X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=README;h=255892d9eebb32cf9d336e2c57d3bfc8c1f12852;hb=8dea8d37a13fcc615daba3375809900f04a2e5a2;hp=35041831e5e83b17a39eec71129b44fbcb05484c;hpb=3454dce4c6909648b711a59b57c5a527036b2a8e;p=secnet.git diff --git a/README b/README index 3504183..255892d 100644 --- a/README +++ b/README @@ -1,5 +1,20 @@ secnet - flexible VPN software +* Copying + +secnet is Copyright (C) 1995--2001 Stephen Early +It is distributed under the terms of the GNU General Public License, +version 2 or later. See the file COPYING for more information. + +The portable snprintf implementation in snprintf.c is Copyright (C) +1999 Mark Martinec and is distributed under the +terms of the Frontier Artistic License. You can find the standard +version of snprintf.c at http://www.ijs.si/software/snprintf/ + +The IP address handling library in ipaddr.py is Copyright (C) +1996--2000 Cendio Systems AB, and is distributed under the terms of +the GPL. + * Introduction secnet allows large virtual private networks to be constructed @@ -165,13 +180,65 @@ Defines: udp: dict argument port (integer): UDP port to listen and send on buffer (buffer closure): buffer for incoming packets + authbind (string): optional, path to authbind-helper program -** util +** log Defines: logfile (closure => log closure) + syslog (closure => log closure) + +logfile: dict argument + filename (string): where to log to + class (string list): what type of messages to log + { "debug-config", M_DEBUG_CONFIG }, + { "debug-phase", M_DEBUG_PHASE }, + { "debug", M_DEBUG }, + { "all-debug", M_DEBUG|M_DEBUG_PHASE|M_DEBUG_CONFIG }, + { "info", M_INFO }, + { "notice", M_NOTICE }, + { "warning", M_WARNING }, + { "error", M_ERROR }, + { "security", M_SECURITY }, + { "fatal", M_FATAL }, + { "default", M_WARNING|M_ERROR|M_SECURITY|M_FATAL }, + { "verbose", M_INFO|M_NOTICE|M_WARNING|M_ERROR|M_SECURITY|M_FATAL }, + { "quiet", M_FATAL } + +logfile will close and reopen its file upon receipt of SIGHUP. + +syslog: dict argument + ident (string): include this string in every log message + facility (string): facility to log as + { "authpriv", LOG_AUTHPRIV }, + { "cron", LOG_CRON }, + { "daemon", LOG_DAEMON }, + { "kern", LOG_KERN }, + { "local0", LOG_LOCAL0 }, + { "local1", LOG_LOCAL1 }, + { "local2", LOG_LOCAL2 }, + { "local3", LOG_LOCAL3 }, + { "local4", LOG_LOCAL4 }, + { "local5", LOG_LOCAL5 }, + { "local6", LOG_LOCAL6 }, + { "local7", LOG_LOCAL7 }, + { "lpr", LOG_LPR }, + { "mail", LOG_MAIL }, + { "news", LOG_NEWS }, + { "syslog", LOG_SYSLOG }, + { "user", LOG_USER }, + { "uucp", LOG_UUCP } + +** util + +Defines: sysbuffer (closure => buffer closure) +sysbuffer: integer[,dict] + arg1: buffer length + arg2: options: + lockdown (boolean): if True, mlock() the buffer + ** site Defines: @@ -239,8 +306,16 @@ null-netlink: dict argument by any remote site using this netlink device local-address (string): IP address of host's tunnel interface secnet-address (string): IP address of this netlink device + ptp-address (string): IP address of the other end of a point-to-point link mtu (integer): MTU of host's tunnel interface +Only one of secnet-address or ptp-address may be specified. If +point-to-point mode is in use then precisely one tunnel must register +with the netlink device. + +Netlink will dump its current routing table to the system/log on +receipt of SIGUSR1. + ** slip Defines: @@ -276,6 +351,9 @@ tun-old: dict argument route-path (string): optional, path to route command plus generic netlink options, as for 'null-netlink' + I recommend you don't specify the 'interface' option unless you're + doing something that requires the interface name to be constant. + ** rsa Defines: @@ -309,3 +387,21 @@ Defines: Defines: sha1 (hash closure) + +** conffile + +Defines: + makelist (dictionary => list of definitions) + readfile (string => string) + map (closure,list => list) + +makelist: dictionary + returns a list consisting of the definitions in the dictionary. The keys + are discarded. + +readfile: string + reads the named file and returns its contents as a string + +map: + applies the closure specified as arg1 to each of the elements in the list. + Returns a list made up of the outputs of the closure.