… | |
… | |
347 | |
347 | |
348 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
348 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
349 | |
349 | |
350 | =item enable-dns = yes|true|on | no|false|off |
350 | =item enable-dns = yes|true|on | no|false|off |
351 | |
351 | |
|
|
352 | See gvpe.protocol(7) for a description of the DNS transport |
|
|
353 | protocol. Avoid this protocol if you can. |
|
|
354 | |
352 | Enable the DNS tunneling protocol on this node, either as server or as |
355 | Enable the DNS tunneling protocol on this node, either as server or as |
353 | client (only available when gvpe was compiled with C<--enable-dns>). |
356 | client. Support for this transport protocol is only available when gvpe |
|
|
357 | was compiled using the C<--enable-dns> option. |
354 | |
358 | |
355 | B<WARNING:> Parsing and generating DNS packets is rather tricky. The code |
359 | =item enable-icmp = yes|true|on | no|false|off |
356 | almost certainly contains buffer overflows and other, likely exploitable, |
|
|
357 | bugs. You have been warned. |
|
|
358 | |
360 | |
359 | This is the worst choice of transport protocol with respect to overhead |
361 | See gvpe.protocol(7) for a description of the ICMP transport protocol. |
360 | (overhead can be 2-3 times higher than the transferred data), and probably |
362 | |
361 | the best choice when tunneling through firewalls. |
363 | Enable the ICMP transport using icmp packets of type C<icmp-type> on this |
|
|
364 | node. |
362 | |
365 | |
363 | =item enable-rawip = yes|true|on | no|false|off |
366 | =item enable-rawip = yes|true|on | no|false|off |
364 | |
367 | |
|
|
368 | See gvpe.protocol(7) for a description of the RAW IP transport protocol. |
|
|
369 | |
365 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
370 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
366 | (default: C<no>). This is the best choice, since the minimum overhead per |
371 | (default: C<no>). |
367 | packet is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
|
|
368 | |
372 | |
369 | =item enable-tcp = yes|true|on | no|false|off |
373 | =item enable-tcp = yes|true|on | no|false|off |
370 | |
374 | |
|
|
375 | See gvpe.protocol(7) for a description of the TCP transport protocol. |
|
|
376 | |
371 | Enable the TCPv4 transport using the C<tcp-port> port |
377 | Enable the TCPv4 transport using the C<tcp-port> port |
372 | (default: C<no>). Support for this horribly unsuitable protocol is only |
378 | (default: C<no>). Support for this transport protocol is only available |
373 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
379 | when gvpe was compiled using the C<--enable-tcp> option. |
374 | use this transport unless you really must, it is very inefficient and |
|
|
375 | resource-intensive compared to the other transports (except for DNS, which |
|
|
376 | is worse). |
|
|
377 | |
380 | |
378 | =item enable-udp = yes|true|on | no|false|off |
381 | =item enable-udp = yes|true|on | no|false|off |
|
|
382 | |
|
|
383 | See gvpe.protocol(7) for a description of the UDP transport protocol. |
379 | |
384 | |
380 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
385 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
381 | unless no other protocol is enabled for a node, in which case this |
386 | unless no other protocol is enabled for a node, in which case this |
382 | protocol is enabled automatically). This is a good general choice since |
387 | protocol is enabled automatically). |
383 | UDP tunnels well through many firewalls. |
|
|
384 | |
388 | |
385 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
389 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
386 | it might get switched on automatically, as some future version might |
390 | it might get switched on automatically, as some future version might |
387 | default to another default protocol. |
391 | default to another default protocol. |
388 | |
392 | |