NAME¶
gvpe - GNU Virtual Private Ethernet Daemon
SYNOPSIS¶
gvpe [
-cDlL] [
--config=DIR] [
--no-detach]
[
-l= LEVEL]] [
--kill[
=SIGNAL]]
[
--mlock] [
--help] [
--version]
NODENAME
[
option...]
DESCRIPTION¶
See the
gvpe(5) man page for an introduction to the gvpe suite.
This is the manual page for gvpe, the virtual private ethernet daemon. When
started, gvpe will read it's configuration file to determine the network
topology, and other configuration information, assuming the role of node
NODENAME
It will then create/connect to the tun/tap device and set up a socket for
incoming connections. Then a if-up script will be executed to further
configure the virtual network device. If that succeeds, it will detach from
the controlling terminal and continue in the background, accepting and setting
up connections to other gvpe daemons that are part of the same virtual private
ethernet.
The optional arguments after the node name have to be of the form:
[I<nodename>.]var=value
If the argument has a prefix of nodename. (i.e. laptop.enable-dns=yes) then it
will be parsed after all the config directives for that node, if not, it is
parsed before the first node directive in the config file, and can be used to
set global options or default variables.
For example, to start gvpe in the foreground, with log-level info on the node
laptop, with TCP enabled and HTTP-Proxy host and Port set, use this:
gvpe -D -l info laptop \
http-proxy-host=10.0.0.18 http-proxy-port=3128 \
laptop.enable-tcp=yes
OPTIONS¶
- -c, --config=DIR
- Read configuration options from DIR
- -d, --l=LEVEL
- Set logging level to LEVEL (one of: noise, trace,
debug, info, notice, warn, error, critical).
- --help
- Display short list of options.
- -D, --no-detach
- Don't fork and detach but stay in foreground and log
messages to stderr in addition to syslog.
- -L, --mlock
- Lock gvpe into main memory. This will prevent sensitive
data like shared private keys to be written to the system swap
files/partitions.
- --version
- Output version information and exit.
SIGNALS¶
- HUP
- Closes/resets all connections, resets the retry time and
will start connecting again (it will NOT re-read the config file). This is
useful e.g. in a /etc/ppp/if-up script.
- TERM
- Closes/resets all connections and exits.
- USR1
- Dump current network status into the syslog (at loglevel
notice, so make sure your loglevel allows this).
FILES¶
- /etc/gvpe/gvpe.conf
- The configuration file for gvpe.
- /etc/gvpe/if-up
- Script which is executed as soon as the virtual network
device has been allocated. Purpose is to further configure that
device.
- /etc/gvpe/node-up
- Script which is executed whenever a node connects to this
node. This can be used for example to run nsupdate.
- /etc/gvpe/node-down
- Script which is executed whenever a connection to another
node is lost. for example to run nsupdate.
- /etc/gvpe/pubkey/*
- The directory containing the public keys for every node,
usually autogenerated by executing gvpectrl --generate-keys.
- /var/run/gvpe.pid
- The PID of the currently running gvpe is stored in this
file.
BUGS¶
The cryptography in gvpe has not been thoroughly checked by many people yet. Use
it at your own risk!
If you find any bugs, report them to gvpe@schmorp.de.
SEE ALSO¶
gvpe(5) for an introduction,
gvpe.conf(5),
gvpectrl(8).
The GVPE mailing list, at <
http://lists.schmorp.de/> or
gvpe@lists.schmorp.de.
GVPE comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
welcome to redistribute it under certain conditions; see the file COPYING for
details.
AUTHOR¶
Marc Lehmann <gvpe@schmorp.de>.
And thanks to many others for their contributions to gvpe, especially the tincd
authors, who inspired me to write this program (after scavenging their source
code ;).