X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=doc%2Ftinc.conf.5.in;h=6897ba6e5deee1c17ace8b69bb04d1bc908b6afc;hb=01cb1961eac33de9e9d9cecd0910850a2cb549c3;hp=53440a1184115afe28b392acea5908691469d8a9;hpb=e88b3fb52fb375cd8ab233a671f38ed2240ed828;p=tinc

diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in
index 53440a11..6897ba6e 100644
--- a/doc/tinc.conf.5.in
+++ b/doc/tinc.conf.5.in
@@ -114,7 +114,7 @@ If
 .Qq any
 is selected, then depending on the operating system both IPv4 and IPv6 or just
 IPv6 listening sockets will be created.
-.It Va AutoConnect Li = yes | no Po no Pc Bq experimental
+.It Va AutoConnect Li = yes | no Po yes
 If set to yes,
 .Nm tinc
 will automatically set up meta connections to other nodes,
@@ -177,7 +177,7 @@ line).
 .Pp
 If you don't specify a host with
 .Va ConnectTo
-and don't enable
+and have disabled
 .Va AutoConnect ,
 .Nm tinc
 won't try to connect to other daemons at all,
@@ -242,7 +242,7 @@ Packets received for the local node are written to it.
 Create a UNIX socket with the filename specified by
 .Va Device ,
 or
-.Pa @localstatedir@/run/ Ns Ar NETNAME Ns Pa .umlsocket
+.Pa @runstatedir@/ Ns Ar NETNAME Ns Pa .umlsocket
 if not specified.
 .Nm tinc
 will wait for a User Mode Linux instance to connect to this socket.
@@ -251,7 +251,7 @@ Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
 using the UNIX socket specified by
 .Va Device ,
 or
-.Pa @localstatedir@/run/vde.ctl
+.Pa @runstatedir@/vde.ctl
 if not specified.
 .El
 Also, in case tinc does not seem to correctly interpret packets received from the virtual network device,
@@ -312,6 +312,10 @@ This is less efficient, but allows the kernel to apply its routing and firewall
 and can also help debugging.
 Incoming packets using the SPTPS protocol are dropped, since they are end-to-end encrypted.
 .El
+.It Va FWMark Li = Ar value Po 0 Pc Bq experimental
+When set to a non-zero value, all TCP and UDP sockets created by tinc will use the given value as the firewall mark.
+This can be used for mark-based routing or for packet filtering.
+This option is currently only supported on Linux.
 .It Va Hostnames Li = yes | no Pq no
 This option selects whether IP addresses (both real and on the VPN) should
 be resolved. Since DNS lookups are blocking, it might affect tinc's
@@ -788,7 +792,7 @@ its connection to the virtual network device.
 .It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /invitations/
 This directory contains outstanding invitations.
 .It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /invitation-data
-After a succesful join, this file contains a copy of the invitation data received.
+After a successful join, this file contains a copy of the invitation data received.
 .El
 .Sh SEE ALSO
 .Xr tincd 8 ,