Well, a lot has happened in the ampr.org realm lately. Me, I've been
busy with actual work and completely out of it. Anyway, late is better
than never, so I finally got around to putting back my ampr.org domain.
I've upgraded to Fedora 12 early in the release cycle. Acutally a lot of Linux ham radio seems more solid. The utilities now support the new type of socket. Also the annoying bug with f6fbb has been fixed, which now allows use of a stock kernel from Fedora. I still recompiled because all my scripts are based on BSD pty, but it is finally possible to make this all work without rebuilding the kernel.
I have a much simpler system for outgoing packets now. Maybe I'm learning a little bit better how this works now.
/sbin/ifconfig tunl0 up 184.108.40.206 netmask 255.255.255.255
/sbin/ip route add default via 220.127.116.11 dev tunl0 proto static onlink table 10
/sbin/ip rule add from 18.104.22.168 table 10
also the file /etc/iproute2/rt_tables has an entry
This uses a new outgoing ipip server kindly offered by some guy in Germany. So far it seems to be working well.
For all of the entries in the encap.txt file I do
/sbin/ip route replace xx.xx.xx.xx/xx via yy.yy.yy.yy dev tunl0 proto static onlink table 10
I believe this line tells the tunnel code to use the tunnel at 'y' instead of the default tunnel for these systems.
/sbin/ip rule add to xx.xx.xx/xx table 10
This line tells Linux to use the tunnel instead of the normal network interface for anything in the encap file.
I have discovered there are some 44.xx.xx.xx systems that are not in encap.txt. And I don't know how these work, but I've discovered they don't work if I use ipip. So for now, I don't default all of 44/8 to the tunnel, only those that have an entry. This way, when I telnet to a 44.x system I'm identified by my 44/ ip address.
And more configuration. Well, it turns out some of these lines are actually useful. n1uro came up with these lines here. I never knew what they did, but now I do.
/sbin/iptables -A FORWARD -p 4 -j ACCEPT
/sbin/iptables -A FORWARD -p 93 -j ACCEPT
Protocol 93, at least, is the PROTO_AX25. This is used by ax25ipd to encapsulate ax25 packets in IP. Without these lines, what happens is that the ax25ipd packets never get forwarded to the tunnel, even if they are sent to a 44.x address. They go out the main IP address and then get SAFE filtered and die. Now, with these lines in my config, I'm able to actually connect over axip to a network that is hooked to my ampr net ip address.
One quirk. I'm not sure what happened by I have seen the system reboot. It just happened once, so, I'm starting to wonder if there's still some lingering issues in here. It seemed the systemed powered down, and I looked in messages, but didn't anything obvious. Hmm.