#!/bin/sh

# "Poor man's tunnel"
# Patrice LaFlamme and Guillaume Chamberland
# Rebel.com - 2001
#
# This script will setup a tunnel using ssh and pppd (PPP over SSH).
# It also sets up routing, using a remote ~root/bin/tunnel script that
# sets up routing at the other end.
#
# It was tested with ppp 2.4.1. We have no idea if it works with earlier
# version, but it probably doesn't ;)
#
# Before using, you must also setup a key-exchange authentication for
# ssh, so that login can be done without needing passwords. More
# explanations in the sshd manpages (and remember, when this manpage
# recommends something, DO IT, it's not optional, as we discovered ;)  )


LOCAL_PPPD='/usr/sbin/pppd silent 192.168.0.1:192.168.0.2 mtu 1400 mru 1400'
REMOTE_PPPD='/usr/local/sbin/pppd ipcp-accept-local ipcp-accept-remote noauth mtu 1400 mru 1400'

REMOTE_ACCOUNT=root@www.patrix.org

$LOCAL_PPPD pty "ssh -t $REMOTE_ACCOUNT $REMOTE_PPPD"

# sleep while the tunnel is setup - this is quite slow on my loaded
# ARM machine
sleep 15
route add  -net 10.1.61.0 netmask 255.255.255.0 gw 192.168.0.2 ppp0

ssh -t $REMOTE_ACCOUNT "$HOME/bin/tunnel"

echo 1 > /proc/sys/net/ipv4/ip_forward
ipchains -A forward -s 192.168.0.0/255.255.0.0 -d 0.0.0.0/0 -j MASQ