1 |
# sample configfile |
2 |
# the config file must be exactly(!) the same on all nodes |
3 |
|
4 |
rekey = 54321 # the rekeying interval |
5 |
keepalive = 300 # the keepalive interval |
6 |
on ruth keepalive = 120 # ruth is important and demands lower keepalives |
7 |
on surfer keepalive = 40 |
8 |
mtu = 1492 # the mtu (minimum mtu of attached host) |
9 |
ifname = vpn0 # the tunnel interface name to use |
10 |
ifpersist = no # the tun device should be persistent |
11 |
inherit-tos = yes # should tunnel packets inherit tos flags? |
12 |
compress = yes # wether compression should be used (NYI) |
13 |
connect = ondemand # connect to this host always/never or ondemand |
14 |
router-priority = 1 # route for everybody - if necessary |
15 |
|
16 |
loglevel = notice # info logs connects, notice only important messages |
17 |
on mobil loglevel = info |
18 |
on doom loglevel = info |
19 |
on ruth loglevel = info |
20 |
|
21 |
udp-port = 407 # the udp port to use for sending/receiving packets |
22 |
tcp-port = 443 # the tcp port to listen for connections (we use https over proxy) |
23 |
ip-proto = 50 # (ab)use the ipsec protocol as rawip |
24 |
icmp-type = 0 # (ab)use echo replies for tunneling |
25 |
enable-udp = yes # udp is spoken almost everywhere |
26 |
enable-tcp = no # tcp is not spoken everywhere |
27 |
enable-rawip = no # rawip is not spoken everywhere |
28 |
enable-icmp = no # most hosts don't bother to icmp |
29 |
|
30 |
# every "node =" introduces a new node in the network |
31 |
# the options following it don't set defaults but are |
32 |
# node-specific. |
33 |
|
34 |
# marc@lap |
35 |
node = mobil |
36 |
|
37 |
# marc@home |
38 |
node = doom |
39 |
enable-rawip = yes |
40 |
enable-tcp = yes |
41 |
|
42 |
# marc@uni |
43 |
node = ruth |
44 |
enable-rawip = yes |
45 |
enable-tcp = yes |
46 |
enable-icmp = yes |
47 |
hostname = 200.100.162.95 |
48 |
connect = always |
49 |
router-priority = 30 |
50 |
on ruth node-up = node-up |
51 |
on ruth node-down = node-up |
52 |
|
53 |
# marc@mu |
54 |
node = frank |
55 |
enable-rawip = yes |
56 |
hostname = 44.88.167.250 |
57 |
router-priority = 20 |
58 |
connect = always |
59 |
|
60 |
# nethype |
61 |
node = rain |
62 |
enable-rawip = yes |
63 |
hostname = 145.253.105.130 |
64 |
router-priority = 10 |
65 |
connect = always |
66 |
|
67 |
# marco@home |
68 |
node = marco |
69 |
enable-rawip = yes |
70 |
|
71 |
# stefan@ka |
72 |
node = wappla |
73 |
connect = never |
74 |
|
75 |
# stefan@lap |
76 |
node = stefan |
77 |
udp-port = 408 |
78 |
connect = never |
79 |
|
80 |
# paul@wg |
81 |
node = n8geil |
82 |
on ruth enable-icmp = yes |
83 |
on n8geil enable-icmp = yes |
84 |
enable-udp = no |
85 |
|
86 |
# paul@lap |
87 |
node = syrr |
88 |
|
89 |
# paul@lu |
90 |
node = donomos |
91 |
|
92 |
# marco@hn |
93 |
node = core |
94 |
|
95 |
# elmex@home |
96 |
node = elmex |
97 |
enable-rawip = yes |
98 |
hostname = 100.251.143.181 |
99 |
|
100 |
# stefan@kwc.at |
101 |
node = fwkw |
102 |
connect = never |
103 |
on stefan connect = always |
104 |
on wappla connect = always |
105 |
hostname = 182.73.81.146 |
106 |
|
107 |
# elmex@home |
108 |
node = jungfrau |
109 |
enable-rawip = yes |
110 |
|
111 |
# uni main router |
112 |
node = surfer |
113 |
enable-rawip = yes |
114 |
enable-tcp = no |
115 |
enable-icmp = yes |
116 |
hostname = 200.100.162.79 |
117 |
connect = always |
118 |
router-priority = 40 |
119 |
|
120 |
# jkneer@marvin |
121 |
node = marvin |
122 |
enable-rawip = yes |
123 |
enable-udp = no |
124 |
|
125 |
# jkneer@entrophy |
126 |
node = entrophy |
127 |
enable-udp = no |
128 |
enable-tcp = yes |
129 |
|
130 |
# mr. primitive |
131 |
node = voyager |
132 |
enable-udp = no |
133 |
enable-tcp = no |
134 |
on voyager enable-tcp = yes |
135 |
on voyager enable-udp = yes |
136 |
|
137 |
# v-server (barbados.dn-systems.de) |
138 |
#node = vserver |
139 |
#enable-udp = yes |
140 |
#hostname = 193.108.181.74 |
141 |
|