Added example scripts and updated documentation.

doc/Makefile.am

@@ -1,4 +1,4 @@
-EXTRA_DIST = design.dia sample.config
+EXTRA_DIST = design.dia sample.config scripts/ocserv-up scripts/ocserv-down
 
 dist_man_MANS = ocserv.1
 

doc/ocserv.1

@@ -2,7 +2,7 @@
 .\"
 .\"  DO NOT EDIT THIS FILE   (ocserv-args.man)
 .\"  
-.\"  It has been AutoGen-ed  February 12, 2013 at 06:56:01 PM by AutoGen 5.16
+.\"  It has been AutoGen-ed  February 12, 2013 at 07:18:42 PM by AutoGen 5.16
 .\"  From the definitions    ../src/ocserv-args.def.tmp
 .\"  and the template file   agman-cmd.tpl
 .\"
@@ -97,6 +97,7 @@ $ certtool \-\-generate\-self\-signed \-\-load\-privkey ca\-key.pem \
 $ certtool \-\-generate\-privkey \-\-outfile user\-key.pem
 $ cat << _EOF_ >user.tmpl
 cn = "user"
+ou = "admins"
 serial = 1824
 email = "user@example.com"
 expiration_days = 9999
@@ -269,7 +270,7 @@ The operation failed or the command syntax was not valid.
 .in +4
 .ti -4
 \fB*\fP
-Supports both TCP and UDP VPN tunnels using TLS and DTLS.
+Supports both TCP and UDP VPN tunnels using TLS and Datagram TLS.
 .ti -4
 \fB*\fP
 Support for the server key being stored in TPM, a hardware security module (HSM), or smart card.

doc/scripts/ocserv-down

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+iptables -D INPUT -i $DEVICE -j ACCEPT
+
+echo "User '$USERNAME' from '$IP_REAL' disconnected."

doc/scripts/ocserv-up

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+# Disable the firewall for the user's device
+iptables -A INPUT -i $DEVICE -j ACCEPT
+
+if [ "$GROUPNAME" != "admins" ];then
+	#rate limit the tun device to 64kbyte
+	wondershaper $DEVICE 524288 524288
+fi
+
+echo "User '$USERNAME' from '$IP_REAL' connected. Local IP is '$IP_REMOTE'"