You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 Re: Other Issues » Wireguard (VPN) Kernel Modul » 2019-02-16 18:52:38
You need matching kernel headers for wireguard-dkms to work.
And which are matching? I've installed with
# apt install linux-headers-$(uname -r)so I think that are all that are availible?
#2 Re: Other Issues » Wireguard (VPN) Kernel Modul » 2019-02-11 13:29:34
Could it be possible that there is the wrong kernel(-headers)?
uname -r:
4.17.0
But its: Linux devuan 4.17.0 armv7l GNU/Linux
I've installed:
devuan_ascii_2.0.0_armhf_sunxi.img.xz with orangepi_zero_defconfig.bin
But maybe something went wrong and it's not the right kernel??
I've installed linux-headers-4.17.0 but i think the right must be linux-headers-sun8i
#3 Other Issues » Wireguard (VPN) Kernel Modul » 2019-02-10 14:24:01
- Phoen7x
- Replies: 4
Hello everybody,
What about devuan with wireguard support?
I have implemented the following instructions and successfully installed wireguard.
# echo "deb https://ftp.fau.de/devuan/merged/ unstable main" > /etc/apt/sources.list.d/unstable.list
# printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable
# apt update
# apt install wireguardIf i want to add a new interface i get
# ip link add dev wg0 type wireguard
RTNETLINK answers: Operation not supportedIf I modeprobe wireguard:
modprobe: FATAL: Module wireguard not found in directory /lib/modules/4.17.0
If I want to install wireguard from source:
$ make
make[1]: *** /lib/modules/4.17.0/build: Datei oder Verzeichnis nicht gefunden. Schluss.
Makefile:36: die Regel für Ziel „module“ scheiterte
make: *** [module] Fehler 2Seems there is a problem with the kernelmodul?
Device is an OrangePi Zero.
#4 Re: Hardware & System Configuration » Equivalent to Systemd Service Unit/Socket » 2018-11-28 23:11:01
#5 Re: Hardware & System Configuration » Devuan + iptables » 2018-11-28 23:08:21
After a reinstallation of iptables-persistent, this solution worked for me.
I think my script failed because of the -nat -mangle parameters.
#6 Re: Hardware & System Configuration » Devuan + iptables » 2018-11-24 16:31:02
To allow resolve DNS, you must add a line accepting UDP output conections, since DNS protocol uses querys throw UDP:
Oh sorry, i've forgotten to write. I'm runnig an unbound resolver wich forward all traffic to another resolver via DNS-over-TLS (-dport 853), the rule is therefore obsulete.
about the script exec problem, also you can debug inserting a previous echo by each iptables command, so you can check on which its failing.
This is an good idea!
#7 Re: Hardware & System Configuration » Equivalent to Systemd Service Unit/Socket » 2018-11-24 12:56:38
What do you mean by that?
Oh sorry, i mean in the shell:
$ sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 5223if i check with
$ sudo iptables -t nat -Lthey were applied.
I write them into a skript in /etc/network/if-pre-up.d/ but after a reboot its flushed.
#!/bin/sh
set -e
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 5223Which is "more complicated" than what here?
Excuse me, I've been working with Devuan for less time, so it's a bit more complicated than systemd. However, I really wanted to get rid of systemd!
My intention is only to secure my ejabberd server against empd.
#8 Re: Hardware & System Configuration » Equivalent to Systemd Service Unit/Socket » 2018-11-23 23:42:22
Thank you for your response.
When I write the first few lines in my firewall script, they are not executed. The second seems a bit more complicated?
Can you explain that in more detail?
#9 Re: Hardware & System Configuration » Devuan + iptables » 2018-11-23 19:36:26
Thank you for your advice.
You mean I should move my script into the folder /etc/init.d? I have not quite understood the order and the dependencies?
In my script I'm just releasing ports.
#10 Hardware & System Configuration » Equivalent to Systemd Service Unit/Socket » 2018-11-23 19:26:01
- Phoen7x
- Replies: 6
Hello everybody,
I would like to realize the following service unit with SysV Init, or with a shell skript. Unfortunately, I could not find any help on the net. Is this possible at all?
First:
nano /etc/systemd/system/xmpp-port-redirection.service[Unit]
Description=Port redirection rules for XMPP
After=network.target
[Service]
Type=oneshot
RemainAfterExit=true
ExecStart=/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 5223
ExecStop=/sbin/iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 5223Second:
i would like to have something like a Systemd Socket for Erlang Port Mapper Daemon (epmd).
nano /etc/systemd/system/epmd.socket.d/listen-on-localhost.conf[Socket]
ListenStream=127.0.0.1:4369Is that possible with SysV Init?
Thank you. 
#11 Re: Hardware & System Configuration » Devuan + iptables » 2018-11-23 19:11:31
Thank you for answering.
Thats the errormessage:
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
Bad argument ` '
Try `iptables -h' or 'iptables --help' for more information.
Bad argument ` '
Try `iptables -h' or 'iptables --help' for more information.
but if i type in every rule, there is no error. ??
The same skript runs finde on my debian/raspbian
#12 Hardware & System Configuration » Devuan + iptables » 2018-11-23 15:25:16
- Phoen7x
- Replies: 10
Hello everybody,
so far I had used Debian.
There I put my iptables rules in a script in the directory /etc/network/if-up.d/iptables_on, like on this page.
Unfortunately, this method does not work with Devuan, there I always get an error message.
How should I ideally apply my iptables rules?
Pages: 1
Board footer
