X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/preload-hacks/blobdiff_plain/99413c3b70f13f34b66f1a4d528eed8d14349fd7..9111857cc67644ff89749d5919647b38033bb6fd:/README

diff --git a/README b/README
index 980f5a4..4abb92c 100644
--- a/README
+++ b/README
@@ -180,37 +180,33 @@ noip
 	## standard configuration
 
 	## debug
-	realconnect +172.29.199.2:25
-	realconnect +172.29.199.2:53
-	realconnect +172.29.199.2:80
-	realconnect +172.29.199.2:3128
-	realconnect +127.0.0.1:6010-6020
-	realconnect -127.0.0.0/8
+	realconnect +127.0.0.1:6010-6020, +[::1]:6010-6020
+	realconnect +127.0.0.1:53, +[::1]:53
+	realconnect +local:22
+	realconnect -127.0.0.0/8, -[::1]
 	realconnect -local
 
-	(172.29.199.2 is the IP address of the machine I took this
-	from.)  What this says is as follows.
+	What this says is as follows.
 
 	  * Don't produce debugging output, but let me turn it on easily
 	    if I feel the urge.
 
-	  * Allow direct connection to my SMTP server, on port 25.  (The
-	    `+' means `allow'.)
+	  * Allow conversations with SSH-forwarded X displays, which
+	    listen on the loopback interface.  Notice that the IPv6
+	    address must be enclosed in square brackets because colons
+	    are having to do double-duty here.
 
-	  * Allow conversations with my local DNS server.  (The noip
-	    hack is not particularly discriminating.  It replaces UDP
-	    sockets with Unix-domain datagram sockets, just as it
-	    replaces TCP sockets with Unix-domain stream sockets.)
+	  * Allow conversations with my local DNS server.  (I run
+	    `unbound' on all of my servers, to do DNSsec validation.
+	    The noip hack is not particularly discriminating.  It
+	    replaces UDP sockets with Unix-domain datagram sockets, just
+	    as it replaces TCP sockets with Unix-domain stream sockets.)
 
-	  * Allow conversations with my local web server.
-
-	  * Allow conversations with my local squid proxy.
-
-	  * Allow conversations with SSH-forwarded X displays.
+	  * Allow conversations with my local SSH server.
 
 	  * Don't allow any other communication with anything else on
 	    the loopback network 127.0.0.0/8.  (I've still no idea why
-	    each machine needs 16 million IP addresses for talking to
+	    each machine needs 16 million IPv4 addresses for talking to
 	    itself.  The `-' means `deny'.)
 
 	  * Don't allow any other communication with any of my other
@@ -261,6 +257,25 @@ noip
 	stuff that Emacs does magically find the SSH tunnel and work
 	without me having to care.
 
+  Testing
+
+	noip provides a handy way for testing network servers and so on
+	safely.  For a start, you can run your test server apparently on
+	the same port as the real one.  Because noip consults the
+	environment variable NOIP_SOCKETDIR to find out where to put its
+	sockets, you can run two at a time and they don't interfere.
+	And noip doesn't care what port numbers your program tries to
+	bind, so you don't need to jump through stupid hoops in order to
+	test programs which use `privileged' ports.
+
+  Other applications
+
+	There are certainly loads of handy things you can do with noip.
+	If you think of one, let me know!
+
+								Mark Wooding
+							mdw@distorted.org.uk
+
 
 Local variables:
 mode: text