… | |
… | |
379 | |
379 | |
380 | Sets the rekeying interval in seconds (default: C<3600>). Connections are |
380 | Sets the rekeying interval in seconds (default: C<3600>). Connections are |
381 | reestablished every C<rekey> seconds, making them use a new encryption |
381 | reestablished every C<rekey> seconds, making them use a new encryption |
382 | key. |
382 | key. |
383 | |
383 | |
|
|
384 | =item nfmark = integer |
|
|
385 | |
|
|
386 | This advanced option, when set to a nonzero value (default: C<0>), tries |
|
|
387 | to set the netfilter mark (or fwmark) value on all sockets gvpe uses to |
|
|
388 | send packets. |
|
|
389 | |
|
|
390 | This can be used to make gvpe use a different set of routing rules. For |
|
|
391 | example, on GNU/Linux, the C<if-up> could set C<nfmark> to 1000 and then |
|
|
392 | put all routing rules into table C<99> and then use an ip rule to make |
|
|
393 | gvpe traffic avoid that routing table, in effect routing normal traffic |
|
|
394 | via gvpe and gvpe traffic via the normal system routing tables: |
|
|
395 | |
|
|
396 | ip rule add not fwmark 1000 lookup 99 |
|
|
397 | |
384 | =back |
398 | =back |
385 | |
399 | |
386 | =head2 NODE SPECIFIC SETTINGS |
400 | =head2 NODE SPECIFIC SETTINGS |
387 | |
401 | |
388 | The following settings are node-specific, that is, every node can have |
402 | The following settings are node-specific, that is, every node can have |