PT-TLS SWIMA Client » History » Version 8
Andreas Steffen, 07.07.2017 16:39
| 1 | 1 | Andreas Steffen | h1. PT-TLS SWIMA Client |
|---|---|---|---|
| 2 | 1 | Andreas Steffen | |
| 3 | 1 | Andreas Steffen | h2. Installing the strongSwan TNC Software |
| 4 | 1 | Andreas Steffen | |
| 5 | 4 | Andreas Steffen | First we have to install some additional Ubuntu packages needed for the strongSwan TNC build |
| 6 | 4 | Andreas Steffen | <pre> |
| 7 | 7 | Andreas Steffen | sudo apt install libssl-dev libcurl4-openssl-dev sqlite3 libsqlite3-dev libjson0-dev |
| 8 | 4 | Andreas Steffen | </pre> |
| 9 | 4 | Andreas Steffen | |
| 10 | 1 | Andreas Steffen | Download the lastest strongSwan tarball |
| 11 | 1 | Andreas Steffen | <pre> |
| 12 | 2 | Andreas Steffen | wget https://download.strongswan.org/strongswan-5.6.0dr1.tar.bz2 |
| 13 | 1 | Andreas Steffen | </pre> |
| 14 | 1 | Andreas Steffen | |
| 15 | 5 | Andreas Steffen | Unpack the tarball |
| 16 | 1 | Andreas Steffen | <pre> |
| 17 | 1 | Andreas Steffen | tar xf strongswan-5.6.0dr1.tar.bz2 |
| 18 | 2 | Andreas Steffen | </pre> |
| 19 | 2 | Andreas Steffen | |
| 20 | 2 | Andreas Steffen | and change into the strongSwan build directory |
| 21 | 2 | Andreas Steffen | <pre> |
| 22 | 6 | Andreas Steffen | cd strongswan-5.6.0dr1 |
| 23 | 2 | Andreas Steffen | </pre> |
| 24 | 2 | Andreas Steffen | |
| 25 | 2 | Andreas Steffen | Configure strongSwan with the following options |
| 26 | 2 | Andreas Steffen | <pre> |
| 27 | 6 | Andreas Steffen | ./configure --prefix=/usr --sysconfdir=/etc --disable-gmp --enable-openssl --enable-tnc-imc --enable-tnccs-20 --enable-imc-os --enable-imc-swima --enable-sqlite --enable-curl |
| 28 | 4 | Andreas Steffen | </pre> |
| 29 | 4 | Andreas Steffen | |
| 30 | 4 | Andreas Steffen | Build and install strongSwan with the commands |
| 31 | 4 | Andreas Steffen | <pre> |
| 32 | 1 | Andreas Steffen | make; sudo make install |
| 33 | 7 | Andreas Steffen | </pre> |
| 34 | 7 | Andreas Steffen | |
| 35 | 7 | Andreas Steffen | h2. Configure the strongSwan "sw-collector" Tool |
| 36 | 7 | Andreas Steffen | |
| 37 | 7 | Andreas Steffen | The *sw-collector* tool allows all software installation events to be collected and stored in an SQLite database. First we set up a clean collector database with the command |
| 38 | 7 | Andreas Steffen | <pre> |
| 39 | 7 | Andreas Steffen | sudo -s |
| 40 | 7 | Andreas Steffen | mkdir /etc/pts |
| 41 | 7 | Andreas Steffen | cat /usr/share/strongswan/templates/database/sw-collector/sw_collector_tables.sql | sqlite3 /etc/pts/collector.db |
| 42 | 7 | Andreas Steffen | </pre> |
| 43 | 7 | Andreas Steffen | |
| 44 | 7 | Andreas Steffen | The *sw-collector* needs some options defined in the */etc/strongswan.conf*/ configuration file |
| 45 | 7 | Andreas Steffen | <pre> |
| 46 | 7 | Andreas Steffen | sw-collector { |
| 47 | 7 | Andreas Steffen | database = sqlite:///etc/pts/collector.db |
| 48 | 7 | Andreas Steffen | history = /var/log/apt/history.log |
| 49 | 7 | Andreas Steffen | first_time = 2017-02-15T20:20:34Z |
| 50 | 7 | Andreas Steffen | rest_api { |
| 51 | 8 | Andreas Steffen | uri = https://admin-user:ietf99hackathon@tnc.example.com/api/ |
| 52 | 7 | Andreas Steffen | } |
| 53 | 7 | Andreas Steffen | } |
| 54 | 7 | Andreas Steffen | </pre> |
| 55 | 7 | Andreas Steffen | |
| 56 | 7 | Andreas Steffen | The date of the original OS installation can be found e.g. with the command |
| 57 | 7 | Andreas Steffen | <pre> |
| 58 | 7 | Andreas Steffen | ls -l --full-time /var/log/bootstrap.log |
| 59 | 7 | Andreas Steffen | -rw-r--r-- 1 root root 57457 2017-02-15 12:20:34.000000000 -0800 /var/log/bootstrap.log |
| 60 | 1 | Andreas Steffen | </pre> |