NAME
vtund.conf - VTun(Virtual Tunnel) daemon configuration file.
DESCRIPTION
Configuration file for vtund(8) virtual tunnel daemon.
File consists of sections in the form:
name {
keyword value;
keyword value;
..
}
Semicolon at the end of each keyword-value pair is required, as well as
grouping curly braces {}. Lines which begin with ’#’ characters are
comments.
Name of section (name) can be one of:
options
this section specifies general options for vtund
default
specifies default options for all sessions
session
(any other word except "options" and "default") introduces new
session and specifies options for it.
All keyword names can be abbreviated to a minimum of 4 characters.
GENERAL OPTIONS
This section, named options, specifies general options to use by
vtund(8). Possible keywords are:
type stand|inetd
server type. vtund(8) can operate in standalone mode (stand),
that is the default, or be invoked from inetd(8).
port portnumber
server port number to listen on or connect to. By default,
vtund(8) uses port 5000.
bindaddr list
server listen address. Used to force vtund to bind to the
specific address and port in server mode. Format:
bindaddr {
option value;
};
bindaddr options:
iface if_name
use interface address if_name as the bind address.
addr addr
bind address. Can be either IP address or host name.
timeout seconds
General timeout.
persist yes|keep|no
persist mode. If yes, the client will try to reconnect to the
server after connection termination. If keep, the client will
not remove and re-add the tunXX or tapXX device when
reconnecting. If no, the client will exit (default). This
option is ignored by the server.
syslog number|name
syslog facility specification, either numeric or name (from
syslog (3)).
ppp path
path to pppd(8) program. Can be used in session sections.
ifconfig path
path to ifconfig(8) program. Can be used in session sections.
route path
path to route(8) program. Can be used in session sections.
ip path
path to iproute(8) program. Can be used in session sections.
firewall path
program for the firewall setup.
All the ppp, ifconfig, route and firewall parameters can specify a
filename for corresponding program or equivalent (or shell script).
This parameters are used in session sections to setup network
interfaces.
SESSION OPTIONS
Session options can be specified inside session section or inside
default section. Default parameters apply to any session section but
can be overwritten there. Parameters are:
passwd secret
password for authentication. This should be the same in client
and server.
type type
type of tunnel. Possible tunnel types are:
tun IP tunnel (no PPP, Ether etc headers)
ether Ethernet tunnel
tty serial tunnel (PPP, SLIP etc)
pipe pipe tunnel
Default tunnel type is tty. This option is ignored by client.
device dev
network device to use. You can choose tapXX for ether tunnel or
tunXX for tun tunnel. By default vtund(8) will automatically
select available device.
proto tcp|udp
protocol to use. By default, vtund(8) will use TCP protocol.
UDP is recommended for ether and tun tunnels only. This option
is ignored by the client.
timeout secounds
Connect timeout.
compress method[:level]
specifies compression method to use. Compression methods
includes:
no no compression
yes default compression method
zlib ZLIB compression
lzo LZO compression (if compiled in)
You can also specify level of compression using one digit (1 is
best speed, 9 is best compression ratio). This option ignored
by the client.
encrypt yes|no
enable or disable encryption. This option ignored by the
client.
keepalive yes|no
enable or disable connection keep-alive. This option is ignored
by the client.
stat yes|no
enable or disable statistics. If enabled vtund(8) will log
statistic counters to /var/log/vtund/session_X every 5 minutes.
speed kbps
specifies speed of the connection in kilobits/second. Valid
values for kbps are 8,16,32,64,128,256,etc. 0 (the default)
means maximum possible speed without shaping. You can specify
speed in form in:out, where in is speed to client, out - from
the client. Single number means the same speed for in and out.
This option ignored by the client.
srcaddr list
local (source) address. Used to force vtund to bind to the
specific address and port. Format:
srcaddr {
option value;
option value;
..
};
srcaddr options:
iface if_name
use interface address if_name as the source address.
addr addr
source address. Can be either IP address or host name.
port portnumber
source port.
multi value
control multiple connections. value can be yes or allow to
allow multiple connections, no or deny to deny them or killold
to allow new connection and kill old one. Ignored by the
client.
up list
list of programs to run after connection has been established.
Used to initialize protocols, devices, routing and firewall.
This option looks like whole section inside of session section.
Format:
up {
option value;
option value;
..
};
Options inside up (and down) blocks:
program path arguments [wait]
run specified program. path is the full path to the
program, arguments is all arguments to pass to it
(enclosed in double quotes). If wait specified, vtund
will wait program termination. Special characters that
can be used inside arguments parameter:
´ (single quotes) - group arguments
\ (back slash) - escape character
%d - TUN or TAP device or TTY port name
%% (double percent) - same as %d
%A - Local IP address
%P - Local TCP or UDP port
%a - Remote IP address
%p - Remote TCP or UDP port
ppp arguments
run program specified by ppp statement in options
section. All special character described above are valid
in arguments here.
ifconfig arguments
run program specified by ifconfig statement in options
section.
route arguments
run program specified by route statement in options
section.
ip arguments
run program specified by ip statement in options section.
firewall arguments
run program specified by firewall statement in options
section.
down list
list of programs to run after connection has been terminated.
It is similar to up parameter above. Format:
down {
option value;
option value;
..
};
NOTES
Options ignored by the client are supplied by the server at the run
time or are used only on the server side.
SEE ALSO
vtund(8), inetd(8), ifconfig(8), route(8), pppd(8), syslog(3), zlib(3).
AUTHOR
Vtund written by Maxim Krasnyansky <max_mk@yahoo.com>. This manual
page was derived from comments in config file by Michael Tokarev
<mjt@tls.msk.ru>