--- gvpe/doc/vped.conf.5.pod 2003/03/28 18:14:57 1.1 +++ gvpe/doc/vped.conf.5.pod 2003/04/07 01:12:56 1.4 @@ -7,7 +7,7 @@ udp-port = 407 mtu = 1492 ifname = vpn0 - + node = branch1 hostname = 1.2.3.4 @@ -136,18 +136,6 @@ common choices are 50 (IPSEC, ESP), 51 (IPSEC, AH), 4 (IPIP tunnels) or 98 (ENCAP, rfc1241) -=item enable-udp = yes|true|on | no|false|off - -Enable the UDPv4 transport using the C port -(default: C). This is a good general choice since UDP tunnels well -through many firewalls. - -=item enable-rawip = yes|true|on | no|false|off - -Enable the RAW IPv4 transport using the C protocol -(default: C). This is the best choice, since the overhead per packet -is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). - =item if-up = relative-or-absolute-path Sets the path of a script that should be called immediately after the @@ -245,6 +233,43 @@ Same as C, but gets called whenever a connection is lost. +=item http-proxy-host = hostname/ip + +The C-family of options are only available if vpe was +compiled with the C<--enable-http-proxy> option and enable tunneling of +tcp connections through a http proxy server. + +C and C should specify the hostname and +port number of the proxy server. See C if your proxy +requires authentication. + +Please note that vpe will still try to resolve all hostnames in the +configuration file, so if you are behind a proxy without access to a dns +server better use numerical IP addresses. + +To make best use of this option disable all protocols except tcp in your +config file and make sure your routers (or all other hosts) are listening +on a port that the proxy allows (443, https, is a common choice). + +If you have a router, connecting to it will suffice. Otherwise tcp must be +enabled on all hosts. + +Example: + + http-proxy-host = proxy.example.com + http-proxy-port = 3128 # 8080 is another common choice + http-proxy-auth = schmorp:grumbeere + +=item http-proxy-port = proxy-tcp-port + +The port where your proxy server listens. + +=item http-proxy-auth = login:password + +The optional login and password used to authenticate to the proxy server, +seperated by a literal colon (C<:>). Only basic authentication is +currently supported. + =back =head2 NODE SPECIFIC SETTINGS @@ -261,6 +286,30 @@ Sets the port number used by the UDP protocol (default: C<407>, not officially assigned by IANA!). +=item tcp-port = port-number + +Similar to C (default: C<407>), but sets the TCP port number. + +=item enable-rawip = yes|true|on | no|false|off + +Enable the RAW IPv4 transport using the C protocol +(default: C). This is the best choice, since the overhead per packet +is only 38 bytes, as opposed to UDP's 58 (or TCP's 60+). + +=item enable-udp = yes|true|on | no|false|off + +Enable the UDPv4 transport using the C port +(default: C). This is a good general choice since UDP tunnels well +through many firewalls. + +=item enable-tcp = yes|true|on | no|false|off + +Enable the TCPv4 transport using the C port +(default: C). Support for this horribly unsuitable protocol is only +available when vpe was compiled using the C<--enable-tcp> option. Never +use this transport unless you really must, it is horribly ineffiecent and +resource-intensive compared to the other transports. + =item router-priority = positive-number Sets the router priority of the given host (default: C<0>, disabled). If