Skip to content

Instantly share code, notes, and snippets.

@zuriby

zuriby/afikoman-config.xml

Created March 23, 2011 10:43
Show Gist options
  • Save zuriby/882928 to your computer and use it in GitHub Desktop.
Save zuriby/882928 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
afikoman-config.xml
<?xml version="1.0"?>
<afikoman xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="file:///etc/afikoman-config.xsd">
<negotiator>
<crypto>
<ca>
<cert>/opt/afikoman/crypto/N00.P000/CA.pem</cert>
<crl>/opt/afikoman/crypto/N00.P000/crl.pem</crl>
</ca>
<box>
<cert>/opt/afikoman/crypto/N00.P000/1003.pem</cert>
<key>/opt/afikoman/crypto/N00.P000/1003.key</key>
<dhparams>/opt/afikoman/crypto/N00.P000/dh.key</dhparams>
<kek>/opt/afikoman/crypto/N00.P000/kek.key</kek>
<bcmk>/opt/afikoman/crypto/N00.P000/bcmk.key</bcmk>
<prevkek>/opt/afikoman/crypto/N00.P000/kek.key.old</prevkek>
<prevbcmk>/opt/afikoman/crypto/N00.P000/bcmk.key.old</prevbcmk>
</box>
</crypto>
</negotiator>
<cipherbridge>
<paths>
<negotiator>/usr/bin/negotiator</negotiator>
</paths>
<configuration>
<compress>False</compress>
<fragment>True</fragment>
</configuration>
<ruleset id="rs1">
<cipher_rules>
<cipher_rule id="1000" type="system">
<match type="ip"/>
<operation_drop/>
</cipher_rule>
<cipher_rule id="1001" type="system">
<match type="ethernet">
<ethertype>0x806</ethertype>
</match>
<operation_bypass/>
</cipher_rule>
<cipher_rule id="1" type="user" enabled="1">
<match type="ip">
<source_ip>70.0.0.1</source_ip>
<destination_ip>70.0.0.2</destination_ip>
</match>
<operation_bypass>
</operation_bypass>
</cipher_rule></cipher_rules>
</ruleset>
</cipherbridge>
</afikoman>
Raw
command lines (as in ps ax)
763 ? S 0:00 /usr/bin/python /usr/bin/cipherbridge -c /etc/afikoman-config.xml -i eth0 -o eth1 -D -p /var/run/cipherbridge.pid
764 ? S 0:00 /usr/bin/python /usr/bin/negotiator -c /etc/afikoman-config.xml
Raw
ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:16:3f:60:4a:c0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:879 errors:0 dropped:0 overruns:0 frame:0
TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:85078 (85.0 KB) TX bytes:1680 (1.6 KB)
Interrupt:24 Base address:0xa000
eth1 Link encap:Ethernet HWaddr 00:16:3f:60:4a:bb
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:28 errors:0 dropped:0 overruns:0 frame:0
TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1680 (1.6 KB) TX bytes:1680 (1.6 KB)
Interrupt:25 Base address:0xe000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Raw
ip_forward
root@AFIK-52:~# cat /proc/sys/net/ipv4/ip_forward
0
Raw
route -n
root@AFIK-52:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment