X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2Ftincd.8;h=ec8a147db1d0f0819e2e38e9bf39582100a7b005;hp=6c47610537e352e6dd99b1ea94bf2ba8845c4a55;hb=63568bb6bca20b4d2b2068a6367084a273eabac8;hpb=f0aa9641e82fb6e09c1e485366d14dddaa7f7c36 diff --git a/doc/tincd.8 b/doc/tincd.8 index 6c476105..ec8a147d 100644 --- a/doc/tincd.8 +++ b/doc/tincd.8 @@ -1,22 +1,25 @@ -.Dd 2002-02-07 +.Dd 2002-03-25 .Dt TINCD 8 .\" Manual page created by: -.\" Ivo Timmermans -.\" Guus Sliepen +.\" Ivo Timmermans +.\" Guus Sliepen .Sh NAME .Nm tincd .Nd tinc VPN daemon .Sh SYNOPSIS .Nm -.Op Fl cdDkKn -.Op Fl -bypass-security +.Op Fl cdDkKnL .Op Fl -config Ns = Ns Ar DIR -.Op Fl -debug Ns = Ns Ar LEVEL +.Op Fl -no-detach +.Op Fl -debug Ns Op = Ns Ar LEVEL +.Op Fl -kill Ns Op = Ns Ar SIGNAL +.Op Fl -net Ns = Ns Ar NETNAME .Op Fl -generate-keys Ns Op = Ns Ar BITS +.Op Fl -mlock +.Op Fl -logfile Ns Op = Ns Ar FILE +.Op Fl -pidfile Ns = Ns Ar FILE +.Op Fl -bypass-security .Op Fl -help -.Op Fl -kill Ns = Ns Ar SIGNAL -.Op Fl -net Ns = Ns Ar NETNAME -.Op Fl -no-detach .Op Fl -version .Sh DESCRIPTION This is the daemon of tinc, a secure virtual private network (VPN) project. @@ -33,35 +36,49 @@ accepting and setting up connections to other tinc daemons that are part of the virtual private network. .Sh OPTIONS .Bl -tag -width indent -.It Fl -bypass-security -Disables encryption and authentication. -Only useful for debugging. .It Fl c, -config Ns = Ns Ar DIR Read configuration options from .Ar DIR . +.It Fl D, -no-detach +Don't fork and detach. +This will also disable the automatic restart mechanism for fatal errors. .It Fl d, -debug Ns Op = Ns Ar LEVEL Increase debug level or set it to .Ar LEVEL (see below). -.It Fl K, -generate-keys Ns Op = Ns Ar BITS -Generate public/private RSA keypair and exit. -If -.Ar BITS -is omitted, the default length will be 1024 bits. -.It Fl -help -Display short list of options. .It Fl k, -kill Ns Op = Ns Ar SIGNAL Attempt to kill a running .Nm (optionally with the specified .Ar SIGNAL -instead of SIGQUIT) and exit. +instead of SIGTERM) and exit. .It Fl n, -net Ns = Ns Ar NETNAME Connect to net .Ar NETNAME . -.It Fl D, -no-detach -Don't fork and detach. -This will also disable the automatic restart mechanism for fatal errors. +.It Fl K, -generate-keys Ns Op = Ns Ar BITS +Generate public/private RSA keypair and exit. +If +.Ar BITS +is omitted, the default length will be 1024 bits. +.It Fl L, -mlock +Lock tinc into main memory. +This will prevent sensitive data like shared private keys to be written to the system swap files/partitions. +.It Fl -logfile Ns Op = Ns Ar FILE +Write log entries to a file instead of to the system logging facility. +If +.Ar FILE +is omitted, the default is +.Pa /var/log/tinc. Ns Ar NETNAME Ns Pa .log. +.It Fl -pidfile Ns = Ns Ar FILE +Write PID to +.Ar FILE +instead of +.Pa /var/run/tinc. Ns Ar NETNAME Ns Pa .pid. +.It Fl -bypass-security +Disables encryption and authentication of the meta protocol. +Only useful for debugging. +.It Fl -help +Display short list of options. .It Fl -version Output version information and exit. .El @@ -80,7 +97,11 @@ and if didn't succeed to connect to an uplink the first time after it started, it defaults to the maximum time of 15 minutes. .It HUP -Closes all connections, rereads the configuration file and restarts the daemon. +Partially rereads configuration files. +Connections to hosts whose host config file are removed are closed. +New outgoing connections specified in +.Pa tinc.conf +will be made. .It INT Temporarily increases debug level to 5. Send this signal again to revert to the original level. @@ -130,6 +151,14 @@ Purpose is to cleanly shut down the virtual network device before it will be dea .It Pa /etc/tinc/ Ns Ar NETNAME Ns Pa /hosts/* The directory containing the host configuration files used to authenticate other tinc daemons. +.It Pa /etc/tinc/ Ns Ar NETNAME Ns Pa /hosts/ Ns Ar NAME Ns Pa -up +Script which is executed as soon as host +.Ar NAME +becomes reachable. +.It Pa /etc/tinc/ Ns Ar NETNAME Ns Pa /hosts/ Ns Ar NAME Ns Pa -down +Script which is executed as soon as host +.Ar NAME +becomes unreachable. .It Pa /var/run/tinc. Ns Ar NETNAME Ns Pa .pid The PID of the currently running .Nm @@ -137,12 +166,8 @@ is stored in this file. .El .Sh BUGS The -.Va BindToInterface , -.Va BindToIP , -.Va IndirectData -and -.Va TCPOnly -options may not work correctly. +.Va BindToInterface +option may not work correctly. .Pp .Sy The cryptography in tinc is not well tested yet. Use it at your own risk! .Pp @@ -164,7 +189,7 @@ tinc comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions; see the file COPYING for details. .Sh AUTHORS -.An "Ivo Timmermans" Aq itimmermans@bigfoot.com -.An "Guus Sliepen" Aq guus@sliepen.warande.net +.An "Ivo Timmermans" Aq ivo@o2w.nl +.An "Guus Sliepen" Aq guus@sliepen.eu.org .Pp And thanks to many others for their contributions to tinc!