norn/parahub-mesh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: guest traffic via GRE6→VPS→Mullvad, OWE, DNS security, SSH key

Browse Source 
- GRE6 tunnel over Yggdrasil to VPS gateway (172.16.0.0/24)
- Kill switch: guest→vpn_tunnel only (no guest→wan)
- OWE transition mode on Parahub_Free (encrypted + open fallback)
- DNS-over-HTTPS via https-dns-proxy (Cloudflare 1.1.1.1)
- Guest DNS hijacked via firewall DNAT redirect
- IPv6 blocked for guest zone (leak prevention)
- SQM 128→512 kbps
- Added kmod-gre6, https-dns-proxy to PACKAGES_CORE
- SSH authorized key for passwordless root access

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Parahub AI
2026-02-05 15:26:21 +00:00
parent da567b6398
commit 3b6eb65dc5
3 changed files with 97 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scripts/build.sh
View File

@@ -54,13 +54,19 @@ PACKAGES_CORE=(
kmod-batman-adv
batctl-full
# 802.11s mesh support (replace basic wpad)
# 802.11s mesh support (replace basic wpad, includes OWE)
wpad-mesh-mbedtls
-wpad-basic-mbedtls
# Yggdrasil overlay network
yggdrasil
# GRE6 tunnel (guest traffic → VPS gateway)
kmod-gre6
# DNS-over-HTTPS for guest privacy
https-dns-proxy
# SQM traffic shaping
sqm-scripts
kmod-sched-cake