X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/preload-hacks/blobdiff_plain/0a6ab6a1d1582739baebed08932cb89878c38a65..54ef96bf3ee587718974b094f64fbff1301cc997:/noip.1

diff --git a/noip.1 b/noip.1
index 8687958..f4598da 100644
--- a/noip.1
+++ b/noip.1
@@ -86,8 +86,8 @@ is set, then the file it names is read instead (assuming it exists; if
 it doesn't, no configuration is read).
 .PP
 The configuration file has a simple line-based format.  A line is
-ignored if it consists only of whitespace, or if its first whitespace
-character is
+ignored if it consists only of whitespace, or if its first
+non-whitespace character is
 .RB ` # '.
 Otherwise, the first whitespace-delimited word is a keyword and the
 remainder of the line is a value.  The following keywords are
@@ -123,9 +123,10 @@ variable
 can also be used to control which ports are assigned automatically.
 .TP
 .BI "realbind " acl-entry
-Add an entry to the
+Add a comma-separated list of entries to the
 .B realbind
-access control list (ACL).  When a program attempts to
+access control list (ACL).  (See below for the format of an ACL entry.)
+When a program attempts to
 .BR bind (2)
 a socket to an address, the
 .B realbind
@@ -148,9 +149,10 @@ are also put at the end (before the
 rules), though this may change later.
 .TP
 .BI "realconnect " acl-entry
-Add an entry to the
+Add a comma-separated list of entries to the
 .B realconnect
-access control list (ACL).  When a program attempts to
+access control list (ACL).  (See below for the format of an ACL entry.)
+When a program attempts to
 .BR connect (2)
 a socket to an address, or to contact another socket using
 .BR sendto (2)
@@ -175,7 +177,7 @@ rules are appended on the end.  Currently, the rules in
 are also put at the end (before the
 .B _AFTER
 rules), though this may change later.
-.PP
+.IP
 (Aside: An attempt to connect to a remote host may not be a hopeless failure,
 even if a real IP socket is denied:
 .B noip
@@ -183,6 +185,46 @@ deliberately makes no attempt to check that addresses being bound to
 sockets correspond to locally available addresses; and besides, sockets
 can be introduced into the directory by other programs simulating remote
 servers.)
+.TP
+.BI "impbind " bind-rule
+Add a comma-separated list of entries to the implicit-bind rule list.
+When a program attempts to transmit from a socket \(en e.g., with
+.BR connect (2),
+.BR sendto (2), or
+.BR sendmsg (2)
+\(en without binding its local address first,
+.B noip
+consults this list to decide on the correct local address to assign.
+Each entry in the list has the form
+.RS
+.IP
+.I address-range
+.IR address | \c
+.B same
+.PP
+The rules are tried in order: if the remote address matches (in the same
+way as in an ACL entry) the address range on the left side of the rule,
+then the socket is bound to the address from the right side; if the
+address on the right is
+.B same
+then the remote address is used.
+.PP
+Three environment variables
+are consulted too:
+.BR NOIP_IMPBIND_BEFORE ,
+.BR NOIP_IMPBIND ,
+and
+.BR NOIP_IMPBIND_AFTER .
+The
+.B _BEFORE
+rules are inserted at the front of the list; the
+.B _AFTER
+rules are appended on the end.  Currently, the rules in
+.B NOIP_IMPBIND
+are also put at the end (before the
+.B _AFTER
+rules), though this may change later.
+.RE
 .PP
 An
 .I acl-entry