Local unprivileged testing machinery ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This directory contains some random utilities I've found useful for testing Secnet. It lets me run two (or more) instances on a single machine, and get them to exchange keys and transmit packets, all as an unprivileged user. This isn't standalone: other tools are needed to make it work. Dependencies are described along with the tools they're needed by. * mk-sshv1-rsapriv KEYRING TAG OUT: converts a Catacomb format RSA private key, in the given KEYRING with the given TAG, writing a file OUT in the SSH v1 format wanted by Secnet. This needs my Catacomb library, https://git.distorted.org.uk/~mdw/catacomb/, and the Python bindings, https://git.distorted.org.uk/~mdw/catacomb-python/. If you have some other way of generating RSA private keys in the right format, then you don't need this stuff. * mkping FROM-NAME FROM-ADDR TO-NAME TO-ADDR OUT: formats an IPv4 ICMP echo request packet with source and destination addresses FROM-ADDR and TO-ADDR respectively, with payload a simple string containing FROM-NAME and TO-NAME, and writes it to OUT, which may be `-' for standard output. This requires the Python `ImpactPacket' library, available in Debian as `python-impacket'. * fake-userv-ipif: is a call-compatible drop-in for `userv', but uses the `tripe-uslip' program instead. To use it, configure a `userv-ipif' netlink with userv-path = "./fake-userv-ipif", and service-name = "SOCKET", where SOCKET names a Unix-domain socket to use as the fake network interface. Secnet will start `tripe-uslip' and use it as its tunnel device, and you can send and receive packets with tripe-uslip -p SOCKET OUT respectively. I find this useful with `mkping' above to generate packets, and `xxd' to inspect them. `tripe-uslip' is part of TrIPE, https://git.distorted.org.uk/~mdw/tripe/. There are also pieces of configuration in a fairly random state. They'll need tweaking to set up your particular test. mdw, 2017-07-13