Path to this page:
./
net/tinc,
Virtual Private Network (VPN) daemon
Branch: CURRENT,
Version: 1.0.36nb1,
Package name: tinc-1.0.36nb1,
Maintainer: pkgsrc-userstinc is a Virtual Private Network (VPN) daemon that uses tunnelling and
encryption to create a secure private network between hosts on the Internet.
Because the VPN appears to the IP level network code as a normal network
device, there is no need to adapt any existing software. This allows VPN
sites to share information with each other over the Internet without exposing
any information to others. In addition, tinc has the following features:
o Encryption, authentication and compression
All traffic is optionally compressed using zlib or LZO, and OpenSSL is
used to encrypt the traffic and protect it from alteration with message
authentication codes and sequence numbers.
o Automatic full mesh routing
Regardless of how you set up the tinc daemons to connect to each
other, VPN traffic is always (if possible) sent directly to the
destination, without going through intermediate hops.
o Easily expand your VPN
When you want to add nodes to your VPN, all you have to do is add an extra
configuration file, there is no need to start new daemons or create and
configure new devices or network interfaces.
o Ability to bridge ethernet segments
You can link multiple ethernet segments together to work like a single
segment, allowing you to run applications and games that normally only work
on a LAN over the Internet.
MESSAGE.smf [+/-]===========================================================================
$NetBSD: MESSAGE.smf,v 1.1 2018/09/30 15:55:25 jperkin Exp $
This package supports multiple SMF instances.
By default a 'default' instance is created and a example tinc.conf
config file is put in place in the 'default' network directory.
No keys will be generated automatically, the user is expected to do so.
Configure using the SMF properties: user, chroot, memlock
'user' is the user to setuid to after initialization.
'chroot' will chroot the server process to the directory where the
network config is located.
'memlock' locks tinc into the main memory.
For more information about these options check tincd(8) manpage.
Add a example service instance:
svccfg -s tinc add mynetwork
svccfg -s tinc:mynetwork addpg tinc application
svccfg -s tinc:mynetwork setprop tinc/user = astring: tincuser
svccfg -s tinc:mynetwork setprop tinc/chroot = boolean: true
svccfg -s tinc:mynetwork setprop tinc/memlock = boolean: true
===========================================================================
Required to run:[
archivers/lzo] [
security/openssl]
Required to build:[
pkgtools/cwrappers]
Master sites:
Filesize: 488.594 KB
Version history: (Expand)
- (2023-10-25) Updated to version: tinc-1.0.36nb1
- (2021-06-12) Updated to version: tinc-1.0.36
- (2020-01-19) Updated to version: tinc-1.0.32nb2
- (2018-09-30) Updated to version: tinc-1.0.32nb1
- (2017-11-23) Package has been reborn
- (2017-09-08) Updated to version: tinc-1.0.32
CVS history: (Expand)
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2021-10-26 13:07:15 by Nia Alarie | Files touched by this commit (958) |
Log message:
net: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Not committed (merge conflicts...):
net/radsecproxy/distinfo
The following distfiles could not be fetched (fetched conditionally?):
./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch
|
2021-10-07 16:43:07 by Nia Alarie | Files touched by this commit (962) |
Log message:
net: Remove SHA1 hashes for distfiles
|
2021-06-12 08:32:02 by Nia Alarie | Files touched by this commit (3) | |
Log message:
tinc: update to 1.0.36
Version 1.0.36 August 26 2019
* Fix compiling tinc with certain versions of the OpenSSL library.
* Fix parsing some IPv6 addresses with :: in them.
* Fix GraphDumpFile output to handle node names starting with a digit.
* Fix a potential segmentation fault when fragmenting packets.
Thanks to Rosen Penev, Quentin Rameau and Werner Schreiber for their
contributions to this version of tinc.
Version 1.0.35 October 5 2018
* Prevent oracle attacks (CVE-2018-16737, CVE-2018-16738).
* Prevent a MITM from forcing a NULL cipher for UDP (CVE-2018-16758).
* Minor fixes in the documentation.
Thanks to Amine Amri and Rafael Sadowski for their contributions to this
version of tinc.
Version 1.0.34 June 12 2018
* Fix a potential segmentation fault when connecting to an IPv6 peer via a
proxy.
* Minor improvements to the build system.
* Make the systemd service file identical to the one from the 1.1 branch.
* Fix a potential problem causing IPv4 sockets to not work on macOS.
Thanks to Maximilian Stein and Wang Liu Shuai for their contributions to this
version of tinc.
Version 1.0.33 November 4 2017
* Allow compilation from a build directory.
* Source code cleanups.
* Fix some options specified on the command line not surviving a HUP signal.
* Handle tun/tap device returning EPERM or EBUSY.
* Disable PMTUDiscovery when TCPOnly is used.
* Support the --runstatedir option of the autoconf 2.70.
Thanks to Rafael Sadowski and Pierre-Olivier Mercier for their contributions to
this version of tinc.
|
2020-05-02 01:17:34 by Roland Illig | Files touched by this commit (1) |
Log message:
net/tinc: remove no-op SUBST block
There are no empty lines in the manual page.
|
2020-01-26 18:32:28 by Roland Illig | Files touched by this commit (981) |
Log message:
all: migrate homepages from http to https
pkglint -r --network --only "migrate"
As a side-effect of migrating the homepages, pkglint also fixed a few
indentations in unrelated lines. These and the new homepages have been
checked manually.
|
2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836) |
Log message:
*: Recursive revision bump for openssl 1.1.1.
|
2019-05-28 15:35:54 by Jonathan Perkin | Files touched by this commit (3) |
Log message:
*: Remove per-package MESSAGE.{rcd,smf} handling.
This is now centralised in mk/pkgformat so no need to do it manually.
|