+Chinese Learning
+~~~~~~~~~~
+
+Here are some resources for the more advanced learners. Instead of using books, you might want to pick a podcast, tv show or radio program that Chinese listen to themselves. Still have to parse the Chinese correctly...
+
+--------------
+
原来是这样!- http://www.ximalaya.com/7200706/album/246622/
Podcast about some interesting scientific (useless?) facts. It's a two host show, with basically the girl 装疯卖傻. Recordings are quite long, but well eloborated and not too technical.
-<!DOCTYPE html>
-<html>
+<h1>robinkrens.nl</h1>
-<head>
- <title>robinkrens.nl</title>
- <meta http-equiv="Content-type" content="text/html; charset=UTF-8">
- <link rel="stylesheet" type="text/css" href="files/style.css">
-</head>
+<p>This website is mostly used for email and personal articles / programming projects. Please scan the tag below to contact me.</p>
-<body>
- <h1>robinkrens.nl</h1>
+<h2>My Playground</h2>
- <p>This website is mostly used for email and personal articles / programming projects.
- Please scan the tag below to contact me.
+<ul>
+<li><a href="./tunneling.html">Tunneling, repackaging and VPN</a></li>
+<li>Wechat development / 微信小程序</li>
+<li><a href="./chinese.html">Chinese learning</a></li>
+<li><a href="./resources.html">Linux resources</a></li>
+<li><a href="http://45.76.159.1/gitweb/">Rob's github</a></li>
+<li>Other servers</li>
+<li>My travel map</li>
+<li>Experiments</li>
+</ul>
- </p>
+<h2>Contact</h2>
- <pre>
- ___________________________
-< Wish you another lovely day! >
- ------------------------------
- \ ^__^
- \ (oo)\_______
- (__)\ )\/\
- ||----w |
- || ||
-</pre>
+<h2><img src="files/contact.png" alt="contact erweima" title=""></h2>
- <h2>My Playground</h2>
-
- <ul>
- <li><a href="./tunneling.html">Tunneling, repackaging and VPN</a>
- </li>
-
- <li><a href="#">Wechat development / 微信小程序</a>
- </li>
-
- <li><a href="./chinese.html">Chinese learning</a>
- </li>
-
- <li><a href="./resources.html">Linux stuff</a>
- </li>
-
- <li><a href="http://45.76.159.1/gitweb/">My own github server</a>
- </li>
-
- <li><a href="./servers.html">Other servers</a>
- </li>
-
- <li><a href="./travelmap.html">My travel map</a>
- </li>
-
- <li><a href="./experiments.html">Experiments</a>
-
- </ul>
- <h2>Contact</h2>
- <p>
- <img src="files/contact.png" alt="contact erweima" width="50px" />
- </p>
-
- <hr />
- <b>© robinkrens.nl</b> -- Peace!
-</body>
-
-</html>
+<p>© robinkrens.nl -- Peace!</p>
--- /dev/null
+# robinkrens.nl
+
+This website is mostly used for email and personal articles / programming projects. Please scan the tag below to contact me.
+
+## My Playground
+
+* [Tunneling, repackaging and VPN](./tunneling.html)
+* Wechat development / 微信小程序
+* [Chinese learning](./chinese.html)
+* [Linux resources](./resources.html)
+* [Rob's github](http://45.76.159.1/gitweb/)
+* Other servers
+* My travel map
+* Experiments
+
+## Contact
+
+---
+© robinkrens.nl -- Peace!
<h3><a name="section_1_1_3">Iptables</a></h3>
<p>Although there is more abstract software to manage firewalls, like <em>ufw</em> on debian-based systems and <em>firewall-cmd</em> on redhat systems, Iptables will help you understand what actually happens during filtering, mangling or routing a package. <a href="https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html">https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html</a> has a structured approach in explaining <u>what happends when a package hits the firewall</u>. Pay extra attention to Network Address Translation. Here is another nice HOWTO: <a href="https://netfilter.org/documentation/HOWTO/NAT-HOWTO-5.html">https://netfilter.org/documentation/HOWTO/NAT-HOWTO-5.html</a>
</p>
-<h2><a name="section_1_2">Virtual Private Networks</a></h2>
-<p>Please have a look at <a href="http://www.robinkrens.nl/gfw.html">http://www.robinkrens.nl/gfw.html</a>
+<h2><a name="section_1_2">Virtual Private Networks and Tunneling</a></h2>
+<p>Please have a look at <a href="http://www.robinkrens.nl/tunneling.html">http://www.robinkrens.nl/tunneling.html</a>
</p>
<h2><a name="section_1_3">Cheatsheets</a></h2>
</p>
<ul>
<li>VI(M) - <a href="https://vim.rtorr.com">https://vim.rtorr.com</a>
- </li><li>GIT / GITHUB -
+ </li><li>GIT / GITHUB - <a href="http://www.robinkrens.nl/cheatsheets/git.pdf">http://www.robinkrens.nl/cheatsheets/git.pdf</a>
</li></ul>
</body>
-Virtual Private Networks
+Virtual Private Networks and Tunneling
----
-Please have a look at http://www.robinkrens.nl/gfw.html
+Please have a look at http://www.robinkrens.nl/tunneling.html
Cheatsheets
-------
Here are some good cheatsheets for commonly used tools
* VI(M) - https://vim.rtorr.com
-* GIT / GITHUB -
+* GIT / GITHUB - http://www.robinkrens.nl/cheatsheets/git.pdf
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
-<title>robinkrens.nl - TINC as a gateway</title>
+<title>robinkrens.nl - Redirecting and TINC</title>
<meta name="generator" content="HTML::TextToHTML v2.51"/>
<link rel="stylesheet" type="text/css" href="http://www.robinkrens.nl/files/style.css"/>
</head>
<body>
-<h1><a name="section_1">robinkrens.nl - TINC as a gateway</a></h1>
+<h1><a name="section_1">robinkrens.nl - Redirecting and TINC</a></h1>
<p>Tinc is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. More on Tinc can be found on: <a href="http://tinc-vpn.org">http://tinc-vpn.org</a>
Here I will show a tinc setup with an <em>alpha</em> (as a listening peer) and a <em>beta</em> (a peer connecting to alpha). After setting up the VPN, alpha will be the gateway for beta. All traffic from beta will be routed through alpha and back. I will basically retell the man page documentation: <a href="https://tinc-vpn.org/documentation-1.1/tinc.conf.5">https://tinc-vpn.org/documentation-1.1/tinc.conf.5</a> but in a more tutorial kind of way.
-robinkrens.nl - TINC as a gateway
+robinkrens.nl - Redirecting traffic and TINC
=====
Tinc is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. More on Tinc can be found on: http://tinc-vpn.org
--- /dev/null
+
+robinkrens.nl - On VPN and bypassing a firewall
+********
+
+Let's say you want to connect to a company network and access all the computers in this network (behind a firewall) One way to do this is to setup a Virtual Private Network. Although you are not physically in the same building, all the other computers will think you are, hence *Virtual* Private Network. After you connect to this VPN, you will be assigned a local IP (i.e. 10.0.0.5) and communicate directly to all computers in this range directly.
+
+In case of bypassing a Internet Service Provider (ISP) or Great Firewall (GFW), you want to access all the websites that are normally not accessible. There are many ways to this. Software written to setup up VPNs are especially useful for this. Add some additional routing and you bypassed the firewall. Look at the following illustration
+
+
+ [Pity you] -------- [ISP/GFW: No youtube!]-------- [YouTube.com]
+
+
+The ISP or GFW has some firewall rules to block certains IPs or to detect certain *suspicious* traffic. But let's say you have access to a server that isn't behind the firewall. Would you be able to redirect your Youtube request through this server and then send it to your PC? Well, yes.
+
+ [Pity you] -------- [ISP/GFW]----------[Not blocked server]--------[Youtube.com]
+
+Hmm, still pity you. Although your server can access YouTube.com, if it sends traffic back it still has to send to the ISP/GFW. So unless the firewall rules
+
+
+
+The setup is as follows
+
+
+Some alternative software to bypass a huge firewall (as in your ISP or a country). A list of sample configuration.
+
+
+Basic Tunneling
+---------------
+Basic tunneling, or IP in IP. Basically we connect to networks that normally would not be able to talk to each other (directy)
+This setup is straightforward like this:
+
+ ExtIP 1.2.3.4 ---- ( INTERNET ) ---- ExtIP 5.6.7.8
+
+ Local: 10.0.1.0/24 ----- [TUNNEL] ----- 10.0.2.0/24
+ ExtIP: 1.2.3.4 5.6.7.8
+ | |
+ | |
+ |-------- ( INTERNET ) -------------|
+
+
+This version of tunneling has been supported since the early kernel versions of linux (<1.3).
+
+No encrytion here. No IPV6 or anything other fancy.
+
+ ip tuntap add tun0 mode tun
+ ip addr add 192.168.1.2 dev tun0
+ ip add route ...
+
+
<p>This page lists tutorials and sample code.
</p>
<ul>
- <li>
Using tinc as a gateway. A simple setup with two peers forwarding data: <a href="http://www.robinkrens.nl/tutorials/tinc.html">http://www.robinkrens.nl/tutorials/tinc.html</a>
- </li><li>Fastd setup. Similar setup as the above one
- </li><li>Strongswan
+ <li>
Redirecting traffic and TINC. A simple setup with a peers forwarding traffic: <a href="http://www.robinkrens.nl/tutorials/tinc.html">http://www.robinkrens.nl/tutorials/tinc.html</a>
+ </li><li>Fastd setup. Similar setup as the above with fastd: <a href="http://www.robinkrens.nl/tutorials/fastd.html">http://www.robinkrens.nl/tutorials/fastd.html</a>
+ </li><li>Strongswan: A mobike setup (not published)
</li></ul>
</body>
This page lists tutorials and sample code.
-* Using tinc as a gateway. A simple setup with two peers forwarding data: http://www.robinkrens.nl/tutorials/tinc.html
-* Fastd setup. Similar setup as the above one
-* Strongswan
+* Redirecting traffic and TINC. A simple setup with a peers forwarding traffic: http://www.robinkrens.nl/tutorials/tinc.html
+* Fastd setup. Similar setup as the above with fastd: http://www.robinkrens.nl/tutorials/fastd.html
+* Strongswan: A mobike setup (not published)
projects / robinkrens.nl / commitdiff