A naïve point-to-point tunnel implementation using libsodium
C Shell M4 Makefile
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
debian
dist-build
libsodium @ 2f4f718
openwrt
packaging
samples
src
tests
tools
.gitignore
.gitmodules
.travis.yml
CHANGES
COPYING
Makefile.am
README.md
bootstrap
configure.ac

README.md

natun

natun is a naïve point-to-point tunnel implementation using libsodium.

Install

Build from source

First of all, make sure prerequisites are installed. On Debian-based Linux distributions, you can establish a build environment by:

sudo apt-get update
sudo apt-get install build-essential automake libtool git

Get the source code:

git clone --recursive https://github.com/ericyan/natun

The --recursive option is to ensure you download everything, including any submodules.

Now go to the project directory, there is a bootstrap script:

./bootstrap

After the necessary files being generated, you are free to go:

./configure --enable-static --sysconfdir=/etc
make && sudo make install

OpenWRT

cd into SDK root, then

pushd package
git clone https://github.com/ericyan/natun
popd
make menuconfig # select Network/natun
make V=s
scp bin/xxx/natun-xxx-xxx.ipk root@192.168.1.1
# then log in your box and use opkg to install that ipk file

Configuration

  • For the client, edit client.conf.
  • For the server, edit server.conf.
  • Update server and password in those files.
  • The script specified by up will be executed after VPN is up.
  • The script specified by down will be executed after VPN is down.
  • If you need to specify routing rules, modify those scripts. You'll see a placeholder at the end of those scripts.
  • If you are using Windows, the IP address of TUN/TAP device tunip is required to be specified in the conf file.

Note that natun is a peer-to-peer VPN, which means one server for each client. If you have multiple clients, you should start multiple server instances, which can be controlled by different configuration files via -c argument. Make sure to use different IP for each instance in each up and down scripts.