FreeBSD

Installation

In case you have already installed Python 3 (or 2.7 for branch python2.7) and pip and of course cloned the appropriate branch to your computer, then it is kind of easy to set up the tool. There are a few more steps, but do not worry at all.

Then install the requirements with pip:
# pip install -r misc/requirements_freebsd.txt

PLEASE NOTE: The cryptography python module comes with a precompiled OpenSSL shared library, which is outdated. That does not support any ChaCha20 related encryption algorithms, which are used in the basic and advanced encryption modules. If you want the encryption modules working, you need to recompile that OpenSSL shared library and force the package to use it.

Setup

Server side

Enable IP forwarding as root by using:
# sysctl net.inet.ip.forwarding=1

Then edit the /etc/rc.conf and add these lines:

gateway_enable="YES"
pf_enable="YES"
pf_rules="/etc/pf.conf"

To set up pf to do the NAT'ing for you (do not forget to change your IP range from the config and the interface name to the default gateway's interface), put the following lines into the /etc/pf.conf:

ext_if=em0
rede="{10.9.0.0/24}"

nat on $ext_if from $rede to any -> ($ext_if)

And the last step, to enable and run the packet filter:
# /etc/rc.d/pf start

After you have done the configuration below as well, you need to start the framework as root in server mode as follows:
# python xfltreat.py

Client side

In client mode, there is not much to configure on the operating system, but the configuration file (xfltreat.conf) should match the configuration of the server side (module ports, authentication/encryption key etc.). After you have done the configuration below as well, you need to start the framework as root in client mode as follows:
# python xfltreat.py --client

Configuration

To configure the transport, encryption and authentication modules read the Configuration article.