… | |
… | |
130 | .\} |
130 | .\} |
131 | .rm #[ #] #H #V #F C |
131 | .rm #[ #] #H #V #F C |
132 | .\" ======================================================================== |
132 | .\" ======================================================================== |
133 | .\" |
133 | .\" |
134 | .IX Title "GVPE.CONF 5" |
134 | .IX Title "GVPE.CONF 5" |
135 | .TH GVPE.CONF 5 "2008-09-01" "2.2" "GNU Virtual Private Ethernet" |
135 | .TH GVPE.CONF 5 "2009-03-23" "2.22" "GNU Virtual Private Ethernet" |
136 | .\" For nroff, turn off justification. Always turn off hyphenation; it makes |
136 | .\" For nroff, turn off justification. Always turn off hyphenation; it makes |
137 | .\" way too many mistakes in technical documents. |
137 | .\" way too many mistakes in technical documents. |
138 | .if n .ad l |
138 | .if n .ad l |
139 | .nh |
139 | .nh |
140 | .SH "NAME" |
140 | .SH "NAME" |
… | |
… | |
484 | .IP "rekey = seconds" 4 |
484 | .IP "rekey = seconds" 4 |
485 | .IX Item "rekey = seconds" |
485 | .IX Item "rekey = seconds" |
486 | Sets the rekeying interval in seconds (default: \f(CW3600\fR). Connections are |
486 | Sets the rekeying interval in seconds (default: \f(CW3600\fR). Connections are |
487 | reestablished every \f(CW\*(C`rekey\*(C'\fR seconds, making them use a new encryption |
487 | reestablished every \f(CW\*(C`rekey\*(C'\fR seconds, making them use a new encryption |
488 | key. |
488 | key. |
|
|
489 | .IP "nfmark = integer" 4 |
|
|
490 | .IX Item "nfmark = integer" |
|
|
491 | This advanced option, when set to a nonzero value (default: \f(CW0\fR), tries |
|
|
492 | to set the netfilter mark (or fwmark) value on all sockets gvpe uses to |
|
|
493 | send packets. |
|
|
494 | .Sp |
|
|
495 | This can be used to make gvpe use a different set of routing rules. For |
|
|
496 | example, on GNU/Linux, the \f(CW\*(C`if\-up\*(C'\fR could set \f(CW\*(C`nfmark\*(C'\fR to 1000 and then |
|
|
497 | put all routing rules into table \f(CW99\fR and then use an ip rule to make |
|
|
498 | gvpe traffic avoid that routing table, in effect routing normal traffic |
|
|
499 | via gvpe and gvpe traffic via the normal system routing tables: |
|
|
500 | .Sp |
|
|
501 | .Vb 1 |
|
|
502 | \& ip rule add not fwmark 1000 lookup 99 |
|
|
503 | .Ve |
489 | .Sh "\s-1NODE\s0 \s-1SPECIFIC\s0 \s-1SETTINGS\s0" |
504 | .Sh "\s-1NODE\s0 \s-1SPECIFIC\s0 \s-1SETTINGS\s0" |
490 | .IX Subsection "NODE SPECIFIC SETTINGS" |
505 | .IX Subsection "NODE SPECIFIC SETTINGS" |
491 | The following settings are node-specific, that is, every node can have |
506 | The following settings are node-specific, that is, every node can have |
492 | different settings, even within the same gvpe instance. Settings that are |
507 | different settings, even within the same gvpe instance. Settings that are |
493 | set before the first node section set the defaults, settings that are |
508 | set before the first node section set the defaults, settings that are |