gvpe/doc/gvpe.8.pod

=head1 NAME

C<gvpe> - GNU Virtual Private Ethernet Daemon

=head1 SYNOPSIS

C<gvpe> [B<-cDlL>] [B<--config=>I<DIR>] [B<--no-detach>] [B<-l=>I<LEVEL]>]
[B<--kill>[B<=>I<SIGNAL>]] [B<--mlock>] [B<--help>] [B<--version>]
I<NODENAME> [I<option...>]

=head1 DESCRIPTION

See the gvpe(5) man page for an introduction to the gvpe suite.

This is the manual page for gvpe, the virtual private ethernet daemon.
When started, C<gvpe> will read it's configuration file to determine the
network topology, and other configuration information, assuming the role
of node I<NODENAME>

It will then create/connect to the tun/tap device and set up a socket for
incoming connections. Then a C<if-up> script will be executed to further
configure the virtual network device. If that succeeds, it will detach
from the controlling terminal and continue in the background, accepting
and setting up connections to other gvpe daemons that are part of the
same virtual private ethernet.

The optional arguments after the node name have to be of the form:

   [I<nodename>.]var=value

If the argument has a prefix of C<nodename.>
(i.e. C<laptop.enable-dns=yes>) then it will be parsed after all the
config directives for that node, if not, it is parsed before the first
node directive in the config file, and can be used to set global options
or default variables.

For example, to start C<gvpe> in the foreground, with log-level C<info> on
the node C<laptop>, with TCP enabled and HTTP-Proxy host and Port set, use
this:

  gvpe -D -l info laptop \
       http-proxy-host=10.0.0.18 http-proxy-port=3128 \
       laptop.enable-tcp=yes

=head1 OPTIONS

=over 4

=item B<-c>, B<--config=>I<DIR>

Read configuration options from I<DIR>

=item B<-d>, B<--l=>I<LEVEL>

Set logging level to I<LEVEL> (one of: noise, trace, debug, info, notice,
warn, error, critical).

=item B<--help>

Display short list of options.

=item B<-D>, B<--no-detach>

Don't fork and detach but stay in foreground and log messages to stderr in
addition to syslog.

=item B<-L>, B<--mlock>

Lock C<gvpe> into main memory. This will prevent sensitive data like
shared private keys to be written to the system swap files/partitions.

=item B<--version>

Output version information and exit.

=back

=head1 SIGNALS

=over 4

=item HUP

Closes/resets all connections, resets the retry time and will start connecting
again (it will NOT re-read the config file). This is useful e.g. in a
C</etc/ppp/if-up> script.

=item TERM

Closes/resets all connections and exits.

=item USR1

Dump current network status into the syslog (at loglevel C<notice>, so make
sure your loglevel allows this).

=back

=head1 FILES

=over 4

=item C</etc/gvpe/gvpe.conf>

The configuration file for C<gvpe>.

=item C</etc/gvpe/if-up>

Script which is executed as soon as the virtual network device has been
allocated.  Purpose is to further configure that device.

=item C</etc/gvpe/node-up>

Script which is executed whenever a node connects to this node. This can
be used for example to run nsupdate.

=item C</etc/gvpe/node-down>

Script which is executed whenever a connection to another node is lost.
for example to run nsupdate.

=item C</etc/gvpe/pubkey/*>

The directory containing the public keys for every node, one file per node
with the name of the node.

=item C</etc/gvpe/hostkey>

The file containing the private key of the node GVPE runs on. Unlike all
the other files in the F</etc/gvpe> directory, this file usually differes
for each node that GVPE runs on.

=item C</var/run/gvpe.pid>

The PID of the currently running C<gvpe> is stored in this file.

=back

=head1 BUGS

The cryptography in gvpe has not been thoroughly checked by many people
yet. Use it at your own risk!

If you find any bugs, report them to C<gvpe@schmorp.de>.

=head1 SEE ALSO

gvpe(5) for an introduction, gvpe.conf(5), gvpectrl(8).

The GVPE mailing list, at L<http://lists.schmorp.de/> or
C<gvpe@lists.schmorp.de>.

GVPE comes with ABSOLUTELY NO WARRANTY.  This is free software, and you are
welcome to redistribute it under certain conditions; see the file COPYING
for details.

=head1 AUTHOR

Marc Lehmann C<< <gvpe@schmorp.de> >>.

And thanks to many others for their contributions to gvpe, especially the
tincd authors, who inspired me to write this program (after scavenging
their source code ;).

Revision:	1.10
Committed:	Wed Nov 2 06:58:35 2016 UTC (7 years, 6 months ago) by root
Branch:	MAIN
CVS Tags:	rel-3_0, HEAD
Changes since 1.9:	+8 -2 lines
Log Message:	* empty log message *
#	User	Rev	Content
1	pcg	1.1	=head1 NAME
2
3			C<gvpe> - GNU Virtual Private Ethernet Daemon
4	pcg	1.3
5	pcg	1.1	=head1 SYNOPSIS
6
7			C<gvpe> [B<-cDlL>] [B<--config=>I<DIR>] [B<--no-detach>] [B<-l=>I<LEVEL]>]
8			[B<--kill>[B<=>I<SIGNAL>]] [B<--mlock>] [B<--help>] [B<--version>]
9	pcg	1.7	I<NODENAME> [I<option...>]
10	pcg	1.1
11			=head1 DESCRIPTION
12
13	pcg	1.9	See the gvpe(5) man page for an introduction to the gvpe suite.
14	pcg	1.1
15			This is the manual page for gvpe, the virtual private ethernet daemon.
16			When started, C<gvpe> will read it's configuration file to determine the
17			network topology, and other configuration information, assuming the role
18	pcg	1.9	of node I<NODENAME>
19
20			It will then create/connect to the tun/tap device and set up a socket for
21			incoming connections. Then a C<if-up> script will be executed to further
22			configure the virtual network device. If that succeeds, it will detach
23	pcg	1.1	from the controlling terminal and continue in the background, accepting
24			and setting up connections to other gvpe daemons that are part of the
25	pcg	1.9	same virtual private ethernet.
26	pcg	1.1
27	pcg	1.7	The optional arguments after the node name have to be of the form:
28
29			[I<nodename>.]var=value
30
31			If the argument has a prefix of C<nodename.>
32			(i.e. C<laptop.enable-dns=yes>) then it will be parsed after all the
33	pcg	1.9	config directives for that node, if not, it is parsed before the first
34	pcg	1.7	node directive in the config file, and can be used to set global options
35			or default variables.
36
37			For example, to start C<gvpe> in the foreground, with log-level C<info> on
38			the node C<laptop>, with TCP enabled and HTTP-Proxy host and Port set, use
39			this:
40
41			gvpe -D -l info laptop \
42			http-proxy-host=10.0.0.18 http-proxy-port=3128 \
43			laptop.enable-tcp=yes
44
45	pcg	1.1	=head1 OPTIONS
46
47			=over 4
48
49			=item B<-c>, B<--config=>I<DIR>
50
51			Read configuration options from I<DIR>
52
53			=item B<-d>, B<--l=>I<LEVEL>
54
55			Set logging level to I<LEVEL> (one of: noise, trace, debug, info, notice,
56			warn, error, critical).
57
58			=item B<--help>
59
60			Display short list of options.
61
62			=item B<-D>, B<--no-detach>
63
64			Don't fork and detach but stay in foreground and log messages to stderr in
65			addition to syslog.
66
67			=item B<-L>, B<--mlock>
68
69	pcg	1.9	Lock C<gvpe> into main memory. This will prevent sensitive data like
70	pcg	1.1	shared private keys to be written to the system swap files/partitions.
71
72			=item B<--version>
73
74			Output version information and exit.
75
76			=back
77
78			=head1 SIGNALS
79
80			=over 4
81
82			=item HUP
83
84			Closes/resets all connections, resets the retry time and will start connecting
85			again (it will NOT re-read the config file). This is useful e.g. in a
86			C</etc/ppp/if-up> script.
87
88			=item TERM
89
90			Closes/resets all connections and exits.
91
92			=item USR1
93
94			Dump current network status into the syslog (at loglevel C<notice>, so make
95			sure your loglevel allows this).
96
97			=back
98
99			=head1 FILES
100
101			=over 4
102
103			=item C</etc/gvpe/gvpe.conf>
104
105			The configuration file for C<gvpe>.
106
107			=item C</etc/gvpe/if-up>
108
109			Script which is executed as soon as the virtual network device has been
110			allocated. Purpose is to further configure that device.
111
112			=item C</etc/gvpe/node-up>
113
114			Script which is executed whenever a node connects to this node. This can
115			be used for example to run nsupdate.
116
117			=item C</etc/gvpe/node-down>
118
119	pcg	1.2	Script which is executed whenever a connection to another node is lost.
120	pcg	1.1	for example to run nsupdate.
121
122			=item C</etc/gvpe/pubkey/*>
123
124	root	1.10	The directory containing the public keys for every node, one file per node
125			with the name of the node.
126
127			=item C</etc/gvpe/hostkey>
128
129			The file containing the private key of the node GVPE runs on. Unlike all
130			the other files in the F</etc/gvpe> directory, this file usually differes
131			for each node that GVPE runs on.
132	pcg	1.1
133			=item C</var/run/gvpe.pid>
134
135			The PID of the currently running C<gvpe> is stored in this file.
136
137			=back
138
139			=head1 BUGS
140
141			The cryptography in gvpe has not been thoroughly checked by many people
142			yet. Use it at your own risk!
143
144	pcg	1.8	If you find any bugs, report them to C<gvpe@schmorp.de>.
145	pcg	1.1
146			=head1 SEE ALSO
147
148			gvpe(5) for an introduction, gvpe.conf(5), gvpectrl(8).
149
150	pcg	1.6	The GVPE mailing list, at L<http://lists.schmorp.de/> or
151			C<gvpe@lists.schmorp.de>.
152	pcg	1.5
153	pcg	1.9	GVPE comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
154	pcg	1.1	welcome to redistribute it under certain conditions; see the file COPYING
155			for details.
156
157	pcg	1.4	=head1 AUTHOR
158	pcg	1.1
159	pcg	1.8	Marc Lehmann C<< <gvpe@schmorp.de> >>.
160	pcg	1.1
161			And thanks to many others for their contributions to gvpe, especially the
162			tincd authors, who inspired me to write this program (after scavenging
163	pcg	1.9	their source code ;).
164	pcg	1.1