This option controls the period the encryption keys used to encrypt the data are valid.
It is common practice to change keys at regular intervals to make it even harder for crackers,
even though it is thought to be nearly impossible to crack a single key.
+.It Va MACExpire Li = Ar period Pq 600
+This option controls the amount of time MAC addresses are kept before they are removed.
+This only has effect when
+.Va Mode
+is set to
+.Qq switch .
.It Va MaxTimeout Li = Ar period Pq 900
This is the maximum delay before trying to reconnect to other tinc daemons.
.It Va Mode Li = router | switch | hub Pq router
.It hub
This mode is almost the same as the switch mode, but instead
every packet will be broadcast to the other daemons
-while no routing table is created.
+while no routing table is managed.
.El
.It Va Name Li = Ar name Bq required
This is the name which identifies this tinc daemon.
\input texinfo @c -*-texinfo-*-
-@c $Id: tinc.texi,v 1.8.4.22 2002/03/01 13:38:02 guus Exp $
+@c $Id: tinc.texi,v 1.8.4.23 2002/03/01 14:25:10 guus Exp $
@c %**start of header
@setfilename tinc.info
@settitle tinc Manual
<itimmermans@@bigfoot.com>, Guus Sliepen <guus@@sliepen.warande.net> and
Wessel Dankers <wsl@@nl.linux.org>.
-$Id: tinc.texi,v 1.8.4.22 2002/03/01 13:38:02 guus Exp $
+$Id: tinc.texi,v 1.8.4.23 2002/03/01 14:25:10 guus Exp $
Permission is granted to make and distribute verbatim copies of this
manual provided the copyright notice and this permission notice are
<itimmermans@@bigfoot.com>, Guus Sliepen <guus@@sliepen.warande.net> and
Wessel Dankers <wsl@@nl.linux.org>.
-$Id: tinc.texi,v 1.8.4.22 2002/03/01 13:38:02 guus Exp $
+$Id: tinc.texi,v 1.8.4.23 2002/03/01 14:25:10 guus Exp $
Permission is granted to make and distribute verbatim copies of this
manual provided the copyright notice and this permission notice are
@cindex switch
@item switch
In this mode the MAC addresses of the packets on the VPN will be used to
-dynamically create a routing table just like a network switch does.
-Unicast, multicast and broadcast packets of every ethernet protocol are supported in this mode
+dynamically create a routing table just like an Ethernet switch does.
+Unicast, multicast and broadcast packets of every protocol that runs over Ethernet are supported in this mode
at the cost of frequent broadcast ARP requests and routing table updates.
@cindex hub
@item hub
-In this mode every packet will be broadcast to the other daemons.
+This mode is almost the same as the switch mode, but instead
+every packet will be broadcast to the other daemons
+while no routing table is managed.
@end table
@cindex KeyExpire
make it even harder for crackers, even though it is thought to be nearly
impossible to crack a single key.
+@cindex MACExpire
+@item MACExpire = <seconds> (600)
+This option controls the amount of time MAC addresses are kept before they are removed.
+This only has effect when Mode is set to "switch".
+
@cindex Name
@item @strong{Name = <name>}
This is a symbolic name for this connection. It can be anything
msgid ""
msgstr ""
"Project-Id-Version: tinc 1.0-cvs\n"
-"POT-Creation-Date: 2002-03-01 14:19+0100\n"
+"POT-Creation-Date: 2002-03-01 15:22+0100\n"
"PO-Revision-Date: 2002-03-01 14:19+0100\n"
"Last-Translator: Guus Sliepen <guus@sliepen.warande.net>\n"
"Language-Team: Dutch <vertaling@nl.linux.org>\n"
msgid "Metadata read buffer overflow for %s (%s)"
msgstr "Metadata leesbuffer overloop voor %s (%s)"
-#: src/net.c:114
+#: src/net.c:116
msgid "Purging unreachable nodes"
msgstr "Verwijderen onbereikbare nodes"
-#: src/net.c:124
+#: src/net.c:126
#, c-format
msgid "Purging node %s (%s)"
msgstr "Verwijdering node %s (%s)"
-#: src/net.c:178
+#: src/net.c:180
#, c-format
msgid "Closing connection with %s (%s)"
msgstr "Beƫindigen verbinding met %s (%s)"
-#: src/net.c:249
+#: src/net.c:248
#, c-format
msgid "%s (%s) didn't respond to PING"
msgstr "%s (%s) antwoordde niet op ping"
-#: src/net.c:262
+#: src/net.c:261
#, c-format
msgid "Timeout from %s (%s) during authentication"
msgstr "Timeout van %s (%s) tijdens authenticatie"
-#: src/net.c:315 src/net_socket.c:246
+#: src/net.c:314 src/net_socket.c:246
#, c-format
msgid "Error while connecting to %s (%s): %s"
msgstr "Fout tijdens schrijven naar %s (%s): %s"
-#: src/net.c:377
+#: src/net.c:378
#, c-format
msgid "Error while waiting for input: %s"
msgstr "Fout tijdens wachten op invoer: %s"
-#: src/net.c:411
+#: src/net.c:413
msgid "Regenerating symmetric key"
msgstr "Hergenereren symmetrische sleutel"
-#: src/net.c:428
+#: src/net.c:430
msgid "Flushing event queue"
msgstr "Legen taakrij"
-#: src/net.c:445
+#: src/net.c:447
msgid "Rereading configuration file and restarting in 5 seconds"
msgstr "Herlezen configuratiebestand en herstart in 5 seconden"
-#: src/net.c:452
+#: src/net.c:454
msgid "Unable to reread configuration file, exiting"
msgstr "Kan configuratiebestand niet herlezen, beƫindigen"
msgstr "Instellen prioriteit uitgaand pakket op %d"
#. SO_PRIORITY doesn't seem to work
-#: src/net_packet.c:270 src/net_setup.c:476 src/net_socket.c:99
+#: src/net_packet.c:270 src/net_setup.c:479 src/net_socket.c:99
#: src/net_socket.c:138 src/net_socket.c:165 src/process.c:258
#: src/process.c:293
#, c-format
msgid "Invalid routing mode!"
msgstr "Ongeldige routing modus!"
-#: src/net_setup.c:335
+#: src/net_setup.c:338
msgid "Bogus maximum timeout!"
msgstr "Onzinnige maximum timeout!"
-#: src/net_setup.c:352
+#: src/net_setup.c:355
msgid "Invalid address family!"
msgstr "Ongeldige adresfamilie!"
-#: src/net_setup.c:374
+#: src/net_setup.c:377
msgid "Unrecognized cipher type!"
msgstr "Onbekend cipher type!"
-#: src/net_setup.c:409
+#: src/net_setup.c:412
msgid "Unrecognized digest type!"
msgstr "Onbekend digest type!"
-#: src/net_setup.c:425
+#: src/net_setup.c:428
msgid "MAC length exceeds size of digest!"
msgstr "MAC lengte is groter dan dat van digest!"
-#: src/net_setup.c:430
+#: src/net_setup.c:433
msgid "Bogus MAC length!"
msgstr "Onzinnige MAC lengte!"
-#: src/net_setup.c:446
+#: src/net_setup.c:449
msgid "Bogus compression level!"
msgstr "Onzinnig compressieniveau!"
-#: src/net_setup.c:491
+#: src/net_setup.c:494
#, c-format
msgid "Listening on %s"
msgstr "Luisterend op %s"
-#: src/net_setup.c:501
+#: src/net_setup.c:504
msgid "Ready"
msgstr "Gereed"
-#: src/net_setup.c:504
+#: src/net_setup.c:507
msgid "Unable to create any listening socket!"
msgstr "Kon geen enkele luistersocket aanmaken!"
msgid "Installing signal handler for signal %d (%s) failed: %s\n"
msgstr "Installeren van signaal afhandelaar voor signaal %d (%s) faalde: %s\n"
-#: src/route.c:70
+#: src/route.c:71
#, c-format
msgid "Learned new MAC address %hx:%hx:%hx:%hx:%hx:%hx"
msgstr "Nieuw MAC adres %hx:%hx:%hx:%hx:%hx:%hx geleerd"
-#: src/route.c:120
+#: src/route.c:104
+#, c-format
+msgid "MAC address %hx:%hx:%hx:%hx:%hx:%hx expired"
+msgstr "MAC adres %hx:%hx:%hx:%hx:%hx:%hx verlopen"
+
+#: src/route.c:149
#, c-format
msgid "Cannot route packet: unknown IPv4 destination address %d.%d.%d.%d"
msgstr "Kan pakket niet routeren: onbekend IPv4 doeladres %d.%d.%d.%d"
-#: src/route.c:140
+#: src/route.c:169
#, c-format
msgid ""
"Cannot route packet: unknown IPv6 destination address %hx:%hx:%hx:%hx:%hx:%"
"Kan pakket niet routeren: onbekend IPv6 doeladres %hx:%hx:%hx:%hx:%hx:%hx:%"
"hx:%hx"
-#: src/route.c:184
+#: src/route.c:213
msgid "Cannot route packet: received unknown type ARP request"
msgstr "Kan pakket niet routeren: ontvangst van onbekend type ARP verzoek"
-#: src/route.c:197
+#: src/route.c:226
#, c-format
msgid "Cannot route packet: ARP request for unknown address %d.%d.%d.%d"
msgstr "Kan pakket niet routeren: ARP verzoek voor onbekend adres %d.%d.%d.%d"
-#: src/route.c:249
+#: src/route.c:278
#, c-format
msgid "Cannot route packet: unknown type %hx"
msgstr "Kan pakket niet routeren: onbekend type %hx"
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: net.c,v 1.35.4.160 2002/03/01 14:09:31 guus Exp $
+ $Id: net.c,v 1.35.4.161 2002/03/01 14:25:10 guus Exp $
*/
#include "config.h"
check_dead_connections();
last_ping_check = now;
- if(routing_mode != RMODE_ROUTER)
+ if(routing_mode== RMODE_SWITCH)
age_mac();
/* Should we regenerate our key? */
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: route.c,v 1.1.2.26 2002/03/01 14:09:31 guus Exp $
+ $Id: route.c,v 1.1.2.27 2002/03/01 14:25:10 guus Exp $
*/
#include "config.h"
s = (subnet_t *)node->data;
if(s->type == SUBNET_MAC && s->net.mac.lastseen && s->net.mac.lastseen + macexpire < now)
{
+ if(debug_lvl >= DEBUG_TRAFFIC)
+ syslog(LOG_INFO, _("MAC address %hx:%hx:%hx:%hx:%hx:%hx expired"),
+ s->net.mac.address.x[0], s->net.mac.address.x[1], s->net.mac.address.x[2], s->net.mac.address.x[3], s->net.mac.address.x[4], s->net.mac.address.x[5]);
for(node2 = connection_tree->head; node2; node2 = node2->next)
{
c = (connection_t *)node2->data;
projects / tinc / commitdiff