#!/bin/bash
MTU=1439
-[ $# -gt 0 ] && MTU=$1
TEST=$(basename $0 .sh)
+PWD=$(dirname $0)
+PWD=/opt/ulvpn/bin
-LRED=enp0s9://78:a1:35:10:10:10
-LBLK=enp0s8://78:a1:35:20:20:20
-RRED=enp0s9://78:a1:35:01:01:01
-RBLK=enp0s8://78:a1:35:02:02:02
-
-LOOP=lo://00:00:00:00:00:00
-
-CRYPTOMOD=./cryptomod.exe
-SIMULATOR=./simulator.exe
-VPN=./ulvpn.exe
+CRYPTOMOD=$PWD/cryptomod.exe
+SIMULATOR=$PWD/simulator.exe
+VPN=$PWD/ulvpn.exe
ulimit -c unlimited
warn() { echo -e "\033[1;33m$@\033[0;0m"; }
fail() { echo -e "\033[1;31m$@\033[0;0m"; }
-if [ ! -f init.done ]; then
- launch create configuration files
-
- dd if=/dev/random of=crypto.key bs=1 count=32 2>/dev/null
- dd if=/dev/random of=prng.key bs=1 count=16 2>/dev/null
-
- cat > provisioning.eth <<EOF
+# board is modem or app
+BOARD=
+# cm is hard, none or soft
+CM=
+# wf is mdlu or pdlu
+WF=
+
+launch check board configuration
+if [ -f /data/MDLU ]; then
+ BOARD=modem
+ CM=none
+ WF=mdlu
+elif [ -f /data/PDLU ]; then
+ BOARD=modem
+ CM=none
+ WF=pdlu
+elif [ -f /etc/ulvpn.rc ]; then
+ source /etc/ulvpn.rc
+ # must provide board, cm adn wf
+fi
+[ "$BOARD" ] && [ "$CM" ] && [ "$WF" ] && pass OK || { fail KO; exit 1; }
+
+launch build vpn configuration
+case "$BOARD" in
+modem)
+ # only black vpn
+ LBLK=eth1://78:a1:35:20:20:20
+ RBLK=eth1://78:a1:35:02:02:02
+ DEVS=$LBLK
+ case "$WF" in
+ mdlu)
+ VPNBLK="-tr udp://125.128.0.1:1253 -ur udp://125.128.0.1:8208
+ -tt udp://125.128.0.1:1024 -ut udp://125.128.0.1:1189"
+ ;;
+ pdlu)
+ VPNBLK="-tr udp://192.168.0.5:1185 -ur udp://192.168.0.5:8192
+ -tt udp://192.168.0.5:1024 -ut udp://192.168.0.5:1253"
+ ;;
+ *)
+ fail unknown wf $WF
+ exit 1
+ esac
+ ;;
+app)
+ case "$CM" in
+ hard)
+ # only red vpn
+ LRED=eth0://78:a1:35:10:10:10
+ RRED=eth0://78:a1:35:01:01:01
+ DEVS=$LRED
+ ;;
+ soft)
+ # red vpn and soft cm
+ LRED=lo://00:00:00:00:00:00
+ LBLK=eth0://78:a1:35:20:20:20
+ RRED=lo://00:00:00:00:00:00
+ RBLK=eth0://78:a1:35:02:02:02
+ DEVS=$RBLK
+ ;;
+ none)
+ ;;
+ *)
+ fail unknown cm $CM
+ exit 1
+ esac
+ case "$WF" in
+ mdlu)
+ VPNRED="-d tun://tun0:$MTU -l tun://10.2.1.1 -r tun://10.2.0.0"
+ ;;
+ pdlu)
+ VPNRED="-d tun://tun0:$MTU -l tun://10.2.0.1 -r tun://10.2.1.0"
+ ;;
+ *)
+ fail unknown wf $WF
+ exit 1
+ esac
+ ;;
+*)
+ fail unknown board $BOARD
+ exit 1
+esac
+pass OK
+
+launch create provisioning files
+#dd if=/dev/random of=crypto.key bs=1 count=32 2>/dev/null
+echo -n "123456789abcdef0123456789abcdef0" > crypto.key
+#dd if=/dev/random of=prng.key bs=1 count=16 2>/dev/null
+echo -n "123456789abcdef0" >prng.key
+cat > provisioning.eth <<EOF
SLEEP 500
T:PROVISIONING LOAD_KEY_REQ KEYID=0 KEY=@crypto.key
R:PROVISIONING LOAD_KEY_RESP STATUS=0
T:PROVISIONING LOAD_KEY_REQ KEYID=1 KEY=@prng.key
R:PROVISIONING LOAD_KEY_RESP STATUS=0
EOF
+pass OK
- cat > plaintext.txt <<EOF
-Inter quos Paulus eminebat notarius ortus in Hispania, glabro quidam sub vultu latens, odorandi vias periculorum occultas perquam sagax. is in Brittanniam missus ut militares quosdam perduceret ausos conspirasse Magnentio, cum reniti non possent, iussa licentius supergressus fluminis modo fortunis conplurium sese repentinus infudit et ferebatur per strages multiplices ac ruinas, vinculis membra ingenuorum adfligens et quosdam obterens manicis, crimina scilicet multa consarcinando a veritate longe discreta. unde admissum est facinus impium, quod Constanti tempus nota inusserat sempiterna.
-
-Ideo urbs venerabilis post superbas efferatarum gentium cervices oppressas latasque leges fundamenta libertatis et retinacula sempiterna velut frugi parens et prudens et dives Caesaribus tamquam liberis suis regenda patrimonii iura permisit.
-
-Ut enim quisque sibi plurimum confidit et ut quisque maxime virtute et sapientia sic munitus est, ut nullo egeat suaque omnia in se ipso posita iudicet, ita in amicitiis expetendis colendisque maxime excellit. Quid enim? Africanus indigens mei? Minime hercule! ac ne ego quidem illius; sed ego admiratione quadam virtutis eius, ille vicissim opinione fortasse non nulla, quam de meis moribus habebat, me dilexit; auxit benevolentiam consuetudo. Sed quamquam utilitates multae et magnae consecutae sunt, non sunt tamen ab earum spe causae diligendi profectae.
-
-Et Epigonus quidem amictu tenus philosophus, ut apparuit, prece frustra temptata, sulcatis lateribus mortisque metu admoto turpi confessione cogitatorum socium, quae nulla erant, fuisse firmavit cum nec vidisset quicquam nec audisset penitus expers forensium rerum; Eusebius vero obiecta fidentius negans, suspensus in eodem gradu constantiae stetit latrocinium illud esse, non iudicium clamans."
-EOF
-
- success OK
+pids=
+trap "for pid in $pids; do echo killing $pid; kill -SIGTERM $pid; done;" 0 1 2 15
+
+for DEV in $DEVS; do
+ N=$(echo ${DEV/:*} | sed 's/[^0-9]//g')
+ launch configurate interface ${DEV/:*}
+ ip link set dev ${DEV/:*} down
+ ip link set dev ${DEV/:\/\// addr }
+ ip link set dev ${DEV/:*} up
+ ip addr add 192.169.$N.1/24 dev ${DEV/:*}
+ sleep 1
+ #tcpdump -v -i ${DEV/:*} &
+done
- touch init.done
+if [ "$CM" = soft ]; then
+ launch starting soft cm
+ $CRYPTOMOD -v 1 -V 1 -l cryptomod.log \
+ -s BYPASS_B2R -t $LRED/080D -r $LBLK/083D \
+ -s BYPASS_R2B -t $LBLK/082D -r $LRED/081D \
+ -s CONTROL -t $LRED/080E -r $LRED/081E \
+ -s CROSS_CRYPTO_B2R -t $LRED/0809 -r $LBLK/0839 \
+ -s CROSS_CRYPTO_R2B -t $LBLK/0829 -r $LRED/0819 \
+ -s PROVISIONING -t $LRED/080B -r $LRED/081B &
+ pid=$!
+ pids="$pids $pid"
+ sleep 1
+ ps | awk '$2 == '$pid' {exit 1}' && { fail KO; exit 1; } || pass OK
fi
-pids=
-if $(uname -n | fgrep -q debian-lite); then
- title Remote
+if [ "$VPNBLK" ]; then
+ launch starting black vpn
+ $VPN -v 1 -V 1 -l vpnblk.log \
+ -n tun \
+ $VPNBLK \
+ -x $RBLK/0829 $RBLK/0839 \
+ -n red &
+ pid=$!
+ pids="$pids $pid"
+ sleep 1
+ ps | awk '$2 == '$pid' {exit 1}' && { fail KO; exit 1; } || pass OK
+fi
- title starting software crypto module
- $CRYPTOMOD -v 1 -V 1 -l cryptomod.log \
- -s BYPASS_B2R -t $LOOP/080D -r $LOOP/083D \
- -s BYPASS_R2B -t $LOOP/082D -r $LOOP/081D \
- -s CONTROL -t $LOOP/080E -r $LOOP/081E \
- -s CROSS_CRYPTO_B2R -t $LOOP/0809 -r $LOOP/0839 \
- -s CROSS_CRYPTO_R2B -t $LOOP/0829 -r $LOOP/0819 \
- -s PROVISIONING -t $LOOP/080B -r $LOOP/081B &
- pids="$pids $!"
+if [ "$VPNRED" ]; then
+ launch starting red vpn
+ $VPN -v 1 -V 1 -l vpnred.log \
+ $VPNRED \
+ -n udp \
+ -n black \
+ -y $RRED/0809 $RRED/0819 &
+ pid=$!
+ pids="$pids $pid"
sleep 1
+ ps | awk '$2 == '$pid' {exit 1}' && { fail KO; exit 1; } || pass OK
launch provisioning software cryptomod
- $SIMULATOR -v1 -V1 -s PROVISIONING -r $LOOP/080B -t $LOOP/081B provisioning.eth && pass OK || { fail KO; exit 1; }
-
- title starting vpn
- $VPN -v 1 -V 1 -l ulvpn.log \
- -d tun://tun0:$MTU \
- -l tun://10.2.1.1 -r tun://10.2.0.0 \
- -t udp://10.1.0.2:1234 -u udp://10.1.0.1:1234 \
- -x $LOOP/0829 $LOOP/0839 \
- -y $LOOP/0809 $LOOP/0819 | \
- awk '{print "vpn:", $0}'
-
-else
- title Local
-
- launch provisioning hardware cryptomod
- $SIMULATOR -v1 -V1 -s PROVISIONING -r $RRED/080B -t $RRED/080B provisioning.eth && pass OK || { fail KO; exit 1; }
-
- title starting vpn
- $VPN -v1 -V1 \
- -d tun://tun0:$MTU \
- -l tun://10.2.0.1 -r tun://10.2.1.0 \
- -t udp://10.1.0.1:1234 -u udp://10.1.0.2:1234 \
- -x $RBLK/0809 $RBLK/0809 \
- -y $RRED/0809 $RRED/0809 | \
- awk '{print "vpn:", $0}'
-
+ $SIMULATOR -v1 -V1 -s PROVISIONING -r $LRED/080B -t $LRED/081B provisioning.eth && pass OK || { fail KO; exit 1; }
fi
-for p in $pids; do
- echo killing $p
- kill -TERM $p
+title press any key to stop
+read a
+
+for pid in $pids; do
+ echo killing $pid
+ kill -SIGTERM $pid
done
title end
Soft'N'Design Software / projects / ulvpn.git / commitdiff
