Commit d868f09a authored by Killian Lufau's avatar Killian Lufau Committed by Julien Muchembled

demo: add another re6st network

The purpose is to check that HMAC prevents routes from being exchanged
between the 2 networks. This happened when 2 nodes of 2 different re6st
networks are in the same LAN, and it caused many issues.

/reviewed-on nexedi/re6stnet!15
parent 296762dd
......@@ -2,31 +2,45 @@
import argparse, math, nemu, os, re, signal
import socket, subprocess, sys, time, weakref
from collections import defaultdict
from contextlib import contextmanager
IPTABLES = 'iptables'
SCREEN = 'screen'
VERBOSE = 4
REGISTRY='10.0.0.2'
REGISTRY = '10.0.0.2'
REGISTRY2 = '10.3.0.2'
REGISTRY_SERIAL = '0x120010db80042'
REGISTRY2_SERIAL = '0x120010db80043'
CA_DAYS = 1000
# Quick check to avoid wasting time if there is an error.
with open(os.devnull, "wb") as f:
for x in 're6stnet', 're6st-conf', 're6st-registry':
subprocess.check_call(('./py', x, '--help'), stdout=f)
# registry
# |.2
# |10.0.0
# |.1
#
# Underlying network:
#
# registry .2------ ------.2 registry2
# | |
# 10.0.0| |10.3.0
# .1 | |.1
# ---------------Internet----------------
# |.1 |.1 |.1
# |10.1.0 |10.2.0 |
# |.2 |.2 |
# gateway1 gateway2 s3:10.0.1
# |.1 |.1 |.2 |.3 |.4
# s1:10.1.1 s2:10.2.1 m6 m7 m8
# |.2 |.3 |.2 |.3 |.4 |
# m1 m2 m3 m4 m5 m9
# s1:10.1.1 --s2:10.2.1-- m6 m7 m8
# |.2 |.3 |.2 |.3 |.4 |.5 |
# m1 m2 m3 m4 m5 m10 m9
#
# Overlay re6st network:
# 2001:db8::1
# registry--------internet-------registry2
# |::1 ::1|
# |2001:db8:42 2001:db8:43|
# :1:: :3:: |:5:: :7:: :1::1|
# m1-m2-m3-m4-m5-m6-m7-m8 m10
# :2:: :4:: :6:: :8::
def disable_signal_on_children(sig):
pid = os.getpid()
......@@ -62,6 +76,7 @@ for name in """internet=I registry=R
gateway1=g1 machine1=1 machine2=2
gateway2=g2 machine3=3 machine4=4 machine5=5
machine6=6 machine7=7 machine8=8 machine9=9
registry2=R2 machine10=10
""".split():
name, short = name.split('=')
globals()[name] = node = nemu.Node()
......@@ -85,6 +100,7 @@ re_if_0, in_if_0 = nemu.P2PInterface.create_pair(registry, internet)
in_if_1, g1_if_0 = nemu.P2PInterface.create_pair(internet, gateway1)
in_if_2, g2_if_0 = nemu.P2PInterface.create_pair(internet, gateway2)
m6_if_1, m9_if_0 = nemu.P2PInterface.create_pair(machine6, machine9)
r2_if_0, in_if_4 = nemu.P2PInterface.create_pair(registry2, internet)
g1_if_0_name = g1_if_0.name
gateway1.Popen((IPTABLES, '-t', 'nat', '-A', 'POSTROUTING', '-o', g1_if_0_name, '-j', 'MASQUERADE')).wait()
......@@ -92,6 +108,8 @@ gateway1.Popen((IPTABLES, '-t', 'nat', '-N', 'MINIUPNPD')).wait()
gateway1.Popen((IPTABLES, '-t', 'nat', '-A', 'PREROUTING', '-i', g1_if_0_name, '-j', 'MINIUPNPD')).wait()
gateway1.Popen((IPTABLES, '-N', 'MINIUPNPD')).wait()
machine9.Popen(('sysctl', 'net.ipv6.conf.%s.accept_ra=2' % m9_if_0.name)).wait()
# Enable forwarding for communication between registry and registry2
internet.Popen(('sysctl', '-q', 'net.ipv6.conf.all.forwarding=1')).wait()
in_if_3 = nemu.NodeInterface(internet)
g1_if_1 = nemu.NodeInterface(gateway1)
......@@ -104,6 +122,7 @@ m5_if_0 = nemu.NodeInterface(machine5)
m6_if_0 = nemu.NodeInterface(machine6)
m7_if_0 = nemu.NodeInterface(machine7)
m8_if_0 = nemu.NodeInterface(machine8)
m10_if_0 = nemu.NodeInterface(machine10)
# connect to switch
switch1.connect(g1_if_1)
......@@ -114,6 +133,7 @@ switch2.connect(g2_if_1)
switch2.connect(m3_if_0)
switch2.connect(m4_if_0)
switch2.connect(m5_if_0)
switch2.connect(m10_if_0)
switch3.connect(in_if_3)
switch3.connect(m6_if_0)
......@@ -123,10 +143,13 @@ switch3.connect(m8_if_0)
# setting everything up
switch1.up = switch2.up = switch3.up = True
re_if_0.up = in_if_0.up = in_if_1.up = g1_if_0.up = in_if_2.up = g2_if_0.up = True
in_if_3.up = g1_if_1.up = g2_if_1.up = m1_if_0.up = m2_if_0.up = m3_if_0.up = m4_if_0.up = m5_if_0.up = m6_if_0.up = m6_if_1.up = m7_if_0.up = m8_if_0.up = m9_if_0.up = True
in_if_3.up = g1_if_1.up = g2_if_1.up = m1_if_0.up = m2_if_0.up = m3_if_0.up = True
m4_if_0.up = m5_if_0.up = m6_if_0.up = m6_if_1.up = m7_if_0.up = m8_if_0.up = True
m9_if_0.up = m10_if_0.up = in_if_4.up = r2_if_0.up = True
# Add IPv4 addresses
re_if_0.add_v4_address(address=REGISTRY, prefix_len=24)
r2_if_0.add_v4_address(address=REGISTRY2, prefix_len=24)
in_if_0.add_v4_address(address='10.0.0.1', prefix_len=24)
in_if_1.add_v4_address(address='10.1.0.1', prefix_len=24)
in_if_2.add_v4_address(address='10.2.0.1', prefix_len=24)
......@@ -141,10 +164,12 @@ m2_if_0.add_v4_address(address='10.1.1.3', prefix_len=24)
m3_if_0.add_v4_address(address='10.2.1.2', prefix_len=24)
m4_if_0.add_v4_address(address='10.2.1.3', prefix_len=24)
m5_if_0.add_v4_address(address='10.2.1.4', prefix_len=24)
m10_if_0.add_v4_address(address='10.2.1.5', prefix_len=24)
m6_if_0.add_v4_address(address='10.0.1.2', prefix_len=24)
m7_if_0.add_v4_address(address='10.0.1.3', prefix_len=24)
m8_if_0.add_v4_address(address='10.0.1.4', prefix_len=24)
m6_if_1.add_v4_address(address='192.168.241.1', prefix_len=24)
in_if_4.add_v4_address(address='10.3.0.1', prefix_len=24)
# Add IPv6 addresses to test UDP6 between m8 and m6/m7
m6_if_0.add_v6_address(address='fc42:6::1', prefix_len=16)
......@@ -160,14 +185,17 @@ def add_llrtr(iface, peer, dst='default'):
# setup routes
add_llrtr(re_if_0, in_if_0)
add_llrtr(r2_if_0, in_if_4)
add_llrtr(in_if_0, re_if_0, '2001:db8:42::/48')
add_llrtr(in_if_4, r2_if_0, '2001:db8:43::/48')
registry.add_route(prefix='10.0.0.0', prefix_len=8, nexthop='10.0.0.1')
registry2.add_route(prefix='10.0.0.0', prefix_len=8, nexthop='10.3.0.1')
internet.add_route(prefix='10.2.0.0', prefix_len=16, nexthop='10.2.0.2')
gateway1.add_route(prefix='10.0.0.0', prefix_len=8, nexthop='10.1.0.1')
gateway2.add_route(prefix='10.0.0.0', prefix_len=8, nexthop='10.2.0.1')
for m in machine1, machine2:
m.add_route(nexthop='10.1.1.1')
for m in machine3, machine4, machine5:
for m in machine3, machine4, machine5, machine10:
m.add_route(prefix='10.0.0.0', prefix_len=8, nexthop='10.2.1.1')
for m in machine6, machine7, machine8:
m.add_route(prefix='10.0.0.0', prefix_len=8, nexthop='10.0.1.1')
......@@ -185,22 +213,24 @@ else:
nodes = []
gateway1.screen('miniupnpd -d -f miniupnpd.conf -P miniupnpd.pid'
' -a %s -i %s' % (g1_if_1.name, g1_if_0_name))
if 1:
@contextmanager
def new_network(registry, reg_addr, serial, ca):
from OpenSSL import crypto
import hashlib, sqlite3
os.path.exists('ca.crt') or subprocess.check_call(
"openssl req -nodes -new -x509 -key registry/ca.key -out ca.crt"
os.path.exists(ca) or subprocess.check_call(
"openssl req -nodes -new -x509 -key %s/ca.key -out %s"
" -subj /CN=re6st.example.com/emailAddress=re6st@example.com"
" -set_serial 0x120010db80042 -days %u" % CA_DAYS, shell=True)
with open('ca.crt') as f:
ca = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
" -set_serial %s -days %u"
% (registry.name, ca, serial, CA_DAYS), shell=True)
with open(ca) as f:
cert = crypto.load_certificate(crypto.FILETYPE_PEM, f.read())
fingerprint = "sha256:" + hashlib.sha256(
crypto.dump_certificate(crypto.FILETYPE_ASN1, ca)).hexdigest()
db_path = 'registry/registry.db'
registry.screen('./py re6st-registry @registry/re6st-registry.conf'
' --db %s --mailhost %s -v%u'
% (db_path, os.path.abspath('mbox'), VERBOSE))
registry_url = 'http://%s/' % REGISTRY
crypto.dump_certificate(crypto.FILETYPE_ASN1, cert)).hexdigest()
db_path = "%s/registry.db" % registry.name
registry.screen("./py re6st-registry @%s/re6st-registry.conf"
" --db %s --mailhost %s -v%u"
% (registry.name, db_path, os.path.abspath('mbox'), VERBOSE))
registry_url = 'http://%s/' % reg_addr
registry.Popen(('python', '-c', """if 1:
import socket, time
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
......@@ -212,7 +242,7 @@ if 1:
time.sleep(.1)
""")).wait()
db = sqlite3.connect(db_path, isolation_level=None)
def re6stnet(node, folder, args='', prefix_len=None, registry=registry_url):
def new_node(node, folder, args='', prefix_len=None, registry=registry_url):
nodes.append(node)
if not os.path.exists(folder + '/cert.crt'):
dh_path = folder + '/dh2048.pem'
......@@ -236,27 +266,35 @@ if 1:
node.screen('./py re6stnet @%s/re6stnet.conf -v%u --registry %s'
' --console %s/run/console.sock %s' % (
folder, VERBOSE, registry, folder, args))
re6stnet(registry, 'registry', '--ip ' + REGISTRY, registry='http://localhost/')
re6stnet(machine1, 'm1', '-I%s' % m1_if_0.name)
re6stnet(machine2, 'm2', '--remote-gateway 10.1.1.1', prefix_len=80)
re6stnet(machine3, 'm3', '-i%s' % m3_if_0.name)
re6stnet(machine4, 'm4', '-i%s' % m4_if_0.name)
re6stnet(machine5, 'm5', '-i%s' % m5_if_0.name)
re6stnet(machine6, 'm6', '-I%s' % m6_if_1.name)
re6stnet(machine7, 'm7')
re6stnet(machine8, 'm8')
new_node(registry, registry.name, '--ip ' + reg_addr, registry='http://localhost/')
yield new_node
db.close()
with new_network(registry, REGISTRY, REGISTRY_SERIAL, 'ca.crt') as new_node:
new_node(machine1, 'm1', '-I%s' % m1_if_0.name)
new_node(machine2, 'm2', '--remote-gateway 10.1.1.1', prefix_len=80)
new_node(machine3, 'm3', '-i%s' % m3_if_0.name)
new_node(machine4, 'm4', '-i%s' % m4_if_0.name)
new_node(machine5, 'm5', '-i%s' % m5_if_0.name)
new_node(machine6, 'm6', '-I%s' % m6_if_1.name)
new_node(machine7, 'm7')
new_node(machine8, 'm8')
with new_network(registry2, REGISTRY2, REGISTRY2_SERIAL, 'ca2.crt') as new_node:
new_node(machine10, 'm10', '-i%s' % m10_if_0.name)
if args.ping:
for j, machine in enumerate(nodes):
ips = [
'2001:db8:42::1' if i == 0 else
'2001:db8:42:2::' if i == 2 else
'2001:db8:43::1' if i == 9 else
'2001:db8:43:1::1' if i == 10 else
# Only 1 address for machine2 because prefix_len = 80,+48 = 128
'2001:db8:42:%s::1' % i
for i in xrange(9)
for i in xrange(11)
if i != j]
name = 'm' + machine.short if machine.short != 'R' else 'registry'
name = machine.name if machine.short[0] == 'R' else 'm' + machine.short
machine.screen('python ping.py {} {}'.format(name, ' '.join(ips)))
_ll = {}
......
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA3M5AShAyBJPwQzF29mA+2ua+yIeZF5PNa0HKbOD7jZy4Q+5G
rTSnMDGJ0LBnLbcdmf3kZjhEABx8OA/ZO+/gj5nhPLvZ+RerX0626xXz855KwQXE
ENJolzEkFHXsVu7ka9UjiWkOZSjXAwSJTzyO48VjstoUCduKfMlSAlAzdDSrhbJp
41xbKvjF/7/Rypr7/BdVZ8TTJ21A1eWcCL5Ke8vqZowerq5AdAaZ8Gl9hETWdqud
PWJuVu40/waYbFVmuQ2eWtPJ139CgfcUKN/kTPp965cvUIZJ1QYSVxcqmjwxWd7P
TF6YUyU8VupdeSvIsXi5O+AXYHwIOtOFNENNnQIDAQABAoIBAFKke5l84EuoV0e+
7sieE0h5DrUdU2ZosnzPfgUsW9qP6sO6Hgfb6it2jx9ltuh8Xf7x8Rd1PbZQ8wlE
nUj6qjD1JkFGCfpaKpEcdAgfClSHTXFbSBwHtI/KG7fwvwl2llXpy0g14uZn17nQ
a9gVUWHc0kjxqIhb/ERiUWh+PhPipLGnwEuUG7l4Pak/7rNX+dSGNhCx9TtVE5x7
REaJwo9+MToW3ivyzzm+MlS2sYBrmIpcTLbo2bpqLG7VU6n1d0GDjkHCjqyheD2m
M810/jJ4rURY5M+yQamO6zb7HWHkWJwGcXGfBYGxZi9g1Kn9iHaQsGB8KG/movfe
dX3MBD0CgYEA9cmOQpDh31ycoLyMqR/HxMfXeYzXZr652ci55RJ0Tm4zFwa457il
0TvvpOC5P3tPnrdjoppyZWa7QNCpEYr0HH1CFcUWJRG76Jd5D4biBKCsrYzACbqI
wFTtNWf51s7Zqp7lWPf0VEvfSdcOqOCgYPUOrqIo50V9GvCR6Vzb/K8CgYEA5fr3
DrWMk9tCjbeynIglxH1rklnbgSoWl8OH/Mj+YXE6Qyh33DTB3DP5JkVac3V6FjxS
9SUGN25A7hizj6zsmIeDxhBU0vaK2UMwQrFIkn/zGf18Y2VYNO8wXmFsaYtZO4J9
qyNuYF3onSFStr9oks6ShpNH8dmxbQdybXKspXMCgYEAyryolYvAZGeV4pfkRpSq
SUy2FdLw0hU8Y8HIZIVmXlNT3Qh0eN68F+yibZPX+d8S+841ZyiSd8XXa00ySAAf
/2fqnN5mt8j7AI4BE6ekw0BtbvIMbXnp1wu2ZjkPwfn5XV2XvF06slWrJtM3imFO
qOs6Yx3rM2kEGraZBK7N3o0CgYB73PPtDyi8hY3NyA9BsS4uKqKiOxU29tUePehi
5FnlX1dSzlvn1N5IXBGnZBj4MGBl022WrK8xcYc09UbYbfkrmWkGZstYqAJWS5KV
iOgeRx1GdTjmS7H7KIvzeSMroSqZG4nVf4q2Cj37SvRCisqmru1J388S2f1uTGF7
wxRrMwKBgA4GnLLnV9ekqXvHdNgyW6hnGJrnCthgARwNj0e9vWC1C5en064XPwdI
TPx/yILuxTY9F0nkRhM9DpTBk8HkKSO4W4yh/FqT4uSHNkLU/52r1zrpHkLFUYZj
LnCXYu5dzUoylnw3+UNGKOa5671Jr0WgLR3pf1GaEAnB/x6RYe+H
-----END RSA PRIVATE KEY-----
log m10/
run m10/run
state m10/
ca ca2.crt
cert m10/cert.crt
key m10/cert.key
default
client-count 2
max-clients 2
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDtUCjUUvdTyyYr
jrO2DcXJSHjxzp62Eu7OnhhReZlSXjRMIAJE+GR8hidQJ/44uM+g2EkiF19eRNcS
vFVu6CJi45DavDrYxnk7YRmsY0us4uqFzdlEqGuTCUJEJsCkKvoxSOm3RYjY8kFp
fYaTvcWN04GzuUVxYHKt4GQqFCWyiE/iZYagNADDnc7zJTBNLtwyYFunjZxN4Oe4
JksPFqyVsVyUNIyTH/zBIhCQyjrZ4MjWAesuQFc4jZgJ9WYOPN5E5ElghbTu1bKx
y+pdWg1K54DahtliXUrp+ZJVl32vbqJ1BwSqqh6lLK/sDwVqiQ287pn+Yozoaemf
RsidW6mPAgMBAAECggEAchebyZipt+tvSnmtBNXSRVdGblq8CyVHEqcHYgRoJiWM
Vxz8elRBW2zT8cGIg5S2ncnePzmlbBkEnclV+aA5B/oIZmEgmZ+yIU4pnauPcmsV
/YZd8phWP7av2TwYWdUfvBol4yrXBBZURHdJADa4h9sr/FAShtOrztSW03QkO5RI
VRAN3CLNRk/dunJCc43D8/4njYQiS4owRvV7C5GTVfvEOeOAizvzjtfM1cTiRClp
phwa5W1sBs2tTpQJK0fnRwxDTMM2+p6F4eFogy5ajCXHju69Az/8bA7P+YTCWxC4
ANIJxs1RPL9Q/SyhGgS2BqljQq5CrjDigZ+byKaswQKBgQD+YR4e4vRvSjq4AL0S
jMF1navzbPaHGy4qJdgIjkZn2oqjs81pdUKYP7RKIgqHNugP3EclaSuUoNf1dxIf
/HkcP/OdRC76zvyoe6JZicLyUHkVVSiXEYOllVZ7aQKa3XMKEWksv4GywgLNdbI9
NvobwKpt7xvXY43tvq3oo6BtdwKBgQDu0zUd3a14gV9qtljue35m7JEVbB9KXsOL
WaT8MqWSounuCFjh7rx68K4xLmsB2tdUpyI1+pKvQOOWtZYnbYCoYrSYBH7/CpSw
YRFVgoNEO4aJgywMJ7rfDLizmjiveOBNmEgvh+lGNBVUqYlJwZE4SY4ohENAxsWu
9nPIBWlKqQKBgQCz98W1mF/S9LNCRtN9cjPUoG5s1CQ+Rc6NZyTGONI623TGiIjF
GX659Cf7YsYMD55yyidTomqAxqLDOTCLjLWqdNxH4VtTemlqUb30lvBjOufPXeZP
qsZ2uYbr3MlJA29GKjc8v2hlLbmJ3sDxahnc1Jw/FrGd2wMotoSXWFxB1QKBgEHL
cBu9QZgsVCQq/k8dOJKUY9f6BJjRiJ+wX7KXJWRDe5z3Mb10rvpTqjmkZxiIuL/6
l4M1eAnOH6Uae7Z7BXHeV5B11KLgwFvjMgpTvWQj3gmuWIk0vNfMQmpAd5NoAqt9
440srUiI+sNrPYZTTHWsVfy1i22iFT4BaZ5WV06ZAoGBAMF67k6WkjmjG86EqrY4
Fc48TczNmgUW9NPArRSYcqlgUNA0QK/hNQz72lWx5XbjxeWYBky7csrgSprNDy3M
WXl56tq6Oo1XCQCFFxmyZ89s6O084I7TBfNEaCNrBVX4qBTRKH9DNyYemu9fGAAK
1cBQp/DJVIBpnOu1ga2YuA58
-----END PRIVATE KEY-----
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAvFkywZvNyAZFoUou+e5e5fFmBi1IpfouItb+4d4OjfLfqsz9
oOsEhlv+t08gs68n0UvJtk2XkgUZMYVQsEZvaMUC20R0wi9LLCCurpNldqx7eZeD
0auo8FjWUS3FRn/ceU15dI8oFy1SYE2gfcui7tTDa2rcFn7pR9AIfv0oGIc8TIZk
BWz9C5oQ8trl9SXj2HShmk11Hxq/rEDod+iYZL4E6lRnrPpmm7CpiEm7QVSyMYtf
4EXhsSnB10nXJ2IaazhLjyh839UdfGuk3JzKraPp08ZaLNvV38DpNwPf9HXnGzHp
fYAZz2adykiyqddvRChSGrwUmhx8Edu3bZJyMQIDAQABAoIBAAgA/mAt38vNQG4/
OcnTMGMzI/PFPt4WyJkga8prZlDv7kNS3MBW3GVdSXC+wxP/sIB7aQH/QB6rasuo
76neBGP+Y0WwHgoWempQpTuz9c7aO5EKOEbTtaUpEUp32HdLfbIF8dBbOQfrHCIN
inFuEul1TyykaN/n2r/7fjDvTyHjoqaHrofUqC/8/+jaPASflRpNP+vKWM8YbD2E
PGiBhtobk4AOfdCM9afRpisAQI4C0RsGCHZL54vF7LbyPtAjgau+trwggj9ErILn
U+DjbhnHmB+GeMd7+56YjZccUTjtamHVBMrVdC0qNy+Na0x7rmfGGiN5S+qurP7p
FdROQvECgYEA47RQQWoRUMUCrcO2ZfsjeDu1r69qdBhzzjU7P9FDfsjxVWLl+cVT
uGxHxfDvh0J3NnoEhXsf7cVFoDZd8vQLIERZy3PbcgyEAj4TkSS+oNhQ/R7pTg5X
3ccamQmy2vqXGlwm3z5ZW5jh0vlJNWfvXP024UgpOHmg485ti6bTtr0CgYEA08Dm
5Mnx3sXifwzAOdqb9CApF+CRI6O5S+u3zwF4Bp1Spo31YZVnDVgCxBgv3k0OSFkE
7JCvY6KWOrwiPSUQCBnH74ePvheHiz39vRvZefgZHYFsyKc5UdmTc8gHLR9/0SK9
lcvcGitEsOp/Ft3Ob4j82NL+R5WgqyUuT1BXqoUCgYA8eeFu3jrnFswVVouVHlRX
VJR2qsI9P1lShTTNSEkC3V+ra+7knZIUwz10xv73D6IV5+ZXhVH/lotdd9MP+d0S
ntSygnzgF47gAZi0zeuLUKiB8bnJL2oKzxyzVK4aFsAXEi6I0EhvWXVw0SCufIJI
UkBHKSE5jKQ8nNDfbFmCiQKBgFuYCUfVgmXWOs6x+UQNJ4BFmQDXBnDgFPqeD3ff
LsfNrT6WERoQwe6nryqbO7lwo0jwGI0rWHJEla76SeUg7vpSDIWzoZ2cF+lG+0ad
kUiM5HA6149DpiudbYabc181TNhtqovtDlvTc3cDN83wS6c7HgO74HmeY00kXA+6
tPDxAoGBANtrY9fLqECgv3XRoQhE0xp4V8fr8iRG2QwKcZ0F1O0jfDMH/pfbl7IP
BjQsmuM6gORKDYdZHZ8bmpa5kzJCM+Oxf4y0bzgF9mE0gUd3LU9W2qLqidCBAveW
n4FwYaNHHUDEGNdJMPB8EB9n5FC3TUZIobz16/jn7DZghdag9e3c
-----END RSA PRIVATE KEY-----
ca ca2.crt
key registry2/ca.key
dh dh2048.pem
logfile registry2/registry2.log
run registry2/run
hello 4
client-count 2
tunnel-refresh 100
ipv4 10.42.0.0/16 8
log registry2/
run registry2/run
state registry2/
dh dh2048.pem
ca ca2.crt
cert registry2/cert.crt
key registry2/cert.key
gateway
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment