[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-developers] helpers trying (and failing) to setup routing, iptab
[GNUnet-developers] helpers trying (and failing) to setup routing, iptables, sysctl and such
Sun, 17 Apr 2016 22:21:58 +0200
I'm currently working on improving IPvX-over-GNUnet on OpenWrt.
I believe that providing v4/v6/DNS exit service using an OpenWrt box
is a quite good idea.
On OpenWrt it doesn't make so much sense to mess around with routing,
sysctl and iptables rules in the helpers as networking and firewall are
managed by OpenWrt's services. The situation is also different from a
desktop system because on an embedded device (think e.g.:
IPvX-over-GNUnet router) the networking and firewall configuration
corresponds to a specific use (think: tunneling all traffic through
GNUnet) and do exactly that. To me it seems desirable to have an
additional parameter (or even a compile-time configure argument!) for
the dns- and exit-helpers to make them stay away from routing, sysctl
and firewall stuff and just assume that an external service will handle
all that once the interface comes up (because that's what netifd does
Depending on your preference (additional cmdline parameter vs.
compile-time), I'd like to introduce that option, so EXIT will be more
useful to provide gateways to the ARPA internet in community mesh
networks -- that's the main application for most of them and GNUnet
could already offer a decentralized and more secure way to do that.
- [GNUnet-developers] helpers trying (and failing) to setup routing, iptables, sysctl and such,
Daniel Golle <=