X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/3057f5e655405b7ba84a559213a1dbaaa3eaaab6..2b5cae3b51b9b575d98acc611035b3dcf56c6d72:/Docs/manual.html diff --git a/Docs/manual.html b/Docs/manual.html index 13748a9..3d1adf9 100644 --- a/Docs/manual.html +++ b/Docs/manual.html @@ -191,14 +191,6 @@ user, both a primary and a secondary. If either is set to 0.0.0.0, then that one will not be sent. -
  • save_state (boolean)
    -When l2tpns receives a STGTERM it will write out its current -ip_address_pool, session and tunnel tables to disk prior to exiting to -be re-loaded at startup. The validity of this data is obviously quite -short and the intent is to allow an sessions to be retained over a -software upgrade. -
  • -
  • primary_radius (ip address)
  • secondary_radius (ip address)
    Sets the RADIUS servers used for both authentication and accounting. @@ -307,6 +299,13 @@ Keep all pages mapped by the l2tpns process in memory. Maximum number of host unreachable ICMP packets to send per second.
  • +
  • packet_limit (int>
    +Maximum number of packets of downstream traffic to be handled each +tenth of a second per session. If zero, no limit is applied (default: +0). Intended as a DoS prevention mechanism and not a general +throttling control (packets are dropped, not queued). +
  • +
  • cluster_address (ip address)
    Multicast cluster address (default: 239.192.13.13). See the section on Clustering for more information. @@ -360,23 +359,25 @@ define the body of the access-list. Standard access-list syntax: Extended access-lists: -
    -
    {permit|deny} ip +
    +

    {permit|deny} ip {host|source source-wildcard|any} - {host|destination destination-wildcard|any} -

    {permit|deny} udp + {host|destination destination-wildcard|any} [fragments] +

    {permit|deny} udp {host|source source-wildcard|any} [{eq|neq|gt|lt} port|range from to] {host|destination destination-wildcard|any} [{eq|neq|gt|lt} port|range from to] -

    {permit|deny} tcp + [fragments] +

    {permit|deny} tcp {host|source source-wildcard|any} [{eq|neq|gt|lt} port|range from to] {host|destination destination-wildcard|any} [{eq|neq|gt|lt} port|range from to] [{established|{match-any|match-all} - {+|-}{fin|syn|rst|psh|ack|urg} ...] -

    + {+|-}{fin|syn|rst|psh|ack|urg} + ...|fragments] +

    users

    @@ -683,14 +684,10 @@ killall -HUP l2tpns The signals understood are:

    Throttling