X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/3057f5e655405b7ba84a559213a1dbaaa3eaaab6..b17f6176484c929bf7e432cd656826339b47df05:/Docs/manual.html
diff --git a/Docs/manual.html b/Docs/manual.html
index 13748a9..e4cc1a5 100644
--- a/Docs/manual.html
+++ b/Docs/manual.html
@@ -191,14 +191,6 @@ user, both a primary and a secondary. If either is set to 0.0.0.0, then that
one will not be sent.
-save_state (boolean)
-When l2tpns receives a STGTERM it will write out its current
-ip_address_pool, session and tunnel tables to disk prior to exiting to
-be re-loaded at startup. The validity of this data is obviously quite
-short and the intent is to allow an sessions to be retained over a
-software upgrade.
-
-
primary_radius (ip address)
secondary_radius (ip address)
Sets the RADIUS servers used for both authentication and accounting.
@@ -307,6 +299,13 @@ Keep all pages mapped by the l2tpns process in memory.
Maximum number of host unreachable ICMP packets to send per second.
+packet_limit (int>
+Maximum number of packets of downstream traffic to be handled each
+tenth of a second per session. If zero, no limit is applied (default:
+0). Intended as a DoS prevention mechanism and not a general
+throttling control (packets are dropped, not queued).
+
+
cluster_address (ip address)
Multicast cluster address (default: 239.192.13.13). See the section
on Clustering for more information.
@@ -325,6 +324,11 @@ Cluster heartbeat timeout in tenths of a second. A new master will be
elected when this interval has been passed without seeing a heartbeat
from the master.
+
+cluster_master_min_adv (int)
+Determines the minumum number of up to date slaves required before the
+master will drop routes (default: 1).
+
BGP routing configuration is entered by the command:
@@ -360,23 +364,25 @@ define the body of the access-list. Standard access-list syntax:
Extended access-lists:
-
- - {permit|deny} ip
+
+
{permit|deny} ip
{host|source source-wildcard|any}
- {host|destination destination-wildcard|any}
-
- {permit|deny} udp
+ {host|destination destination-wildcard|any} [fragments]
+
{permit|deny} udp
{host|source source-wildcard|any}
[{eq|neq|gt|lt} port|range from to]
{host|destination destination-wildcard|any}
[{eq|neq|gt|lt} port|range from to]
-
- {permit|deny} tcp
+ [fragments]
+
{permit|deny} tcp
{host|source source-wildcard|any}
[{eq|neq|gt|lt} port|range from to]
{host|destination destination-wildcard|any}
[{eq|neq|gt|lt} port|range from to]
[{established|{match-any|match-all}
- {+|-}{fin|syn|rst|psh|ack|urg} ...]
-
+ {+|-}{fin|syn|rst|psh|ack|urg}
+ ...|fragments]
+
users
@@ -683,14 +689,10 @@ killall -HUP l2tpns
The signals understood are:
-- SIGHUP - Reload the config from disk and re-open log file
-- SIGTERM / SIGINT - Shut down for a restart. This will dump the current
-state to disk (if save_state is set to true). Upon restart, the
-process will read this saved state to resume active sessions.
+
- SIGHUP - Reload the config from disk and re-open log file
+- SIGTERM / SIGINT - Shut down.
- SIGQUIT - Shut down cleanly. This will send a disconnect message for
-every active session and tunnel before shutting down. This is a good idea
-when upgrading the code, as no sessions will be left with the remote end
-thinking they are open.
+every active session and tunnel before shutting down.
Throttling