1#!/bin/sh 2# $FreeBSD$ 3 4# This script sets up a virtual point-to-point WAN link between 5# two subnets, using UDP packets as the ``WAN connection.'' 6# The two subnets might be non-routable addresses behind a 7# firewall. 8# 9 10# Here define the local and remote inside networks as well 11# as the local and remote outside IP addresses and UDP port 12# number that will be used for the tunnel. 13# 14LOC_INTERIOR_IP=192.168.1.1 15LOC_EXTERIOR_IP=1.1.1.1 16REM_INTERIOR_IP=192.168.2.1 17REM_EXTERIOR_IP=2.2.2.2 18REM_INSIDE_NET=192.168.2.0 19UDP_TUNNEL_PORT=4028 20 21# Create the interface node ``ng0'' if it doesn't exist already, 22# otherwise just make sure it's not connected to anything. 23# In FreeBSD, interfaces cannot be removed so it might already 24# be there from before. 25# 26if ifconfig ng0 >/dev/null 2>&1; then 27 ifconfig ng0 inet down delete >/dev/null 2>&1 28 ngctl shutdown ng0: 29else 30 ngctl mkpeer iface dummy inet 31fi 32 33# Attach a UDP socket to the ``inet'' hook of the interface node 34# using the ng_ksocket(4) node type. 35# 36ngctl mkpeer ng0: ksocket inet inet/dgram/udp 37 38# Bind the UDP socket to the local external IP address and port 39# 40ngctl msg ng0:inet bind inet/${LOC_EXTERIOR_IP}:${UDP_TUNNEL_PORT} 41 42# Connect the UDP socket to the peer's external IP address and port 43# 44ngctl msg ng0:inet connect inet/${REM_EXTERIOR_IP}:${UDP_TUNNEL_PORT} 45 46# Configure the point-to-point interface 47# 48ifconfig ng0 ${LOC_INTERIOR_IP} ${REM_INTERIOR_IP} 49 50# Add a route to the peer's interior network via the tunnel 51# 52route add ${REM_INSIDE_NET} ${REM_INTERIOR_IP} 53 54