and on Linux, unless specified otherwise, the name of the virtual network interface will be the same as the network name.
However, it is not strictly necessary that you call tinc with the -n
-option. If you don not use it, the network name will just be empty, and
+option. If you do not use it, the network name will just be empty, and
tinc will look for files in @file{@value{sysconfdir}/tinc/} instead of
@file{@value{sysconfdir}/tinc/@var{netname}/};
the configuration file will then be @file{@value{sysconfdir}/tinc/tinc.conf},
If set to zero, the default buffer size will be used by the operating system.
Note: this setting can have a significant impact on performance, especially raw throughput.
+@cindex UPnP
+@item UPnP = <yes|udponly|no> (no)
+If this option is enabled then tinc will search for UPnP-IGD devices on the local network.
+It will then create and maintain port mappings for tinc's listening TCP and UDP ports.
+If set to "udponly", tinc will only create a mapping for its UDP (data) port, not for its TCP (metaconnection) port.
+Note that tinc must have been built with miniupnpc support for this feature to be available.
+Furthermore, be advised that enabling this can have security implications, because the miniupnpc library that
+tinc uses might not be well-hardened with regard to malicious UPnP replies.
+
+@cindex UPnPDiscoverWait
+@item UPnPDiscoverWait = <seconds> (5)
+The amount of time to wait for replies when probing the local network for UPnP devices.
+
+@cindex UPnPRefreshPeriod
+@item UPnPRefreshPeriod = <seconds> (5)
+How often tinc will re-add the port mapping, in case it gets reset on the UPnP device.
+This also controls the duration of the port mapping itself, which will be set to twice that duration.
+
@end table
Most problems must be corrected by the user itself, however in some cases (like file permissions and missing public keys),
tinc will ask if it should fix the problem.
+@cindex sign
+@item sign [@var{filename}]
+Sign a file with the local node's private key.
+If no @var{filename} is given, the file is read from standard input.
+The signed file is written to standard output.
+
+@cindex verify
+@item verify @var{name} [@var{filename}]
+
+Check the signature of a file against a node's public key.
+The @var{name} of the node must be given,
+or can be "." to check against the local node's public key,
+or "*" to allow a signature from any node whose public key is known.
+If no @var{filename} is given, the file is read from standard input.
+If the verification is succesful, a copy of the input with the signature removed is written to standard output, and the exit code will be zero.
+If the verification failed, nothing will be written to standard output, and the exit code will be non-zero.
+
@end table
@c ==================================================================
projects / tinc / blobdiff