search

sudomesh / tunneldigger-lab

experiments on digging tunnels
GNU General Public License v3.0
4 stars 2 forks source link

Tunneldigger/Exitnode Labs Notes #5

Open aetilley opened 6 years ago

aetilley commented 6 years ago

Beginning with Tunneldigger Lab

Local workstation: Linux (jessie) virtual machine.

Prerequisites:

All successful except last which gives:

E: Unable to locate package linux-image-extra-3.16.0-4-amd64 E: Couldn't find any package by regex 'linux-image-extra-3.16.0-4-amd64'

Moving on...

Install:

All three kernel modules loaded successfully:

vagrant@jessie:~$ sudo lsmod | grep l2tp l2tp_eth 12851 0 l2tp_netlink 17323 1 l2tp_eth l2tp_core 25973 2 l2tp_eth,l2tp_netlink

(Also added these three to /etc/modules.)

Clone: Successfully cloned repo. Successfully cmade and made the client code.

Digging a tunnel:

Checking prior state:

1)

vagrant@jessie:~/tunneldigger/client$ ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:ba:0e:69 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::a00:27ff:feba:e69/64 scope link valid_lft forever preferred_lft forever

2) vagrant@jessie:~/tunneldigger/client$ netstat -u Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State

3) cat /var/log/syslog | grep td-client return some things from (I believe) a previous attempt (which strangely have timestamps in the future). When called at about Mar 4 10:30 am it returns:

... ... Mar 4 18:27:32 jessie td-client: Performing broker selection... Mar 4 18:27:43 jessie td-client: No suitable brokers found. Retrying in 5 seconds Mar 4 18:27:48 jessie td-client: Performing broker selection... Mar 4 18:27:59 jessie td-client: No suitable brokers found. Retrying in 5 seconds Mar 4 18:28:04 jessie td-client: Performing broker selection... Mar 4 18:28:10 jessie td-client: Got termination signal, shutting down tunnel...

Moving on...

Digging a tunnel:

vagrant@jessie:~/tunneldigger/client$ sudo ./tunneldigger -b exit.sudomesh.org:8942 -u 07105c7f-681f-4476-b5aa-5146c6e579de -i l2tp0 -s ./tunnel_hook_ex.sh Hello Tunnel!

I wasn't sure what the point of the tunnel hook script was at this point, so I just make tunnel_hook_ex.sh echo "Hello Tunnel!" Also it wasn't clear whether I should use the provided uuid or chose my own. I picked the one provided. Would like to know more about what role this uuid plays. Checking posterior state: 1) "inspecting the tunnel_hook.sh.log for recent entries of new sessions." Sorry, what is this file? The command find / "tunnel_hook_ex.sh.log" Did not find anything. 2) vagrant@jessie:/$ ip addr 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:ba:0e:69 brd ff:ff:ff:ff:ff:ff inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::a00:27ff:feba:e69/64 scope link valid_lft forever preferred_lft forever 6: l2tp0: mtu 1446 qdisc noop state DOWN group default qlen 1000 link/ether ba:c1:7a:d1:64:6b brd ff:ff:ff:ff:ff:ff 3) vagrant@jessie:/$ netstat -u Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 10.0.2.15:34812 unassigned.psychz.:8942 ESTABLISHED 4) vagrant@jessie:/$ sudo cat /var/log/syslog | grep td-client ... ... Mar 4 18:58:04 jessie td-client: Performing broker selection... Mar 4 18:58:05 jessie td-client: Broker usage of exit.sudomesh.org:8942: 1535 Mar 4 18:58:05 jessie td-client: Selected exit.sudomesh.org:8942 as the best broker. Mar 4 18:58:06 jessie td-client: Tunnel successfully established. Mar 4 18:58:23 jessie td-client: Setting MTU to 1446 Mar 4 18:58:26 jessie td-client: Setting MTU to 1446 Mar 4 18:59:08 jessie td-client: Got termination signal, shutting down tunnel... Mar 4 19:12:42 jessie td-client: Performing broker selection... Mar 4 19:12:43 jessie td-client: Broker usage of exit.sudomesh.org:8942: 1535 Mar 4 19:12:43 jessie td-client: Selected exit.sudomesh.org:8942 as the best broker. Mar 4 19:12:44 jessie td-client: Tunnel successfully established. Mar 4 19:13:03 jessie td-client: Setting MTU to 1446 Mar 4 19:13:04 jessie td-client: Setting MTU to 1446 **Setting up a broker** (On a new D.O. droplet) ssh root@159.89.227.146 All of the following was successful sudo apt update sudo apt install iproute bridge-utils libnetfilter-conntrack-dev libnfnetlink-dev libffi-dev python-dev libevent-dev ebtables python-virtualenv mkdir /srv/tunneldigger cd /srv/tunneldigger virtualenv env_tunneldigger git clone https://github.com/wlanslovenija/tunneldigger.git source env_tunneldigger/bin/activate cd tunneldigger/broker python setup.py install cp l2tp_broker.cfg.example l2tp_broker.cfg Also changed l2tp_broker.cfg to begin with [broker] ; IP address the broker will listen and accept tunnels on address=159.89.227.146 ; Ports where the broker will listen on port=53,123,8942 ; Interface with that IP address interface=eth0 Now to starting the broker: (env_tunneldigger) root@mesh-droplet-1:/# cd / (env_tunneldigger) root@mesh-droplet-1:/# sudo /srv/tunneldigger/env_tunneldigger/bin/python -m tunneldigger_broker.main /srv/tunneldigger/tunneldigger/broker/l2tp_broker.cfg [INFO/tunneldigger.broker] Initializing the tunneldigger broker. Traceback (most recent call last): File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main "__main__", fname, loader, pkg_name) File "/usr/lib/python2.7/runpy.py", line 72, in _run_code exec code in run_globals File "/srv/tunneldigger/env_tunneldigger/lib/python2.7/site-packages/tunneldigger_broker-0.3.0-py2.7-linux-x86_64.egg/tunneldigger_broker/main.py", line 84, in tunnel_manager.initialize() File "/srv/tunneldigger/env_tunneldigger/local/lib/python2.7/site-packages/tunneldigger_broker-0.3.0-py2.7-linux-x86_64.egg/tunneldigger_broker/broker.py", line 192, in initialize self.netlink = l2tp.NetlinkInterface() File "/srv/tunneldigger/env_tunneldigger/local/lib/python2.7/site-packages/tunneldigger_broker-0.3.0-py2.7-linux-x86_64.egg/tunneldigger_broker/l2tp.py", line 78, in __init__ raise L2TPSupportUnavailable tunneldigger_broker.l2tp.L2TPSupportUnavailable Tried deactivating the python env and running again, but I get the same error. ** NOTE: Realizing that the order of operations in the two labs is not sequential, but one might have to jump back and forth between them. Continuing to experiment with this. ** **Exit node repo: Install** Cloned and ran script ssh root@159.89.227.146 'bash -s' < create_exitnode.sh 159.89.227.146 apparently successfully. **Exit node repo: Testing Tunnel Digger** *step 1.* create tunnel using tunneldigger client (see https://github.com/sudomesh/tunneldigger-lab) vagrant@jessie:~/tunneldigger/client$ sudo ./tunneldigger -b 159.89.227.146:8942 -u 07105c7f-681f-4476-b5aa-5146c6e579de -i l2tp0 -s ./tunnel_hook_ex.sh Again, using the same uuid since I'm not sure of the role of this. *step 2.* assign some ip to tunneldigger client interface (After accidentally running ip addr while not in my linux virtual machine) vagrant@jessie:~$ ip addr ... 7: l2tp0: mtu 1446 qdisc noop state DOWN group default qlen 1000 link/ether ee:17:25:5e:66:0d brd ff:ff:ff:ff:ff:ff vagrant@jessie:~$ sudo ip addr add 100.65.26.1 dev l2tp0 vagrant@jessie:~$ ip addr ... 7: l2tp0: mtu 1446 qdisc noop state DOWN group default qlen 1000 link/ether ee:17:25:5e:66:0d brd ff:ff:ff:ff:ff:ff inet 100.65.26.1/32 scope global l2tp0 valid_lft forever preferred_lft forever *step 3.* establish static route from client to tunneldigger broker vagrant@jessie:~$ sudo ip r add 100.64.0.42 dev l2tp0 RTNETLINK answers: Network is down *step 4.* establish static route from tunneldigger broker to client root@mesh-droplet-1:~# sudo ip r add 100.65.26.1 dev l2tp2431 (appears successful) **make sure to up the interface** vagrant@jessie:~$ sudo ip link set l2tp0 up vagrant@jessie:~$ ping -I l2tp0 100.64.0.42 PING 100.64.0.42 (100.64.0.42) from 100.65.26.1 l2tp0: 56(84) bytes of data. 64 bytes from 100.64.0.42: icmp_seq=1 ttl=64 time=171 ms 64 bytes from 100.64.0.42: icmp_seq=2 ttl=64 time=104 ms 64 bytes from 100.64.0.42: icmp_seq=3 ttl=64 time=87.8 ms 64 bytes from 100.64.0.42: icmp_seq=4 ttl=64 time=82.7 ms
cambers commented 6 years ago

I am not able to ping the exitnode unless I assign it a static ip: root@exitnode:~# ip addr add 100.64.0.42 dev l2tp101-101

This means that as I continue with the lab below, I am still able to ping 100.64.0.42 even after step 5 and 6. ???

Testing Routing with Babeld Through Tunnel Digger ......... Step 3. check routes After running ip route you should see entries like: 100.64.0.42 via 100.64.0.42 dev l2tp0 proto babel onlink

Step 4. ping the mesh routing ip Now, execute ping 100.64.0.42 and you should see something like: $ ping 100.64.0.42 PING 100.64.0.42 (100.64.0.42) 56(84) bytes of data. 64 bytes from 100.64.0.42: icmp_seq=1 ttl=64 time=207 ms 64 bytes from 100.64.0.42: icmp_seq=2 ttl=64 time=204 ms

Step 5. now, stop the babeld process using ctrl-c

Step 6. repeat steps 3/4 and confirm that the routes are gone and the ping no longer succeeds.