- 08 Apr, 2015 1 commit
-
-
Julien Muchembled authored
This simplify network configuration a lot, and on recent kernels, this fixes wrong source address for extra interfaces that already have a public IP.
-
- 03 Apr, 2015 2 commits
-
-
Julien Muchembled authored
-
Julien Muchembled authored
-
- 27 Mar, 2015 1 commit
-
-
Julien Muchembled authored
-
- 07 Mar, 2015 3 commits
-
-
Julien Muchembled authored
Generating them takes a lot of time and there's no reason to do this by default. We keep --dh option in 're6stnet' to not break existing configuration.
-
Julien Muchembled authored
-
Julien Muchembled authored
We consider using sockets to communicate with OpenVPN, via --management option.
-
- 06 Mar, 2015 6 commits
-
-
Julien Muchembled authored
-
Julien Muchembled authored
-
Julien Muchembled authored
db.py -> cache.py PeerDB -> Cache peers.db -> cache.db
-
Julien Muchembled authored
And automatic renewal of existing certificates.
-
Julien Muchembled authored
For the registry at least, we'll want to store integers without having to convert to/from strings. To upgrade 'registry.db': - dump it to a file - fix create table statements - load it Nodes will restart with an empty cache.
-
Julien Muchembled authored
-
- 25 Feb, 2015 1 commit
-
-
Julien Muchembled authored
-
- 24 Feb, 2015 5 commits
-
-
Julien Muchembled authored
-
Julien Muchembled authored
These modes are partly unified with the normal one by splitting TunnelManager.
-
Julien Muchembled authored
-
Julien Muchembled authored
-
Julien Muchembled authored
-
- 19 Feb, 2015 4 commits
-
-
Julien Muchembled authored
-
Julien Muchembled authored
-
Julien Muchembled authored
Also: - use '/usr/bin/env python' to easily use a Python interpreter different than /usr/bin/python - demo must be run by root so "dont_write_bytecode" to avoid having *.pyc files owned by root in the working copy
-
Julien Muchembled authored
This is then easier to restart it manually.
-
- 13 Feb, 2015 1 commit
-
-
Julien Muchembled authored
-
- 02 Feb, 2015 2 commits
-
-
Julien Muchembled authored
If too many nodes create client tunnels without serving any, working servers saturate and the network collapses.
-
Julien Muchembled authored
Some routers are so broken that UPnP NAT don't report ConflictInMappingEntry when redirecting the same port several times. Here is for example what we had with a Numericable Box (France): 0 (1024, 'TCP', ('192.168.0.29', 1194), 're6stnet openvpn server (1194/tcp)', '1', '', 0) 1 (1024, 'TCP', ('192.168.0.16', 1194), 're6stnet openvpn server (1194/tcp)', '1', '', 0) 2 (1024, 'TCP', ('192.168.0.33', 1194), 're6stnet openvpn server (1194/tcp)', '1', '', 0) 3 (1024, 'TCP', ('192.168.0.20', 1194), 're6stnet openvpn server (1194/tcp)', '1', '', 0) ('192.168.0.29', 1194, 're6stnet openvpn server (1194/tcp)', True, 0) Obviously, this can't work. It seems that this router also accepts a limited number of NAT rules, far less than we'd like, so even if there's still a probability of conflict with this commit, it will be good enough for our use.
-
- 30 Dec, 2014 4 commits
-
-
Julien Muchembled authored
ENETUNREACH is the only error I've ever seen since the beginning of the project.
-
Julien Muchembled authored
The main reason is to speed up recovery from temporary network cut: - by not wasting time trying remaining distant peers that were collected during the last read of the routing table. - by not blacklisting good peers, which would happen if too many of them were retried before network is back
-
Julien Muchembled authored
-
Julien Muchembled authored
-
- 26 Dec, 2014 3 commits
-
-
Julien Muchembled authored
-
Julien Muchembled authored
For consistency with other log messages.
-
Julien Muchembled authored
-
- 18 Dec, 2014 4 commits
-
-
Julien Muchembled authored
To be consistent with re6stnet.service
-
Julien Muchembled authored
-
Julien Muchembled authored
-
Julien Muchembled authored
-
- 17 Dec, 2014 3 commits
-
-
Julien Muchembled authored
-
Julien Muchembled authored
-
Julien Muchembled authored
-