TincVPN

Install tinc and configure it (See the previous paragraph to set up tinc files):

opkg update
opkg install tinc

Tinc package for OpenWRT is very minimal. init.d script is missing, you can use this one:

#!/bin/sh /etc/rc.common
START=50

start() {
tincd -n ninux
}

stop() {

iptables -D FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
killall tincd

}

If you want to use 'ip' command for tinc-up you need to install ip package with

opkg install ip

Because you configure tincd manually, use this code in /etc/config/network to bind the vpn interface to the ninux tap interface created by tinc. This way you can use the vpn interface when configuring with UCI other programs like olsrd

config interface vpn
        option proto none
        option ifname ninux

In file /etc/config/firewall (if your openwrt firewall is on, else skip this step) you need to allow traffic forwarding between lan and vpn and viceversa or others won’t be able to reach computers in your subnet,so add the following:

##VPN ninux Zone
config 'zone'
        option 'name' 'vpn'
        option 'input' 'ACCEPT'
        option 'output' 'ACCEPT'
        option 'forward' 'ACCEPT'
##Traffic from/to lan/vpn
config forwarding
        option 'src' 'vpn'
        option 'dest' 'lan'

config forwarding
        option 'src' 'lan'
        option 'dest' 'vpn'     

##end VPN ninux Zone

Install olsrd and its plugins:

opkg install olsrd olsrd-mod-mdns olsrd-mod-dyn-gw olsrd-mod-arprefresh olsrd-mod-httpinfo olsrd-mod-txtinfo olsrd-mod-nameservice

Note: i'm not sure we need all these plugins, surely we need olsrd-mod-mdns for bonjour/zeroconf but these plugins are listed in default /etc/config/olsrd do i decided to install them all.

In the file /etc/config/olsrd now you can add the following:

config 'Interface'
        option 'interface' 'vpn'
        option 'LinkQualityMult' 'default 0.2'

it is very important to set the LinkQualityMult because we want to use the VPN only if there is not a wireless link available.

If after tuning LinkQualityMult your olsrd daemon does not insert routes into the kernel, comment out from your configuration file the following:

#LinkQualityAlgorithm    "etx_fpm"

config LoadPlugin
        option library 'olsrd_mdns.so.1.0.0'
        option NonOlsrIf 'lan'

This is needed to allow our non Olsr lan to communicate with others on vpn.

config 'Hna4'
       option 'netaddr' 'LAN_ADDR'
       option 'netmask' 'NETMASK_LAN_ADDR'

With this we announce to other hosts on olsr network our lan. Replace LAN_ADDR with your lan subnet (ex: mine is 192.168.23.0) and NETMASK_LAN_ADDR with your lan netmask (check GestioneIndirizzi for available subnet, if your lan subnet is already used change it!)

OpenWRT and TincVPN