ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/gvpe/doc/gvpe.conf.5
(Generate patch)

Comparing gvpe/doc/gvpe.conf.5 (file contents):
Revision 1.9 by pcg, Mon Mar 14 17:40:01 2005 UTC vs.
Revision 1.10 by pcg, Thu Mar 17 22:24:31 2005 UTC

127.\} 127.\}
128.rm #[ #] #H #V #F C 128.rm #[ #] #H #V #F C
129.\" ======================================================================== 129.\" ========================================================================
130.\" 130.\"
131.IX Title "GVPE.CONF 5" 131.IX Title "GVPE.CONF 5"
132.TH GVPE.CONF 5 "2005-03-14" "1.8" "GNU Virtual Private Ethernet" 132.TH GVPE.CONF 5 "2005-03-17" "1.8" "GNU Virtual Private Ethernet"
133.SH "NAME" 133.SH "NAME"
134gvpe.conf \- configuration file for the GNU VPE daemon 134gvpe.conf \- configuration file for the GNU VPE daemon
135.SH "SYNOPSIS" 135.SH "SYNOPSIS"
136.IX Header "SYNOPSIS" 136.IX Header "SYNOPSIS"
137.Vb 3 137.Vb 3
455.IP "dns-port = port-number" 4 455.IP "dns-port = port-number" 4
456.IX Item "dns-port = port-number" 456.IX Item "dns-port = port-number"
457The port to bind the \s-1DNS\s0 tunnel socket to. Must be \f(CW53\fR on \s-1DNS\s0 tunnel servers. 457The port to bind the \s-1DNS\s0 tunnel socket to. Must be \f(CW53\fR on \s-1DNS\s0 tunnel servers.
458.IP "enable-dns = yes|true|on | no|false|off" 4 458.IP "enable-dns = yes|true|on | no|false|off" 4
459.IX Item "enable-dns = yes|true|on | no|false|off" 459.IX Item "enable-dns = yes|true|on | no|false|off"
460See \fIgvpe.protocol\fR\|(7) for a description of the \s-1DNS\s0 transport
461protocol. Avoid this protocol if you can.
462.Sp
460Enable the \s-1DNS\s0 tunneling protocol on this node, either as server or as 463Enable the \s-1DNS\s0 tunneling protocol on this node, either as server or as
461client (only available when gvpe was compiled with \f(CW\*(C`\-\-enable\-dns\*(C'\fR). 464client. Support for this transport protocol is only available when gvpe
465was compiled using the \f(CW\*(C`\-\-enable\-dns\*(C'\fR option.
466.IP "enable-icmp = yes|true|on | no|false|off" 4
467.IX Item "enable-icmp = yes|true|on | no|false|off"
468See \fIgvpe.protocol\fR\|(7) for a description of the \s-1ICMP\s0 transport protocol.
462.Sp 469.Sp
463\&\fB\s-1WARNING:\s0\fR Parsing and generating \s-1DNS\s0 packets is rather tricky. The code 470Enable the \s-1ICMP\s0 transport using icmp packets of type \f(CW\*(C`icmp\-type\*(C'\fR on this
464almost certainly contains buffer overflows and other, likely exploitable, 471node.
465bugs. You have been warned.
466.Sp
467This is the worst choice of transport protocol with respect to overhead
468(overhead can be 2\-3 times higher than the transferred data), and probably
469the best choice when tunneling through firewalls.
470.IP "enable-rawip = yes|true|on | no|false|off" 4 472.IP "enable-rawip = yes|true|on | no|false|off" 4
471.IX Item "enable-rawip = yes|true|on | no|false|off" 473.IX Item "enable-rawip = yes|true|on | no|false|off"
474See \fIgvpe.protocol\fR\|(7) for a description of the \s-1RAW\s0 \s-1IP\s0 transport protocol.
475.Sp
472Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol 476Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol
473(default: \f(CW\*(C`no\*(C'\fR). This is the best choice, since the minimum overhead per 477(default: \f(CW\*(C`no\*(C'\fR).
474packet is only 38 bytes, as opposed to \s-1UDP\s0's 58 (or \s-1TCP\s0's 60+).
475.IP "enable-tcp = yes|true|on | no|false|off" 4 478.IP "enable-tcp = yes|true|on | no|false|off" 4
476.IX Item "enable-tcp = yes|true|on | no|false|off" 479.IX Item "enable-tcp = yes|true|on | no|false|off"
480See \fIgvpe.protocol\fR\|(7) for a description of the \s-1TCP\s0 transport protocol.
481.Sp
477Enable the TCPv4 transport using the \f(CW\*(C`tcp\-port\*(C'\fR port 482Enable the TCPv4 transport using the \f(CW\*(C`tcp\-port\*(C'\fR port
478(default: \f(CW\*(C`no\*(C'\fR). Support for this horribly unsuitable protocol is only 483(default: \f(CW\*(C`no\*(C'\fR). Support for this transport protocol is only available
479available when gvpe was compiled using the \f(CW\*(C`\-\-enable\-tcp\*(C'\fR option. Never 484when gvpe was compiled using the \f(CW\*(C`\-\-enable\-tcp\*(C'\fR option.
480use this transport unless you really must, it is very inefficient and
481resource-intensive compared to the other transports (except for \s-1DNS\s0, which
482is worse).
483.IP "enable-udp = yes|true|on | no|false|off" 4 485.IP "enable-udp = yes|true|on | no|false|off" 4
484.IX Item "enable-udp = yes|true|on | no|false|off" 486.IX Item "enable-udp = yes|true|on | no|false|off"
487See \fIgvpe.protocol\fR\|(7) for a description of the \s-1UDP\s0 transport protocol.
488.Sp
485Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port (default: \f(CW\*(C`no\*(C'\fR, 489Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port (default: \f(CW\*(C`no\*(C'\fR,
486unless no other protocol is enabled for a node, in which case this 490unless no other protocol is enabled for a node, in which case this
487protocol is enabled automatically). This is a good general choice since 491protocol is enabled automatically).
488\&\s-1UDP\s0 tunnels well through many firewalls.
489.Sp 492.Sp
490\&\s-1NOTE:\s0 Please specify \f(CW\*(C`enable\-udp = yes\*(C'\fR if you want t use it even though 493\&\s-1NOTE:\s0 Please specify \f(CW\*(C`enable\-udp = yes\*(C'\fR if you want t use it even though
491it might get switched on automatically, as some future version might 494it might get switched on automatically, as some future version might
492default to another default protocol. 495default to another default protocol.
493.IP "inherit-tos = yes|true|on | no|false|off" 4 496.IP "inherit-tos = yes|true|on | no|false|off" 4

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines