gvpe/doc/gvpe.8.pod

=head1 NAME

C<gvpe> - GNU Virtual Private Ethernet Daemon

=head1 SYNOPSIS

C<gvpe> [B<-cDlL>] [B<--config=>I<DIR>] [B<--no-detach>] [B<-l=>I<LEVEL]>]
[B<--kill>[B<=>I<SIGNAL>]] [B<--mlock>] [B<--help>] [B<--version>]
I<NODENAME> [I<option...>]

=head1 DESCRIPTION

See the gvpe(5) manpage for an introduction to the gvpe suite.

This is the manual page for gvpe, the virtual private ethernet daemon.
When started, C<gvpe> will read it's configuration file to determine the
network topology, and other configuration information, assuming the role
of node I<NODENAME>. It will then connect to the tun/tap device and set
up a socket for incoming connections.  Then a script will be executed to
further configure the virtual device.  If that succeeds, it will detach
from the controlling terminal and continue in the background, accepting
and setting up connections to other gvpe daemons that are part of the
virtual private ethernet.

The optional arguments after the node name have to be of the form:

   [I<nodename>.]var=value

If the argument has a prefix of C<nodename.>
(i.e. C<laptop.enable-dns=yes>) then it will be parsed after all the
config directives for that node, if not, it is parsed befroe the first
node directive in the config file, and can be used to set global options
or default variables.

For example, to start C<gvpe> in the foreground, with log-level C<info> on
the node C<laptop>, with TCP enabled and HTTP-Proxy host and Port set, use
this:

  gvpe -D -l info laptop \
       http-proxy-host=10.0.0.18 http-proxy-port=3128 \
       laptop.enable-tcp=yes

=head1 OPTIONS

=over 4

=item B<-c>, B<--config=>I<DIR>

Read configuration options from I<DIR>

=item B<-d>, B<--l=>I<LEVEL>

Set logging level to I<LEVEL> (one of: noise, trace, debug, info, notice,
warn, error, critical).

=item B<--help>

Display short list of options.

=item B<-D>, B<--no-detach>

Don't fork and detach but stay in foreground and log messages to stderr in
addition to syslog.

=item B<-L>, B<--mlock>

Lock C<gvpe> into main memory.  This will prevent sensitive data like
shared private keys to be written to the system swap files/partitions.

=item B<--version>

Output version information and exit.

=back

=head1 SIGNALS

=over 4

=item HUP

Closes/resets all connections, resets the retry time and will start connecting
again (it will NOT re-read the config file). This is useful e.g. in a
C</etc/ppp/if-up> script.

=item TERM

Closes/resets all connections and exits.

=item USR1

Dump current network status into the syslog (at loglevel C<notice>, so make
sure your loglevel allows this).

=back

=head1 FILES

=over 4

=item C</etc/gvpe/gvpe.conf>

The configuration file for C<gvpe>.

=item C</etc/gvpe/if-up>

Script which is executed as soon as the virtual network device has been
allocated.  Purpose is to further configure that device.

=item C</etc/gvpe/node-up>

Script which is executed whenever a node connects to this node. This can
be used for example to run nsupdate.

=item C</etc/gvpe/node-down>

Script which is executed whenever a connection to another node is lost.
for example to run nsupdate.

=item C</etc/gvpe/pubkey/*>

The directory containing the public keys for every node, usually
autogenerated by executing C<gvpectrl --generate-keys>.

=item C</var/run/gvpe.pid>

The PID of the currently running C<gvpe> is stored in this file.

=back

=head1 BUGS

The cryptography in gvpe has not been thoroughly checked by many people
yet. Use it at your own risk!

If you find any bugs, report them to C<gvpe@plan9.de>.

=head1 SEE ALSO

gvpe(5) for an introduction, gvpe.conf(5), gvpectrl(8).

The GVPE mailing list, at L<http://lists.schmorp.de/> or
C<gvpe@lists.schmorp.de>.

gvpe comes with ABSOLUTELY NO WARRANTY.  This is free software, and you are
welcome to redistribute it under certain conditions; see the file COPYING
for details.

=head1 AUTHOR

Marc Lehmann C<< <gvpe@plan9.de> >>.

And thanks to many others for their contributions to gvpe, especially the
tincd authors, who inspired me to write this program (after scavenging
their sourcecode ;).

Revision:	1.7
Committed:	Mon Mar 28 20:39:18 2005 UTC (19 years, 1 month ago) by pcg
Branch:	MAIN
CVS Tags:	rel-1_9
Changes since 1.6:	+19 -1 lines
Log Message:	* empty log message *
#	User	Rev	Content
1	pcg	1.1	=head1 NAME
2
3			C<gvpe> - GNU Virtual Private Ethernet Daemon
4	pcg	1.3
5	pcg	1.1	=head1 SYNOPSIS
6
7			C<gvpe> [B<-cDlL>] [B<--config=>I<DIR>] [B<--no-detach>] [B<-l=>I<LEVEL]>]
8			[B<--kill>[B<=>I<SIGNAL>]] [B<--mlock>] [B<--help>] [B<--version>]
9	pcg	1.7	I<NODENAME> [I<option...>]
10	pcg	1.1
11			=head1 DESCRIPTION
12
13			See the gvpe(5) manpage for an introduction to the gvpe suite.
14
15			This is the manual page for gvpe, the virtual private ethernet daemon.
16			When started, C<gvpe> will read it's configuration file to determine the
17			network topology, and other configuration information, assuming the role
18			of node I<NODENAME>. It will then connect to the tun/tap device and set
19			up a socket for incoming connections. Then a script will be executed to
20			further configure the virtual device. If that succeeds, it will detach
21			from the controlling terminal and continue in the background, accepting
22			and setting up connections to other gvpe daemons that are part of the
23			virtual private ethernet.
24
25	pcg	1.7	The optional arguments after the node name have to be of the form:
26
27			[I<nodename>.]var=value
28
29			If the argument has a prefix of C<nodename.>
30			(i.e. C<laptop.enable-dns=yes>) then it will be parsed after all the
31			config directives for that node, if not, it is parsed befroe the first
32			node directive in the config file, and can be used to set global options
33			or default variables.
34
35			For example, to start C<gvpe> in the foreground, with log-level C<info> on
36			the node C<laptop>, with TCP enabled and HTTP-Proxy host and Port set, use
37			this:
38
39			gvpe -D -l info laptop \
40			http-proxy-host=10.0.0.18 http-proxy-port=3128 \
41			laptop.enable-tcp=yes
42
43	pcg	1.1	=head1 OPTIONS
44
45			=over 4
46
47			=item B<-c>, B<--config=>I<DIR>
48
49			Read configuration options from I<DIR>
50
51			=item B<-d>, B<--l=>I<LEVEL>
52
53			Set logging level to I<LEVEL> (one of: noise, trace, debug, info, notice,
54			warn, error, critical).
55
56			=item B<--help>
57
58			Display short list of options.
59
60			=item B<-D>, B<--no-detach>
61
62			Don't fork and detach but stay in foreground and log messages to stderr in
63			addition to syslog.
64
65			=item B<-L>, B<--mlock>
66
67			Lock C<gvpe> into main memory. This will prevent sensitive data like
68			shared private keys to be written to the system swap files/partitions.
69
70			=item B<--version>
71
72			Output version information and exit.
73
74			=back
75
76			=head1 SIGNALS
77
78			=over 4
79
80			=item HUP
81
82			Closes/resets all connections, resets the retry time and will start connecting
83			again (it will NOT re-read the config file). This is useful e.g. in a
84			C</etc/ppp/if-up> script.
85
86			=item TERM
87
88			Closes/resets all connections and exits.
89
90			=item USR1
91
92			Dump current network status into the syslog (at loglevel C<notice>, so make
93			sure your loglevel allows this).
94
95			=back
96
97			=head1 FILES
98
99			=over 4
100
101			=item C</etc/gvpe/gvpe.conf>
102
103			The configuration file for C<gvpe>.
104
105			=item C</etc/gvpe/if-up>
106
107			Script which is executed as soon as the virtual network device has been
108			allocated. Purpose is to further configure that device.
109
110			=item C</etc/gvpe/node-up>
111
112			Script which is executed whenever a node connects to this node. This can
113			be used for example to run nsupdate.
114
115			=item C</etc/gvpe/node-down>
116
117	pcg	1.2	Script which is executed whenever a connection to another node is lost.
118	pcg	1.1	for example to run nsupdate.
119
120			=item C</etc/gvpe/pubkey/*>
121
122			The directory containing the public keys for every node, usually
123			autogenerated by executing C<gvpectrl --generate-keys>.
124
125			=item C</var/run/gvpe.pid>
126
127			The PID of the currently running C<gvpe> is stored in this file.
128
129			=back
130
131			=head1 BUGS
132
133			The cryptography in gvpe has not been thoroughly checked by many people
134			yet. Use it at your own risk!
135
136	pcg	1.4	If you find any bugs, report them to C<gvpe@plan9.de>.
137	pcg	1.1
138			=head1 SEE ALSO
139
140			gvpe(5) for an introduction, gvpe.conf(5), gvpectrl(8).
141
142	pcg	1.6	The GVPE mailing list, at L<http://lists.schmorp.de/> or
143			C<gvpe@lists.schmorp.de>.
144	pcg	1.5
145	pcg	1.1	gvpe comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
146			welcome to redistribute it under certain conditions; see the file COPYING
147			for details.
148
149	pcg	1.4	=head1 AUTHOR
150	pcg	1.1
151			Marc Lehmann C<< <gvpe@plan9.de> >>.
152
153			And thanks to many others for their contributions to gvpe, especially the
154			tincd authors, who inspired me to write this program (after scavenging
155			their sourcecode ;).
156