Commit graph

190 commits

Author SHA1 Message Date
Guus Sliepen
ee64b8ef33 ConnectTo does not mean tinc does not listen for incoming connections anymore. 2010-03-08 17:54:57 +01:00
Guus Sliepen
3e4829e78a Add the DirectOnly option.
When this option is enabled, packets that cannot be sent directly to the destination node,
but which would have to be forwarded by an intermediate node, are dropped instead.
When combined with the IndirectData option,
packets for nodes for which we do not have a meta connection with are also dropped.
2010-03-02 22:55:24 +01:00
Guus Sliepen
95a6974de1 Add the Forwarding option.
This determines if and how incoming packets that are not meant for the local
node are forwarded.  It can either be off, internal (tinc forwards them itself,
as in previous versions), or kernel (packets are always sent to the TUN/TAP
device, letting the kernel sort them out).
2010-03-02 22:34:26 +01:00
Guus Sliepen
5038964032 Add the StrictSubnets option.
When this option is enabled, tinc will not accept dynamic updates of Subnets
from other nodes, but will only use Subnets read from local host config files
to build its routing table.
2010-03-02 00:18:44 +01:00
Guus Sliepen
40d91ff619 Update copyright notices. 2010-02-02 22:49:21 +01:00
Guus Sliepen
b455111184 Make MSS clamping configurable, but enabled by default.
It can either be set globally in tinc.conf, or per-node in host config files.
2010-01-16 20:16:33 +01:00
Guus Sliepen
a9a803d566 Allow port to be specified in Address statements.
This allows one to connect to use more than one port number to connect to
another node. The syntax is now:

Address = <hostname> [<port>]
2009-12-23 19:49:38 +01:00
Guus Sliepen
3849de9a33 Fix description of the WEIGHT environment variable. 2009-10-18 16:44:32 +02:00
Guus Sliepen
927064e5fd Small updates to the documentation.
Mention that TCPOnly is not necessary anymore since tinc will autodetect
whether it can send via UDP or not. Also mention the WEIGHT environment
variable and the new default value (2048 bits) of RSA keys.
2009-10-11 15:46:52 +02:00
Guus Sliepen
2c30af6c90 Ensure that the texinfo manual can be converted to HTML.
The top node was made conditional with the @iftex command, since it should not
appear in PostScript and PDF output. However, it is still necessary for
texi2html, so we have to use @ifnottex instead.

Texi2html also complains about the use of @cindex in the copyright statement,
so we remove that.
2009-10-11 14:20:14 +02:00
Guus Sliepen
7ea85043ac Merge branch 'master' into 1.1
Conflicts:
	NEWS
	configure.in
	lib/Makefile.am
	lib/pidfile.c
	lib/pidfile.h
	lib/utils.c
	po/POTFILES.in
	po/nl.po
	src/Makefile.am
	src/bsd/device.c
	src/conf.c
	src/connection.c
	src/cygwin/device.c
	src/edge.c
	src/event.c
	src/graph.c
	src/linux/device.c
	src/meta.c
	src/mingw/device.c
	src/net.c
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/netutl.c
	src/node.c
	src/process.c
	src/protocol.c
	src/protocol_auth.c
	src/protocol_edge.c
	src/protocol_key.c
	src/protocol_misc.c
	src/protocol_subnet.c
	src/raw_socket/device.c
	src/route.c
	src/solaris/device.c
	src/subnet.c
	src/tincd.c
	src/uml_socket/device.c
2009-09-29 14:55:29 +02:00
Guus Sliepen
0e6856b137 Remove Ivo's old email addresses. 2009-09-24 23:42:30 +02:00
Guus Sliepen
c217d214f4 Remove all occurences of $Id$. 2009-09-24 23:39:16 +02:00
Guus Sliepen
5a132550de Merge branch 'master' into 1.1
Conflicts:
	doc/tincd.8.in
	lib/pidfile.c
	src/graph.c
	src/net.c
	src/net.h
	src/net_packet.c
	src/net_setup.c
	src/net_socket.c
	src/netutl.c
	src/node.c
	src/node.h
	src/protocol_auth.c
	src/protocol_key.c
	src/tincd.c
2009-06-05 23:14:13 +02:00
Guus Sliepen
41c10c5a96 Add ProcessPriority option.
This option can be set to low, normal or high. On UNIX flavours, this changes
the nice value of the process by +10, 0 and -10 respectively. On Windows, it
sets the priority to BELOW_NORMAL_PRIORITY_CLASS, NORMAL_PRIORITY_CLASS and
HIGH_PRIORITY_CLASS respectively.

A high priority might help to reduce latency and packet loss on the VPN.
2009-05-28 22:51:30 +02:00
Guus Sliepen
576899ef0d Fix link to Mattias Nissler's tun/tap driver for MacOS/X.
Thanks to Martin Christof Kindsmüller for spotting.
2009-05-24 17:13:00 +02:00
Michael Tokarev
ec316aa32e Implement privilege dropping
Add two options, -R/--chroot and -U/--user=user, to chroot to the
config directory (where tinc.conf is located) and to perform
setuid to the user specified, after all the initialization is done.

What's left is handling of pid file since we can't remove it anymore.
2009-05-18 14:34:24 +02:00
Guus Sliepen
08aabbf931 Merge branch 'master' into 1.1
Conflicts:
	NEWS
	README
	doc/tinc.conf.5.in
	doc/tinc.texi
	po/nl.po
	src/conf.c
	src/connection.c
	src/event.c
	src/graph.c
	src/net.c
	src/net_packet.c
	src/net_socket.c
	src/node.c
	src/node.h
	src/openssl/rsagen.h
	src/protocol_auth.c
	src/protocol_key.c
	src/protocol_misc.c
	src/subnet.c
	src/subnet.h
	src/tincd.c
2009-03-09 19:02:24 +01:00
Guus Sliepen
78fc59e994 Update THANKS and copyright information. 2009-03-05 14:12:36 +01:00
Guus Sliepen
5674bba5c5 Allow weight to be assigned to Subnets.
Tinc allows multiple nodes to own the same Subnet, but did not have a sensible
way to decide which one to send packets to. Tinc also did not check the
reachability of nodes when deciding where to route packets to, so it would not
automatically fail over to a reachable node.

Tinc now assigns a weight to each Subnet. The default weight is 10, with lower
weights having higher priority.  The Subnets are now internally sorted in the
same way as the kernel's routing table, and the Subnets are search linearly,
skipping those of unreachable nodes. A small cache of recently used addresses
is used to speed up the lookup functions.
2009-03-05 13:34:13 +01:00
Guus Sliepen
e8f08ced76 Update documentation.
- TCPOnly is not experimental.
- Do not mention old Linux kernels and Ethertap anymore.
- Document the DeviceType, PMTU and PMTUDiscovery options.
2008-12-22 21:29:21 +00:00
Scott Lamb
f0a57eab4c Retry connections through control socket 2007-11-07 02:50:58 +00:00
Scott Lamb
a62a6825a8 Alter debugging levels through control socket 2007-11-07 02:50:27 +00:00
Scott Lamb
1065879c8c Purge through the control socket 2007-11-07 02:49:57 +00:00
Scott Lamb
6eaefb4dbc Dump through control socket
Note this removes SIGUSR1, SIGUSR2, and the graph dumping config option.
It seems cleaner to do everything through the control socket.
2007-11-07 02:49:25 +00:00
Guus Sliepen
6c453769fd Apply patch from Scott Lamb: Update documentation to match tincctl changes 2007-09-04 15:06:35 +00:00
Guus Sliepen
6ded8a3f08 Update documentation. 2007-05-18 11:54:16 +00:00
Guus Sliepen
315ef3e42b Document GraphDumpFile option. 2006-11-11 20:37:58 +00:00
Guus Sliepen
2077451e07 Add generic host-up and host-down scripts.
Thanks to Menno Smits for a patch.
2006-06-12 21:45:39 +00:00
Guus Sliepen
de78d79db8 Update copyright notices, remove Ivo's email address. 2006-04-26 13:52:58 +00:00
Guus Sliepen
228e7a5c8f Apply patch from Scott Lamb adding an output buffer for the TCP sockets.
This helps coalescing multiple send_meta() commands into one TCP packet.
Also limit the size of the output buffer before dropping PACKETs.
2006-01-19 17:13:18 +00:00
Guus Sliepen
df3220a154 Update copyright notices. 2005-05-04 18:09:30 +00:00
Guus Sliepen
54a30e30ad Describe subnet-up/down scripts in documentation. 2005-05-04 16:53:11 +00:00
Guus Sliepen
a20eb05714 Remove duplication. 2004-11-10 23:21:41 +00:00
Guus Sliepen
2369b0ab09 Update documentation. 2004-11-10 21:57:04 +00:00
Guus Sliepen
7926a156e5 Update copyrights, links, email addresses and let Subversion update $Id$ keywords. 2004-03-21 14:21:22 +00:00
Guus Sliepen
e88ea7277a Small fixes in documentation. 2003-10-11 14:42:30 +00:00
Guus Sliepen
e33307fc9f Update documentation. 2003-10-09 21:33:15 +00:00
Guus Sliepen
9b579eb9ff Update documentation. 2003-08-09 00:53:22 +00:00
Guus Sliepen
0c2256670f Remove unused stuff from doc/.
Let configure update pathnames in documentation.
2003-08-08 14:07:12 +00:00
Guus Sliepen
e20ac7b52d Typo and another thing to think about. 2003-08-02 22:01:50 +00:00
Guus Sliepen
92938c07b1 Explain how tinc detaches and how it is "killed" under Windows. 2003-08-02 21:55:12 +00:00
Guus Sliepen
63568bb6bc Update documentation and remove stuff that's too outdated. 2003-07-30 09:22:29 +00:00
Guus Sliepen
c96900f378 Add section about configuring Cygwin and CIPE on Windows. 2003-07-21 19:58:58 +00:00
Guus Sliepen
5db596c684 Simplify logging, update copyrights and some minor cleanups. 2003-07-12 17:41:48 +00:00
Guus Sliepen
8bfa554af9 There are two lzo compression levels. 2003-06-12 11:08:40 +00:00
Guus Sliepen
9279b3c699 Update documentation. 2003-06-11 20:18:48 +00:00
Guus Sliepen
f238c209f4 Fix links. 2003-05-17 22:12:52 +00:00
Guus Sliepen
4c88ff86bc PrivateKeyFile instead of PrivateKey. 2002-12-27 19:32:33 +00:00
Guus Sliepen
07db46a44f Add documentation for BindToAddress. 2002-10-07 07:32:31 +00:00
Guus Sliepen
1dcbdf48eb Update documentation. 2002-09-15 22:19:38 +00:00
Guus Sliepen
9f370893fa Don't bother to chown, and correctly document ConnectTo. 2002-07-16 13:18:27 +00:00
Guus Sliepen
627f7c22b4 s/sliepen.warande.net/sliepen.eu.org/g
s/itimmermans@bigfoot.com/ivo@o2w.nl/g
2002-06-21 10:11:37 +00:00
Guus Sliepen
3a3adf5b69 Add configuration details for NetBSD and Darwin (MacOS/X). 2002-06-12 13:45:23 +00:00
Guus Sliepen
b1322d244f masklength is better known as prefixlength 2002-04-09 11:43:29 +00:00
Guus Sliepen
efd29fde85 Small updates. 2002-03-27 15:26:29 +00:00
Guus Sliepen
e2238047d3 Small correction. 2002-03-26 13:19:56 +00:00
Guus Sliepen
a0c1696515 Tell a little bit more about security. 2002-03-25 15:12:09 +00:00
Guus Sliepen
89a2f761a6 Updated documentation. 2002-03-25 15:01:32 +00:00
Guus Sliepen
ab90fa9bd1 Document and clean up MAC address expiry. 2002-03-01 14:25:10 +00:00
Guus Sliepen
0c879b8eee Updated documentation. 2002-03-01 13:38:02 +00:00
Guus Sliepen
c2b9c06062 - Non-blocking connect()s.
- Socket handling revamped to use sockaddr_t.
- tinc can now tunnel over IPv6.
- Handle all addresses and subnets in network byte order.
  Only convert them when they need to be printed.
- IPv6 subnets bigger than /128 now work.
- Use %s and strerror(errno) instead of %m.
2002-02-18 16:25:19 +00:00
Guus Sliepen
d9a62c6354 Added support for packet compression, thanks to Mark Glines.
Add "Compression = <level>" to the host config files, where level can be
0 (off), or any integer between 1 (fast) and 9 (best).
2002-02-11 15:59:18 +00:00
Guus Sliepen
f0aa9641e8 Merging of the entire pre5 branch. 2002-02-10 21:57:54 +00:00
Guus Sliepen
f0c64a3dac Merged PROTOCOL, NETWORK and SECURITY2 with the texinfo manual. 2001-05-25 12:45:37 +00:00
Guus Sliepen
6e09c2a99c Small corrections to the manuals. 2001-05-25 10:06:13 +00:00
Guus Sliepen
3360c6270b More revisions to the documentation:
- Removed cruft
- Reordered some sections to make it more logical for the beginner
- Added small examples and hints about configuration files
2001-05-24 20:24:12 +00:00
Guus Sliepen
6f7f8659a2 - Make sure correct information is supplied for both old kernels (with
ethertap) and for new kernels (with TUN/TAP driver).
- Revised example configuration and made it conform to latest (CVS) version of
  tinc.
2001-05-19 15:50:51 +00:00
Ivo Timmermans
a73ec9caa4 Fixed some errors 2001-01-18 13:00:57 +00:00
Ivo Timmermans
1d898e00a9 Merged documentation with various updates I had lying around 2001-01-17 01:40:46 +00:00
Guus Sliepen
d3f889c807 - It's 2001, all copyright notices are updated. 2001-01-07 17:09:07 +00:00
Guus Sliepen
3d7289cf74 - Updated texinfo manual. 2001-01-06 20:02:21 +00:00
Ivo Timmermans
6ddc9109d7 Massive long awaited documentation update. It's not finished yet,
most notably the example configuration is still old.
2000-12-05 08:54:22 +00:00
Ivo Timmermans
8fe83e98da All full stops have two spaces after them. (Silly commit, I know.) 2000-11-30 23:39:55 +00:00
Ivo Timmermans
edb9b4cad0 Explain how to tell configure where OpenSSL lives. 2000-11-24 14:13:51 +00:00
Ivo Timmermans
6e27618708 Updates, updates 2000-11-09 21:29:58 +00:00
Ivo Timmermans
1b11bcb012 Added a perl example to turn an IP address into a MAC address. 2000-11-02 21:34:45 +00:00
Ivo Timmermans
97ce045189 Add CVS id lines 2000-10-14 22:22:06 +00:00
Ivo Timmermans
2e159d0139 Fix `Requirements'-section for GMP and OpenSSL libraries. 2000-10-14 22:17:29 +00:00
Ivo Timmermans
676b1c0ea1 Many updates, parts rewritten, added, shuffled around. 2000-09-27 20:32:29 +00:00
Ivo Timmermans
74157d3f45 Correct filenames for passphrases given in the example 2000-09-10 18:37:46 +00:00
Guus Sliepen
d3f41b803b Updated the manual:
- incorporated comments from Stefan Hartsuiker
- updated configuration variables section
- added some text about key types
2000-08-18 14:45:38 +00:00
Guus Sliepen
4d71de15e8 Documentation updates. Removed all references to configuration variable
"AllowConnect", since it is NOT used in tinc. Added information about
"VpnMask". Elaborated a bit about "private" and "virtual" networks.
2000-05-27 13:21:20 +00:00
Guus Sliepen
ee96ccabbb Cleanups. 2000-05-14 12:22:42 +00:00
Ivo Timmermans
12adf1af54 Deleted the protocol description. 2000-05-12 13:31:00 +00:00
Ivo Timmermans
4dbf7022a2 More updates wrt. the change from tincd->tinc. 2000-04-29 13:56:06 +00:00
Ivo Timmermans
d0ea9c8ff2 Add an entry to dir. 2000-04-26 22:42:15 +00:00
Ivo Timmermans
24ee68b683 Spelling fixes. 2000-04-25 10:40:08 +00:00
Ivo Timmermans
7c665712d6 Changes largely from Mads Kiilerich.
Removed section about encryption.
2000-04-25 01:45:34 +00:00
Ivo Timmermans
1243156a5e Initial revision 2000-03-26 00:33:07 +00:00