| … | |
… | |
| 347 | |
347 | |
| 348 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
348 | The port to bind the DNS tunnel socket to. Must be C<53> on DNS tunnel servers. |
| 349 | |
349 | |
| 350 | =item enable-dns = yes|true|on | no|false|off |
350 | =item enable-dns = yes|true|on | no|false|off |
| 351 | |
351 | |
|
|
352 | See gvpe.protocol(7) for a description of the DNS transport |
|
|
353 | protocol. Avoid this protocol if you can. |
|
|
354 | |
| 352 | Enable the DNS tunneling protocol on this node, either as server or as |
355 | Enable the DNS tunneling protocol on this node, either as server or as |
| 353 | client (only available when gvpe was compiled with C<--enable-dns>). |
356 | client. Support for this transport protocol is only available when gvpe |
|
|
357 | was compiled using the C<--enable-dns> option. |
| 354 | |
358 | |
| 355 | B<WARNING:> Parsing and generating DNS packets is rather tricky. The code |
359 | =item enable-icmp = yes|true|on | no|false|off |
| 356 | almost certainly contains buffer overflows and other, likely exploitable, |
|
|
| 357 | bugs. You have been warned. |
|
|
| 358 | |
360 | |
| 359 | This is the worst choice of transport protocol with respect to overhead |
361 | See gvpe.protocol(7) for a description of the ICMP transport protocol. |
| 360 | (overhead can be 2-3 times higher than the transferred data), and probably |
362 | |
| 361 | the best choice when tunneling through firewalls. |
363 | Enable the ICMP transport using icmp packets of type C<icmp-type> on this |
|
|
364 | node. |
| 362 | |
365 | |
| 363 | =item enable-rawip = yes|true|on | no|false|off |
366 | =item enable-rawip = yes|true|on | no|false|off |
| 364 | |
367 | |
|
|
368 | See gvpe.protocol(7) for a description of the RAW IP transport protocol. |
|
|
369 | |
| 365 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
370 | Enable the RAW IPv4 transport using the C<ip-proto> protocol |
| 366 | (default: C<no>). This is the best choice, since the minimum overhead per |
371 | (default: C<no>). |
| 367 | packet is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). |
|
|
| 368 | |
372 | |
| 369 | =item enable-tcp = yes|true|on | no|false|off |
373 | =item enable-tcp = yes|true|on | no|false|off |
| 370 | |
374 | |
|
|
375 | See gvpe.protocol(7) for a description of the TCP transport protocol. |
|
|
376 | |
| 371 | Enable the TCPv4 transport using the C<tcp-port> port |
377 | Enable the TCPv4 transport using the C<tcp-port> port |
| 372 | (default: C<no>). Support for this horribly unsuitable protocol is only |
378 | (default: C<no>). Support for this transport protocol is only available |
| 373 | available when gvpe was compiled using the C<--enable-tcp> option. Never |
379 | when gvpe was compiled using the C<--enable-tcp> option. |
| 374 | use this transport unless you really must, it is very inefficient and |
|
|
| 375 | resource-intensive compared to the other transports (except for DNS, which |
|
|
| 376 | is worse). |
|
|
| 377 | |
380 | |
| 378 | =item enable-udp = yes|true|on | no|false|off |
381 | =item enable-udp = yes|true|on | no|false|off |
|
|
382 | |
|
|
383 | See gvpe.protocol(7) for a description of the UDP transport protocol. |
| 379 | |
384 | |
| 380 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
385 | Enable the UDPv4 transport using the C<udp-port> port (default: C<no>, |
| 381 | unless no other protocol is enabled for a node, in which case this |
386 | unless no other protocol is enabled for a node, in which case this |
| 382 | protocol is enabled automatically). This is a good general choice since |
387 | protocol is enabled automatically). |
| 383 | UDP tunnels well through many firewalls. |
|
|
| 384 | |
388 | |
| 385 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
389 | NOTE: Please specify C<enable-udp = yes> if you want t use it even though |
| 386 | it might get switched on automatically, as some future version might |
390 | it might get switched on automatically, as some future version might |
| 387 | default to another default protocol. |
391 | default to another default protocol. |
| 388 | |
392 | |
