1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
|
.TH SECVPN "1" "August 2000" "secvpn"
.SH NAME
secvpn.conf - Configuration file for the Secure Virtual Private Network
.SH SYNOPSIS
.B /etc/network/secvpn.conf
.br
.SH DESCRIPTION
The configuration file for the Secure Virtual Private Network is expected
to be a valid shell script defining variables and functions. The script is
sourced by the other programs and scripts maintaining the SVPN and therefore
must be handled with care!
The file is composed of two parts, a variable definition section and
a function definition section (in the sense of the shell syntax).
.PP
.SS Variables
.PP
The variables are used to define global variables for the SVPN:
.TP 12
.IR THIS_IS
identifies the current hostname.
.TP
.IR VPNS
is used to specifiy the relationship of SVPN hosts, i.e. which SVPNs should
be started by
\fBsecvpn\fR and which role do the host play in this relationship.
The syntax is \fBActiveHost->PassiveHost\fR, i.e. the active host is
responsible to establish the secure channel to the passive host (using ssh)
by starting the pppd connection and setting routes on the active and the
passive host.
Multiple relationships are separated by a blank, the identifiers used for
the ActiveHost and the PassiveHost must match the contents of the variable
\fBTHIS_IS\fR in the corresponding configuration files.
.TP
.IR CRYPT_MASK
is the network mask used for the real connection via the
\fBT_CRYPT_IP\fR
IP addresses.
.TP
.IR SSHPORT
is currently not used. In future releases, this variable may be used to
identify the port to which the ssh connection should be made.
.SS Functions
.PP
Functions are used to define the specific attributes of the SVPN hosts
and the SVPN relationships.
First, a function for each SVPN host has to be defined. The name of the
function must match the hostname of the SVPN host (i.e. the contents of the
variable THIS_IS in the corresponding configuration file). The SVPN host
specific functions are used to set the following, host specific variables:
.PP
.TP 12
.IR GOOD_ONES
specifies the official, good network address (together with the network mask
given as the number of contiguous bits separated with a slash) of this
SVPN host. This network is the secure subnet which is represented by this
SVPN host.
.TP
.IR GOOD_IP
identifies the official, good IP address of the SVPN host. This IP address
must be used for all secure communications with this host.
.PP
Next, a function for each SVPN relationship has to be defined. The names of
these functions are listed in the \fBVPNS\fR variable (see above) and receive
a prefix of
.I vpn_
These relationship defining functions are used to set the following connection
specific variables:
.PP
.TP 12
.IR T_GOOD_ONES
is an optional variable used to specify the list (blank separated) of
secure networks which are directly or indirectly reachable via the
.I active
SVPN host of this SVPN connection (
.I this
good IP addresses ).
The networks are identified by their IP address and their attached network mask
specified by the number of contiguous bits and separated by a slash.
Note that the own network must not be listed in this variable, because it is
specified in the \fBGOOD_ONES\fR variable in the SVPN host function of the
active member of the current connection.
.TP
.IR T_BAD_IP
is the IP address of the
.I active
SVPN host which is used to establish the secure channel to the passive SVPN
host. This IP address might be attached to a second interface on the active
SVPN host (if a multi homed system is used) or the same IP address as for the
.I GOOD_IP
might be used (if the active SVPN host is a single homed system).
.TP
.IR T_CRYPT_IP
is the IP address on the
.I active
SVPN host which is used for the secure ppp connection to the corresponding
pppd on the passive SVPN host -- a new ppp interface will be added by secvpn
for this ip.
.TP
.IR O_CRYPT_IP
is the IP address on the
.I passive
SVPN host which is used for the secure ppp connection to the corresponding
pppd on the active SVPN host -- a new ppp interface will be added by secvpn
for this ip.
.TP
.IR O_BAD_IP
is the IP address of the
.I passive
SVPN host which is used to establish the secure channel to the active SVPN
host. This IP address might be attached to a second interface on the passive
SVPN host (if a multi homed system is used) or the same IP address as for the
.I GOOD_IP
might be used (if the passive SVPN host is a single homed system).
.TP
.IR O_GOOD_ONES
is an optional variable used to specify the list (blank separated) of
secure networks which are directly or indirectly reachable via the
.I passive
SVPN host of this SVPN connection (
.I other
good IP addresses ).
The networks are identified by their IP address and their attached network mask
specified by the number of contiguous bits and separated by a slash.
Note that the own network must not be listed in this variable, because it is
specified in the \fBGOOD_ONES\fR variable in the SVPN host function of the
passive member of the current connection.
.SS Example
.IP
.nf
# The SVPN acts as a router connecting 2 subnets.
# Each subnet itself is secure. But the Internet is unsecure.
#
# Secure Subnet 1 / / Secure Subnet 2
# / Unsecure /
# [hosts1] [secvpn1] / Internet / [secvpn2] [hosts2]
# X.X.X.n eth0:X.X.X.1 / ISDN / eth0:Y.Y.Y.1 Y.Y.Y.n
# eth1:I.I.I.1 / / eth1:J.J.J.1
#
# ToDo:
# The hosts1 should be able to communicate secure with hosts2
# over an unsecure network.
# secvpn1/secvpn2 are used as routers that connect the secure
# subnet to the internet.
# Hosts1/hosts2 have routing entries using secvpn1/secvpn2 to
# reach hosts2/hosts1.
#
#
# Global variables
#
THIS_IS="`hostname`"
VPNS="secvpn1->secvpn2"
CRYPT_MASK="255.255.255.0"
SSHPORT="22"
#
# SVPN host specifications
#
# this is for the system with hostname 'secvpn1'
secvpn1() { GOOD_ONES="X.X.X.0/24"; GOOD_IP="X.X.X.1" }
# this is for the system with hostname 'secvpn2'
secvpn2() { GOOD_ONES="Y.Y.Y.0/24"; GOOD_IP="Y.Y.Y.1" }
#
# SVPN connection specifications
#
# this is for the connection from 'secvpn1' (active) to
# 'secvpn2' (passive)
vpn_secvpn1_secvpn2()
{
# -----------
# | secvpn1 |----------------+
# ----------- |
# | |
| # ppp-DEV
T_BAD_IP="I.I.I.1"; T_CRYPT_IP="10.1.1.1"
# | |
| # ppp-DEV
O_BAD_IP="J.J.J.1"; O_CRYPT_IP="10.1.1.2"
# | |
# ----------- |
# | secvpn2 |----------------+
# -----------
}
.SH OTHER
To have real security it is necessary to secure each secvpn host and to have
firewalls on each secvpn host allowing only selected IP-Adresses and Ports to
pass through the VPN.
.SH AUTHOR
Bernd Schumacher, HP Consulting, HEWLETT-PACKARD GmbH, Bad Homburg, 2000
.SH COPYRIGHT
Copyright: Most recent version of the GPL.
On Debian GNU/Linux systems, the complete text of the GNU General
Public License can be found in "/usr/share/common-licenses/GPL".
.SH "SEE ALSO"
secvpn(1) secvpnmon(1)
|
