… | |
… | |
347 | |
347 | |
348 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
348 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
349 | |
349 | |
350 | =item enable-dns = yes|true|on | no|false|off |
350 | =item enable-dns = yes|true|on | no|false|off |
351 | |
351 | |
|
|
352 | See gvpe.protocol(7) for a description of the DNS transport |
|
|
353 | protocol. Avoid this protocol if you can. |
|
|
354 | |
352 | Enable the DNS tunneling protocol on this node, either as server or as |
355 | Enable the DNS tunneling protocol on this node, either as server or as |
353 | client (only available when gvpe was compiled with C<--enable-dns>). |
356 | client. Support for this transport protocol is only available when gvpe |
|
|
357 | was compiled using the C<--enable-dns> option. |
354 | |
358 | |
355 | B<WARNING:> Parsing and generating DNS packets is rather tricky. The code |
359 | =item enable-icmp = yes|true|on | no|false|off |
356 | almost certainly contains buffer overflows and other, likely exploitable, |
|
|
357 | bugs. You have been warned. |
|
|
358 | |
360 | |
359 | This is the worst choice of transport protocol with respect to overhead |
361 | See gvpe.protocol(7) for a description of the ICMP transport protocol. |
360 | (overhead can be 2-3 times higher than the transferred data), and probably |
362 | |
361 | the best choice when tunneling through firewalls. |
363 | Enable the ICMP transport using icmp packets of type C<icmp-type> on this |
|
|
364 | node. |
362 | |
365 | |
363 | =item enable-rawip = yes|true|on | no|false|off |
366 | =item enable-rawip = yes|true|on | no|false|off |
364 | |
367 | |
|
|
368 | See gvpe.protocol(7) for a description of the RAW IP transport protocol. |
|
|
369 | |
365 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
370 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
366 | (default: C<no>). This is the best choice, since the minimum overhead per |
371 | (default: C<no>). |
367 | packet is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
|
|
368 | |
372 | |
369 | =item enable-tcp = yes|true|on | no|false|off |
373 | =item enable-tcp = yes|true|on | no|false|off |
370 | |
374 | |
|
|
375 | See gvpe.protocol(7) for a description of the TCP transport protocol. |
|
|
376 | |
371 | Enable the TCPv4 transport using the C<tcp-port> port |
377 | Enable the TCPv4 transport using the C<tcp-port> port |
372 | (default: C<no>). Support for this horribly unsuitable protocol is only |
378 | (default: C<no>). Support for this transport protocol is only available |
373 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
379 | when gvpe was compiled using the C<--enable-tcp> option. |
374 | use this transport unless you really must, it is very inefficient and |
|
|
375 | resource-intensive compared to the other transports (except for DNS, which |
|
|
376 | is worse). |
|
|
377 | |
380 | |
378 | =item enable-udp = yes|true|on | no|false|off |
381 | =item enable-udp = yes|true|on | no|false|off |
|
|
382 | |
|
|
383 | See gvpe.protocol(7) for a description of the UDP transport protocol. |
379 | |
384 | |
380 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
385 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
381 | unless no other protocol is enabled for a node, in which case this |
386 | unless no other protocol is enabled for a node, in which case this |
382 | protocol is enabled automatically). This is a good general choice since |
387 | protocol is enabled automatically). |
383 | UDP tunnels well through many firewalls. |
|
|
384 | |
388 | |
385 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
389 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
386 | it might get switched on automatically, as some future version might |
390 | it might get switched on automatically, as some future version might |
387 | default to another default protocol. |
391 | default to another default protocol. |
|
|
392 | |
|
|
393 | =item icmp-type = integer |
|
|
394 | |
|
|
395 | Sets the type value to be used for outgoing (and incoming) packets sent |
|
|
396 | via the ICMP transport. |
|
|
397 | |
|
|
398 | The default is C<0> (which is C<echo-reply>, also known as |
|
|
399 | "ping-replies"). Other useful values include C<8> (C<echo-request>, a.k.a. |
|
|
400 | "ping") and C<11> (C<time-exceeded>), but any 8-bit value can be used. |
388 | |
401 | |
389 | =item inherit-tos = yes|true|on | no|false|off |
402 | =item inherit-tos = yes|true|on | no|false|off |
390 | |
403 | |
391 | Wether to inherit the TOS settings of packets sent to the tunnel when |
404 | Wether to inherit the TOS settings of packets sent to the tunnel when |
392 | sending packets to this node (default: C<yes>). If set to C<yes> then |
405 | sending packets to this node (default: C<yes>). If set to C<yes> then |