA PUBLIC KEY-----
+
From 5dbe872abfc1b09c51e453c7eacf5fa01802b9f5 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <mweinelt@gmail.com>
Date: Fri, 6 Feb 2015 06:15:17 +0100
Subject: [PATCH 08/42] Add simple check script: - check dns forward lookups -
check reachability via icmpv4/icmpv6 echo request
---
scripts/check | 131 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 131 insertions(+)
create mode 100644 scripts/check
diff --git a/scripts/check b/scripts/check
new file mode 100644
index 0000000..4172ecc
--- /dev/null
+++ b/scripts/check
@@ -0,0 +1,131 @@
+#!/usr/bin/env python
+
+import sys
+import os
+import socket
+import subprocess
+from optparse import OptionParser
+
+
+def error(*arg):
+ print(*arg, file=sys.stderr)
+
+
+def check_host_lookup(hostname, port):
+ try:
+ return socket.getaddrinfo(hostname, port)
+ except Exception as e:
+ error("DNS Lookup for {hostname} failed".format(hostname=hostname))
+ return []
+
+
+def check_reachability(host, family):
+ if family is socket.AddressFamily.AF_INET:
+ process_name = 'ping'
+ else:
+ process_name = 'ping6'
+ child = subprocess.Popen([process_name, host, '-c', '1', '-W', '5'],
+ stdout=subprocess.PIPE)
+ child.communicate()
+ if child.returncode:
+ error("Host {host} is unreachable".format(host=host))
+ return 0 if child.returncode == 0 else 1
+
+
+def get_hosts_data(srcdir):
+ for fname in sorted(list(set(os.listdir(srcdir)))):
+ if fname.startswith("."):
+ continue
+
+ fpath = os.path.join(srcdir, fname)
+ if os.path.isfile(fpath):
+ with open(fpath) as f:
+ ignore_key = False
+ addresses = []
+ port = 655 # tinc default port
+
+ for line in f.readlines():
+
+ if '-----BEGIN RSA PUBLIC KEY-----' in line:
+ ignore_key = True
+ elif '-----END RSA PUBLIC KEY-----' in line:
+ ignore_key = False
+
+ if line.startswith("#") or ignore_key:
+ continue
+
+ chunks = line.split("=")
+ if len(chunks) == 2:
+ import pdb
+ # pdb.set_trace()
+ (k, v) = (x.strip().lower() for x in chunks)
+
+ if k == "port":
+ try:
+ port = int(v)
+ except ValueError:
+ error("non-integer default port given")
+ elif k == "address":
+ if " " in v:
+ parts = v.split(' ')
+ if len(parts) != 2:
+ error("unknown address format")
+ try:
+ int(parts[1])
+ addresses.append(parts)
+ except ValueError:
+ error("non-integer port given")
+ else:
+ addresses.append((v, None))
+ elif k in ('ecdsapublickey'):
+ continue
+ else:
+ error("unknown key {key} with value {val}"
+ .format(key=k, val=v))
+
+ # set explicit port for address/port pairs
+ for i, addr in enumerate(addresses):
+ if addr[1] is None:
+ item = (addr[0], port)
+ addresses[i] = item
+
+ yield(dict(community=fname, addresses=addresses))
+
+
+def do_checks(srcdir):
+ errcnt = 0
+ for host in get_hosts_data(srcdir):
+ print("Checking {community}".format(community=host['community']))
+ for address in host['addresses']:
+ host, port = address
+
+ # dns lookup
+ records = check_host_lookup(host, port)
+ if not records:
+ errcnt += 1
+ else:
+ for record in records:
+ if record[1] is not socket.SocketType.SOCK_DGRAM:
+ # we get SOCK_STREAM, SOCK_DGRAM and SOCK_RAW
+ # for every IP/Port pair, lets just pick one
+ # to have unique ip addresses
+ continue
+ errcnt += check_reachability(record[4][0], record[0])
+
+ print("{errcnt} errors".format(errcnt=errcnt))
+
+ return 0 if errcnt == 0 else 1
+
+
+if __name__ == "__main__":
+ parser = OptionParser()
+ parser.add_option("-s", "--sourcedir", dest="src",
+ help="Location of tinc host files. Default: ../hosts",
+ metavar="DIR",
+ default="../hosts/")
+
+ (options, args) = parser.parse_args()
+
+ ret = do_checks(options.src)
+
+ sys.exit(ret)
From be42ec4b68f4a96ad9540e215542683adfe877f3 Mon Sep 17 00:00:00 2001
From: hexa- <mweinelt@gmail.com>
Date: Fri, 6 Feb 2015 06:21:52 +0100
Subject: [PATCH 09/42] Add .travis.yml, fix executable flag on check script
and remove pdb from imports
---
.travis.yml | 5 +++++
scripts/check | 2 --
2 files changed, 5 insertions(+), 2 deletions(-)
create mode 100644 .travis.yml
mode change 100644 => 100755 scripts/check
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..9042af1
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,5 @@
+sudo: false
+language: python
+python:
+ - "3.4"
+script: scripts/check
diff --git a/scripts/check b/scripts/check
old mode 100644
new mode 100755
index 4172ecc..aad8271
--- a/scripts/check
+++ b/scripts/check
@@ -56,8 +56,6 @@ def get_hosts_data(srcdir):
chunks = line.split("=")
if len(chunks) == 2:
- import pdb
- # pdb.set_trace()
(k, v) = (x.strip().lower() for x in chunks)
if k == "port":
From ea4c50f9e2b6a7050c77ff5cba0512e8cde0fc81 Mon Sep 17 00:00:00 2001
From: hexa- <mweinelt@gmail.com>
Date: Fri, 6 Feb 2015 06:25:23 +0100
Subject: [PATCH 10/42] travis: fix hosts path
---
.travis.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.travis.yml b/.travis.yml
index 9042af1..fb0abc5 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -2,4 +2,4 @@ sudo: false
language: python
python:
- "3.4"
-script: scripts/check
+script: scripts/check -s ./hosts/
From 6b3a7fd55495c780f598160d28922fafeb6f5611 Mon Sep 17 00:00:00 2001
From: hexa- <mweinelt@gmail.com>
Date: Fri, 6 Feb 2015 06:28:54 +0100
Subject: [PATCH 11/42] travis: fix iputils-ping dependency
---
.travis.yml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index fb0abc5..be02140 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,5 @@
-sudo: false
language: python
-python:
- - "3.4"
+python: "3.4"
+
+before_install: sudo apt-get install iputils-ping
script: scripts/check -s ./hosts/
From 14b3a2910d226573a1bc3c0e35250bd4ae0e6776 Mon Sep 17 00:00:00 2001
From: ohrensessel <git@ohrensessel.net>
Date: Fri, 6 Feb 2015 19:17:02 +0100
Subject: [PATCH 12/42] added hamburg01
---
hosts/hamburg01 | 11 +++++++++++
1 file changed, 11 insertions(+)
create mode 100644 hosts/hamburg01
diff --git a/hosts/hamburg01 b/hosts/hamburg01
new file mode 100644
index 0000000..4e6e83d
--- /dev/null
+++ b/hosts/hamburg01
@@ -0,0 +1,11 @@
+Address = 01.icvpn.hamburg.freifunk.net
+Port = 656
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA3IbMWLjnM3S4HsFfKvhJdg9TYRPnzxRyL2CaL5KtcCTu8mMMOeCX
+arfhaM0l7l/hr2/TrpjDH3NO+lT0mn9cwl1Jlq3bkNXiBghf+tgGJAr29DLm0teB
+bvxy5YgL4qbWknNvqDRuLr7IFn0bScd8twN9mLeXzAmRCl43zzLMoYIf1A67Bt3H
+pZ6MoIVF9ziw9E4s0cdaRx4S6Ok3h6ochCfoNAUAJhJvodOdjW9++Ffy+LLayBIZ
+S21vezhhcb7fJ2qSO6x42Kp3FBaEY8zpOVdtPRX171xTUIv0vxYfRGsaOsT0biQc
+EGCG3ch2HiwR7TDe4gpe7XV7+QpUY1dR/wIDAQAB
+-----END RSA PUBLIC KEY-----
From fd06115a8b6c4c8a02182450dec48a950091ed7b Mon Sep 17 00:00:00 2001
From: suicider <suicider@gmx.de>
Date: Fri, 6 Feb 2015 21:47:58 +0100
Subject: [PATCH 13/42] Create erfurt2
---
hosts/erfurt2 | 11 +++++++++++
1 file changed, 11 insertions(+)
create mode 100644 hosts/erfurt2
diff --git a/hosts/erfurt2 b/hosts/erfurt2
new file mode 100644
index 0000000..5313d12
--- /dev/null
+++ b/hosts/erfurt2
@@ -0,0 +1,11 @@
+Adress = ffef.securegate.eu
+Port = 656
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA0R+JEwwaxHJZsTlxTjpwDIjrSvbG6yCkeGO/zablrIdnoctZHgNQ
+vcDvuSWeTThBvk7FVuOkgVbpcqTnDNzBNetV1SzpnQTG3yWJcADZtkt7oyEhkvV0
++fJN4eALaOJT1d1PVROcLyCVjBIP5m+d9rImLRQK0tzQnLWofuqDLxzYm8UjK2Df
+hZ4cHQNi0r8EPzQPzLjcz3YmYO6iJ1s27F6iXd16uBCoAX2y4QdSauHQiijah5bf
+laM3ZD8ry9Sgrxngz169ybp3yB7l37IPWhVRHy+OISY4z2G5IMEnwkeS+P8eM36X
+ZG//Jc/joqqHszKLUAL1zpfNVqygHs06fwIDAQAB
+-----END RSA PUBLIC KEY-----
From 6eca4fa2bf5f6692f575f688a97c53b255296952 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <mweinelt@gmail.com>
Date: Fri, 6 Feb 2015 22:54:16 +0100
Subject: [PATCH 14/42] erfurt2: fix address key typo
---
hosts/erfurt2 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hosts/erfurt2 b/hosts/erfurt2
index 5313d12..06a2a65 100644
--- a/hosts/erfurt2
+++ b/hosts/erfurt2
@@ -1,4 +1,4 @@
-Adress = ffef.securegate.eu
+Address = ffef.securegate.eu
Port = 656
-----BEGIN RSA PUBLIC KEY-----
From d797bf27a3cfdb095b55a66572f19b254dbc4be1 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <mweinelt@gmail.com>
Date: Sat, 7 Feb 2015 01:27:51 +0100
Subject: [PATCH 15/42] Disable unreachable/unresolvable peers Commenting them
out enables them to still be able to connect to the network, if they come
back at some point. (cp. 954cf0da5aa8af1b6e1f32df4a57dccc078b2034)
Details will follow on the icvpn mailing list.
---
hosts/augsburg1 | 2 +-
hosts/augsburg2 | 2 +-
hosts/bayreuth1 | 2 +-
hosts/ffhallevpn1 | 2 +-
hosts/franken2 | 4 ++--
hosts/franken3 | 4 ++--
hosts/freiburg1 | 2 +-
hosts/halle1 | 2 +-
hosts/hamburg02 | 4 ++--
hosts/kiel3 | 2 +-
hosts/koeln1 | 4 ++--
hosts/leipzig1 | 2 +-
hosts/ljubljana1 | 2 +-
hosts/magdeburg2 | 4 ++--
14 files changed, 19 insertions(+), 19 deletions(-)
diff --git a/hosts/augsburg1 b/hosts/augsburg1
index 3550946..dd08886 100644
--- a/hosts/augsburg1
+++ b/hosts/augsburg1
@@ -1,5 +1,5 @@
Address = augsburg1.icvpn.augsburg.freifunk.net
-Address = 109.163.229.249
+# Address = 109.163.229.249
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBALVQaY0axASCewZdfMPbxUBwphhoDHKzm0SvpietNy0gy+43Jb+N/Cs+
d9l9HlAS2ngrCAahVm/GRA3iYHH2i5JdZnzxPFKdkefcZFz7x0ZDaqeqpb2YLWFs
diff --git a/hosts/augsburg2 b/hosts/augsburg2
index ea73a25..4e71c79 100644
--- a/hosts/augsburg2
+++ b/hosts/augsburg2
@@ -1,4 +1,4 @@
-Address = augsburg2.icvpn.augsburg.freifunk.net
+# Address = augsburg2.icvpn.augsburg.freifunk.net
Address = augsburg2.icvpn.freifunk-augsburg.de
-----BEGIN RSA PUBLIC KEY-----
diff --git a/hosts/bayreuth1 b/hosts/bayreuth1
index 8930844..dd3c88f 100644
--- a/hosts/bayreuth1
+++ b/hosts/bayreuth1
@@ -1,4 +1,4 @@
-Address = freifunk-bt.criede.de
+# Address = freifunk-bt.criede.de
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAppgeP431r3K4cgy9s1XUB/+SEb9F64Y9q34jxjwRssIaFx+mtukr
JDLFtRNNTi7ao+kL3s1OBhavCeKwYSFAlaQnIm7fLwKwhJiIZwnKVM26SJPUwPfP
diff --git a/hosts/ffhallevpn1 b/hosts/ffhallevpn1
index 56f0b31..2d3728f 100644
--- a/hosts/ffhallevpn1
+++ b/hosts/ffhallevpn1
@@ -1,5 +1,5 @@
Address = vpn1.freifunk-halle.de
-Address = 88.198.51.136
+# Address = 88.198.51.136
Port = 655
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBALF/Wu4pe+f3dHeLYApHxUnOGUBzpNREUet6nDp80uWT/dph7h6Yqtz2
diff --git a/hosts/franken2 b/hosts/franken2
index 8767bcb..7a64878 100644
--- a/hosts/franken2
+++ b/hosts/franken2
@@ -1,5 +1,5 @@
-Address = gw2.fffranken.de
-Port = 656
+# Address = gw2.fffranken.de
+# Port = 656
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAOvt5phPFC+/KUvmGWJdNfIoPWuHfJb0na25VteGQDUMn0krudoIJQFb
snELlAl5emnNbH7W5NWGKfjl7fMRC8RJ7r9eb1/jjsRlDK6aRnN8hHzcCa45PCeI
diff --git a/hosts/franken3 b/hosts/franken3
index 2b22447..00c11e8 100644
--- a/hosts/franken3
+++ b/hosts/franken3
@@ -1,5 +1,5 @@
-Address = vpn3.fffranken.de
-Port = 657
+# Address = vpn3.fffranken.de
+# Port = 657
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAPIkkqmdnJi3Y+cGKslf0t+swE+7rtfRQTStW29MP62L6Sn0lxb5MufU
LRtR0UW31SWQ03HGuUe51e16ppxZ3V1AFQvoLAwxwDD6VvBk4n+XEiupWPt+0XSd
diff --git a/hosts/freiburg1 b/hosts/freiburg1
index e352511..d88b910 100644
--- a/hosts/freiburg1
+++ b/hosts/freiburg1
@@ -1,4 +1,4 @@
-Address = port-87-193-156-225.static.qsc.de
+# Address = port-87-193-156-225.static.qsc.de
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBALo3VfMiPxK5lxWOYqoCZavMp8Lo4HYTmhLR6w3dHDJTI+UKTNDOf3Tc
reO0q+K85uopAtuu9yEshMxapvmijmEO9YsD+XinLNvnwNxx7qSaVQrPFTa4MutK
diff --git a/hosts/halle1 b/hosts/halle1
index e8e04c2..0cb00eb 100644
--- a/hosts/halle1
+++ b/hosts/halle1
@@ -1,4 +1,4 @@
-Address = ffvpn.3dfxatwork.de
+# Address = ffvpn.3dfxatwork.de
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAsYzXhlTKxR7YBUXHY0JscmtNbrFzZzviVzIhpuml499rh8TVhjMU
ozyjbaPhSUy+9RY4F1WpRmDi3lyDx7eT0viRlOkFG8huApXEgGLQgah0M/pfwkc1
diff --git a/hosts/hamburg02 b/hosts/hamburg02
index b52d8c1..b282957 100644
--- a/hosts/hamburg02
+++ b/hosts/hamburg02
@@ -1,5 +1,5 @@
-Address = 02.icvpn.hamburg.freifunk.net
-Port = 656
+# Address = 02.icvpn.hamburg.freifunk.net
+# Port = 656
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEApyg+KLP9XfIwOIgBHjbGgt0l5ve+/O1Mec3ed/d0q6Bh+oTkJxOn
diff --git a/hosts/kiel3 b/hosts/kiel3
index 67a2736..3c83829 100644
--- a/hosts/kiel3
+++ b/hosts/kiel3
@@ -1,4 +1,4 @@
-Address=vpn3.freifunk.in-kiel.de
+# Address=vpn3.freifunk.in-kiel.de
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAqDth8oT1QRrt1usUz2qb+QfWCrva67Vup3TOuV1Lf6Zo6veRDOcT
3jCQtQ+BYGAiLgwhrYtJ13oiMlTbpd32ns1dvp5BgaiTWexJuObsC04LVry0kML5
diff --git a/hosts/koeln1 b/hosts/koeln1
index 2c6de0e..b695e20 100644
--- a/hosts/koeln1
+++ b/hosts/koeln1
@@ -1,5 +1,5 @@
-Address = fastd3.kbu.freifunk.net
-Port = 656
+# Address = fastd3.kbu.freifunk.net
+# Port = 656
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAwzH7Z0W0yIDp80G8sHpaxez7GXL3Lql7DAdJkrNf6KEzZAsZ7usn
diff --git a/hosts/leipzig1 b/hosts/leipzig1
index 7163162..4f25546 100644
--- a/hosts/leipzig1
+++ b/hosts/leipzig1
@@ -1,4 +1,4 @@
-Address = vpn1.leipzig.freifunk.net
+# Address = vpn1.leipzig.freifunk.net
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAKL7eWHmD2Rn6IP7JlSWtkphokN785g8nccBmfcjbwEwiZv+EFaVoid/
0dPfvHaX0GaQGOhpef3PVHEbIMuU8dD9+7WbXO3+hUSIAfHoIdGK7n8qFtzTpzqn
diff --git a/hosts/ljubljana1 b/hosts/ljubljana1
index ef99e59..c8dda7d 100644
--- a/hosts/ljubljana1
+++ b/hosts/ljubljana1
@@ -1,4 +1,4 @@
-address = gw.kiberpipa.net
+# address = gw.kiberpipa.net
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAL4X76pBCF0b/z45rFPbgTrKpISle9MbLqvq3tDc2fTERowis0aBTTuK
mfVIQkF3W+8JMcjQdez5tQWKHnfpz4PmdSC4Dmxolgk/d9b7HNQTP8MCmCLzf+D7
diff --git a/hosts/magdeburg2 b/hosts/magdeburg2
index d2de335..6f2b7e9 100644
--- a/hosts/magdeburg2
+++ b/hosts/magdeburg2
@@ -1,5 +1,5 @@
-Address = 2.icvpn.md.freifunk.net
-Port = 656
+# Address = 2.icvpn.md.freifunk.net
+# Port = 656
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA6v9HoQhGnAaWsSofuT4gplTOBhzmDz23wdQeWkVKM2tY7WCA1KNO
From 19b11aed548790e7db2078eb5606404619468a18 Mon Sep 17 00:00:00 2001
From: Manuel Munz <munz@comuno.net>
Date: Tue, 10 Feb 2015 23:43:04 +0100
Subject: [PATCH 16/42] remove static ip address
---
hosts/augsburg1 | 1 -
1 file changed, 1 deletion(-)
diff --git a/hosts/augsburg1 b/hosts/augsburg1
index dd08886..2645f91 100644
--- a/hosts/augsburg1
+++ b/hosts/augsburg1
@@ -1,5 +1,4 @@
Address = augsburg1.icvpn.augsburg.freifunk.net
-# Address = 109.163.229.249
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBALVQaY0axASCewZdfMPbxUBwphhoDHKzm0SvpietNy0gy+43Jb+N/Cs+
d9l9HlAS2ngrCAahVm/GRA3iYHH2i5JdZnzxPFKdkefcZFz7x0ZDaqeqpb2YLWFs
From 423c038a49d18dc8db6212a11e4919b1922e7f54 Mon Sep 17 00:00:00 2001
From: hexa- <mweinelt@gmail.com>
Date: Thu, 12 Feb 2015 18:12:29 +0100
Subject: [PATCH 17/42] Housekeeping: Remove hosts that were not updated after
being disabled in 2014/08 and are still unreachable
---
hosts/Treuenbrietzen | 6 ------
hosts/badzwischenhahn1 | 7 -------
hosts/castrop1 | 10 ----------
hosts/hannover1 | 6 ------
hosts/koblenz1 | 9 ---------
hosts/ljubljana2 | 6 ------
hosts/schwarzach1 | 10 ----------
7 files changed, 54 deletions(-)
delete mode 100644 hosts/Treuenbrietzen
delete mode 100644 hosts/badzwischenhahn1
delete mode 100644 hosts/castrop1
delete mode 100644 hosts/hannover1
delete mode 100644 hosts/koblenz1
delete mode 100644 hosts/ljubljana2
delete mode 100644 hosts/schwarzach1
diff --git a/hosts/Treuenbrietzen b/hosts/Treuenbrietzen
deleted file mode 100644
index 3bc18a0..0000000
--- a/hosts/Treuenbrietzen
+++ /dev/null
@@ -1,6 +0,0 @@
-#Address = shonyt.mine.nu
------BEGIN RSA PUBLIC KEY-----
-MIGJAoGBANbR3LhhWFNt9ak//ZTReEuNQHjibgTAM+cNTDwLevudrP3y9htxTzgF
-UZDHnkbDqwrYNjnuaMLIik7ljj5aKQd+fXmv3S+sFvvaPnm+e7Fpt+r/ReTnS6su
-iOdmQ7XgC/b6r5ISjGhSheHcVSNMmbDWwYISSpDTu9S5qcUAkp1jAgMBAAE=
------END RSA PUBLIC KEY-----
diff --git a/hosts/badzwischenhahn1 b/hosts/badzwischenhahn1
deleted file mode 100644
index b5ae63c..0000000
--- a/hosts/badzwischenhahn1
+++ /dev/null
@@ -1,7 +0,0 @@
-#Address = ffbz.ath.cx
-#Port = 655
------BEGIN RSA PUBLIC KEY-----
-MIGJAoGBAMlCF8Yj3adfH6Mssc7J59CMIzO4ZTa4meHXDaGWHXzGIMnUWRUlLIfp
-7sa/uJ4U9iQU3ZEwv1cPWweDvWrG1HNL+oJEVv7xQWcBXaYnm0le305qom0E0U5U
-cMt+yNZWTh2KfgJjGB78FuOas1yiGpVPnV2wAGgzREKgmiXTOzZnAgMBAAE=
------END RSA PUBLIC KEY-----
diff --git a/hosts/castrop1 b/hosts/castrop1
deleted file mode 100644
index b2e0df1..0000000
--- a/hosts/castrop1
+++ /dev/null
@@ -1,10 +0,0 @@
-#Address = ffcas.no-ip.info
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEAr1d6XRKMLgt853J8qxguOb017hjVSB4LNWKiLEXk1K5B4sPBP3Sj
-6/3PjI38dbZsmWqOV6azMmqTeBjBKt1Ii02sfrIB0hc3JuwcCeLLrPtmxUWCIXon
-pA0gv1mstM5BY4HLgfH9h9iwtTQ80k3BaTz5/Wcn3i3tRm/MLeXKNIRbIYLGxmyQ
-aSE4QJCnWPXxW+FoKRY6u4jAmYeVi+OyF3Hg9HnVvsBV3AeQ4Ptb90Pkr76udN4D
-W5rEIJelvAT2bMGlCZgowtCEgEAVqI2YHujndHemsUv/ApYR1xwKWRB/df9O8Fpr
-HqdYAjpMtYoGfBj0UhulKZtHpM06LGDZNQIDAQAB
------END RSA PUBLIC KEY-----
-
diff --git a/hosts/hannover1 b/hosts/hannover1
deleted file mode 100644
index 95a691b..0000000
--- a/hosts/hannover1
+++ /dev/null
@@ -1,6 +0,0 @@
-#Address = vpn.hannover.freifunk.net
------BEGIN RSA PUBLIC KEY-----
-MIGJAoGBAJsf2VLpTQlglzwBWe2B9RIgTEl4Y2a22Xt0DMPRw2vRc4aLcYh9G9TC
-IvlXl87TKILdkZ8jlK9cMmwupAmtoxlRUCDkode1dqZ/Knf+iIOCP3jBPDggKKcR
-/8MmS/ao+Ujb9tTuzv8KhVOqAcezKAHh1rVjriVyhCS/PhmZDViZAgMBAAE=
------END RSA PUBLIC KEY-----
diff --git a/hosts/koblenz1 b/hosts/koblenz1
deleted file mode 100644
index 52e3e23..0000000
--- a/hosts/koblenz1
+++ /dev/null
@@ -1,9 +0,0 @@
-#Address=dsserver.homelinux.org
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEAsnls6tKZlZLjmOhjiMTh63GbOaEJ5L3/N4WQPNZN67YOoL0ISECv
-QeQ/p/3iRRhN4EG58CxAJ0X8uqpjqP6xLcbBSDfLbAawjFzU7OrKWiCAmHeW5ZTk
-5sRc6FlR45x63AkaUxiX8VEjBLdrxr6WlHG7XdJtaSYtSpeCESjtWnD3qSQVl7Zr
-CNekrY0TUC4Q0nlmKhNnSISMmJxqvrlGvV+shH2QKSSTOyvOYhl7SwQpJHKfuIOx
-9RbWDG4rrcqks/Kx4WBq/hwiUa8cy0tdoZcbrbjt6rzdIgByDQvcNJ0+hjypbW7H
-j0nr+4GJ9zRGWvE2KopZ3WHE3SvvBeHynQIDAQAB
------END RSA PUBLIC KEY-----
diff --git a/hosts/ljubljana2 b/hosts/ljubljana2
deleted file mode 100644
index 0a39b02..0000000
--- a/hosts/ljubljana2
+++ /dev/null
@@ -1,6 +0,0 @@
-#Address = AS64768.linuxshell.org
------BEGIN RSA PUBLIC KEY-----
-MIGJAoGBALVdchpMeSOA0JBBLwMMdX7hVMlLI2nXZ/0+b8R+36chmsajbKjsDa04
-aw/t/YFo7iLFi3AAXj7Tm/8AXkRz6Rf93rplwo91k47Dz4iEwC/kn7kI8wrGyaTY
-iVdBNp2InZzDeD621OfJa1nhh5ROI0q8T0P76b29Z6XkYJJpCa9pAgMBAAE=
------END RSA PUBLIC KEY-----
diff --git a/hosts/schwarzach1 b/hosts/schwarzach1
deleted file mode 100644
index 2bc46bf..0000000
--- a/hosts/schwarzach1
+++ /dev/null
@@ -1,10 +0,0 @@
-#Address = schwarzach1.hopto.org
-
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEApZQmRinQZQq7gPjFmltgFxXAv4REhkCAGcPwYl3uUeOwqe4adSDu
-90G99x2sCMAdteQ5YrZsDqYw2DQJS4F0a5IF81+U4wfv97KNil/DG0rxqXALX8v0
-OWfkUJUiblegeBo5R7/x+wDtdJbzmLszsfObo5W+jiyBSBM37RoHI2lfYEhu1+GE
-2t1xWhZXsn65krEnF0mwg6sHzZPza051cQiCLIMSyqmI5jk17FzHfuKwdSKFQKMN
-7rhVwgUgzL6RI5HQYDNjM5VEKHShIZ0MUvUQlhQuZglzIS9W0kvBhAFWg1zkUpaH
-pGl/IK7z2VS5oayGIOpX8e/B0ITWuuzxVQIDAQAB
------END RSA PUBLIC KEY-----
From 0613919bed06e540d33365b5a301da1987908de3 Mon Sep 17 00:00:00 2001
From: hexa- <mweinelt@gmail.com>
Date: Thu, 12 Feb 2015 18:39:05 +0100
Subject: [PATCH 18/42] README.md: Travis-CI state
---
README.md | 2 ++
1 file changed, 2 insertions(+)
diff --git a/README.md b/README.md
index 40e50e0..0929bc1 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
+[](https://travis-ci.org/freifunk/icvpn)
+
This repository holds IC-VPN keys and configuration.
For more Info see http://wiki.freifunk.net/IC-VPN
From 52013714c9e3f7058ba33ad16356061d35873762 Mon Sep 17 00:00:00 2001
From: hexa- <mweinelt@gmail.com>
Date: Tue, 17 Feb 2015 15:36:47 +0100
Subject: [PATCH 19/42] check: udp port reachability through nmap, pass
getaddressinfo records where possible
---
.travis.yml | 11 +++++++---
.travis_requirements.txt | 1 +
scripts/check | 44 ++++++++++++++++++++++++++++++++--------
3 files changed, 45 insertions(+), 11 deletions(-)
create mode 100644 .travis_requirements.txt
diff --git a/.travis.yml b/.travis.yml
index be02140..9ae342b 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,10 @@
language: python
python: "3.4"
-
-before_install: sudo apt-get install iputils-ping
-script: scripts/check -s ./hosts/
+before_install:
+ - sudo apt-get install iputils-ping checkinstall
+ - wget https://www.linuxlounge.net/~martin/icvpn/nmap_6.47-1_amd64.deb
+ - sudo dpkg -i nmap_6.47-1_amd64.deb
+install:
+ - pip install -r .travis_requirements.txt
+script:
+ - sudo bash -c "source ~/virtualenv/python3.4/bin/activate && scripts/check -s ./hosts/"
diff --git a/.travis_requirements.txt b/.travis_requirements.txt
new file mode 100644
index 0000000..e33c53f
--- /dev/null
+++ b/.travis_requirements.txt
@@ -0,0 +1 @@
+python-nmap
diff --git a/scripts/check b/scripts/check
index aad8271..629a5aa 100755
--- a/scripts/check
+++ b/scripts/check
@@ -4,6 +4,7 @@ import sys
import os
import socket
import subprocess
+import nmap
from optparse import OptionParser
@@ -14,12 +15,15 @@ def error(*arg):
def check_host_lookup(hostname, port):
try:
return socket.getaddrinfo(hostname, port)
- except Exception as e:
+ except Exception:
error("DNS Lookup for {hostname} failed".format(hostname=hostname))
return []
-def check_reachability(host, family):
+def check_icmp_reachability(gai_record):
+ host = gai_record[4][0]
+ family = gai_record[0]
+
if family is socket.AddressFamily.AF_INET:
process_name = 'ping'
else:
@@ -28,8 +32,27 @@ def check_reachability(host, family):
stdout=subprocess.PIPE)
child.communicate()
if child.returncode:
- error("Host {host} is unreachable".format(host=host))
- return 0 if child.returncode == 0 else 1
+ error(" - {host} is icmp unreachable".format(host=host))
+ return True if child.returncode == 0 else False
+
+
+def check_udp_reachability(gai_record):
+ host, port = gai_record[4][:2]
+ family = gai_record[0]
+
+ if family is socket.AddressFamily.AF_INET:
+ arguments = '-sU -PN'
+ else:
+ arguments = '-sU -PN -6'
+
+ scanner = nmap.PortScanner()
+ result = scanner.scan(host, str(port), arguments) # -sU requires root
+ state = result['scan'][host]['udp'][port]['state']
+
+ if state == 'closed':
+ print(" - {host} port {port}/udp is {state}"
+ .format(host=host, port=port, state=state))
+ return False if state == 'closed' else True
def get_hosts_data(srcdir):
@@ -104,11 +127,16 @@ def do_checks(srcdir):
else:
for record in records:
if record[1] is not socket.SocketType.SOCK_DGRAM:
- # we get SOCK_STREAM, SOCK_DGRAM and SOCK_RAW
- # for every IP/Port pair, lets just pick one
- # to have unique ip addresses
+ # vpn connections are udp based, so skip
+ # everything else
continue
- errcnt += check_reachability(record[4][0], record[0])
+
+ if not check_icmp_reachability(record):
+ errcnt += 1
+ else:
+ port_state = check_udp_reachability(record)
+ if not port_state:
+ errcnt += 1
print("{errcnt} errors".format(errcnt=errcnt))
From 733c614ded8aae76f86049934f9b468ddbdbd04a Mon Sep 17 00:00:00 2001
From: hexa- <mweinelt@gmail.com>
Date: Tue, 17 Feb 2015 17:26:47 +0100
Subject: [PATCH 20/42] Frankfurt1 to lowercase, for sort order
---
hosts/{Frankfurt1 => frankfurt1} | 0
1 file changed, 0 insertions(+), 0 deletions(-)
rename hosts/{Frankfurt1 => frankfurt1} (100%)
diff --git a/hosts/Frankfurt1 b/hosts/frankfurt1
similarity index 100%
rename from hosts/Frankfurt1
rename to hosts/frankfurt1
From c430991d41aa219157570e4b634e097c46606232 Mon Sep 17 00:00:00 2001
From: Daniel Ehlers <danielehlers@mindeye.net>
Date: Wed, 18 Feb 2015 10:14:38 +0100
Subject: [PATCH 21/42] post-merge: Use absolute path for invoke-rc.d.
When the hook is triggered due to an cron job, the path may
not contain "/usr/sbin/" and thus the daemon reload is not happening.
---
scripts/post-merge | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/post-merge b/scripts/post-merge
index f45b79f..7adba43 100755
--- a/scripts/post-merge
+++ b/scripts/post-merge
@@ -25,6 +25,6 @@ for HOST in hosts/*; do
echo "ConnectTo = ${HOST##*/}" >> $TINCCFG
done
-invoke-rc.d tinc reload icvpn
+/usr/sbin/invoke-rc.d tinc reload icvpn
exit 0
From b39f9a670999b42ae7fa21ee1e88ecf700b5fa90 Mon Sep 17 00:00:00 2001
From: Kevin Kirsch <ranlvor@starletp9.de>
Date: Tue, 24 Feb 2015 19:23:34 +0100
Subject: [PATCH 22/42] Added key for trier1
---
hosts/trier1 | 15 +++++++++++++++
1 file changed, 15 insertions(+)
create mode 100644 hosts/trier1
diff --git a/hosts/trier1 b/hosts/trier1
new file mode 100644
index 0000000..500dc80
--- /dev/null
+++ b/hosts/trier1
@@ -0,0 +1,15 @@
+Address = gw1.freifunk-trier.starletp9.de
+Port = 655
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEAtZakSOECioGgkCutgDyq28LLklVstsowc4oahDHhQt5pTv0ncUzE
+D1rAVWGxYQuD21wu2gCW6zJpS+ZYxGnREIa799tdRtBSL/bH6QQsVpiQiWzpMk0D
+HyOh17fbtqAekOzz3nY6hQFcB3CaJoqY2jrI/iQE15N1iNkA8m1nDnwpHxVtKNmh
+9qq+2EtdXuuJP6o7gayjMLXiB0Iaz6rehlS8jzh6FdrCUQbyuRPW/XtT4tiwd0Ch
+lVXoCnSrM0+tUW++0yQz9aCpLE+IMKcTGm1W3elNOA107R9BiJrPqM3ClP05ThRx
+qWO/hCeJ7/Y0wFZBM2IWNX5ig3bAyhdUOaZA2Pr3HQ7dxRkHMDPOOjIzxPNQUvCm
+M4yKXoC9Fuhy7iujd7fVovXqvwBfLAhm/krMZRftEU01qHdN+Qiemqawz/zx9Yok
+GJwrVEttqXt1CP0yrm2GpLS0YOFCcTO6OGnzOP1AyCi8XjeoshqhT1GgHGky8TMs
+GhMD227a9AIK+XTIGzvOEpYC04CYm9zcWBbcLwQZxZuX4XUIhCsgFtWYN0qHTbc3
+ivhy6Z/MPvJGxiGbipMeZlHu4fEKCtOu4EdddkFLlMKdpA7Jo8PEMXy1zg+LRgWt
+qZJ6AL52KEnR+2zjl3aLoXJ7H0eTAGJjiSMDfp4PXiIWr5amoH7d8QUCAwEAAQ==
+-----END RSA PUBLIC KEY-----
From e0b61477b96e107193a20d58765cd57027526056 Mon Sep 17 00:00:00 2001
From: do9xe <h.l.lueth@gmail.com>
Date: Tue, 24 Feb 2015 22:13:46 +0100
Subject: [PATCH 23/42] this key got lost
---
hosts/flensburg1 | 10 ----------
1 file changed, 10 deletions(-)
delete mode 100644 hosts/flensburg1
diff --git a/hosts/flensburg1 b/hosts/flensburg1
deleted file mode 100644
index 49f9fe1..0000000
--- a/hosts/flensburg1
+++ /dev/null
@@ -1,10 +0,0 @@
-Address = fl1.icvpn.freifunk-flensburg.de
-Port = 656
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEAv9Ow8Vkxo03MaYxxpdjQ1/tce2BgyON3+HkHd7/s90wovB6kkFpY
-jL+c6nqN8kIBPhAw4Ibz6HmwUm6GIgappkwI2B81TTfrF2k4LR0NX+Nbyw2UqpnF
-mt4O4ZRDBoRPRJxyXHgxLox0/VqEH+F044nO5DVaCJihlDDVnmjqvdvazBLjsTrX
-d08gPKkyD/VdUMaX6d5eZOfxzRiPYMpZE0rWMzQc+n1kvw1DXfk/jhawqf4ZpaH3
-TD/DGzeuXnDjL2IxMYXHABdfZUug2r7eoP38UM7jVop32SVXQO95gBDs5hTzp9Wh
-JdSYnxO3HgIRb+0g3a7Aq9KBBlQ6xCfZjwIDAQAB
------END RSA PUBLIC KEY-----
From 4ffd0818a78d0d8e1322400b38f71d26ea1514aa Mon Sep 17 00:00:00 2001
From: do9xe <h.l.lueth@gmail.com>
Date: Tue, 24 Feb 2015 22:14:55 +0100
Subject: [PATCH 24/42] delete kiel3, add kiel4
---
hosts/kiel3 | 9 ---------
hosts/kiel4 | 11 +++++++++++
2 files changed, 11 insertions(+), 9 deletions(-)
delete mode 100644 hosts/kiel3
create mode 100644 hosts/kiel4
diff --git a/hosts/kiel3 b/hosts/kiel3
deleted file mode 100644
index 3c83829..0000000
--- a/hosts/kiel3
+++ /dev/null
@@ -1,9 +0,0 @@
-# Address=vpn3.freifunk.in-kiel.de
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEAqDth8oT1QRrt1usUz2qb+QfWCrva67Vup3TOuV1Lf6Zo6veRDOcT
-3jCQtQ+BYGAiLgwhrYtJ13oiMlTbpd32ns1dvp5BgaiTWexJuObsC04LVry0kML5
-WyoInGpUD26sqPdXtcs9bAgNzkDCm7cxMtQiu4SGWyNYpfkkIb+4miUKyjnWCrqi
-nWTX2KC4MJh7AMWSrk6vX7aYmV/qmHkIXBqhPKe0Ah6rufc8+ZkSATJJxTM78qwD
-sOO78I3V6av1+QlaF9wCr5/X/eAD6XUEOJWPuiTflC27mDcihW2NE2YwCIDX8vk0
-Ccuo6OGrjJpZz+ncEjCcFICPpKrL8kYCdwIDAQAB
------END RSA PUBLIC KEY-----
diff --git a/hosts/kiel4 b/hosts/kiel4
new file mode 100644
index 0000000..5a98c54
--- /dev/null
+++ b/hosts/kiel4
@@ -0,0 +1,11 @@
+Address = vpn4.freifunk.in-kiel.de
+Port = 656
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEA49H0NRDyDqVy5eJygLHuwLq7VUhrPhyGMhHNcbJ/ZgnwAMkV2wfd
+A+fO4ZXZ498rW3jNLvIxpUH81jsQBe4rFkvnTGZQcY2Lu7Q46XGIp4BNPjtUFIeH
+1qhSANElylo6sZtu651pj2Lu3oV/9cxPDLrKWFaLSLmCrJoh9gkB4Xk4T0T7RWxG
+NyNqdwcCzd+9ITIpRFtcB/pxlO/Ovirvwie+N/aZw8uC52ZOskhI/MSEYzFw+YYR
+aWcoc1sAJ935EY7DET0MV/9yuM+hfRQyex3jKkXzykQL8kQ4t1+0dl3VYMiW6lr6
+LeCasMGtby5sVeA/18H+fu+viZ+qc+wn9wIDAQAB
+-----END RSA PUBLIC KEY-----
From 92b783e197168e96b54c7306d810cd44712edb5a Mon Sep 17 00:00:00 2001
From: bodems <bodems@wopr>
Date: Sat, 14 Mar 2015 19:46:52 +0000
Subject: [PATCH 25/42] added bielefeld4
---
hosts/bielefeld4 | 12 ++++++++++++
1 file changed, 12 insertions(+)
create mode 100644 hosts/bielefeld4
diff --git a/hosts/bielefeld4 b/hosts/bielefeld4
new file mode 100644
index 0000000..1a60112
--- /dev/null
+++ b/hosts/bielefeld4
@@ -0,0 +1,12 @@
+Address = vpn4.freifunk-bielefeld.de
+Port = 655
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAvOJHnI0VCn4ZOVitzitHPHpxHesW4TYf7QafYU6ClQy/Sy9WN5Eg
+lrfszpwZmzABnJZ7T7BQN8j91neKwzj10qr6ppLCDavP0nqQ0CJ+Bg7SCc6HJbsQ
+aDTU1lvNcGKKPD+KchSNxUkOBZjZavVw01taztEnYy6hUy/ml8vdLTUjBBPMUQ0+
+rTe5m/rjPim5J4Eo56kRoJ2TQ3bRNZwTAgV07NAosO5V1qUncPoYsMmS6RrbBVxj
+q7UOEyegBrsFF0F5tdK/itvZIWD2T/0DlDUqoPmfh2j+urbzYwAw9VBc1+4DByfS
+Unn0cQ8AccXTDtMWQVOrLxIhm0JCmiDi6wIDAQAB
+-----END RSA PUBLIC KEY-----
+
From 732d013b39760e229cd42f7fa71d249938f1754a Mon Sep 17 00:00:00 2001
From: bodems <bodems@wopr>
Date: Sat, 14 Mar 2015 19:47:14 +0000
Subject: [PATCH 26/42] removed bielefeld2
---
hosts/bielefeld2 | 10 ----------
1 file changed, 10 deletions(-)
delete mode 100644 hosts/bielefeld2
diff --git a/hosts/bielefeld2 b/hosts/bielefeld2
deleted file mode 100644
index af6ab59..0000000
--- a/hosts/bielefeld2
+++ /dev/null
@@ -1,10 +0,0 @@
-Address = vpn2.freifunk-bielefeld.de
-
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEAuNUlmNeftDUvk7FAJFvX7XwI9CYnEpdU7TD3waeE6ZbU1mSW0d+n
-9MUArA1iprh9UlPchGrkluIV6lX1XaVYzeXy4HVtf5nLUBssCnbBN8T1PE2qD0rS
-pYKQEc/C1fuGLx07uzKHpz9PufOZQrmiRzoAciZBRZ0y16wtkO5aKV+cHawnnaP2
-rzKeNIKq+XvusalDf0gftr0znivFeHZk7C2XzZ27HjJGcZM8k/xtMiCfMVo6NpZX
-s9hkCrbT6vKtTVWCdAMcZAk0taF8eTPxkRoMMADExeXcoQXIxazvfdV0z+ou/2it
-5X3PohGtF70ZoT98OT2s3xETCea1JyOyDQIDAQAB
------END RSA PUBLIC KEY-----
From 17b07bf03ea219eb0dbf237464994178058e6d0c Mon Sep 17 00:00:00 2001
From: Martin Weinelt <mweinelt@gmail.com>
Date: Sun, 15 Mar 2015 01:33:38 +0100
Subject: [PATCH 27/42] Update darmstadt1, darmstadt2
---
hosts/darmstadt1 | 2 +-
hosts/darmstadt2 | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hosts/darmstadt1 b/hosts/darmstadt1
index a0d26c8..f843846 100644
--- a/hosts/darmstadt1
+++ b/hosts/darmstadt1
@@ -1,4 +1,4 @@
-Address = gw01.icvpn.darmstadt.freifunk.net
+Address = gw03.darmstadt.freifunk.net
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAsFBR3wzdRoFXDy38HQtlYDKHvsbY99fUkPZXxg5v3dBGIfWDWMBR
diff --git a/hosts/darmstadt2 b/hosts/darmstadt2
index 80e3f39..535dcf9 100644
--- a/hosts/darmstadt2
+++ b/hosts/darmstadt2
@@ -1,4 +1,4 @@
-Address = gw02.icvpn.darmstadt.freifunk.net
+Address = gw04.darmstadt.freifunk.net
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAuohUruR8enzVN1IswdzMuf8f3rY2HOK/yByItBcMHM9b4HMe6Jt6
From 65fa913eab19e3af317d32ac47dcd792c48c5844 Mon Sep 17 00:00:00 2001
From: root-user <me@mortzu.de>
Date: Sat, 21 Mar 2015 16:44:43 +0100
Subject: [PATCH 28/42] Add bremen3
---
hosts/bremen3 | 11 +++++++++++
1 file changed, 11 insertions(+)
create mode 100644 hosts/bremen3
diff --git a/hosts/bremen3 b/hosts/bremen3
new file mode 100644
index 0000000..10efae0
--- /dev/null
+++ b/hosts/bremen3
@@ -0,0 +1,11 @@
+Address = vpn03.bremen.freifunk.net
+Port = 656
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAr7aAgyRdDjTjJyUhHaPd8aZIybNvi+paDKwkRJFUEHybsSsZs8pl
+mJl+wFFn3sW3y6R7th1iVSqHDU85KYpy7CemKcHRo0VVl0OayToKQGUc9wuUkjM2
+XIpZ6WxJ2+B918780dFA5esdeigSTXnKABt80wllLmBumiumj6fGQnzXOFMfyWSI
+TlpW77EQqZY3uXGlZjbzmCbzmspbldHZKwUBr1f8GW6pdeMzEeptg/5nVLLu0rG+
+o+rXQuU2GxJXd6OwrIWEzLCpxbRNqZ6Xo2o1U4Mc3vrKv7yQ61xY/hYB7BLU89Dz
+tTNXWxy4cm/xYdxmCBStzWGwNRndqNY7fwIDAQAB
+-----END RSA PUBLIC KEY-----
From 3d07e8648902313c08cd1577db24de36439de3a9 Mon Sep 17 00:00:00 2001
From: paalsteek <github@paalsteek.de>
Date: Sat, 21 Mar 2015 23:09:48 +0100
Subject: [PATCH 29/42] add westpfalz2
---
hosts/westpfalz2 | 11 +++++++++++
1 file changed, 11 insertions(+)
create mode 100644 hosts/westpfalz2
diff --git a/hosts/westpfalz2 b/hosts/westpfalz2
new file mode 100644
index 0000000..68605b8
--- /dev/null
+++ b/hosts/westpfalz2
@@ -0,0 +1,11 @@
+Address = gw02.freifunk-westpfalz.de
+Port = 656
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAvBxfjw2x1RB9nlypB0uXbb0Ad+bsPA3lVPUTiqf1jp9J7mq3SzQr
+8XXbXSfYENjyLw6rif/7fYvnZsV9Pn+pj+sw7Hwj4JKyloNmLGe26youx+Ik3YXj
+kvmPAF+6SShVAv4TEbOeqVNMggksXevJawPdR9lUrdu86uT49ncAWh29x9LBtLM7
+ZzxacAn/ysIsH8oY+niFT0xTysLD0mxbvWuSrXjFaL4zTtGyT1jOvLyTvkpE10OK
+bVid5JGlkK8+NWFC6pruy1UR0j3+OZ7lsiQsEFrBcj08Dot/msXlvYjcDVtCVFMU
+/SAolG+xq5Olg8dOql4E64N5yoLp7wbTRwIDAQAB
+-----END RSA PUBLIC KEY-----
From 7e72c4403f12cdc5bf01b70f4884b1320d31bc84 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <mweinelt@gmail.com>
Date: Sun, 22 Mar 2015 17:10:02 +0100
Subject: [PATCH 30/42] darmstadt: update to ipv4 only hostnames for now
---
hosts/darmstadt1 | 2 +-
hosts/darmstadt2 | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hosts/darmstadt1 b/hosts/darmstadt1
index f843846..813f3c5 100644
--- a/hosts/darmstadt1
+++ b/hosts/darmstadt1
@@ -1,4 +1,4 @@
-Address = gw03.darmstadt.freifunk.net
+Address = ip4.gw03.darmstadt.freifunk.net
-----BEGIN RSA PUBLIC KEY-----
MIICCgKCAgEAsFBR3wzdRoFXDy38HQtlYDKHvsbY99fUkPZXxg5v3dBGIfWDWMBR
diff --git a/hosts/darmstadt2 b/hosts/darmstadt2
index 535dcf9..c854b1b 100644
--- a/hosts/darmstadt2
+++ b/hosts/darmstadt2
@@ -1,4 +1,4 @@
-Address = gw04.darmstadt.freifunk.net
+Address = ip4.gw04.darmstadt.freifunk.net
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAuohUruR8enzVN1IswdzMuf8f3rY2HOK/yByItBcMHM9b4HMe6Jt6
From 6fe2c149766d1c95190f4be2bba27374cfaad103 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <mweinelt@gmail.com>
Date: Sun, 22 Mar 2015 17:57:14 +0100
Subject: [PATCH 31/42] check: be more verbose
---
scripts/check | 50 +++++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 45 insertions(+), 5 deletions(-)
diff --git a/scripts/check b/scripts/check
index 629a5aa..dc7235b 100755
--- a/scripts/check
+++ b/scripts/check
@@ -7,9 +7,28 @@ import subprocess
import nmap
from optparse import OptionParser
+ip4, ip6 = 0, 0
+
+
+ANSI_COLOR_ERR = "\x1b[31m"
+ANSI_COLOR_WARN = "\x1b[33m"
+ANSI_COLOR_OK = "\x1b[32m"
+ANSI_COLOR_RESET = "\x1b[0m"
+
def error(*arg):
- print(*arg, file=sys.stderr)
+ print(ANSI_COLOR_ERR, *arg, file=sys.stderr,
+ end='%s\n' % ANSI_COLOR_RESET)
+
+
+def warn(*arg):
+ print(ANSI_COLOR_WARN, *arg, file=sys.stderr,
+ end='%s\n' % ANSI_COLOR_RESET)
+
+
+def ok(*arg):
+ print(ANSI_COLOR_OK, *arg, file=sys.stderr,
+ end='%s\n' % ANSI_COLOR_RESET)
def check_host_lookup(hostname, port):
@@ -32,11 +51,13 @@ def check_icmp_reachability(gai_record):
stdout=subprocess.PIPE)
child.communicate()
if child.returncode:
- error(" - {host} is icmp unreachable".format(host=host))
+ error("{host} is icmp unreachable".format(host=host))
return True if child.returncode == 0 else False
def check_udp_reachability(gai_record):
+ global ip4, ip6
+
host, port = gai_record[4][:2]
family = gai_record[0]
@@ -50,8 +71,17 @@ def check_udp_reachability(gai_record):
state = result['scan'][host]['udp'][port]['state']
if state == 'closed':
- print(" - {host} port {port}/udp is {state}"
+ error("{host} port {port}/udp is {state}"
.format(host=host, port=port, state=state))
+ else:
+ ok("{host} port {port}/udp is {state}"
+ .format(host=host, port=port, state=state))
+
+ if family is socket.AddressFamily.AF_INET:
+ ip4 += 1
+ else:
+ ip6 += 1
+
return False if state == 'closed' else True
@@ -114,9 +144,16 @@ def get_hosts_data(srcdir):
def do_checks(srcdir):
+ global ip4, ip6
+
errcnt = 0
+ warncnt = 0
+
for host in get_hosts_data(srcdir):
print("Checking {community}".format(community=host['community']))
+ if not host['addresses']:
+ warn("no addresses specified")
+ warncnt += 1
for address in host['addresses']:
host, port = address
@@ -126,7 +163,7 @@ def do_checks(srcdir):
errcnt += 1
else:
for record in records:
- if record[1] is not socket.SocketType.SOCK_DGRAM:
+ if record[1] is not socket.SOCK_DGRAM:
# vpn connections are udp based, so skip
# everything else
continue
@@ -138,7 +175,10 @@ def do_checks(srcdir):
if not port_state:
errcnt += 1
- print("{errcnt} errors".format(errcnt=errcnt))
+ print("\nfound {}/{} working ipv4/ipv6 peers".format(ip4, ip6))
+
+ error("{} errors".format(errcnt))
+ warn("{} warnings".format(warncnt))
return 0 if errcnt == 0 else 1
From 1dfac5a953e3f3c24b714590c2e8e65c522651c9 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Mon, 23 Mar 2015 15:41:36 +0100
Subject: [PATCH 32/42] Rename bremen3 -> bremen1
---
hosts/bremen1 | 17 ++++++++---------
hosts/bremen3 | 11 -----------
2 files changed, 8 insertions(+), 20 deletions(-)
delete mode 100644 hosts/bremen3
diff --git a/hosts/bremen1 b/hosts/bremen1
index 25b6df6..31916c3 100644
--- a/hosts/bremen1
+++ b/hosts/bremen1
@@ -1,12 +1,11 @@
Address = vpn01.bremen.freifunk.net
Port = 656
------BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2FfayKB0nuggl/B9Lff
-lLAWf92KPDtmJt6un1nRylX99n1yTatnnzW9r4dv7oDKJVEGxOe9d17CIg0l/lQQ
-UDC0sBJmB+JLQE8INHASQPcRbQVvlRrq+jVSUbpezA8H4W/FDc0kyERJG4zHAW4b
-Om0c8ndFZBU2eMXTyaeFZ5gi6AETZ+GAOt3BGP3lhzVMIotnSf5Mm1q5EOejjlND
-dsz3Fsn3ScWgVeUCjwWK1xs/jg5+pa90he/eqO+DmihxDA0006YBnQcA0kiprjK2
-k6Jo8J1KWD8G3m0XvWOu9z15WAKvkNSw96h28eGefsgQP+XEpEE9aWGcbuj88ycK
-dwIDAQAB
------END PUBLIC KEY-----
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAr7aAgyRdDjTjJyUhHaPd8aZIybNvi+paDKwkRJFUEHybsSsZs8pl
+mJl+wFFn3sW3y6R7th1iVSqHDU85KYpy7CemKcHRo0VVl0OayToKQGUc9wuUkjM2
+XIpZ6WxJ2+B918780dFA5esdeigSTXnKABt80wllLmBumiumj6fGQnzXOFMfyWSI
+TlpW77EQqZY3uXGlZjbzmCbzmspbldHZKwUBr1f8GW6pdeMzEeptg/5nVLLu0rG+
+o+rXQuU2GxJXd6OwrIWEzLCpxbRNqZ6Xo2o1U4Mc3vrKv7yQ61xY/hYB7BLU89Dz
+tTNXWxy4cm/xYdxmCBStzWGwNRndqNY7fwIDAQAB
+-----END RSA PUBLIC KEY-----
diff --git a/hosts/bremen3 b/hosts/bremen3
deleted file mode 100644
index 10efae0..0000000
--- a/hosts/bremen3
+++ /dev/null
@@ -1,11 +0,0 @@
-Address = vpn03.bremen.freifunk.net
-Port = 656
-
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEAr7aAgyRdDjTjJyUhHaPd8aZIybNvi+paDKwkRJFUEHybsSsZs8pl
-mJl+wFFn3sW3y6R7th1iVSqHDU85KYpy7CemKcHRo0VVl0OayToKQGUc9wuUkjM2
-XIpZ6WxJ2+B918780dFA5esdeigSTXnKABt80wllLmBumiumj6fGQnzXOFMfyWSI
-TlpW77EQqZY3uXGlZjbzmCbzmspbldHZKwUBr1f8GW6pdeMzEeptg/5nVLLu0rG+
-o+rXQuU2GxJXd6OwrIWEzLCpxbRNqZ6Xo2o1U4Mc3vrKv7yQ61xY/hYB7BLU89Dz
-tTNXWxy4cm/xYdxmCBStzWGwNRndqNY7fwIDAQAB
------END RSA PUBLIC KEY-----
From fa01d2091520a8edfa28602a04a38217f7997922 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Mon, 23 Mar 2015 18:27:14 +0100
Subject: [PATCH 33/42] Add bremen3 (again)
---
hosts/bremen3 | 11 +++++++++++
1 file changed, 11 insertions(+)
create mode 100644 hosts/bremen3
diff --git a/hosts/bremen3 b/hosts/bremen3
new file mode 100644
index 0000000..c9c4369
--- /dev/null
+++ b/hosts/bremen3
@@ -0,0 +1,11 @@
+Address = vpn03.bremen.freifunk.net
+Port = 656
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAxWLy8tG8W3nV3o7fsm/oD+XwFW2qgGNRDRDiTPGmBNrHVGVCH8cI
+s2Gpeu226x803dukxmrKXZskLBf5oCWxtI5wrxhkiIrb21RkODrMzQcKvOJ3pOGk
+7GekS8WvhxuMAJEKnWiJIS9T3kcGUTMIETSvlWeG/SWkpVr2oFjD87LX+WDCOW/d
+arHyu8xH4XpVaDeKwUHlDz3/QQjI4bOa2UvqmebkdkhX/uWd/hNTdpzUYwghPtPx
+VNlKqeh+NSibYuep/VSoxFx8UHFu083nB2gNTF+b4apjB/4d2iFUMM/Mpgi+lYQ1
+8ksoTu8C3e8KFhp4oP3GLlRuQ2QY+o4RpQIDAQAB
+-----END RSA PUBLIC KEY-----
From 5652fb4a35568827fc12aaa5841aaff3a6d78215 Mon Sep 17 00:00:00 2001
From: 020 Wireless <wireless-amsterdam@lists.puscii.nl>
Date: Sun, 28 Dec 2014 21:34:14 +0000
Subject: [PATCH 34/42] Adding amsterdam node
---
hosts/amsterdam1 | 9 +++++++++
1 file changed, 9 insertions(+)
create mode 100644 hosts/amsterdam1
diff --git a/hosts/amsterdam1 b/hosts/amsterdam1
new file mode 100644
index 0000000..a152aa4
--- /dev/null
+++ b/hosts/amsterdam1
@@ -0,0 +1,9 @@
+address = 195.169.146.33
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAuksyHS3OGQUUS7hVItJZGHK/RDeOzuSyqmi7jbVv+0/IfRLU/mt+
+kz/wMz2O/UDxyR84wmrLTVdt8TYnOaFBrlNdMGz3k2HjbZc0UxZpKxHMYR4US6Ab
+vLApHSxXK44c16wcWDhQB9yHqM3GdMTdbxuKV60qclulHuI9wHkxDtn1qb1dEkbv
+2rF2ldfZnNCZ7ktQ1Pnnkv9lOhT1WK8Ye2Sbl+V7klK7leRfE/eTM5e1KP4Zlf62
+iecoBCzFKCAk3Zw88Sv9IlkVG1ZgO8rdZPH7Bb461XH4W0gO9BANg2/SnW0Hlnyp
+Ye2Bh+oGwQTlxjxN44nKOcornozC8kZUuwIDAQAB
+-----END RSA PUBLIC KEY-----
From 6d59fed131b2bda01f6ae5acb8f517b7502d5449 Mon Sep 17 00:00:00 2001
From: Steffen <email.sd.ipod@gmail.com>
Date: Tue, 7 Apr 2015 13:42:42 +0200
Subject: [PATCH 35/42] Delete ehingen1
Freifunk Ehingen ist nicht mehr aktiv.
---
hosts/ehingen1 | 11 -----------
1 file changed, 11 deletions(-)
delete mode 100644 hosts/ehingen1
diff --git a/hosts/ehingen1 b/hosts/ehingen1
deleted file mode 100644
index 3c7d3ae..0000000
--- a/hosts/ehingen1
+++ /dev/null
@@ -1,11 +0,0 @@
-Address = gw01.freifunk-ehingen.de
-Port = 656
-
------BEGIN RSA PUBLIC KEY-----
-MIIBCgKCAQEAz1zcs2ZgiZRLVXQyqYXKD3+dx7imqN/cmJ6CYoSfxjesslWaS+qG
-29YH+U7qXSDgRyjVtdXdVHIa9dYSKff292H7yzX3LbHPsUEeq5kAAqqieTIsRYoI
-6QeUTYkfSuvkqmAe1zUmC5fcf8BRSu2YUHSWhM5Lu9ulWzXuKYoipnXgqQzVz67w
-3DnYEx/DEAxn4LKagOpUq+l9OzChOtMWeW1/MSCaEhm7VLYaY9YITdhb5U61PB7F
-fdv/77AhRBjL6zfNX6M9ZookKukAz3KHme5EzDYXVA4CiyBN+HMzgCYHbqopOiVZ
-BGjNAeO8FjAkBwn5Os608LOSocOEVz9KDwIDAQAB
------END RSA PUBLIC KEY-----
From b890378640c797c42e9c394c52692220122f8fb1 Mon Sep 17 00:00:00 2001
From: dracoTrier <github@basisbit.de>
Date: Sat, 11 Apr 2015 01:15:04 +0200
Subject: [PATCH 36/42] Add trier2
---
hosts/trier2 | 10 ++++++++++
1 file changed, 10 insertions(+)
create mode 100644 hosts/trier2
diff --git a/hosts/trier2 b/hosts/trier2
new file mode 100644
index 0000000..7cd10b5
--- /dev/null
+++ b/hosts/trier2
@@ -0,0 +1,10 @@
+Address = gw2.freifunk-trier.starletp9.de
+Port = 655
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEAu5IiDnY5Ix54b0fb6HqXM5GggH9TQCPTXqUnKgurPkiOHr+OcMSB
+6LlE3v0N2HJYS+UJmjHZtNd9z4SdhQoft6t1vEM48G9gi0HDJoLvi+ZnEHbW0LdP
+PE5H2gwEzrZ6YAtbFiyM55dVY/5G3fYEF7nrB1ItAkqujUfWoLSVE1q08Gt/MbnK
+7X5rnr8JWquuj2vcn4KBn4YHuLBMNCotNINzDOECqst3CZLUioKoxQenhpyX/ZP0
+A0RNqpf6msFMiRY5+qEhXQYqP7ztc9MaLb5+7dvSePkjR4tEvBEizV5Qxxzpb6FA
+ZnOEZT5UV+Pgx8iyBuyXnHeDB4X4F3gbLwIDAQAB
+-----END RSA PUBLIC KEY-----
From 0dc1fc7be3b9bd764149aa89618d51d94bebe8fb Mon Sep 17 00:00:00 2001
From: Martin Weinelt <mweinelt@gmail.com>
Date: Mon, 13 Apr 2015 02:35:52 +0200
Subject: [PATCH 37/42] post-merge: allow case-insensitive address parameter in
host config
---
scripts/post-merge | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/post-merge b/scripts/post-merge
index 7adba43..1e77b4e 100755
--- a/scripts/post-merge
+++ b/scripts/post-merge
@@ -20,7 +20,7 @@ sed -i '/^ConnectTo/d' $TINCCFG
for HOST in hosts/*; do
# skip hosts without address
- grep -q '^Address' -- "$HOST" || continue
+ grep -iq '^Address' -- "$HOST" || continue
echo "ConnectTo = ${HOST##*/}" >> $TINCCFG
done
From c455a29485e527546e4a26bd0c85cce7759cd24c Mon Sep 17 00:00:00 2001
From: joerg-d <joergd@bitquell.de>
Date: Thu, 16 Apr 2015 08:38:22 +0200
Subject: [PATCH 38/42] Create gw1 of gera-greiz
---
hosts/gera_greiz1 | 11 +++++++++++
1 file changed, 11 insertions(+)
create mode 100644 hosts/gera_greiz1
diff --git a/hosts/gera_greiz1 b/hosts/gera_greiz1
new file mode 100644
index 0000000..cb4c04e
--- /dev/null
+++ b/hosts/gera_greiz1
@@ -0,0 +1,11 @@
+Address = gw1.freifunk-gera-greiz.de
+Port = 10781
+
+-----BEGIN RSA PUBLIC KEY-----
+MIIBCgKCAQEArLhMleQyfCgADO1vPEHK1hTJ8ZW/NljeiFsZcvTHCRKnnfF0AP1S
+XfcviGlQCV3sfhXLdKABe0QZiLeHwbJY2R/n0PJxG/UxfscAKH+vRCa6qA4PqVI7
+CLShMe+E/S66UPvYzYYwBpfLBFYlaMzSz+IhvhiRwoCWgk/0+YfPJt85mFSUHNxN
+XGiBLJBSRGnGi9BFSw+GbrN86lmknV/fnL4uypFw94TJYF0Q7TexgP7aRtFSOciH
+2tDCbzzJh7lmw4XE1Wtz7QWUP/R34zqlOELXlmoilbkTO71y4qlCeTHmaWDOG9/f
+VScV3K/v1mrofNlK35GJzfcOp9ueijIbZwIDAQAB
+-----END RSA PUBLIC KEY-----
From e3247d7cb5862d73ccd0aff51d859ee9b5032443 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <mweinelt@gmail.com>
Date: Sat, 18 Apr 2015 16:34:39 +0200
Subject: [PATCH 39/42] Introduce the concept of metanodes updates the README
file, and makes the post-merge script read the metanodes file instead of the
whole hosts/ directory.
---
README.md | 66 ++++++++++++++++++++++++++++++++++++++++++++--
metanodes | 4 +++
scripts/post-merge | 8 +++---
3 files changed, 72 insertions(+), 6 deletions(-)
create mode 100644 metanodes
diff --git a/README.md b/README.md
index 0929bc1..71de455 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,68 @@
[](https://travis-ci.org/freifunk/icvpn)
-This repository holds IC-VPN keys and configuration.
+This repository contains the tinc hosts for ICVPN-Peers and several helper scripts.
+
+## Setup
+
+This network requires the use of the Tinc VPN Daemon. You should use at least version 1.0.24 or higher, als the
+current pre-release version 1.1pre11 seems to work just fine.
+
+### Clone the repository
+ cd /etc/tinc/
+ git clone https://github.com/freifunk/icvpn.git
+ cd icvpn
+ cp scripts/post-merge .git/hooks/
+
+### Create your tinc configuration
+
+Open your favorite editor and create the /etc/tinc/icvpn/tinc.conf.
+ Name=entenhausen1
+ Mode=switch
+More options can be found through
+ man tinc.conf
+Afterwards create a keypair with tincd.
+ tincd -n icvpn -K
+Hint: In version 1.1 this option was moved to the tinc binary and is called <code>generate-rsa-keys</code>.
+
+### Execute post-merge hook
+
+This step is necessary to populate your new configuration with infos about the metanodes.
+ ./git/hooks/post-merge
+
+### Set up a cronjob to update the repository in regular intervals.
+
+ @daily cd /etc/tinc/icvpn/; git pull > /dev/null
+
+## What are meta nodes?
+
+Tinc has a ConnectTo configuration option that describes which peers on startup to connect *and* sync metadata to.
+
+Until now (2015/4) we had roughly 74 nodes, and every node connected to each other (full mesh). Tinc however
+does not scale this way, because on each connect and disconnect all ConnectTo-lines are being notified of this
+and then notify their neighbours again. Many smaller nodes seemingly could not handle the amount of metadata generated
+by this which resulted in TCP Zero Windows. They then disconnected, and reconnected, producing more metadata in
+the process, which was followed by even larger nodes queueing up metadata, which resulted in all nodes taking
+a massive cpu and memory hit. Memory usage of up to 1.5GB was spotted, accumulated in less than 12 hours.
+
+However for tinc to build its network graph it is sufficient, if all nodes only exchange metadata at a few nodes,
+which results in much less strain on the whole network. This is why we now use meta nodes, which are defined in
+the `./metanodes` file.
+
+Criteria for the selection of meta nodes are:
+1) autonomous system diversity
+2) community diversity
+3) ample resources (cpu, memory, traffic)
+
+When data needs to be transferd between two nodes, this will happen indepently of those meta nodes. Through the shared
+network graph a direct transfer is possible and will be tried: at first via UDP, then via TCP, then indirectly. While
+indirect routing is possible the meta nodes are not required to provide forwarding for those packets.
+
+## Contact
+
+The maintainers can be reached at
+- [icvpn@lists.funkfeuer.at](mailto:icvpn@lists.funkfeuer.at)
+- [irc.hackint.org #icvpn](irc://irc.hackint.org/icvpn)
+
+We have set up IRC notifications for all repositories concerning the icvpn network.
-For more Info see http://wiki.freifunk.net/IC-VPN
diff --git a/metanodes b/metanodes
new file mode 100644
index 0000000..5adfa0f
--- /dev/null
+++ b/metanodes
@@ -0,0 +1,4 @@
+berlin2
+darmstadt2
+luebeck2
+trier1
diff --git a/scripts/post-merge b/scripts/post-merge
index 1e77b4e..b70396a 100755
--- a/scripts/post-merge
+++ b/scripts/post-merge
@@ -18,12 +18,12 @@ test -w $TINCCFG || fail "ERR: $TINCCFG is not writeable"
sed -i '/^ConnectTo/d' $TINCCFG
-for HOST in hosts/*; do
+while read HOST; do
# skip hosts without address
- grep -iq '^Address' -- "$HOST" || continue
+ grep -iq '^Address' -- hosts/"$HOST" || continue
- echo "ConnectTo = ${HOST##*/}" >> $TINCCFG
-done
+ echo "ConnectTo = $HOST" >> $TINCCFG
+done < metanodes
/usr/sbin/invoke-rc.d tinc reload icvpn
From 51582c31858f543baf74b8472463d052501c83cc Mon Sep 17 00:00:00 2001
From: hexa- <mweinelt@users.noreply.github.com>
Date: Sat, 18 Apr 2015 16:43:09 +0200
Subject: [PATCH 40/42] README.md: fix formatting
---
README.md | 31 +++++++++++++++++++------------
1 file changed, 19 insertions(+), 12 deletions(-)
diff --git a/README.md b/README.md
index 71de455..7849425 100644
--- a/README.md
+++ b/README.md
@@ -4,33 +4,39 @@ This repository contains the tinc hosts for ICVPN-Peers and several helper scrip
## Setup
-This network requires the use of the Tinc VPN Daemon. You should use at least version 1.0.24 or higher, als the
+This network requires the use of the Tinc VPN Daemon. You should use at least version 1.0.24 or higher, also the
current pre-release version 1.1pre11 seems to work just fine.
### Clone the repository
- cd /etc/tinc/
- git clone https://github.com/freifunk/icvpn.git
- cd icvpn
- cp scripts/post-merge .git/hooks/
+ # cd /etc/tinc/
+ # git clone https://github.com/freifunk/icvpn.git
+ # cd icvpn
+ # cp scripts/post-merge .git/hooks/
### Create your tinc configuration
Open your favorite editor and create the /etc/tinc/icvpn/tinc.conf.
+
Name=entenhausen1
Mode=switch
More options can be found through
- man tinc.conf
+
+ # man tinc.conf
Afterwards create a keypair with tincd.
- tincd -n icvpn -K
+
+ # tincd -n icvpn -K
Hint: In version 1.1 this option was moved to the tinc binary and is called <code>generate-rsa-keys</code>.
### Execute post-merge hook
-
This step is necessary to populate your new configuration with infos about the metanodes.
- ./git/hooks/post-merge
+
+ # ./git/hooks/post-merge
### Set up a cronjob to update the repository in regular intervals.
+ # crontab -e
+and insert for example
+
@daily cd /etc/tinc/icvpn/; git pull > /dev/null
## What are meta nodes?
@@ -49,9 +55,10 @@ which results in much less strain on the whole network. This is why we now use m
the `./metanodes` file.
Criteria for the selection of meta nodes are:
-1) autonomous system diversity
-2) community diversity
-3) ample resources (cpu, memory, traffic)
+
+1. autonomous system diversity
+2. community diversity
+3. ample resources (cpu, memory, traffic)
When data needs to be transferd between two nodes, this will happen indepently of those meta nodes. Through the shared
network graph a direct transfer is possible and will be tried: at first via UDP, then via TCP, then indirectly. While
From 98d313a675e36e00afcb389f4730baeb67bee983 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <mweinelt@gmail.com>
Date: Sat, 18 Apr 2015 16:57:24 +0200
Subject: [PATCH 41/42] darmstadt: reenable dual-stack with tinc1.1
---
hosts/darmstadt2 | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hosts/darmstadt2 b/hosts/darmstadt2
index c854b1b..535dcf9 100644
--- a/hosts/darmstadt2
+++ b/hosts/darmstadt2
@@ -1,4 +1,4 @@
-Address = ip4.gw04.darmstadt.freifunk.net
+Address = gw04.darmstadt.freifunk.net
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEAuohUruR8enzVN1IswdzMuf8f3rY2HOK/yByItBcMHM9b4HMe6Jt6
From 5f3104f10b8e4beab0488ed813dfbb4616c31127 Mon Sep 17 00:00:00 2001
From: ohrensessel <git@ohrensessel.net>
Date: Mon, 20 Apr 2015 09:29:01 +0200
Subject: [PATCH 42/42] hamburg: remove Port= lines, make hamburg02 reachable
again
---
hosts/hamburg01 | 1 -
hosts/hamburg02 | 3 +--
hosts/hamburg03 | 1 -
3 files changed, 1 insertion(+), 4 deletions(-)
diff --git a/hosts/hamburg01 b/hosts/hamburg01
index 4e6e83d..f339aa0 100644
--- a/hosts/hamburg01
+++ b/hosts/hamburg01
@@ -1,5 +1,4 @@
Address = 01.icvpn.hamburg.freifunk.net
-Port = 656
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA3IbMWLjnM3S4HsFfKvhJdg9TYRPnzxRyL2CaL5KtcCTu8mMMOeCX
diff --git a/hosts/hamburg02 b/hosts/hamburg02
index b282957..bbbad9d 100644
--- a/hosts/hamburg02
+++ b/hosts/hamburg02
@@ -1,5 +1,4 @@
-# Address = 02.icvpn.hamburg.freifunk.net
-# Port = 656
+Address = 02.icvpn.hamburg.freifunk.net
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEApyg+KLP9XfIwOIgBHjbGgt0l5ve+/O1Mec3ed/d0q6Bh+oTkJxOn
diff --git a/hosts/hamburg03 b/hosts/hamburg03
index 854bc9d..36fe0e5 100644
--- a/hosts/hamburg03
+++ b/hosts/hamburg03
@@ -1,5 +1,4 @@
Address = 03.icvpn.hamburg.freifunk.net
-Port = 656
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEApitk4y7bZ8yI5U7pY87C8OdHMiYMQbMfd8KmttVhCFHaXgpbp6L5