diff --git a/doc/tinc.texi b/doc/tinc.texi index b207a93f..864269b7 100644 --- a/doc/tinc.texi +++ b/doc/tinc.texi @@ -2153,6 +2153,7 @@ Be sure to include the following information in your bugreport: @node Controlling tinc @chapter Controlling tinc +@cindex command line interface You can start, stop, control and inspect a running tincd through the tinc command. A quick example: @@ -2160,6 +2161,7 @@ command. A quick example: tinc -n @var{netname} reload @end example +@cindex shell If tinc is started without a command, it will act as a shell; it will display a prompt, and commands can be entered on the prompt. If tinc is compiled with libreadline, history and command completion are available on the prompt. One @@ -2219,85 +2221,107 @@ the value of this environment variable is used. @c from the manpage @table @code +@cindex init @item init [@var{name}] Create initial configuration files and RSA and ECDSA keypairs with default length. If no @var{name} for this node is given, it will be asked for. +@cindex get @item get @var{variable} Print the current value of configuration variable @var{variable}. If more than one variable with the same name exists, the value of each of them will be printed on a separate line. +@cindex set @item set @var{variable} @var{value} Set configuration variable @var{variable} to the given @var{value}. All previously existing configuration variables with the same name are removed. To set a variable for a specific host, use the notation @var{host}.@var{variable}. +@cindex add @item add @var{variable} @var{value} As above, but without removing any previously existing configuration variables. +@cindex del @item del @var{variable} [@var{value}] Remove configuration variables with the same name and @var{value}. If no @var{value} is given, all configuration variables with the same name will be removed. +@cindex edit @item edit @var{filename} Start an editor for the given configuration file. You do not need to specify the full path to the file. +@cindex export @item export Export the host configuration file of the local node to standard output. +@cindex export-all @item export-all Export all host configuration files to standard output. +@cindex import @item import [--force] Import host configuration file(s) generated by the tinc export command from standard input. Already existing host configuration files are not overwritten unless the option --force is used. +@cindex exchange @item exchange [--force] The same as export followed by import. +@cindex exchange-all @item exchange-all [--force] The same as export-all followed by import. +@cindex invite @item invite @var{name} Prepares an invitation for a new node with the given @var{name}, and prints a short invitation URL that can be used with the join command. +@cindex join @item join [@var{URL}] Join an existing VPN using an invitation URL created using the invite command. If no @var{URL} is given, it will be read from standard input. +@cindex start @item start [tincd options] Start @samp{tincd}, optionally with the given extra options. +@cindex stop @item stop Stop @samp{tincd}. +@cindex restart @item restart [tincd options] Restart @samp{tincd}, optionally with the given extra options. +@cindex reload @item reload Partially rereads configuration files. Connections to hosts whose host config files are removed are closed. New outgoing connections specified in @file{tinc.conf} will be made. +@cindex pid @item pid Shows the PID of the currently running @samp{tincd}. +@cindex generate-keys @item generate-keys [@var{bits}] Generate both RSA and ECDSA keypairs (see below) and exit. tinc will ask where you want to store the files, but will default to the configuration directory (you can use the -c or -n option). +@cindex generate-ecdsa-keys @item generate-ecdsa-keys Generate public/private ECDSA keypair and exit. +@cindex generate-rsa-keys @item generate-rsa-keys [@var{bits}] Generate public/private RSA keypair and exit. If @var{bits} is omitted, the default length will be 2048 bits. When saving keys to existing files, tinc will not delete the old keys; you have to remove them manually. +@cindex dump @item dump [reachable] nodes Dump a list of all known nodes in the VPN. If the reachable keyword is used, only lists reachable nodes. @@ -2311,26 +2335,32 @@ Dump a list of all known subnets in the VPN. @item dump connections Dump a list of all meta connections with ourself. +@cindex graph @item dump graph | digraph Dump a graph of the VPN in dotty format. Nodes are colored according to their reachability: red nodes are unreachable, orange nodes are indirectly reachable, green nodes are directly reachable. Black nodes are either directly or indirectly reachable, but direct reachability has not been tried yet. +@cindex info @item info @var{node} | @var{subnet} | @var{address} Show information about a particular @var{node}, @var{subnet} or @var{address}. If an @var{address} is given, any matching subnet will be shown. +@cindex purge @item purge Purges all information remembered about unreachable nodes. +@cindex debug @item debug @var{level} Sets debug level to @var{level}. +@cindex log @item log [@var{level}] Capture log messages from a running tinc daemon. An optional debug level can be given that will be applied only for log messages sent to tinc. +@cindex retry @item retry Forces tinc to try to connect to all uplinks immediately. Usually tinc attempts to do this itself, @@ -2338,14 +2368,17 @@ but increases the time it waits between the attempts each time it failed, and if tinc didn't succeed to connect to an uplink the first time after it started, it defaults to the maximum time of 15 minutes. +@cindex disconnect @item disconnect @var{node} Closes the meta connection with the given @var{node}. +@cindex top @item top If tinc is compiled with libcurses support, this will display live traffic statistics for all the known nodes, similar to the UNIX top command. See below for more information. +@cindex pcap @item pcap Dump VPN traffic going through the local tinc node in pcap-savefile format to standard output, from where it can be redirected to a file or piped through a program that can parse it directly, @@ -2379,6 +2412,7 @@ tinc -n vpn export | gpg --clearsign | mail -s "My config" vpnmaster@@example.co @node tinc top @section tinc top +@cindex top The top command connects to a running tinc daemon and repeatedly queries its per-node traffic counters. It displays a list of all the known nodes in the left-most column, and the amount of bytes and packets read from and sent to each node in the other columns.