rrqnet-cron.sh(8) ================= :doctype: manpage :revdate: {sys:date "+%Y-%m-%d %H:%M:%S"} NAME ---- rrqnet-cron.sh - Management script to uphold a *rrqnet* plug. SYNOPSIS -------- *rrqnet-cron.sh* _vpn_ ... DESCRIPTION ----------- *rrqnet-cron.sh* is a management script for upholding an *rrqnet* plug for a nominated VPN confguration. The given _vpn_ (or the several) is the pathname relative to the configuration root directory and with a +.conf+ extension added, as in +/etc/rrqnet/conf.d/+*vpn*+.conf+. The following is a configuration file example: ./etc/rrqnet/conf.d/tap0-client.conf ---- TAP=tap0 MAC=02:00:00:00:01:00 BR= IP=192.168.10.2 PORT=1500 OPTIONS=( ) VPN=( 10.61.4.72:2020=/etc/rrqnet/keys/example.key ) VERBOSE=-v ---- * The `TAP` assignment names the tap interface to use. * The optional MAC assignment, if provided, tells *rrqnet-cron.sh* to set the Ethernet address of the tap interface as given. * The optional `BR` assignment, if provided, tells *rrqnet-cron.sh* to add the tap interface to the bridge upon start. * The optional `IP` assignment, if provided, tells *rrqnet-cron.sh* how to configure the tap interface when it is brought up. If empty, the tap interface is brought up without confgiured IP address. * The `PORT` assignment declares which port *rrqnet* should listen on. It will listen on that port on all interfaces. * The optional `OPTIONS` is intended for the -B and -T options to *rrqnet*. * The `VPN` assignment declares the remotes for *rrqnet*. * The optional `VERBOSE` assignment, which must be `-v`, `-vv` or `-vvv` unless empty, defines the verbosity level for *rrqnet*. The above example declares an uplink remote at example ivp4 address `10.61.4.72`, port 2020, and using a transport encryption key. The remote host at that IP address should have a corresponding declaration, perhaps as follows: ./etc/rrqnet/conf.d/tap0-server.conf ---- TAP=tap0 IP=192.168.10.1 PORT=2020 VPN=( 0.0.0.0/0=/etc/rrqnet/keys/example.key ) ---- That "server" declaration allows UDP packets from any host and port, requiring the them to use the same transport encryption key. The *rrqnet* "server" plug then works like a switch that forwards packets between connections as well as to and from the tap. Connections are identified by the remote MAC addresses, and it's up to the remote ends to resolve IP addresses to the MAC addresses on the virtual net. The +VPN+ variable may have multiple remote declarations, and include both up-links and down-links, with or without thransport encryption keys. E.g., ---- VPN=( 192.168.0.0/16:1400 10.61.4.72:2020=/sec/example.key ) ---- A VPN assignment like the above would downlink remotes in IP range +192.168.0.0/16+, port 1400, without transport key, and uplink to +10.61.4.72:2020+. crontab set up ~~~~~~~~~~~~~~ The script *rrqnet-cron.sh* is intended to be set up in *crontab*, by a line such as the following: ---- * * * * * /usr/local/sbin/rrqnet-cron.sh tap0-client ---- By that *crontab* line, the script will be invoked every minute for ensuring that the *rrqnet* plug declared by +/etc/rrqnet/conf.d/tap0-client.conf+ is still running or otherwise restart it. NOTES ----- Note that *rrqnet-cron.sh* sources the configuration file and exits after optionally spawning an *rrqnet* daemon. On may therefore safely just change the cable set up, and kill *rrqnet* in order apply that changed set up. SEE ALSO -------- *rrqnet(8)* - Packet tunneling over UDP, multiple channels AUTHOR ------ Ralph Rönnquist