--- gvpe/doc/vped.8 2003/03/23 14:47:39 1.2 +++ gvpe/doc/vped.8 2003/03/28 18:14:57 1.3 @@ -1,111 +1,240 @@ -.Dd 2002-03-25 -.Dt VPED 8 -.\" Manual page created by: -.\" Ivo Timmermans -.\" Guus Sliepen -.\" Modified extensively by Marc Lehmann -.Sh NAME -.Nm vped -.Nd Virtual Private Ethernet Daemon -.Sh SYNOPSIS -.Nm -.Op Fl cdDkKnL -.Op Fl -config Ns = Ns Ar DIR -.Op Fl -no-detach -.Op Fl -debug Ns = Ns Ar [LEVEL] -.Op Fl -kill Ns = Ns Ar [SIGNAL] -.Op Fl -mlock -.Op Fl -help -.Op Fl -version -NODENAME -.Sh DESCRIPTION +.\" Automatically generated by Pod::Man v1.36, Pod::Parser v1.13 +.\" +.\" Standard preamble: +.\" ======================================================================== +.de Sh \" Subsection heading +.br +.if t .Sp +.ne 5 +.PP +\fB\\$1\fR +.PP +.. +.de Sp \" Vertical space (when we can't use .PP) +.if t .sp .5v +.if n .sp +.. +.de Vb \" Begin verbatim text +.ft CW +.nf +.ne \\$1 +.. +.de Ve \" End verbatim text +.ft R +.fi +.. +.\" Set up some character translations and predefined strings. \*(-- will +.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left +.\" double quote, and \*(R" will give a right double quote. | will give a +.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to +.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' +.\" expand to `' in nroff, nothing in troff, for use with C<>. +.tr \(*W-|\(bv\*(Tr +.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' +.ie n \{\ +. ds -- \(*W- +. ds PI pi +. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch +. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch +. ds L" "" +. ds R" "" +. ds C` +. ds C' +'br\} +.el\{\ +. ds -- \|\(em\| +. ds PI \(*p +. ds L" `` +. ds R" '' +'br\} +.\" +.\" If the F register is turned on, we'll generate index entries on stderr for +.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index +.\" entries marked with X<> in POD. Of course, you'll have to process the +.\" output yourself in some meaningful fashion. +.if \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" +.. +. nr % 0 +. rr F +.\} +.\" +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.hy 0 +.if n .na +.\" +.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). +.\" Fear. Run. Save yourself. No user-serviceable parts. +. \" fudge factors for nroff and troff +.if n \{\ +. ds #H 0 +. ds #V .8m +. ds #F .3m +. ds #[ \f1 +. ds #] \fP +.\} +.if t \{\ +. ds #H ((1u-(\\\\n(.fu%2u))*.13m) +. ds #V .6m +. ds #F 0 +. ds #[ \& +. ds #] \& +.\} +. \" simple accents for nroff and troff +.if n \{\ +. ds ' \& +. ds ` \& +. ds ^ \& +. ds , \& +. ds ~ ~ +. ds / +.\} +.if t \{\ +. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" +. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' +. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' +. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' +. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' +. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' +.\} +. \" troff and (daisy-wheel) nroff accents +.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' +.ds 8 \h'\*(#H'\(*b\h'-\*(#H' +.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] +.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' +.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' +.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] +.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] +.ds ae a\h'-(\w'a'u*4/10)'e +.ds Ae A\h'-(\w'A'u*4/10)'E +. \" corrections for vroff +.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' +.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' +. \" for low resolution devices (crt and lpr) +.if \n(.H>23 .if \n(.V>19 \ +\{\ +. ds : e +. ds 8 ss +. ds o a +. ds d- d\h'-1'\(ga +. ds D- D\h'-1'\(hy +. ds th \o'bp' +. ds Th \o'LP' +. ds ae ae +. ds Ae AE +.\} +.rm #[ #] #H #V #F C +.\" ======================================================================== +.\" +.IX Title "VPED.8 8" +.TH VPED.8 8 "2003-03-28" "0.1" "Virtual Private Ethernet" +.SH "NAME" +\&\f(CW\*(C`vped\*(C'\fR \- Virtual Private Ethernet Daemon +=head1 SYNOPSIS +.PP +\&\f(CW\*(C`vped\*(C'\fR [\fB\-cDlL\fR] [\fB\-\-config=\fR\fIDIR\fR] [\fB\-\-no\-detach\fR] [\fB\-l=\fR\fILEVEL]\fR] +[\fB\-\-kill\fR[\fB=\fR\fISIGNAL\fR]] [\fB\-\-mlock\fR] [\fB\-\-help\fR] [\fB\-\-version\fR] +\&\fINODENAME\fR +.SH "DESCRIPTION" +.IX Header "DESCRIPTION" This is the manual page for vped, the virtual private ethernet daemon. -When started, -.Nm - -will read it's configuration file to determine the network topology, and -other configuration information, assuming the role of node NODENAME. It -will then connect to the tun/tap device and set up a socket for incoming -connections. Then a script will be executed to further configure the -virtual device. If that succeeds, it will detach from the controlling -terminal and continue in the background, accepting and setting up -connections to other vped daemons that are part of the virtual private -ethernet. - -.Sh OPTIONS -.Bl -tag -width indent -.It Fl c, -config Ns = Ns Ar DIR -Read configuration options from -.Ar DIR . -.It Fl d, -debug Ns Op = Ns Ar LEVEL -Increase debug level or set it to -.Ar LEVEL -(see below). -.It Fl -help +When started, \f(CW\*(C`vped\*(C'\fR will read it's configuration file to determine the +network topology, and other configuration information, assuming the role +of node \fI\s-1NODENAME\s0\fR. It will then connect to the tun/tap device and set +up a socket for incoming connections. Then a script will be executed to +further configure the virtual device. If that succeeds, it will detach +from the controlling terminal and continue in the background, accepting +and setting up connections to other vped daemons that are part of the +virtual private ethernet. +.SH "OPTIONS" +.IX Header "OPTIONS" +.IP "\fB\-c\fR, \fB\-\-config=\fR\fI\s-1DIR\s0\fR" 4 +.IX Item "-c, --config=DIR" +Read configuration options from \fI\s-1DIR\s0\fR +.IP "\fB\-d\fR, \fB\-\-l=\fR\fI\s-1LEVEL\s0\fR" 4 +.IX Item "-d, --l=LEVEL" +Set logging level to \fI\s-1LEVEL\s0\fR (one of: noise, trace, debug, info, notice, +warn, error, critical). +.IP "\fB\-\-help\fR" 4 +.IX Item "--help" Display short list of options. -.It Fl k, -kill Ns Op = Ns Ar SIGNAL -Attempt to kill a running -.Nm -(optionally with the specified -.Ar SIGNAL -instead of SIGTERM) and exit. -.It Fl D, -no-detach -Don't fork and detach. -.It Fl L, -mlock -Lock vped into main memory. -This will prevent sensitive data like shared private keys to be written to the system swap files/partitions. -.It Fl -version +.IP "\fB\-D\fR, \fB\-\-no\-detach\fR" 4 +.IX Item "-D, --no-detach" +Don't fork and detach but stay in foreground and log messages to stderr in +addition to syslog. +.IP "\fB\-L\fR, \fB\-\-mlock\fR" 4 +.IX Item "-L, --mlock" +Lock \f(CW\*(C`vped\*(C'\fR into main memory. This will prevent sensitive data like +shared private keys to be written to the system swap files/partitions. +.IP "\fB\-\-version\fR" 4 +.IX Item "--version" Output version information and exit. -.El -.Sh SIGNALS -.Bl -tag -width indent -.It HUP -Closes all connections, resets the retry time and will start connecting again -(it will NOT re-read the config file). This is useful e.g. in a /etc/ppp/if-up script. -.El -.Sh FILES -.Bl -tag -width indent -.It Pa /etc/vpe/vped.conf -The configuration file for -.Nm . -.It Pa /etc/vpe/if-up -Script which is executed as soon as the virtual network device has been allocated. -Purpose is to further configure that device. -.It Pa /etc/vpe/node-up -Script which is executed whenever a node connects to this node. This can be used -for example to run nsupdate. -.It Pa /etc/vpe/node-down +.SH "SIGNALS" +.IX Header "SIGNALS" +.IP "\s-1HUP\s0" 4 +.IX Item "HUP" +Closes/resets all connections, resets the retry time and will start connecting +again (it will \s-1NOT\s0 re-read the config file). This is useful e.g. in a +\&\f(CW\*(C`/etc/ppp/if\-up\*(C'\fR script. +.IP "\s-1TERM\s0" 4 +.IX Item "TERM" +Closes/resets all connections and exits. +.IP "\s-1USR1\s0" 4 +.IX Item "USR1" +Dump current network status into the syslog (at loglevel \f(CW\*(C`notice\*(C'\fR, so make +sure your lgolevel allows this). +.SH "FILES" +.IX Header "FILES" +.ie n .IP "\*(C`/etc/vpe/vped.conf\*(C'" 4 +.el .IP "\f(CW\*(C`/etc/vpe/vped.conf\*(C'\fR" 4 +.IX Item "/etc/vpe/vped.conf" +The configuration file for \f(CW\*(C`vped\*(C'\fR. +.ie n .IP "\*(C`/etc/vpe/if\-up\*(C'" 4 +.el .IP "\f(CW\*(C`/etc/vpe/if\-up\*(C'\fR" 4 +.IX Item "/etc/vpe/if-up" +Script which is executed as soon as the virtual network device has been +allocated. Purpose is to further configure that device. +.ie n .IP "\*(C`/etc/vpe/node\-up\*(C'" 4 +.el .IP "\f(CW\*(C`/etc/vpe/node\-up\*(C'\fR" 4 +.IX Item "/etc/vpe/node-up" +Script which is executed whenever a node connects to this node. This can +be used for example to run nsupdate. +.ie n .IP "\*(C`/etc/vpe/node\-down\*(C'" 4 +.el .IP "\f(CW\*(C`/etc/vpe/node\-down\*(C'\fR" 4 +.IX Item "/etc/vpe/node-down" Script which is executed whenever a conenction to another node is lost. for example to run nsupdate. -.It Pa /etc/vpe/pubkey/* -The directory containing the public keys for every node, usually autogenerated -by executing vpectrl --generate-keys. -.It Pa /var/run/vped.pid -The PID of the currently running -.Nm -is stored in this file. -.El -.Sh BUGS -.Sy The cryptography in vped is not well tested yet. Use it at your own risk! -.Pp -If you find any bugs, report them to vpe@plan9.de. -.Sh TODO +.ie n .IP "\*(C`/etc/vpe/pubkey/*\*(C'" 4 +.el .IP "\f(CW\*(C`/etc/vpe/pubkey/*\*(C'\fR" 4 +.IX Item "/etc/vpe/pubkey/*" +The directory containing the public keys for every node, usually +autogenerated by executing \f(CW\*(C`vpectrl \-\-generate\-keys\*(C'\fR. +.ie n .IP "\*(C`/var/run/vped.pid\*(C'" 4 +.el .IP "\f(CW\*(C`/var/run/vped.pid\*(C'\fR" 4 +.IX Item "/var/run/vped.pid" +The \s-1PID\s0 of the currently running \f(CW\*(C`vped\*(C'\fR is stored in this file. +.SH "BUGS" +.IX Header "BUGS" +The cryptography in vped is not thoroughly checked by many people yet. Use +it at your own risk! +.PP +If you find any bugs, report them to \f(CW\*(C`vpe@plan9.de\*(C'\fR. +.SH "TODO" +.IX Header "TODO" A lot. -.Sh SEE ALSO -.Xr vpe.conf 5 , -.Xr vpectrl 8 , -.Pp -The full documentation for vpe is maintained as a Texinfo manual. -If the info and tinc programs are properly installed at your site, -the command -.Ic info vpe -should give you access to the complete manual. -.Pp -vpe comes with ABSOLUTELY NO WARRANTY. -This is free software, and you are welcome to redistribute it under certain conditions; -see the file COPYING for details. -.Sh AUTHORS -.An "Marc Lehmann" Aq vpe@plan9.de -.Pp -And thanks to many others for their contributions to vpe, especially the tincd authors -who inspired this program and whose sourcecode I scavanged! +.SH "SEE ALSO" +.IX Header "SEE ALSO" +\&\fIvpe\fR\|(5), \fIvped.conf\fR\|(5), \fIvpectrl\fR\|(8). +.PP +vpe comes with \s-1ABSOLUTELY\s0 \s-1NO\s0 \s-1WARRANTY\s0. This is free software, and you are +welcome to redistribute it under certain conditions; see the file \s-1COPYING\s0 +for details. +.SH "AUTHORS" +.IX Header "AUTHORS" +Marc Lehmann \f(CW\*(C`\*(C'\fR. +.PP +And thanks to many others for their contributions to vpe, especially the +tincd authors, who inspired me to write this program (after scavenging +their sourcecode ;).