[OLSR-users] Securing the OLSR interface
Sven-Ola Tuecke
(spam-protected)
Mon May 22 17:20:27 CEST 2006
Karsten,
that is the point where the Freifunk Firmware comes in. Has a cron job which
will verify the static route. If defroute does not work - put defroute to a
background policy routing table. That will stop HNA announcing too (via
olsrd_dny_gw_plain). This little cron script does the trick here, because
most black holes are configuration errors and not vandalism.
Of course you can also use signed olsrd messages - theres a plugin call
secure-olsrd or so. May work better if you expect vandals in your
neighborhood, I have not tried that thing yet. And 2nd of course - you are
free to copy+adpat any script for your environment. (Grab a Kit and look
into root.tgz/usr/sbin/cron.minutely:
http://styx.commando.de/sven-ola/ipkg/_kit/ )
LG Sven-Ola
"Karsten Horsmann" <(spam-protected)> schrieb im Newsbeitrag
news:(spam-protected)
[---snipp---]
But if you setup an olsrd thats announced an Inet connection, without
an an really one - you got an black hole, isn´t?
I don´t test this szenario, maybe i can discard so a misconfigured
node with the olsr filter?
More information about the Olsr-users
mailing list