### -*-sh-*- ### ### This file is sourced as a Bourne shell script by tripe's startup script. ### There are vaguely sane defaults. ## The directory you want tripe to work in. This is where it will search for ## keyrings, and where its admin socket and logfile are kept. The default is ## the CONFIGDIR established at `configure' time, via the `--with-configdir' ## option. ## #TRIPEDIR=/etc/tripe ## The tag or type of the private key to use. This is usually `tripe'; the ## default is to try both `tripe' or `tripe-dh', in that order. ## #keytag=tripe ## The address you want tripe to bind to. By default, tripe will accept ## packets to any address acceptable to the host, and send packets from the ## most appropriate address for the destination; setting this means it will ## (a) only accept packets destined for the named address, and (b) send ## packets from the named address. The latter is probably more useful. ## #addr=MYHOST ## The UDP port you want tripe to use. The default is 4070, which is ## officially allocated by the IANA. If you explicitly specify port 0 then ## tripe gets the kernel to choose a port it's not using right now, and you ## have to dig it out by saying `tripectl port'. ## #port=4070 ## The tunnel device you want tripe to use. The default is to use a system- ## specific device, if there's one compiled in, or SLIP if not. ## #tunnel=slip ## The user to run as once tripe has initialized. TrIPE keeps a separate ## process running as `root' specifically to open new tunnel devices, but ## this doesn't work for SLIP devices; in this case, you must ensure that the ## user (and/or group) you choose has sufficient privileges to request new ## SLIP tunnels -- or acquires sufficient tunnels at startup time. The ## default is not to change user. ## #user=tripe ## The group to run as once tripe has initialized. See caveats for `user' ## above. The default is not to change group. ## #group=tripe ## The permissions to set on the administration socket. The default is 600, ## which allows only the configured user to connect. Setting 660 allows ## all members of the group to administer the server, which might be useful. ## Setting this to 666 is probably a really bad idea. #sockmode=600 ## Trace options to pass to tripe. The default is no tracing. The setting ## `A-cp' gives maxmimum possible verbosity without leaking important ## secrets. ## #trace=A-cp ## Any other options to pass on to tripectl. (If you want to pass options on ## to the tripe server itself, you'll need to put -SARG,ARG,... in here.) ## The default is not to pass additional options. ## #miscopts= ## Logfile to write to. The default is determined by the `--with-logfile' ## configure option, which defaults to `./tripe.log' (relative to ## $TRIPEDIR). This may be set to `-' to write the log to stdout, or `!' to ## write to stderr. ## #logfile=/var/log/tripe ## Whether to write a log to syslog. If this is something other than `nil', ## then logs are written to syslog. If `syslogp' is non-nil and `logfile' ## above is unset then no logs are written to files. #syslogp=nil ## Where to put tripectl's pidfile when it starts up. The default is ## determined by the `--with-pidfile' configure option, which defaults to ## `./tripectl.pid' (relative to $TRIPEDIR). ## #pidfile=/var/run/tripectl.pid ## How to open SLIP interfaces. The value is a sequece of zero or more ## static allocations, followed optionally by the name of a dynamic ## allocation script, all separated by colons. A static allocation has the ## form `INFD[,OUTFD]=IFNAME', declaring that the interface IFNAME can be ## read from file descriptor INFD and written from file descriptor OUTFD ## (defaults to the same as INFD). The dynamic allocation script name must ## begin with `/' or `.' (interpreted relative to $TRIPEDIR); the script must ## write an interface name to standard output followed by a newline, and ## thereafter speak SLIP over standard input/output; stdin will be closed ## (and the script process sent SIGTERM) when the interface is no longer ## needed. ## #TRIPE_SLIPIF=