Every so often I decide that I actually want to be a bit feminine for a change and you know wear make up and stuff. Funnily enough this has usually been around the time of BiCon which is the annual convention for bisexual people and allies to get together and hang out.
This year however I have a party coming up and I’m thinking it would be nice to dress up for it for a change rather than just wearing my usual jeans and stuff. I think part of if is hanging around K and remembering when I used to dress up really gothy myself.
I’m currently spending some time trying to find myself the right knee length skirt (yes I’m very fussy about what I wear being exactly right) and thinking about wearing it with some funky tights (I used to have a thing for funky tights). I think I may also be taking S to Camden market to buy a new pair of New Rocks. I used to have the ones I really like but sadly the zip went on them so they didn’t end up moving with me to London.
I’ve also been practising a bit with eye make-up as I used to be good at it but am so hideously out of practice I’m having to relearn how to do it.
Month: April 2014
GRE tunneling for fun and profit.
I recently subscribed to Netflix and being in the UK I found that they have loads more available in the US to watch. To get around this in a way that would also allow me to stream programmes to my chromecast is actually quite complicated. As I have small Linux box on my network to provide IPv6 via a tunnel I thought I would allow this to also allow access via a GRE tunnel to a VPS running in the US.
The first thing you need to do is setup the machine in the US so it can do NAT just like your home router can do with the following:
#!/bin/sh
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -F FORWARD
iptables -A FORWARD -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/16 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o eth0 -j MASQUERADE
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
iptables -A INPUT -i tap+ -j ACCEPT
iptables -A FORWARD -i tap+ -j ACCEPT
iptables -A INPUT -i us-gre -j ACCEPT
iptables -A FORWARD -i us-gre -j ACCEPT
iptables -A INPUT -i us-gre -j ACCEPT
iptables -A FORWARD -i us-gre -j ACCEPT
Your then need to setup a GRE tunnel between your VM running in another country and your home network. One thing to be aware of is that GRE tunnels use a specific IP protocol number rather than TCP or UDP. This means that your need to either activate an option which enables this or setup the machine doing the routing on your home network as the DMZ host.
I used the following to setup a GRE tunnel on the VPS which will forward all data to my home network over the tunnel (my home network has addresses in the 192.168.x.x range).
ip tunnel del us-gre
ip tunnel add us-gre mode gre remote local ttl 255
ip link set us-gre up
ip addr add 192.168.X.1/24 dev us-gre
echo add routes
ip route add 192.168.0.0/16 via 192.168.X.10 dev us-gre
#ip route add 192.168.0.0/16 dev us-gre
Once you have everything setup on the VPS VM then your need to do the same on your home network with the following:
# VPN hosts.
ip rule add from 192.168.0.x table vpn
# Add default routes for vpn table.
ip route add default via 10.9.0.1 dev tun0 table vpn
ip route flush cache
ip tunnel del us-gre
ip tunnel add us-gre mode gre remote local ttl 255
ip link set us-gre up
ip addr add 192.168.8.10/24 dev us-gre
echo add default route
ip route add 0.0.0.0/1 via 192.168.8.1 dev us-gre table vpn
You will also need to run the following to add a table so you can have different routing destinations for different hosts which route via this machine.
echo 200 vpn >> /etc/iproute2/rt_tables
In order to make a machine use the tunnel your need to adjust your DHCP settings so the machine you want uses the machine with the tunnel as it’s default route. Once this is done your use:
ip rule add from
table vpn on the machine with the tunnel on it. This creates a rule which makes the requested machine use a different routing table to all other traffic.