X-Git-Url: http://git.sameswireless.fr/l2tpns.git/blobdiff_plain/3057f5e655405b7ba84a559213a1dbaaa3eaaab6..bd2ec601493cece0de9e565e7bd497b129bece10:/Docs/manual.html?ds=inline diff --git a/Docs/manual.html b/Docs/manual.html index 13748a9..4db3a83 100644 --- a/Docs/manual.html +++ b/Docs/manual.html @@ -191,14 +191,6 @@ user, both a primary and a secondary. If either is set to 0.0.0.0, then that one will not be sent. -
  • save_state (boolean)
    -When l2tpns receives a STGTERM it will write out its current -ip_address_pool, session and tunnel tables to disk prior to exiting to -be re-loaded at startup. The validity of this data is obviously quite -short and the intent is to allow an sessions to be retained over a -software upgrade. -
  • -
  • primary_radius (ip address)
  • secondary_radius (ip address)
    Sets the RADIUS servers used for both authentication and accounting. @@ -231,6 +223,17 @@ This secret will be used in all RADIUS queries. If this is not set then RADIUS queries will fail.
  • +
  • radius_authtypes (string)
    +A comma separated list of supported RADIUS authentication methods +(pap or chap), in order of preference (default pap). +
  • + +
  • allow_duplicate_users (boolean)
    +Allow multiple logins with the same username. If false (the default), +any prior session with the same username will be dropped when a new +session is established. +
  • +
  • bind_address (ip address)
    When the tun interface is created, it is assigned the address specified here. If no address is given, 1.1.1.1 is used. Packets @@ -282,10 +285,6 @@ second. Even if this is disabled, you can see this information by running the uptime command on the CLI.
  • -
  • cleanup_interval (int)
    -Interval between regular cleanups (in seconds). -
  • -
  • multi_read_count (int)
    Number of packets to read off each of the UDP and TUN fds when returned as readable by select (default: 10). Avoids incurring the @@ -307,6 +306,13 @@ Keep all pages mapped by the l2tpns process in memory. Maximum number of host unreachable ICMP packets to send per second.
  • +
  • packet_limit (int>
    +Maximum number of packets of downstream traffic to be handled each +tenth of a second per session. If zero, no limit is applied (default: +0). Intended as a DoS prevention mechanism and not a general +throttling control (packets are dropped, not queued). +
  • +
  • cluster_address (ip address)
    Multicast cluster address (default: 239.192.13.13). See the section on Clustering for more information. @@ -325,6 +331,11 @@ Cluster heartbeat timeout in tenths of a second. A new master will be elected when this interval has been passed without seeing a heartbeat from the master.
  • + +
  • cluster_master_min_adv (int)
    +Determines the minumum number of up to date slaves required before the +master will drop routes (default: 1). +
  • BGP routing configuration is entered by the command: @@ -360,23 +371,25 @@ define the body of the access-list. Standard access-list syntax: Extended access-lists: -

    -
    {permit|deny} ip +
    +

    {permit|deny} ip {host|source source-wildcard|any} - {host|destination destination-wildcard|any} -

    {permit|deny} udp + {host|destination destination-wildcard|any} [fragments] +

    {permit|deny} udp {host|source source-wildcard|any} [{eq|neq|gt|lt} port|range from to] {host|destination destination-wildcard|any} [{eq|neq|gt|lt} port|range from to] -

    {permit|deny} tcp + [fragments] +

    {permit|deny} tcp {host|source source-wildcard|any} [{eq|neq|gt|lt} port|range from to] {host|destination destination-wildcard|any} [{eq|neq|gt|lt} port|range from to] [{established|{match-any|match-all} - {+|-}{fin|syn|rst|psh|ack|urg} ...] -

    + {+|-}{fin|syn|rst|psh|ack|urg} + ...|fragments] +

    users

    @@ -683,14 +696,10 @@ killall -HUP l2tpns The signals understood are:

    Throttling