From owner-freebsd-security@freebsd.org Tue Jan 28 16:21:48 2020 Return-Path: Delivered-To: freebsd-security@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D55702320BF for ; Tue, 28 Jan 2020 16:21:48 +0000 (UTC) (envelope-from frenezahomo@gmail.com) Received: from mail-wm1-x343.google.com (mail-wm1-x343.google.com [IPv6:2a00:1450:4864:20::343]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 486X1m03pnz49FZ for ; Tue, 28 Jan 2020 16:21:47 +0000 (UTC) (envelope-from frenezahomo@gmail.com) Received: by mail-wm1-x343.google.com with SMTP id p17so3239852wma.1 for ; Tue, 28 Jan 2020 08:21:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:from:to:references:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=hRy7VAWmju6Kt4OazmjrXG02mT+XxB5+NsWWmLQP3kM=; b=lRL2A3O9EDiWuDBbNAGR/mbJUx8nGG6pMVGd8YnSfjvdxTMo8COrjmQnZhdEvKNa5V vPcPBVAqSUZb4Vl6/SCMeLqdFNUyB/zPmcXjwMH1diHkAuM0FGzt00CXNr1gkZ8thtV0 grmXGV3h7+b3Tyw1GzDBKT8A+NIjpbkVvQWzHjRxETpbXK9BNzzLDYdCDE/sY6oCu4bF d7uVODrZduBunM7LsNPQFEDEsXoakOo8l/vYWMj/qTizT6Jz8ltZ9w6R4RikKW0y5iMB XCA6T1J59agV5PHIY2WpL8Ox1ECjelrzc5iOE1h+kmwrD62crPrO+dwVytVKgZhhhx5f 0qNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:references:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=hRy7VAWmju6Kt4OazmjrXG02mT+XxB5+NsWWmLQP3kM=; b=L6047wgy3YZhI/xlRhIeWJaw0pvBrKq0TKJLJXkvABXmplAyuMz6e+Eg7838Nbc/0L 1egY9Tdi3Vzv8EtaKDxy9OZwtGbXzedIZNlQ+59Tr+p+wvYbwbu18JIjq99/DLRo3QFw fg2Z5fgtC6rbSHki1hZt1r0VU4/jLijk2DLHqpWzpfXsPATs+7QhBGVR4tcnia0mQK07 WnZXnBHnrn0+QjKGq3Izi2ELjFXecwIEbzRKIQfRsv/l037wuYmJnUijPJhU9OAtmrqD NfBZL8Qc3F/tK0WSZxv+9cp0WvhGsGGJd05H5nh/FTmb2ZEfWuXlaRiExsxfYZ9hvPwI 6vOQ== X-Gm-Message-State: APjAAAXV2Up7W5aEopaf7LNakI0uRz0TMvgCz6J5Wa5JZ7k3gvwwPG1Y nJehSq1RCdtlv2pGJ3qOzDU8TZOH X-Google-Smtp-Source: APXvYqxfSRKG1E+lYashvcJrtdke/X76Sa40HZ9+wmVPtrn8IKyfjN6MBR5UeFWKW95r5p/ux3ocYQ== X-Received: by 2002:a1c:a78b:: with SMTP id q133mr5800583wme.28.1580228506101; Tue, 28 Jan 2020 08:21:46 -0800 (PST) Received: from [192.168.2.197] ([80.77.191.190]) by smtp.gmail.com with ESMTPSA id n13sm3623628wmd.21.2020.01.28.08.21.44 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 28 Jan 2020 08:21:45 -0800 (PST) Subject: Re: cjdns From: freneza To: freebsd-security@freebsd.org References: <910b28bb-6f4f-bf44-3a18-5d4e2437ae85@gmail.com> Message-ID: <3a46f07b-eb3d-c3a4-0888-33436c83c304@gmail.com> Date: Tue, 28 Jan 2020 18:21:43 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 MIME-Version: 1.0 In-Reply-To: <910b28bb-6f4f-bf44-3a18-5d4e2437ae85@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-Rspamd-Queue-Id: 486X1m03pnz49FZ X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=lRL2A3O9; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of frenezahomo@gmail.com designates 2a00:1450:4864:20::343 as permitted sender) smtp.mailfrom=frenezahomo@gmail.com X-Spamd-Result: default: False [-3.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RECEIVED_SPAMHAUS_PBL(0.00)[190.191.77.80.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.11]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-security@freebsd.org]; IP_SCORE_FREEMAIL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; IP_SCORE(0.00)[ip: (2.96), ipnet: 2a00:1450::/32(-2.52), asn: 15169(-1.78), country: US(-0.05)]; RCVD_IN_DNSWL_NONE(0.00)[3.4.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org : 127.0.5.0]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jan 2020 16:21:48 -0000 I am replying to myself.. I have fixed this problem by adding a stating route. Turns out cjdns FreeBSD doesn't add a proper route when being run from FreeBSD. In addition you had to statically select the interface name or else it will just increment whenever you restart cjdns (tun0, tun1, tun2, etc..). If anyone ever faces this problem and this to your `/etc/rc.conf`: ``` ipv6_static_routes="cjdns" ipv6_route_cjdns="-net fc00::/7 fc4d:b57e:887e:5f2a:33e7:a215:2399:ea72" cjdns_enable="YES" ``` and add this to the `interface` section of `router` at the end of the line: ``` "tunDevice": "tun0" ``` It should like this in the end: ```         "interface": {             // The type of interface (only TUNInterface is supported for now)             "type": "TUNInterface",             // The type of tunfd (only "android" for now)             // If "android" here, the tunDevice should be used as the pipe path             // to transfer the tun file description.             // "tunfd" : "android"             // The name of a persistent TUN device to use.             // This for starting cjdroute as its own user.             // *MOST USERS DON'T NEED THIS*             "tunDevice": "tun0"         }, ``` and then restart your FreeBSD machine and cjdns should work ! On 1/27/20 6:53 PM, freneza wrote: > I am having major trouble getting cjdns working on FreeBSD. > > I was capable of running it on Debian and Fedora without any trouble, > but FreeBSD has trouble with getting the network to route properly. > > I tried the `pkg install cjdns` and running it from source, but both > don't work for me. > > If someone could get cjdns to work, please create a guide. All generic > (usually Linux-targetted) cjdns guides didn't work for me. > > I am sure my connectTo configuration (peering) is correct because I > use the same peers on Fedora and Debian without a hitch. > >