X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/12f16f60c19b470a3a4e5ee145485095dc674dee..631efd4f4f482032496fb11ea650cd75bcff6ec6:/Docs/manual.html

diff --git a/Docs/manual.html b/Docs/manual.html
index 13748a9..b37cba4 100644
--- a/Docs/manual.html
+++ b/Docs/manual.html
@@ -282,10 +282,6 @@ second.  Even if this is disabled, you can see this information by running
 the <EM>uptime</EM> command on the CLI.
 </LI>
 
-<LI><B>cleanup_interval</B> (int)<BR>
-Interval between regular cleanups (in seconds).
-</LI>
-
 <LI><B>multi_read_count</B> (int)<BR>
 Number of packets to read off each of the UDP and TUN fds when
 returned as readable by select (default:  10).  Avoids incurring the
@@ -307,6 +303,13 @@ Keep all pages mapped by the l2tpns process in memory.
 Maximum number of host unreachable ICMP packets to send per second.
 </LI>
 
+<LI><B>packet_limit</B> (int><BR>
+Maximum number of packets of downstream traffic to be handled each
+tenth of a second per session.  If zero, no limit is applied (default: 
+0).  Intended as a DoS prevention mechanism and not a general
+throttling control (packets are dropped, not queued).
+</LI>
+
 <LI><B>cluster_address</B> (ip address)<BR>
 Multicast cluster address (default:  239.192.13.13).  See the section
 on <A HREF="#Clustering">Clustering</A> for more information.
@@ -325,6 +328,11 @@ Cluster heartbeat timeout in tenths of a second.  A new master will be
 elected when this interval has been passed without seeing a heartbeat
 from the master.
 </LI>
+
+<LI><B>cluster_master_min_adv</B> (int)<BR>
+Determines the minumum number of up to date slaves required before the
+master will drop routes (default: 1).
+</LI>
 </UL>
 
 <P>BGP routing configuration is entered by the command:
@@ -360,23 +368,25 @@ define the body of the access-list.  Standard access-list syntax:
 
 Extended access-lists:
 
-<DL>
-  <DD>{<B>permit</B>|<B>deny</B>} <B>ip</B>
+<DIV STYLE="margin-left: 4em; text-indent: -2em">
+  <P>{<B>permit</B>|<B>deny</B>} <B>ip</B>
     {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>}
-    {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>}
-  <DD>{<B>permit</B>|<B>deny</B>} <B>udp</B>
+    {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>} [<B>fragments</B>]
+  <P>{<B>permit</B>|<B>deny</B>} <B>udp</B>
     {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>}
 	[{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>]
     {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>}
 	[{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>]
-  <DD>{<B>permit</B>|<B>deny</B>} <B>tcp</B>
+	[<B>fragments</B>]
+  <P>{<B>permit</B>|<B>deny</B>} <B>tcp</B>
     {<I>host</I>|<I>source source-wildcard</I>|<B>any</B>}
 	[{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>]
     {<I>host</I>|<I>destination destination-wildcard</I>|<B>any</B>}
 	[{<B>eq</B>|<B>neq</B>|<B>gt</B>|<B>lt</B>} <I>port</I>|<B>range</B> <I>from</I> <I>to</I>]
 	[{<B>established</B>|{<B>match-any</B>|<B>match-all</B>}
-	    {<B>+</B>|<B>-</B>}{<B>fin</B>|<B>syn</B>|<B>rst</B>|<B>psh</B>|<B>ack</B>|<B>urg</B>} ...]
-</DL>
+	    {<B>+</B>|<B>-</B>}{<B>fin</B>|<B>syn</B>|<B>rst</B>|<B>psh</B>|<B>ack</B>|<B>urg</B>}
+	    ...|<B>fragments</B>]
+</DIV>
 
 <H3 ID="users">users</H3>