diff options
author | Daniel Borkmann <dborkman@redhat.com> | 2013-05-21 17:36:53 +0200 |
---|---|---|
committer | Daniel Borkmann <dborkman@redhat.com> | 2013-05-21 17:36:53 +0200 |
commit | 18da275c77faad06937207ceb0dbd71bb5f2dff1 (patch) | |
tree | be5bf192ecf4ce036cd61de78090acc1e9871d11 | |
parent | cddb6ff98c5db3570853feda302065b89a963863 (diff) |
man: curvetun: add option and usage example section
This patch implements the option and usage examples of curvetun.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
-rw-r--r-- | curvetun.8 | 84 |
1 files changed, 81 insertions, 3 deletions
@@ -4,7 +4,7 @@ .PP .TH CURVETUN 8 "03 March 2013" "Linux" "netsniff-ng toolkit" .SH NAME -curvetun \- a lightweight Curve25519 IP tunnel +curvetun \- a lightweight curve25519 ip4/6 tunnel .PP .SH SYNOPSIS .PP @@ -50,7 +50,85 @@ Telex, anti-censorship in the network infrastructure .PP .SH OPTIONS .PP -todo FIXME +.SS -d <tundev>, --dev <tundev> +Defines the name of the tunnel device that is being created. If this option +is not set, then the default names for curves{0,1,2,..} for a curvetun server +and curvec{0,1,2,...} for a curvetun client are used. +.PP +.SS -p <num>, --port <num> +Defines the port the curvetun server should listen on. There is no default port +for curvetun in general, so setting this option for server bootstrap is +mandatory. This option is for servers only. +.PP +.SS -t <server>, --stun <server> +If needed, this options enables an STUN lookup in order to show public IP/port +mapping and to punch a hole into the firewall. In case you are unsure what STUN +server to use, simply use ``--stun stunserver.org''. +.PP +.SS -c[=alias], --client[=alias] +Starts curvetun in client mode and connects to the given connection alias that is +defined in the configuration file. +.PP +.SS -k, --keygen +Generate private and public keypair. If not done yet, this must be done +initially. +.PP +.SS -x, --export +Export our user and key combination to stdout as a one-liner. +.PP +.SS -C, --dumpc +Dump all known clients that may connect to the local curvetun server +and exit. +.PP +.SS -S, --dumps +Dump all known servers we as a client can connect to, and exit. +.PP +.SS -D, --nofork +Do not fork off as a client or server on startup. +.PP +.SS -s, --server +Starts curvetun in server mode. Additional parameters are needed, at least +the definition of the port clients can connect to. +.PP +.SS -N, --no-logging +Disable all curvetun logging of possible user information. This can +be used for having curvetun users connect more anonymously. This option +is for servers only. +.PP +.SS -u, --udp +Use UDP as a carrier protocol instead of TCP. By default TCP is the +carrier protocol. This option is for servers only. +.PP +.SS -4, --ipv4 +Defines IPv4 as the underlying network protocol to be used on the tunnel +device. IPv4 is default. This option is for servers only. +.PP +.SS -6, --ipv6 +Defines IPv6 as the underlying network protocol to be used on the tunnel +device. This option is for servers only. +.PP +.SS -v, --version +Show version information and exit. +.PP +.SS -h, --help +Show user help and exit. +.PP +.SH USAGE EXAMPLE +.PP +.SS curvetun --server -4 -u -N --port 6666 --stun stunserver.org +Starts curvetun in server mode with IPv4 as network protocol and UDP as a transport +carrier protocol. The curvetun server listens for incoming connections on port 6666 +and performs an STUN lookup on startup to stunserver.org. +.PP +.SS curvetun --client=ethz +Starts curvetun in client mode and connects to the defined connection alias ``ethz'' +that is defined in the curvetun ~/.curvetun/servers configuration. +.PP +.SS curvetun --keygen +Generates initial keypairs and stores them in ~/.curvetun/. +.PP +.SS curvetun --export +Exports your user data to stdout for configuration of a curvetun server. .PP .SH CRYPTOGRAPHY Encrypted IP tunnels are often used to create virtual private networks (VPN), @@ -138,7 +216,7 @@ NaCl: Networking and Cryptography library \%http://nacl.cr.yp.to/ .RE .PP -.SH SETUP EXAMPLE +.SH SETUP HOWTO If you've never run curvetun before, you need to do an initial setup once. .PP First, make sure that the servers and clients clocks are periodically |