NAME¶
vtund.conf - VTun(Virtual Tunnel) daemon configuration file.
DESCRIPTION¶
Configuration file for
vtund(8) virtual tunnel daemon.
File consists of sections in the form:
-
name {
keyword value;
keyword value;
..
}
Semicolon at the end of each keyword-value pair is required, as well as grouping
curly braces {}. Lines which begin with '#' characters are comments.
Name of section (
name) can be one of:
- options
- this section specifies general options for vtund
- default
- specifies default options for all sessions
- session
- (any other word except "options" and
"default") introduces new session and specifies options for
it.
All keyword names can be abbreviated to a minimum of 4 characters.
GENERAL OPTIONS¶
This section, named
options, specifies general options to use by
vtund(8). Possible
keywords are:
- type stand|inetd
- server type. vtund(8) can operate in standalone mode
( stand), that is the default, or be invoked from inetd(8).
- port portnumber
- server port number to listen on or connect to. By default,
vtund(8) uses port 5000.
- bindaddr list
- server listen address. Used to force vtund to bind to the
specific address and port in server mode. Format:
bindaddr {
option value;
};
- bindaddr options:
- iface if_name
- use interface address if_name as the bind
address.
- addr addr
- bind address. Can be either IP address or host name.
- timeout seconds
- General timeout.
- persist yes|keep|no
- persist mode. If yes, the client will try to
reconnect to the server after connection termination. If keep, the
client will not remove and re-add the tunXX or
tapXX device when reconnecting. If no, the client
will exit (default). This option is ignored by the server.
- syslog number|name
- syslog facility specification, either numeric or name (from
syslog (3)).
- ppp path
- path to pppd(8) program. Can be used in session
sections.
- ifconfig path
- path to ifconfig(8) program. Can be used in session
sections.
- route path
- path to route(8) program. Can be used in session
sections.
- ip path
- path to iproute(8) program. Can be used in session
sections.
- firewall path
- program for the firewall setup.
All the
ppp,
ifconfig,
route and
firewall parameters
can specify a filename for corresponding program or equivalent (or shell
script). This parameters are used in session sections to setup network
interfaces.
SESSION OPTIONS¶
Session options can be specified inside session section or inside
default
section. Default parameters apply to any session section but can be
overwritten there. Parameters are:
- passwd secret
- password for authentication. This should be the same in
client and server.
- type type
- type of tunnel. Possible tunnel types are:
- tun
- IP tunnel (no PPP, Ether etc headers)
- ether
- Ethernet tunnel
- tty
- serial tunnel (PPP, SLIP etc)
- pipe
- pipe tunnel
- Default tunnel type is tty. This option is ignored
by client.
- device dev
- network device to use. You can choose tapXX
for ether tunnel or tunXX for tun tunnel. By
default vtund(8) will automatically select available device.
- proto tcp|udp
- protocol to use. By default, vtund(8) will use TCP
protocol. UDP is recommended for ether and tun tunnels only.
This option is ignored by the client.
- timeout secounds
- Connect timeout.
- compress method[:level]
- specifies compression method to use. Compression
methods includes:
- no
- no compression
- yes
- default compression method
- zlib
- ZLIB compression
- lzo
- LZO compression (if compiled in)
- You can also specify level of compression using one
digit (1 is best speed, 9 is best compression ratio). This option ignored
by the client.
- encrypt yes|no
- enable or disable encryption. This option ignored by the
client.
- keepalive yes|no
- enable or disable connection keep-alive. This option is
ignored by the client.
- stat yes|no
- enable or disable statistics. If enabled vtund(8)
will log statistic counters to /var/log/vtund/session_X every 5
minutes.
- speed kbps
- specifies speed of the connection in kilobits/second. Valid
values for kbps are 8,16,32,64,128,256,etc. 0 (the default) means
maximum possible speed without shaping. You can specify speed in form
in :out, where in is speed to client,
out - from the client. Single number means the same speed for in
and out. This option ignored by the client.
- srcaddr list
- local (source) address. Used to force vtund to bind to the
specific address and port. Format:
srcaddr {
option value;
option value;
..
};
- srcaddr options:
- iface if_name
- use interface address if_name as the source
address.
- addr addr
- source address. Can be either IP address or host name.
- port portnumber
- source port.
- multi value
- control multiple connections. value can be
yes or allow to allow multiple connections, no or
deny to deny them or killold to allow new connection and
kill old one. Ignored by the client.
- up list
- list of programs to run after connection has been
established. Used to initialize protocols, devices, routing and firewall.
This option looks like whole section inside of session section. Format:
up {
option value;
option value;
..
};
- Options inside up (and down) blocks:
- program path arguments [wait]
- run specified program. path is the full path to the
program, arguments is all arguments to pass to it (enclosed in
double quotes). If wait specified, vtund will wait program
termination. Special characters that can be used inside arguments
parameter:
- ´ (single quotes) - group arguments
\ (back slash) - escape character
%d - TUN or TAP device or TTY port name
%% (double percent) - same as %d
%A - Local IP address
%P - Local TCP or UDP port
%a - Remote IP address
%p - Remote TCP or UDP port
- ppp arguments
- run program specified by ppp statement in
options section. All special character described above are valid in
arguments here.
- ifconfig arguments
- run program specified by ifconfig statement in
options section.
- route arguments
- run program specified by route statement in
options section.
- ip arguments
- run program specified by ip statement in
options section.
- firewall arguments
- run program specified by firewall statement in
options section.
- down list
- list of programs to run after connection has been
terminated. It is similar to up parameter above. Format:
down {
option value;
option value;
..
};
NOTES¶
Options ignored by the client are supplied by the server at the run time or are
used only on the server side.
SEE ALSO¶
vtund(8),
inetd(8),
ifconfig(8),
route(8),
pppd(8),
syslog(3),
zlib(3).
AUTHOR¶
Vtund written by Maxim Krasnyansky <max_mk@yahoo.com>. This manual page
was derived from comments in config file by Michael Tokarev
<mjt@tls.msk.ru>