mandos-client by vtun
Teddy Hogeborn
teddy at recompile.se
Fri Feb 22 13:52:21 CET 2019
Juan Miguel Alcarria Herrera <juanmi at arco2000.es> writes:
> Have you got an example of a ethernet hook to make a vtun for mandos
> client?
No, sorry. All the example hooks we have are shipped with Mandos and
are available in Debian in the
/usr/share/doc/mandos-client/examples/network-hooks.d directory. When
writing your own network hook, you would need to follow the
specifications of network hooks, as documentted in the "NETWORK HOOKS"
section of the mandos-client(8mandos) man page.
> I need not have to open ports for mandos server cheker. You know some
> solution?
In what way could the Mandos server check if the client is still up and
has not been taken offline? If there is a way, configure this method to
be the "checker" command. By default, this uses ssh-keyscan, but it
could be configured to be any shell command.
> Other question, is possible disable the checker and make a client
> enable for all time?
Yes, certainly; just make the "checker" setting in the
/etc/mandos/clients.conf file to be a shell command which always
succeeds, like the ":" command.
/Teddy Hogeborn
--
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20190222/ef87efa9/attachment.sig>
More information about the Mandos-Dev
mailing list