From d5ae3fd41d0caab13ccf38ef96885a104d5fba77 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sat, 19 Sep 2015 11:47:37 +0200 Subject: [PATCH] converted README to markdown --- README => README.md | 57 ++++++++++++++++++++++++++++----------------- 1 file changed, 36 insertions(+), 21 deletions(-) rename README => README.md (75%) diff --git a/README b/README.md similarity index 75% rename from README rename to README.md index a8b9f067..61848c45 100644 --- a/README +++ b/README.md @@ -1,30 +1,33 @@ +# About -=== About === - -This program is openconnect VPN server (ocserv), a server compatible with the -openconnect VPN client [0]. It is believed to be compatible with the protocol +This program is openconnect VPN server (ocserv), a server for the +[openconnect VPN client](http://www.infradead.org/openconnect/). +It is believed to be compatible with the protocol used by CISCO's AnyConnect SSL VPN. -[0]. http://www.infradead.org/openconnect/ - -=== Build dependencies === +# Build dependencies Required dependencies (Debian pkg/Fedora pkg): +``` libgnutls28-dev / gnutls-devel +``` Optional dependencies that enable specific functionality: -* TCP wrappers: libwrap0-dev / tcp_wrappers-devel -* PAM: libpam0g-dev / pam-devel -* LZ4: liblz4-dev / lz4-devel -* seccomp: libseccomp-dev / libseccomp-devel -* occtl: libreadline-dev / readline-devel - libnl-route-3-dev / libnl3-devel -* GSSAPI libkrb5-dev / krb5-devel +``` +TCP wrappers: libwrap0-dev / tcp_wrappers-devel +PAM: libpam0g-dev / pam-devel +LZ4: liblz4-dev / lz4-devel +seccomp: libseccomp-dev / libseccomp-devel +occtl: libreadline-dev / readline-devel + libnl-route-3-dev / libnl3-devel +GSSAPI: libkrb5-dev / krb5-devel +``` Dependencies for development, or dependencies that can be skipped in an embedded system (e.g., because a replacement library is included): +``` libprotobuf-c0-dev / protobuf-c-devel libtalloc-dev / libtalloc-devel libhttp-parser-dev / http-parser-devel @@ -33,24 +36,28 @@ libopts25-dev / autogen-libopts-devel autogen / autogen protobuf-c-compiler/ protobuf-c gperf / gperf +``` See doc/README.radius for more information on Radius dependencies and its configuration. -=== Build instructions === +# Build instructions To build from a distributed release use: +``` $ ./configure && make +``` When cross compiling it may be useful to add the --enable-local-libopts option to configure. To build from the git repository use: - +``` $ autoreconf -fvi $ ./configure && make +``` In addition to the prerequisites listed above, building from git requires the following packages: autoconf, automake, autogen, git2cl, and xz. @@ -60,18 +67,22 @@ version on the development system, if the included libopts library is to be used. -=== Installation instructions === +# Installation instructions Now you need to generate a certificate. E.g. +``` $ certtool --generate-privkey > ./test-key.pem $ certtool --generate-self-signed --load-privkey test-key.pem --outfile test-cert.pem +``` (make sure you enable encryption or signing) To run the server on the foreground edit the doc/sample.config and then run: +``` # cd doc && ../src/ocserv -f -c sample.config +``` -=== Profiling === +# Profiling If you use ocserv on a server with significant load and you'd like to help improve it, you may help by sending profiling information. That includes @@ -79,7 +90,9 @@ the bottlenecks in software, so future optimizations could be spent on the real needs. In a Linux system you can profile ocserv using the following command. +``` # perf record -g ocserv +``` After the server is terminated, the output is placed in perf.data. It does not contain any sensitive information. If you run a server for long time, @@ -87,10 +100,12 @@ and under usage (i.e., clients connecting and transferring data), please send that information to nmav@gnutls.org. You may examine the output using: +``` # perf report +``` -=== How the VPN works === +# How the VPN works + +Please see the [technical description page](http://www.infradead.org/ocserv/technical.html). -Please see: -http://www.infradead.org/ocserv/technical.html