GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added missing files

Browse Source
This commit is contained in:
Nikos Mavrogiannopoulos
2013-02-12 18:56:33 +01:00
parent 64a91f2b44
commit 35ce549e9e
2 changed files with 106 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
doc/Makefile.am Normal file
View File

@@ -0,0 +1,8 @@
EXTRA_DIST = design.dia sample.config
dist_man_MANS = ocserv.1
ocserv.1: ../src/ocserv-args.def
-sed 's/@subheading \(.*\)/@*\n@var{\1}\n@*/' $< > "$<".tmp && \
autogen -DMAN_SECTION=1 -Tagman-cmd.tpl "$<".tmp && \
rm -f "$<".tmp

98
doc/sample.config Normal file
View File

@@ -0,0 +1,98 @@
# User authentication method. Could be set multiple times and in that case
# all should succeed.
# Options: certificate, pam.
#auth = certificate
auth = "pam"
# UTMP
use-utmp = true
# PID file
pid-file = /var/run/ocserv.pid
# Limit the number of clients. Set to zero for unlimited.
# max-clients = 1024
max-clients = 4
# Limit the number of identical clients (i.e., users connecting multiple times)
# Unset or set to zero for unlimited.
max-same-clients = 1
# Use listen-host to limit to specific IPs or to the IPs of a provided hostname.
# listen-host = [IP|HOSTNAME]
# The time (in seconds) that a client is allowed to stay connected prior
# to authentication
auth-timeout = 40
# TCP and UDP port number
tcp-port = 3333
udp-port = 3333
# Keepalive in seconds
keepalive = 60
# Dead peer detection in seconds
dpd = 30
# The key and the certificates of the server
# The key may be a file, or any URL supported by GnuTLS (i.e., tpmkey or pkcs11)
server-cert = ./test-cert.pem
server-key = ./test-key.pem
# The Certificate Authority that will be used
# to verify clients if certificate authentication
# is set.
#ca-cert = /path/to/ca.pem
# The object identifier that will be used to read the user ID in the client certificate.
# The object identifier should be part of the certificate's DN
#cert-user-oid = 0.9.2342.19200300.100.1.1
# A revocation list of ca-cert is set
#crl = /path/to/crl.pem
# GnuTLS priority string
tls-priorities = "PERFORMANCE:%SERVER_PRECEDENCE:%COMPAT"
# The default server directory
#chroot-dir = /root
# Cookie validity time (in seconds)
# Once a client is authenticated he's provided a cookie with
# which he can reconnect. This option sets the maximum lifetime
# of that cookie.
cookie-validity = 14400
#cookie-db = /var/tmp/vpn-cookies.db
run-as-user = nobody
run-as-group = nogroup
# Network settings
device = vpns
# Script to call when a client connects and obtains an IP
# Parameters are passed on the environment.
# USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client),
# DEVICE, IP_REAL (the real IP of the client), IP_LOCAL (the local IP
# in the P-t-P connect), IP_REMOTE (the VPN IP of the client).
#connect-script = /bin/echo
#disconnect-script = /bin/echo
# The pool from which the VPN user IPs will be drawn from.
ipv4-network = 192.168.1.0
ipv4-netmask = 255.255.255.0
# Use the keywork local to advertize the local P-t-P address as DNS server
# ipv4-dns = 192.168.2.1
ipv4-dns = local
#ipv6-address =
#ipv6-mask =
#ipv6-dns =
# Leave empty to assign the default MTU of the device
# mtu =
route = 192.168.1.0/255.255.255.0
#route = 192.168.5.0/255.255.255.0