Radix cross Linux

Index: README.TXT
===================================================================
--- README.TXT	(nonexistent)
+++ README.TXT	(revision 5)
@@ -0,0 +1,13 @@
+One or more OpenVPN config files should be installed in this directory
+as files ending in ".conf" (i.e. client.conf, server.conf, etc.).
+
+Have a look in sample-config-files for some more examples of how to
+configure OpenVPN.
+
+To start OpenVPN, use this command as root:
+sh /etc/rc.d/rc.openvpn start
+
+To make OpenVPN start automatically at boot, change the script permissions:
+chmod 755 /etc/rc.d/rc.openvpn
+
+See "man openvpn" and the other docs for more information.
Index: radix.conf
===================================================================
--- radix.conf	(nonexistent)
+++ radix.conf	(revision 5)
@@ -0,0 +1,178 @@
+# openvpn.conf.sample
+#
+# This is a sample configuration file for OpenVPN.
+# Not all options are listed here; you can find good documentation 
+# about all of the options in OpenVPN's manual page - openvpn(8).
+#
+# You can make a P-t-P connection by creating a shared key, 
+# copying this key to other hosts in your network, and changing
+# the IP addresses in this file.
+#
+# Commented options are provided for some typical configurations 
+
+# Change the "search" path to /etc/openvpn
+# All files referenced in this configuration will be relative to 
+# whatever directory is specified here - we default to /etc/openvpn 
+cd /etc/openvpn
+
+# If running as a server, which local IP address should OpenVPN
+# listen on? Specify this as either a hostname or IP address. If
+# this is left blank, OpenVPN will default to listening on all
+# interfaces.
+#local a.b.c.d
+
+# This option defines the IP or DNS name of the other side of your VPN
+# connection.  This option is needed if you are making client or P-t-P 
+# connections.  If you are the server, use "local" instead.  This may
+# be specified as a domain name or IP address.
+#remote vpn.server.org
+
+# This option defins the protocol to use.  Valid options are:
+# udp, tcp-server, or tcp-client.  Default is udp, and generally
+# speaking, tcp is a bad idea.
+proto udp
+
+# This option defines the port on which your server will be listening 
+# or trying to connect. The default is 1194
+port 1194
+
+# This option defines whether to use LZO compression. 
+# If enabled, it must be enabled at both ends of the VPN connection. 
+#comp-lzo
+
+# Debug level (default 1)
+#verb 3
+
+# VPN logfile location
+# If you don't specify a location here, logging will be done through
+# syslogd and write to /var/log/messages
+log-append /var/log/openvpn.log
+
+# If you want to use OpenVPN as a daemon, uncomment this line.
+# Generally speaking, servers should run OpenVPN as a daemon
+# and clients should not.
+#daemon
+
+# Device type to use, you can choose between tun or tap. 
+# TUN is the most common option. If you have multiple connections, 
+# it is a good idea to bind each connection to a separate TUN/TAP 
+# interface using tunX/tapX, where X is the number of each interface.
+dev tun
+
+# This option prevents OpenVPN from closing and re-opening the tun/tap 
+# device every time it receives a SIGUSR1 signal
+#persist-tun
+
+# This is similar to the previous option, but it prevents OpenVPN from
+# re-reading the key files every time
+#persist-key
+
+# If you are using a client-server architecture, you need to specify the 
+# role of your computer in your VPN network.  To use one of these options,
+# you need to configure TLS options too.
+#
+# To use the "server" option, you must specify a network subnet such
+# as 172.16.1.0 255.255.255.0.  The first number is the network, the
+# second is the netmask.  OpenVPN will take the first available IP
+# for itself (in our example, 172.16.1.1) and the rest will be
+# given to connecting clients dynamically.
+#
+# Leave these commented out if you are using OpenVPN in bridging mode.
+#
+#server 10.1.2.0 255.255.255.0
+#client
+
+# This option defines a file with IP address to client mapping. 
+# This is useful in general, and necessary if clients use persist-tun.
+#ifconfig-pool-persist ips.txt
+
+# Enable this option if you want clients connected to this VPN to be
+# able to talk directly to each other
+#client-to-client
+
+# This option defines the directory in which configuration files for clients 
+# will reside.  With individual files you can make each client get different 
+# options using "push" parameters
+#client-config-dir ccd
+
+# If you are using P-t-P, you need to specify the IP addresses at both ends 
+# of your VPN connection.  The IP addresses are reversed at the other side.
+#
+# You can use this to specify client IP addresses in ccd files (on server) 
+# or directly in client configuration
+#ifconfig 10.1.2.1 10.1.2.2
+
+# You can set routes to specific networks. In the sample below, "vpn_gateway"
+# is an internal OpenVPN alias to your VPN gateway - leave it as is.
+# This will enable you to talk with the networks behind your VPN server. 
+# Multiple routes can be specified.
+#
+# +------------+ <eth>-<tun>               <tun>-<eth> +------------+
+# |  Network1  |---| VPN1 |--[10.1.2.0/24]--| VPN2 |---|  Network2  |
+# +------------+   +------+                 +------+   +------------+
+# 192.168.0.0/24                                       192.168.2.0/24
+#
+# The sample below shows how VPN1 server can reach Network2
+#route 192.168.2.0 255.255.255.0 vpn_gateway
+
+# You can send clients many network configuration options using the 
+# "push" directive and sending commands.
+# Multiple "push" directives can be used.  You should only put global
+# "push" directives here.  You can "push" different options to
+# different clients in per-client configuration files.  See
+# "client-config-dir" above.
+#
+# Using the same network configuration that you see above, the route statment 
+# here allows VPN2 to reach Network1 
+#push "route-delay 2 600"
+#push "route 192.168.2.0 255.255.255.0 vpn_gateway"
+#push "persist-key"
+
+# This option sets the encryption algorithm to use in the VPN connection.
+# Available options are:
+# DES-CBC, RC2-CBC, DES-EDE-CBC,  DES-EDE3-CBC, 
+# DESX-CBC, BF-CBC, RC2-40-CBC, CAST5-CBC, 
+# RC2-64-CBC, AES-128-CBC, AES-192-CBC and AES-256-CBC
+cipher BF-CBC
+
+# Shared Key Connection
+# ---------------------
+# Secret is one shared key between the hosts that want to connect through VPNs.
+# Without secret or TLS options, your data will not be encrypted.
+# 
+# To generate an encryption key do:
+#   openvpn --genkey --secret /etc/openvpn/keys/shared.key
+#
+# Do the above on one host and copy it to the others
+secret keys/shared.key
+
+# TLS Connections
+# ---------------
+# TLS must be used if you use option "server" or "client"
+# The basic idea there is: You have one Certificate Authority, and all 
+# machines in your VPN network need to have individual certificates and 
+# keys signed by Certificate Authority.  This means each client can
+# have its own key, making it easier to revoke a key without copying
+# a shared secret key to every client.
+#
+# Inside the /usr/doc/openvpn-$VERSION documentation directory, you can
+# find "easy-rsa" scripts to make certificate and key management easier.
+
+# Certificate Authority file 
+# This file must be identical on all hosts that connect to your VPN
+#ca certs/ca.crt
+
+# If you are the server, you need to specify some Diffie Hellman parameters. 
+# OpenVPN provides some sample .pem files in documentation directory
+#dh my-dh.pem
+
+# Certificate and Key signed by Certificate Authority
+# Each machine needs to have their own unique certificate
+#cert certs/machine.cert
+#key keys/machine.key
+
+# To prevent some DoS attacks we can add another authentication layer in the
+# TLS control channel.  This needs to be enabled at both ends to work
+# client uses the value 1; server uses the value 0
+#tls-auth keys/shared.key 0
+
Index: rc.openvpn
===================================================================
--- rc.openvpn	(nonexistent)
+++ rc.openvpn	(revision 5)
@@ -0,0 +1,111 @@
+#!/bin/sh 
+# 
+# /etc/rc.d/rc.openvpn 
+# 
+# Start/stop/restart the openvpn daemon. 
+#
+# By default, this script will start/stop/restart a daemon for every *.conf
+# file found in /etc/openvpn.
+#
+# To work with a single connection, add the name of the config file:
+# /etc/rc.d/rc.openvpn start configfile.conf
+#
+# You may also use a config file not found in /etc/openvpn by providing a
+# complete path:
+# /etc/rc.d/rc.openvpn start /path/to/some/other/configfile.conf
+#
+# The name of a config file provided with a complete path should not match
+# the name of any config file present in the /etc/openvpn directory.
+ 
+ovpn_start() { 
+  if [ -x /usr/sbin/openvpn ]; then
+    if [ -z "$1" ]; then # start OpenVPN for all config files:
+      if /bin/ls /etc/openvpn/*.conf 1> /dev/null 2> /dev/null ; then
+        for config in /etc/openvpn/*.conf ; do
+          echo "Starting OpenVPN:  /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config"
+          /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config
+        done
+      else
+        echo "Unable to start OpenVPN - no .conf files found in /etc/openvpn/."
+      fi
+    else # start OpenVPN for one config file:
+      if [ -r "$1" ]; then
+        echo "Starting OpenVPN:  /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1"
+        /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1
+      else # config file is missing:
+        echo "Error starting OpenVPN: config file $1 is missing."
+      fi
+    fi
+  fi
+} 
+
+ovpn_stop() { 
+  # Note: OpenVPN has a bad habit of leaving stale pid files around when exiting.
+  # Maybe it would be better to just use killall unless called for one config?
+  if [ -z "$1" ]; then # stop OpenVPN for all pid files:
+    if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then
+      for pid in /run/openvpn/*.pid ; do
+        echo "Stopping OpenVPN for pid file $pid..."
+        kill $(cat $pid)
+        rm -f $pid
+      done
+    else
+      echo "Warning: no pid files found in /run/openvpn/. Using killall to stop any OpenVPN processes."
+      killall openvpn
+    fi
+  else # stop OpenVPN for one config file:
+    if [ -r /run/openvpn/$(basename ${1}).pid ]; then
+      echo "Stopping OpenVPN for config file ${1}..."
+      kill $(cat /run/openvpn/$(basename ${1}).pid)
+      rm -f /run/openvpn/$(basename ${1}).pid
+    else
+      echo "Error stopping OpenVPN: no such pid file /run/openvpn/$(basename ${1}).pid"
+    fi
+  fi
+}
+
+ovpn_restart() {
+  if [ ! -z "$1" ]; then # restart for all config files:
+    ovpn_stop
+    sleep 2
+    ovpn_start
+  else # restart for one config file only:
+    ovpn_stop $1
+    sleep 2
+    ovpn_start $1
+  fi
+}
+
+ovpn_status() {
+  if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then
+    echo "Currently running OpenVPN processes according to .pid files in /run/openvpn:"
+    for pid in /run/openvpn/*.pid ; do
+      echo "  $(basename $pid) ($(cat $pid))"
+    done
+  else
+    echo "No .pid files found in /run/openvpn." 
+  fi
+}
+
+# Create PID directory if it doesn't exist:
+if [ ! -d /run/openvpn ]; then
+  mkdir -p /run/openvpn
+fi
+
+case "$1" in
+'start')
+  ovpn_start $2
+  ;;
+'stop')
+  ovpn_stop $2
+  ;;
+'restart')
+  ovpn_restart $2
+  ;;
+'status')
+  ovpn_status
+  ;;
+*)
+  echo "Usage: $0 {start|stop|restart}"
+esac
+
Index: .
===================================================================
--- .	(nonexistent)
+++ .	(revision 5)

Property changes on: .
___________________________________________________________________
Added: svn:ignore
## -0,0 +1,73 ##
+
+# install dir
+dist
+
+# Target build dirs
+.a1x-newlib
+.a2x-newlib
+.at91sam7s-newlib
+
+.build-machine
+
+.a1x-glibc
+.a2x-glibc
+.h3-glibc
+.h5-glibc
+.i586-glibc
+.i686-glibc
+.imx6-glibc
+.jz47xx-glibc
+.makefile
+.am335x-glibc
+.omap543x-glibc
+.p5600-glibc
+.power8-glibc
+.power8le-glibc
+.power9-glibc
+.power9le-glibc
+.m1000-glibc
+.riscv64-glibc
+.rk328x-glibc
+.rk33xx-glibc
+.rk339x-glibc
+.s8xx-glibc
+.s9xx-glibc
+.x86_64-glibc
+
+# Hidden files (each file)
+.makefile
+.dist
+.rootfs
+
+# src & hw requires
+.src_requires
+.src_requires_depend
+.requires
+.requires_depend
+
+# Tarballs
+*.gz
+*.bz2
+*.lz
+*.xz
+*.tgz
+*.txz
+
+# Signatures
+*.asc
+*.sig
+*.sign
+*.sha1sum
+
+# Patches
+*.patch
+
+# Descriptions
+*.dsc
+*.txt
+
+# Default linux config files
+*.defconfig
+
+# backup copies
+*~