summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Borkmann <dborkman@redhat.com>2013-05-21 17:36:53 +0200
committerDaniel Borkmann <dborkman@redhat.com>2013-05-21 17:36:53 +0200
commit18da275c77faad06937207ceb0dbd71bb5f2dff1 (patch)
treebe5bf192ecf4ce036cd61de78090acc1e9871d11
parentcddb6ff98c5db3570853feda302065b89a963863 (diff)
man: curvetun: add option and usage example section
This patch implements the option and usage examples of curvetun. Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
-rw-r--r--curvetun.884
1 files changed, 81 insertions, 3 deletions
diff --git a/curvetun.8 b/curvetun.8
index 9671afc..c547ce5 100644
--- a/curvetun.8
+++ b/curvetun.8
@@ -4,7 +4,7 @@
.PP
.TH CURVETUN 8 "03 March 2013" "Linux" "netsniff-ng toolkit"
.SH NAME
-curvetun \- a lightweight Curve25519 IP tunnel
+curvetun \- a lightweight curve25519 ip4/6 tunnel
.PP
.SH SYNOPSIS
.PP
@@ -50,7 +50,85 @@ Telex, anti-censorship in the network infrastructure
.PP
.SH OPTIONS
.PP
-todo FIXME
+.SS -d <tundev>, --dev <tundev>
+Defines the name of the tunnel device that is being created. If this option
+is not set, then the default names for curves{0,1,2,..} for a curvetun server
+and curvec{0,1,2,...} for a curvetun client are used.
+.PP
+.SS -p <num>, --port <num>
+Defines the port the curvetun server should listen on. There is no default port
+for curvetun in general, so setting this option for server bootstrap is
+mandatory. This option is for servers only.
+.PP
+.SS -t <server>, --stun <server>
+If needed, this options enables an STUN lookup in order to show public IP/port
+mapping and to punch a hole into the firewall. In case you are unsure what STUN
+server to use, simply use ``--stun stunserver.org''.
+.PP
+.SS -c[=alias], --client[=alias]
+Starts curvetun in client mode and connects to the given connection alias that is
+defined in the configuration file.
+.PP
+.SS -k, --keygen
+Generate private and public keypair. If not done yet, this must be done
+initially.
+.PP
+.SS -x, --export
+Export our user and key combination to stdout as a one-liner.
+.PP
+.SS -C, --dumpc
+Dump all known clients that may connect to the local curvetun server
+and exit.
+.PP
+.SS -S, --dumps
+Dump all known servers we as a client can connect to, and exit.
+.PP
+.SS -D, --nofork
+Do not fork off as a client or server on startup.
+.PP
+.SS -s, --server
+Starts curvetun in server mode. Additional parameters are needed, at least
+the definition of the port clients can connect to.
+.PP
+.SS -N, --no-logging
+Disable all curvetun logging of possible user information. This can
+be used for having curvetun users connect more anonymously. This option
+is for servers only.
+.PP
+.SS -u, --udp
+Use UDP as a carrier protocol instead of TCP. By default TCP is the
+carrier protocol. This option is for servers only.
+.PP
+.SS -4, --ipv4
+Defines IPv4 as the underlying network protocol to be used on the tunnel
+device. IPv4 is default. This option is for servers only.
+.PP
+.SS -6, --ipv6
+Defines IPv6 as the underlying network protocol to be used on the tunnel
+device. This option is for servers only.
+.PP
+.SS -v, --version
+Show version information and exit.
+.PP
+.SS -h, --help
+Show user help and exit.
+.PP
+.SH USAGE EXAMPLE
+.PP
+.SS curvetun --server -4 -u -N --port 6666 --stun stunserver.org
+Starts curvetun in server mode with IPv4 as network protocol and UDP as a transport
+carrier protocol. The curvetun server listens for incoming connections on port 6666
+and performs an STUN lookup on startup to stunserver.org.
+.PP
+.SS curvetun --client=ethz
+Starts curvetun in client mode and connects to the defined connection alias ``ethz''
+that is defined in the curvetun ~/.curvetun/servers configuration.
+.PP
+.SS curvetun --keygen
+Generates initial keypairs and stores them in ~/.curvetun/.
+.PP
+.SS curvetun --export
+Exports your user data to stdout for configuration of a curvetun server.
.PP
.SH CRYPTOGRAPHY
Encrypted IP tunnels are often used to create virtual private networks (VPN),
@@ -138,7 +216,7 @@ NaCl: Networking and Cryptography library
\%http://nacl.cr.yp.to/
.RE
.PP
-.SH SETUP EXAMPLE
+.SH SETUP HOWTO
If you've never run curvetun before, you need to do an initial setup once.
.PP
First, make sure that the servers and clients clocks are periodically