kdxcxs
/
n2n
mirror of https://github.com/ntop/n2n.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Updated formatting

pull/2/head
Babak Farrokhi 8 years ago
parent
c43c929080
commit
cca6f1068c
No known key found for this signature in database GPG Key ID: 6B267AD85D632E9A
1 changed files with 20 additions and 17 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 35
      README.md

35
README.md
View File

@ -1,5 +1,6 @@
Edge node Edge node
--------- ---------
@ -9,24 +10,26 @@ community.
0. become root 0. become root
1. create tun device 1. create tun device
$ tunctl -t tun0 `$ tunctl -t tun0`
3. enable the edge process 2. enable the edge process
$ ./edge -d n2n0 -c mynetwork -k encryptme -u 99 -g 99 -m 3C:A0:12:34:56:78 -a 1.2.3.4 -l a.b.c.d:xyw `$ ./edge -d n2n0 -c mynetwork -k encryptme -u 99 -g 99 -m 3C:A0:12:34:56:78 -a 1.2.3.4 -l a.b.c.d:xyw`
or or
$ N2N_KEY=encryptme ./edge -d n2n0 -c mynetwork -u 99 -g 99 -m 3C:A0:12:34:56:78 -a 1.2.3.4 -l a.b.c.d:xyw `$ N2N_KEY=encryptme ./edge -d n2n0 -c mynetwork -u 99 -g 99 -m 3C:A0:12:34:56:78 -a 1.2.3.4 -l a.b.c.d:xyw`
Once you have this worked out, you can add the "-f" option to make edge detach Once you have this worked out, you can add the `-f` option to make edge detach
and run as a daemon. and run as a daemon.
Note that -u, -g and -f options are not available for Windows. Note that `-u`, `-g` and `-f` options are not available for Windows.
Supernode Supernode
-------- --------
You need to start the supernode once You need to start the supernode once
1. ./supernode -l 1234 -v 1. `./supernode -l 1234 -v`
Dropping Root Privileges and SUID-Root Executables (UNIX) Dropping Root Privileges and SUID-Root Executables (UNIX)
@ -36,15 +39,15 @@ The edge node uses superuser privileges to create a TAP network interface
device. Once this is created root privileges are not required and can constitute device. Once this is created root privileges are not required and can constitute
a security hazard if there is some way for an attacker to take control of an a security hazard if there is some way for an attacker to take control of an
edge process while it is running. Edge will drop to a non-privileged user if you edge process while it is running. Edge will drop to a non-privileged user if you
specify the -u <uid> and -g <gid> options. These are numeric IDs. Consult specify the `-u <uid>` and `-g <gid>` options. These are numeric IDs. Consult
/etc/passwd. `/etc/passwd`.
You may choose to install edge SUID-root to do this: You may choose to install edge SUID-root to do this:
1. Become root 1. Become root
2. chown root:root edge 2. `chown root:root edge`
3. chmod +s edge 3. `chmod +s edge`
done done
Any user can now run edge. You may not want this, but it may be convenient and Any user can now run edge. You may not want this, but it may be convenient and
safe if your host has only one login user. safe if your host has only one login user.
@ -53,7 +56,7 @@ safe if your host has only one login user.
Running As a Daemon (UNIX) Running As a Daemon (UNIX)
------------------- -------------------
Unless given "-f" as a command line option, edge will call daemon(3) after Unless given `-f` as a command line option, edge will call daemon(3) after
successful setup. This causes the process to fork a child which closes stdin, successful setup. This causes the process to fork a child which closes stdin,
stdout and stderr then sets itself as process group leader. When this is done, stdout and stderr then sets itself as process group leader. When this is done,
the edge command returns immediately and you will only see the edge process in the edge command returns immediately and you will only see the edge process in
@ -77,10 +80,10 @@ the edge command line.
eg. under linux: eg. under linux:
on hostA: on hostA:
[hostA] $ /sbin/ip -6 addr add fc00:abcd:1234::7/48 dev n2n0 `[hostA] $ /sbin/ip -6 addr add fc00:abcd:1234::7/48 dev n2n0`
on hostB: on hostB:
[hostB] $ /sbin/ip -6 addr add fc00:abcd:1234::6/48 dev n2n0 `[hostB] $ /sbin/ip -6 addr add fc00:abcd:1234::6/48 dev n2n0`
You may find it useful to make use of tunctl from the uml-utilities You may find it useful to make use of tunctl from the uml-utilities
package. Tunctl allow you to bring up a TAP interface and configure addressing package. Tunctl allow you to bring up a TAP interface and configure addressing
@ -97,7 +100,7 @@ Performance Notes
The time taken to perform a ping test for various ciphers is given below: The time taken to perform a ping test for various ciphers is given below:
Test: ping -f -l 8 -s 800 -c 10000 <far_edge> Test: `ping -f -l 8 -s 800 -c 10000 <far_edge>`
AES (-O0) 11820 AES (-O0) 11820
TF (-O0) 25761 TF (-O0) 25761

Write Preview
Loading…
Cancel
Save