Anonet/Internetaccess

From Qontrol.nl Wiki
Jump to navigation Jump to search

There are various ways to access the internet from within Anonet.

CGIProxy

The CGIProxy is a great tool for browsing internet websites occasionally. It uses the Tor access described below. No configuration is needed, but it won't work for all websites.

Tor (SOCKS/HTTP) proxy

Some people run a Tor 'entry' node for public Anonet access. In addition, some people run some kind of HTTP proxy in front of their Tor server.

Routed NAT access

Directly peered

If you're peered to AS1112 / 1.3.3.130, you can use that router as an internet gateway. Simply add a route for the internet destination (0.0.0.0/0) to the tunnel (1.3.3.130).

Not directly peered

There's a router on Anonet that provides direct NAT'ed internet access. To use it, you will need to set up a QuickTun tunnel for sending, like this:

#!/bin/sh
export IF_QT_REMOTE_ADDRESS=1.3.3.9
export IF_QT_LOCAL_PORT=0
export IF_QT_REMOTE_PORT=2998
export IF_QT_TUN_MODE=1
export IF_QT_PROTOCOL=raw
export IFACE=tun2
(sleep 1; ip link set $IFACE up; ip addr add 1.3.3.64/32 dev $IFACE; ip route add default dev $IFACE src 1.3.3.64) &
quicktun.debian

Note that 1.3.3.64 should be replaced (twice) with one of your own IP addresses, which is already routed to that machine (for return data). You can also replace the default keyword with some IP address or IP network to use the tunnel for only that particular address/network.