X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=README.config;h=842573cd6a153ca9d9f1e1f7041a2c066e8ea468;hb=5043eb307adeee7824f70edafb12e9bc3046a986;hp=04d94caaeacddd5719eb143e73e29ba543126f6f;hpb=74934d63b06bf4fc045ac9aabac381cedfe9f10f;p=hippotat.git diff --git a/README.config b/README.config index 04d94ca..842573c 100644 --- a/README.config +++ b/README.config @@ -4,8 +4,8 @@ Sections [ - ] [] - [] usually [SERVER] - [DEFAULT] + [] often [SERVER] + [COMMON] Keys are looked up in that order, unless otherwise specified. is the client's virtual address. @@ -15,13 +15,13 @@ Exceptional settings: server Specifies . - Is looked up in [SERVER] and [DEFAULT] only. + Is looked up in [SERVER] and [COMMON] only. If not specified there, it is SERVER. Used by server to select the appropriate parts of the rest of the configuration. Ignored by the client. - password + secret Looked up in the usual way, but used by client and server to determine which possible peerings to try to set up, and which to ignore. @@ -32,19 +32,19 @@ Exceptional settings: (LIMIT sections do not count.) The server queue packets for, and accept requests from, each - putative client for which the config search yields a password. + putative client for which the config search yields a secret. Each client will create a local interface, and try to communicate with the server, for each possible pair (putative server, - putative client) for which the config search yields a password. + putative client) for which the config search yields a secret. ipif Command to run to create and communicate with local network interface. Passed to sh -c. Must speak SLIP on stdin/stdout. The following additional interpolations aare substituted: - %(local)s %(peer)s %(rnet)s - on server - on client + %(local)s %(peer)s %(rnet)s %(ifname)s + on server + on client ["userv root ipif %(local)s,%(peer)s,%(mtu)s,slip %(rnets)s"] On server: applies to all clients; not looked up in @@ -54,7 +54,7 @@ Exceptional settings: Capped settings: Values in [ LIMIT] and [LIMIT] are a cap (maximum) on - those from the other sections (including DEFAULT). + those from the other sections (including COMMON). max_batch_down Size limit for response payloads (used by server only) @@ -116,6 +116,22 @@ Ordinary settings, used by both, not client-specific: mtu Must match exactly. (UNCHECKED) [1500 bytes] + ifname_server + Virtual interface name on the server. [shippo%d] + ifname_client + Virtual interface name on the client. [hippo%d] + Any %d is interpolated (by the kernel). + +Ordinary settings, used by server only: + + max_clock_skew + Permissible clock skew between client and server. + hippotat will not work if clock skew is more than this. + Conversely: when moving client from one public network to + another, the first network can deny service to the client for + this period after the client leaves the first network. + [300s] + Ordinary settings, used by client only: http_timeout_grace