1#!/bin/sh 2 3# This script sets up a virtual point-to-point WAN link between 4# two subnets, using UDP packets as the ``WAN connection.'' 5# The two subnets might be non-routable addresses behind a 6# firewall. 7# 8 9# Here define the local and remote inside networks as well 10# as the local and remote outside IP addresses and UDP port 11# number that will be used for the tunnel. 12# 13LOC_INTERIOR_IP=192.168.1.1 14LOC_EXTERIOR_IP=1.1.1.1 15REM_INTERIOR_IP=192.168.2.1 16REM_EXTERIOR_IP=2.2.2.2 17REM_INSIDE_NET=192.168.2.0 18UDP_TUNNEL_PORT=4028 19 20# Create the interface node ``ng0'' if it doesn't exist already, 21# otherwise just make sure it's not connected to anything. 22# In FreeBSD, interfaces cannot be removed so it might already 23# be there from before. 24# 25if ifconfig ng0 >/dev/null 2>&1; then 26 ifconfig ng0 inet down delete >/dev/null 2>&1 27 ngctl shutdown ng0: 28else 29 ngctl mkpeer iface dummy inet 30fi 31 32# Attach a UDP socket to the ``inet'' hook of the interface node 33# using the ng_ksocket(4) node type. 34# 35ngctl mkpeer ng0: ksocket inet inet/dgram/udp 36 37# Bind the UDP socket to the local external IP address and port 38# 39ngctl msg ng0:inet bind inet/${LOC_EXTERIOR_IP}:${UDP_TUNNEL_PORT} 40 41# Connect the UDP socket to the peer's external IP address and port 42# 43ngctl msg ng0:inet connect inet/${REM_EXTERIOR_IP}:${UDP_TUNNEL_PORT} 44 45# Configure the point-to-point interface 46# 47ifconfig ng0 ${LOC_INTERIOR_IP} ${REM_INTERIOR_IP} 48 49# Add a route to the peer's interior network via the tunnel 50# 51route add ${REM_INSIDE_NET} ${REM_INTERIOR_IP} 52 53