{"id":16804811,"url":"https://github.com/ibug/sepaman","last_synced_at":"2025-03-17T07:21:25.890Z","repository":{"id":126487129,"uuid":"457449665","full_name":"iBug/SepaMan","owner":"iBug","description":"A helper script for ifupdown","archived":false,"fork":false,"pushed_at":"2022-02-23T08:15:36.000Z","size":18,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-23T16:39:51.238Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/iBug.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-02-09T16:58:28.000Z","updated_at":"2023-07-20T16:46:18.000Z","dependencies_parsed_at":"2023-06-17T00:00:20.689Z","dependency_job_id":null,"html_url":"https://github.com/iBug/SepaMan","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iBug%2FSepaMan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iBug%2FSepaMan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iBug%2FSepaMan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/iBug%2FSepaMan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/iBug","download_url":"https://codeload.github.com/iBug/SepaMan/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243989711,"owners_count":20379648,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-13T09:46:11.480Z","updated_at":"2025-03-17T07:21:25.850Z","avatar_url":"https://github.com/iBug.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# SepaMan\n\n## Installation\n\nCopy `sepaman` to `/usr/local/sbin` and create the following symlinks:\n\n```shell\nSEPAMAN=/usr/local/bin/sepaman\nln -s \"$SEPAMAN\" /etc/network/if-pre-up.d/\nln -s \"$SEPAMAN\" /etc/network/if-up.d/\nln -s \"$SEPAMAN\" /etc/network/if-down.d/\nln -s \"$SEPAMAN\" /etc/network/if-post-down.d/\n```\n\nThen create `/etc/default/sepaman` and set the value according to your needs. The following example values are reasonable defaults if you want to start with. **Note that all settings must be present.**\n\n```shell\n# System-wide SepaMan settings\n\n# Priority for routing rules like `from \u003caddr\u003e table \u003ctable\u003e`\nSEPA_FROMADDR_PRIORITY=3\n\n# Priority for routing rules like `from all oif \u003ciface\u003e table \u003ctable\u003e`\nSEPA_OIF_PRIORITY=3\n\n# Priority for routing rules like `from all fwmark \u003cmark\u003e/\u003cmask\u003e table \u003ctable\u003e`\nSEPA_FWMARK_PRIORITY=4\n\n# Firewall mark mask\nSEPA_FWMARK_MASK=0xFFFFFFFF\n\n# The iptables chain in \"mangle\" table to append rules into. It's recommended to use a custom chain than the default.\n# An empty string or the special value \"none\" (without quotes) disables this feature.\n# Note that it is not possible to use a chain named \"none\"\n# Example: iptables -t mangle -A \"$SEPA_FWMARK_CHAIN\" -i \"$IFACE\" -j MARK --set-xmark \"$SEPA_FWMARK/$SEPA_FWMARK_MASK\"\nSEPA_FWMARK_CHAIN=none\n\n# Load IP XFRM policies and states using SPI ID and keys from this directory\nSEPA_IPSEC_KEY_DIR=/etc/ipsec/keys.d\n\n# Create key files if they don't exist\nSEPA_IPSEC_KEY_CREATE=true\n```\n\n## Usage\n\nSpecify the following configurations for an interface you want to configure with SepaMan. Note that you should comment out options that you don't use, since ifupdown doesn't allow options without arguments.\n\n```conf\nauto Example\niface Example inet static\n    address 192.0.2.1/32\n\n    # Interface type. Used in `ip tunnel add` or `ip link add`\n    # The whole interface is ignored by SepaMan if this option is missing.\n    sepa-type common # required, only \"common\" is supported at present\n\n    # If the interface requires a gateway that's different from the default gateway\n    sepa-gateway 192.0.2.0 # optional, set to \"none\" to disable\n\n    # Routing table. Creates routing rules for this table.\n    # Used in `ip route add table` and `ip rule add table`\n    # It's recommended to omit this option and use the default value,\n    #   and edit /etc/iproute2/rt_tables instead.\n    sepa-table # optional, defaults to `$IFACE`\n\n    # Firewall Mark. Creates fwmark-based routing rules and \"mangle\" iptables rules\n    sepa-fwmark # optional, no rules are created if omitted\n    sepa-fwmark-mask # optional, overrides the system-wide setting\n\n    # iptables chain for firewall mark\n    sepa-fwmark-chain # overrides the system-wide setting. Special value \"none\" is accepted\n\n    # Override default routing rule priorities from /etc/default/sepaman.\n    # All keys are optional (since there are default values)\n    sepa-fromaddr-prio\n    sepa-oif-prio\n    sepa-fwmark-prio\n\n    # Load IPsec Security Policies and Associations\n    # IPsec is optional and is applied only when sufficient parameters have been given\n\n    # You can either:\n    # 1. Use explicit source and destination addresses\n    sepa-ipsec-local 192.0.2.1\n    sepa-ipsec-remote 192.0.2.2\n    # 2. Or, use addresses from the tunnel interface\n    sepa-ipsec-auto tunnel\n```\n\n## License\n\nThe MIT License\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fibug%2Fsepaman","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fibug%2Fsepaman","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fibug%2Fsepaman/lists"}