1 |
=head1 NAME |
2 |
|
3 |
C<gvpe> - GNU Virtual Private Ethernet Daemon |
4 |
|
5 |
=head1 SYNOPSIS |
6 |
|
7 |
C<gvpe> [B<-cDlL>] [B<--config=>I<DIR>] [B<--no-detach>] [B<-l=>I<LEVEL]>] |
8 |
[B<--kill>[B<=>I<SIGNAL>]] [B<--mlock>] [B<--help>] [B<--version>] |
9 |
I<NODENAME> [I<option...>] |
10 |
|
11 |
=head1 DESCRIPTION |
12 |
|
13 |
See the gvpe(5) man page for an introduction to the gvpe suite. |
14 |
|
15 |
This is the manual page for gvpe, the virtual private ethernet daemon. |
16 |
When started, C<gvpe> will read it's configuration file to determine the |
17 |
network topology, and other configuration information, assuming the role |
18 |
of node I<NODENAME> |
19 |
|
20 |
It will then create/connect to the tun/tap device and set up a socket for |
21 |
incoming connections. Then a C<if-up> script will be executed to further |
22 |
configure the virtual network device. If that succeeds, it will detach |
23 |
from the controlling terminal and continue in the background, accepting |
24 |
and setting up connections to other gvpe daemons that are part of the |
25 |
same virtual private ethernet. |
26 |
|
27 |
The optional arguments after the node name have to be of the form: |
28 |
|
29 |
[I<nodename>.]var=value |
30 |
|
31 |
If the argument has a prefix of C<nodename.> |
32 |
(i.e. C<laptop.enable-dns=yes>) then it will be parsed after all the |
33 |
config directives for that node, if not, it is parsed before the first |
34 |
node directive in the config file, and can be used to set global options |
35 |
or default variables. |
36 |
|
37 |
For example, to start C<gvpe> in the foreground, with log-level C<info> on |
38 |
the node C<laptop>, with TCP enabled and HTTP-Proxy host and Port set, use |
39 |
this: |
40 |
|
41 |
gvpe -D -l info laptop \ |
42 |
http-proxy-host=10.0.0.18 http-proxy-port=3128 \ |
43 |
laptop.enable-tcp=yes |
44 |
|
45 |
=head1 OPTIONS |
46 |
|
47 |
=over 4 |
48 |
|
49 |
=item B<-c>, B<--config=>I<DIR> |
50 |
|
51 |
Read configuration options from I<DIR> |
52 |
|
53 |
=item B<-d>, B<--l=>I<LEVEL> |
54 |
|
55 |
Set logging level to I<LEVEL> (one of: noise, trace, debug, info, notice, |
56 |
warn, error, critical). |
57 |
|
58 |
=item B<--help> |
59 |
|
60 |
Display short list of options. |
61 |
|
62 |
=item B<-D>, B<--no-detach> |
63 |
|
64 |
Don't fork and detach but stay in foreground and log messages to stderr in |
65 |
addition to syslog. |
66 |
|
67 |
=item B<-L>, B<--mlock> |
68 |
|
69 |
Lock C<gvpe> into main memory. This will prevent sensitive data like |
70 |
shared private keys to be written to the system swap files/partitions. |
71 |
|
72 |
=item B<--version> |
73 |
|
74 |
Output version information and exit. |
75 |
|
76 |
=back |
77 |
|
78 |
=head1 SIGNALS |
79 |
|
80 |
=over 4 |
81 |
|
82 |
=item HUP |
83 |
|
84 |
Closes/resets all connections, resets the retry time and will start connecting |
85 |
again (it will NOT re-read the config file). This is useful e.g. in a |
86 |
C</etc/ppp/if-up> script. |
87 |
|
88 |
=item TERM |
89 |
|
90 |
Closes/resets all connections and exits. |
91 |
|
92 |
=item USR1 |
93 |
|
94 |
Dump current network status into the syslog (at loglevel C<notice>, so make |
95 |
sure your loglevel allows this). |
96 |
|
97 |
=back |
98 |
|
99 |
=head1 FILES |
100 |
|
101 |
=over 4 |
102 |
|
103 |
=item C</etc/gvpe/gvpe.conf> |
104 |
|
105 |
The configuration file for C<gvpe>. |
106 |
|
107 |
=item C</etc/gvpe/if-up> |
108 |
|
109 |
Script which is executed as soon as the virtual network device has been |
110 |
allocated. Purpose is to further configure that device. |
111 |
|
112 |
=item C</etc/gvpe/node-up> |
113 |
|
114 |
Script which is executed whenever a node connects to this node. This can |
115 |
be used for example to run nsupdate. |
116 |
|
117 |
=item C</etc/gvpe/node-down> |
118 |
|
119 |
Script which is executed whenever a connection to another node is lost. |
120 |
for example to run nsupdate. |
121 |
|
122 |
=item C</etc/gvpe/pubkey/*> |
123 |
|
124 |
The directory containing the public keys for every node, one file per node |
125 |
with the name of the node. |
126 |
|
127 |
=item C</etc/gvpe/hostkey> |
128 |
|
129 |
The file containing the private key of the node GVPE runs on. Unlike all |
130 |
the other files in the F</etc/gvpe> directory, this file usually differes |
131 |
for each node that GVPE runs on. |
132 |
|
133 |
=item C</var/run/gvpe.pid> |
134 |
|
135 |
The PID of the currently running C<gvpe> is stored in this file. |
136 |
|
137 |
=back |
138 |
|
139 |
=head1 BUGS |
140 |
|
141 |
The cryptography in gvpe has not been thoroughly checked by many people |
142 |
yet. Use it at your own risk! |
143 |
|
144 |
If you find any bugs, report them to C<gvpe@schmorp.de>. |
145 |
|
146 |
=head1 SEE ALSO |
147 |
|
148 |
gvpe(5) for an introduction, gvpe.conf(5), gvpectrl(8). |
149 |
|
150 |
The GVPE mailing list, at L<http://lists.schmorp.de/> or |
151 |
C<gvpe@lists.schmorp.de>. |
152 |
|
153 |
GVPE comes with ABSOLUTELY NO WARRANTY. This is free software, and you are |
154 |
welcome to redistribute it under certain conditions; see the file COPYING |
155 |
for details. |
156 |
|
157 |
=head1 AUTHOR |
158 |
|
159 |
Marc Lehmann C<< <gvpe@schmorp.de> >>. |
160 |
|
161 |
And thanks to many others for their contributions to gvpe, especially the |
162 |
tincd authors, who inspired me to write this program (after scavenging |
163 |
their source code ;). |
164 |
|