Setup IPv6 tunnels from Hurricane Electric

The tunnel setup script:

#!/bin/sh
# Author: Ashish Shukla <gmail.com!wahjava>
# Description: Creates and initializes an IPv6 tunnel from the parameters given in
#              the file name stored in $TUNNEL_CONFIG variable
# License: BSD License
# OS: FreeBSD, GNU/Linux
# Tested on: FreeBSD 7.0-RELEASE-p3
#            Gentoo GNU/Linux 2008.0
# TODO: Port the script to other POSIX compliant OSs
#
# Copyright 2008. Ashish Shukla
#
# CREDITS: Martin J. Levy at HE.net, for the motivation.

OS=$(uname)
WHICH=/usr/bin/which
SCRIPT_NAME=`basename $0`

# The place where tunnel configuration file is stored
TUNNEL_CONFIG=${HOME}/.tunnelconfig

[ -f ${TUNNEL_CONFIG} ] && . ${TUNNEL_CONFIG}

FindLocalEndpoint() {
	if [ ${OS} = Linux ]; then
		if [ ! -z "${IP}" ] ; then
			INET_LOCAL_ENDPOINT=`${IP} addr show |awk "/^[[:space:]]*inet .*global ${IFACE}\$/ { print \\$2 }" |sed -e 's|/[[:digit:]]*||g'`
		elif [ ! -z "${IFCONFIG}" ]; then
			INET_LOCAL_ENDPOINT=`${IFCONFIG} ${IFACE} |awk "/^[[:space:]]*inet / { print \\$2 }" |sed -e 's|addr:||g'`
		fi
	elif [ ${OS} = FreeBSD ]; then
		INET_LOCAL_ENDPOINT=`${IFCONFIG} ${IFACE} |awk '/^[[:space:]]*inet / { print $2 }'`
	fi
}

IsValidExecutable() {
	if [ -z "$1" ] || [ ! -f "$1" ] || [ ! -x "$1" ] ; then
		echo "Error: $2 is not installed or is not executable."
		exit 1
	fi
}

IsValidExecutable "${WHICH}" "which"

if [ ! -z "${PREFER_SUDO}" ]; then
	[ -z "${SUDO}" ] && SUDO=$(${WHICH} sudo 2>/dev/null)
	IsValidExecutable "${SUDO}" "sudo"

	if ! ${SUDO} echo sudo verified ; then
		echo Error: Unable to verify sudo
		exit 1
	fi
	WHICH="${SUDO} ${WHICH}"
fi

[ -z "${WGET}" ] && WGET=$(${WHICH} wget 2>/dev/null)
[ -z "${AWK}" ] && AWK=$(${WHICH} awk 2>/dev/null)
[ -z "${SED}" ] && SED=$(${WHICH} sed 2>/dev/null)
[ -z "${RM}" ] && RM=$(${WHICH} rm 2>/dev/null)

# Check for the Required executables
IsValidExecutable "${WGET}" "GNU wget"
IsValidExecutable "${SED}" "sed"
IsValidExecutable "${AWK}" "awk"
IsValidExecutable "${RM}" "rm"

# echo GNU wget is installed at ${WGET}

if [ $OS = Linux ]; then

	[ -z "${IP}" ] && IP="$(${WHICH} ip 2>/dev/null)"
	[ -z "${IFCONFIG}" ] && IFCONFIG="$(${WHICH} ifconfig 2>/dev/null)"
	[ -z "${ROUTE}" ] && ROUTE="$(${WHICH} route 2>/dev/null)"

	if [ ! -z ${IP} ]; then
		IsValidExecutable ${IP} "iproute2"

		[ ! -z "${PREFER_SUDO}" ] && IP="${SUDO} ${IP}"
#		echo iproute2 is available at ${IP}

		[ ! -z "${INET_LOCAL_ENDPOINT} " ] && FindLocalEndpoint

#		echo Local Endpoint is ${INET_LOCAL_ENDPOINT}.
#		echo inet6 remote endpoint is ${INET6_REMOTE_ENDPOINT}
#		echo inet6 local endpoint is ${INET6_LOCAL_ENDPOINT}

#		echo ${IP} tunnel add ${TUNNEL_IFACE} mode sit remote ${INET_REMOTE_ENDPOINT} local ${INET_LOCAL_ENDPOINT} ttl 255
		${IP} tunnel add ${TUNNEL_IFACE} mode sit remote ${INET_REMOTE_ENDPOINT} local ${INET_LOCAL_ENDPOINT} ttl 255
#		echo ${IP} link set ${TUNNEL_IFACE} up
		${IP} link set ${TUNNEL_IFACE} up
#		echo ${IP} addr add ${INET6_LOCAL_ENDPOINT} dev ${TUNNEL_IFACE}
		${IP} addr add ${INET6_LOCAL_ENDPOINT} dev ${TUNNEL_IFACE}
#		echo ${IP} route add ::/0 dev ${TUNNEL_IFACE}
		${IP} route add ::/0 dev ${TUNNEL_IFACE}
#		echo ${IP} route add ${INET_REMOTE_ENDPOINT} dev ${IFACE}		
		${IP} route add ${INET_REMOTE_ENDPOINT} dev ${IFACE}		

	elif ! [ -z "$(${WHICH} ifconfig 2>/dev/null)" ]; then

		IsValidExecutable ${IFCONFIG} "ifconfig"
		IsValidExecutable "${ROUTE}" "route"
	
		[ ! -z "${PREFER_SUDO}" ] && IFCONFIG="${SUDO} ${IFCONFIG}" && ROUTE="${SUDO} ${ROUTE}"
#		echo ifconfig is available at ${IFCONFIG}

		[ ! -z "${INET_LOCAL_ENDPOINT} " ] && FindLocalEndpoint

#		echo ${IFCONFIG} ${TUNNEL_IFACE} up add ${INET6_LOCAL_ENDPOINT}
		${IFCONFIG} ${TUNNEL_IFACE} up add ${INET6_LOCAL_ENDPOINT}
#		echo ${ROUTE} -A inet6 del ${INET6_REMOTE_ENDPOINT/::1/::} dev ${TUNNEL_IFACE}
		${ROUTE} -A inet6 del ${INET6_REMOTE_ENDPOINT/::1/::} dev ${TUNNEL_IFACE}
#		echo ${ROUTE} -A inet6 add ${INET6_REMOTE_ENDPOINT/::1/::} gw ::${INET_REMOTE_ENDPOINT} dev ${TUNNEL_IFACE}
		${ROUTE} -A inet6 add ${INET6_REMOTE_ENDPOINT/::1/::} gw ::${INET_REMOTE_ENDPOINT} dev ${TUNNEL_IFACE}
#		echo ${ROUTE} -A inet6 add default gw ::${INET_REMOTE_ENDPOINT} dev ${TUNNEL_IFACE}
		${ROUTE} -A inet6 add default gw ::${INET_REMOTE_ENDPOINT} dev ${TUNNEL_IFACE}
#		echo ${ROUTE} add ${INET_REMOTE_ENDPOINT} dev ${IFACE}
		${ROUTE} add ${INET_REMOTE_ENDPOINT} dev ${IFACE}
	else
		echo Neither ifconfig nor ip executables are found at PATH
		echo Please make sure, that one of them is installed and present
		echo in PATH somewhere.
		echo PATH: ${PATH}
	fi
elif [ $OS = FreeBSD ]; then
	[ -z "${IFCONFIG}" ] && IFCONFIG="$(${WHICH} ifconfig 2>/dev/null)"
	[ -z "${ROUTE}" ] && ROUTE="$(${WHICH} route 2>/dev/null)"

	[ ! -z "${PREFER_SUDO}" ] && IFCONFIG="${SUDO} ${IFCONFIG}" && ROUTE="${SUDO} ${ROUTE}"
	[ ! -z "${INET_LOCAL_ENDPOINT} " ] && FindLocalEndpoint

	${IFCONFIG} ${TUNNEL_IFACE} create
	${IFCONFIG} ${TUNNEL_IFACE} tunnel ${INET_LOCAL_ENDPOINT} ${INET_REMOTE_ENDPOINT}
	${IFCONFIG} ${TUNNEL_IFACE} inet6 ${INET6_LOCAL_ENDPOINT}
	${ROUTE} -n add -inet6 default ${INET6_REMOTE_ENDPOINT%%/64}
	${IFCONFIG} ${TUNNEL_IFACE} up
else
	echo This script is not yet ported to ${OS}.
	echo You can help to port it to your ${OS}.
fi

TMPFILE=`mktemp -q -t ${SCRIPT_NAME}.XXXXX`

${WGET} -O /dev/null --keep-session-cookies "--post-data=f_user=${USER}&f_pass=${PASSWORD}&clearpass=" --save-cookies=${TMPFILE} http://ipv4.tunnelbroker.net/login.php 2>/dev/null
${WGET} -O /dev/null --load-cookies=${TMPFILE} "--post-data=ipv4b=${INET_LOCAL_ENDPOINT}&tunnel_id=${TUNNEL_ID}&update=Submit" http://ipv4.tunnelbroker.net/ipv4_update.php 2>/dev/null
${RM} -f ${TMPFILE}

exit 0

Following is the tunnel configuration file, which is stored in my home directory at $HOME/.tunnelconfig:

# Interface
IFACE=ng0

# User
USER=xxxxxxxx

# MD5 hash of the password
# GNU/Linux: printf ${password} |md5sum |awk '{ print $1 }'
# FreeBSD: md5 -q -s ${password}
PASSWORD=xxxxxxxxxxxxxxxxxxxx

# Global Tunnel ID as mentioned in the tunnel configuration webpage
TUNNEL_ID=00000

# Define it, if executing priviledged actions via sudo. RECOMMENDED.
PREFER_SUDO=1

# In case of GNU/Linux,
# if using ifconfig: 6in4 tunnel name start with sit, e.g. sit0
# if using iproute2: 6in4 tunnel name can be any 3 or more letters name, not starting with sit, e.g. he-tunnel
# whereas in FreeBSD, the name starts with gif, .e.g. gif0
TUNNEL_IFACE=gif0

# IPv4 Remote endpoint
INET_REMOTE_ENDPOINT=127.0.0.1

# IPv6 Remote endpoint
INET6_REMOTE_ENDPOINT=2001:db8:xxxx::1/64

# IPv6 Local endpoint
INET6_LOCAL_ENDPOINT=2001:db8:xxxx::2/64

# Define it if you don't want local IPv4 local endpoint to be detected at runtime.
# INET_LOCAL_ENDPOINT=

To use this script, download it and save it as setup-he.sh in your home directory, make it executable, create a tunnel configuration file at $HOME/.tunnelconfig similar to the one shown above, and then finally execute the script on terminal. Happy IPv6ing…:)

Update HE IPv6 tunnel-endpoint from command-line

Following is the script I use to initialize my IPv6 tunnel on GNU/Linux:

#!/bin/sh
# Name: up-he.sh
# Description: Initializes the IPv6 tunnel from HE.
# Author: Ashish Shukla <gmail.com!wahjava>
# OS: GNU/Linux
# NOTE: This script requires superuser privileges.

# Default outgoing interface
INTERFACE=ppp0

# IPv6 tunnel interface name
HE=he-ipv6-tunnel

IP_OF_INTERFACE=`/sbin/ifconfig ${INTERFACE} |awk '/^[[:space:]]+inet[[:space:]]/  { print $2 }' |sed -e s/addr://`

# Enter your IPv6 /64 endpoint here.
IP6_TUNNEL_ENDPOINT=2001:470::/64

# Enter your IPv4 tunnel endpoint here.
REMOTE_ENDPOINT=127.0.0.2

/sbin/ip tunnel add $HE mode sit remote ${REMOTE_ENDPOINT} local ${IP_OF_INTERFACE} ttl 255
/sbin/ip link set $HE up
/sbin/ip addr add ${IP6_TUNNEL_ENDPOINT} dev $HE
/sbin/ip route add ::/0 dev $HE

# Add a explicit route in case if you've multiple outgoing interfaces ;)
/sbin/ip route add ${REMOTE_ENDPOINT} dev $INTERFACE

# Comment the following line, if you want /64 IPv6 endpoint address to be the used as the default source address
/sbin/ip addr del ${IP6_TUNNEL_ENDPOINT} dev $HE

And, following is its FreeBSD counterpart:

#!/bin/sh
# Name: up-he.sh
# Description: Initializes the IPv6 tunnel from HE.
# Author: Ashish Shukla <gmail.com!wahjava>
# OS: FreeBSD
# NOTE: This script requires superuser privileges.

# The IPv6 tunnel interface you want to be created, make sure its name starts with 'gif'
TUNNEL_IF=gif0

# The outgoing interface
INTERFACE=ng0

LOCAL_ENDPOINT=`/sbin/ifconfig ${INTERFACE} |awk '/^[[:space:]]*inet[[:space:]]/ { print $2 }'`

# Please enter your remote IPv4 endpoint here.
REMOTE_ENDPOINT=127.0.0.1

# Please enter your local IPv6 /64 endpoint here
LOCAL6_ENDPOINT=2001:470:xxxx::1

# Please enter your remote IPv6 /64 endpoint here
REMOTE6_ENDPOINT=2001:470:xxxx::2

# ${REMOTE6_ENDPOINT} prefixlen 64
sudo ifconfig ${TUNNEL_IF} create
echo created.
sudo ifconfig ${TUNNEL_IF} tunnel ${LOCAL_ENDPOINT} ${REMOTE_ENDPOINT}
echo tunnelled.
sudo ifconfig ${TUNNEL_IF} inet6 ${LOCAL6_ENDPOINT}/64
echo setup.
sudo route -n add -inet6 default ${REMOTE6_ENDPOINT}
echo routed.
sudo ifconfig ${TUNNEL_IF} up
echo up.
# Comment the following line, if you want /64 IPv6 endpoint address to be used as default source address
sudo ifconfig ${TUNNEL_IF} inet6 ${LOCAL6_ENDPOINT} -alias

Following is the script I use to update my IPv4 endpoint, stored in the IPv6 tunnel database of HE, from GNU/Linux:

#!/bin/sh
# Name: setup-he.sh
# Description: Updates IPv4 endpoint in IPv6 tunnel databse of HE
# Author; Ashish Shukla <gmail.com!wahjava>
# OS: GNU/Linux
# NOTE: This script doesn't require superuser privileges.

IFACE=ppp0
ENDPOINT=`/sbin/ifconfig ${IFACE} | sed -e s/addr://g |awk '/^[[:space:]]*inet[[:space:]]/ { print $2 }'`
SCRIPT_NAME=`basename $0`
TMPFILE=`mktemp -q -t ${SCRIPT_NAME}.XXXXXX`

# Please set appropriate paths to md5sum and wget here
WGET=/usr/bin/wget
MD5=/usr/bin/md5sum

# Enter your tunnel user id here
USER=XXXXX

# Enter your tunnel password here
PASSWORD=XXXXXXX

# Enter your Global Tunnel ID in HE's database
TUNNEL_ID=00000

MD5_PASSWORD=`printf ${PASSWORD} |md5sum |awk '{ print $1 }'`

${WGET} -O /dev/null --keep-session-cookies "--post-data=f_user=${USER}&f_pass=${MD5_PASSWORD}&clearpass=" --save-cookies=${TMPFILE} http://ipv4.tunnelbroker.net/login.php 2>/dev/null || exit 1
${WGET} -O /dev/null --load-cookies=${TMPFILE} "--post-data=ipv4b=${ENDPOINT}&tunnel_id=${TUNNEL_ID}&update=Submit" http://ipv4.tunnelbroker.net/ipv4_update.php 2>/dev/null || exit 2
rm ${TMPFILE}
exit 0

And following is its FreeBSD counterpart:

#!/bin/sh
# Name: setup-he.sh
# Description: Updates IPv4 endpoint in IPv6 tunnel databse of HE
# Author; Ashish Shukla <gmail.com!wahjava>
# OS: FreeBSD
# NOTE: This script doesn't require superuser privileges.

# Default outgoing interface
IFACE=ng0
ENDPOINT=`/sbin/ifconfig ${IFACE} |awk '/^[[:space:]]*inet[[:space:]]/ { print $2 }'`
SCRIPT_NAME=`basename $0`
TMPFILE=`mktemp -q -t ${SCRIPT_NAME}`

# Please set appropriate paths to md5 and wget here
WGET=/usr/local/bin/wget
MD5=/sbin/md5

# Enter your tunnel user id here
USER=XXXXXX

# Enter your tunnel password here
PASSWORD=XXXXXXX

# Enter your Global Tunnel ID in HE's database
TUNNEL_ID=00000

MD5_PASSWORD=`${MD5} -q -s ${PASSWORD}`

${WGET} -O /dev/null --keep-session-cookies "--post-data=f_user=${USER}&f_pass=${MD5_PASSWORD}&clearpass=" --save-cookies=${TMPFILE} http://ipv4.tunnelbroker.net/login.php 2>/dev/null
${WGET} -O /dev/null --load-cookies=${TMPFILE} "--post-data=ipv4b=${ENDPOINT}&tunnel_id=${TUNNEL_ID}&update=Submit" http://ipv4.tunnelbroker.net/ipv4_update.php 2>/dev/null
rm ${TMPFILE}

The tunnel endpoint updating scripts are inspired from a script written by someone (sorry the name I’ve forgotten, but the regexp is f.*) on #ipv6@irc.freenode.net.

UPDATE: The scripts are recently updated on Mon Sep 1 10:46:40 IST 2008.

irssi notifications

Following is the code of irssi plugin, which I hacked. It displays popup messages (using notification-daemon) for any IMs you received:

# irssi-notify.pl
use Irssi;
use Net::DBus;
 
$::VERSION='0.0.1';
%::IRSSI = (
    authors => 'Ashish Shukla',
    contact => 'gmail.com!wahjava',
    name => 'irssi-notify',
    description => 'Displays a pop-up message for message received',
    url => 'http://wahjava.wordpress.com/',
    license => 'GNU General Public License',
    changed => '$Date$'
    );
 
my $APPNAME = 'irssi';
 
my $bus = Net::DBus->session;
my $notifications = $bus->get_service('org.freedesktop.Notifications');
my $object = $notifications->get_object('/org/freedesktop/Notifications',
					'org.freedesktop.Notifications');
 
my $notify_nick = 'abbe';
 
# $object->Notify('appname', 0, 'info', 'Title', 'Message', [], { }, 3000);
 
sub pub_msg {
    my ($server,$msg,$nick,$address,$target) = @_;
 
    if ($msg =~ $notify_nick)
    {
	$object->Notify("${APPNAME}:${server}",
			0,
			'info',
			"Public Message in $target",
			"$nick: $msg",
			[], { }, 3000);
    }
}
 
sub priv_msg {
    my ($server,$msg,$nick,$address) = @_;
    $object->Notify("${APPNAME}:${server}",
		    0,
		    'info',
		    'Private Message',
		    "$nick: $msg",
		    [], { }, 3000);
}
 
sub cmd_notifyon {
    my $nick = shift;
 
    if(!$nick)
    {
	Irssi::print("Current notification nick is $notify_nick .");
    }
    else
    {
	$notify_nick = $nick;
    }
}
 
Irssi::signal_add_last('message public', \&pub_msg);
Irssi::signal_add_last('message private', \&priv_msg);
Irssi::command_bind('notify-on', \&cmd_notifyon);

To use it: copy, paste it into a file, say irssi-notify.pl in your $HOME. And then start irssi , and load plugin with command /script load ~/irssi-notify.pl and after that use /notify-on command to register your nick with this plugin, so it’ll popup messages with you nick mentioned. e.g. to register mikeab for notifications, I’ll do /notify-on mikeab. You’ll also need Net::DBus perl module. Happy irssi -ng…:)

P.S. BtW, there is another similar plugin also, which doesn’t require DBus, and it is available from http://codesnippets.joyent.com/posts/show/1394.

UPDATE: You can also download irssi-notify.pl.