Commit | Line | Data |
---|---|---|
2e082dfe | 1 | m4_dnl udptunnel-vpn-defaults: default settings for udptunnel-reconf |
2 | ||
711a0748 | 3 | m4_dnl This file is part of ipif, part of userv-utils |
9028e234 IJ |
4 | m4_dnl |
5 | m4_dnl Copyright 1996-2013 Ian Jackson <ijackson@chiark.greenend.org.uk> | |
6 | m4_dnl Copyright 1998 David Damerell <damerell@chiark.greenend.org.uk> | |
7 | m4_dnl Copyright 1999,2003 | |
8 | m4_dnl Chancellor Masters and Scholars of the University of Cambridge | |
9 | m4_dnl Copyright 2010 Tony Finch <fanf@dotat.at> | |
10 | m4_dnl | |
2e082dfe | 11 | m4_dnl This is free software; you can redistribute it and/or modify it |
12 | m4_dnl under the terms of the GNU General Public License as published by | |
9028e234 | 13 | m4_dnl the Free Software Foundation; either version 3 of the License, or |
2e082dfe | 14 | m4_dnl (at your option) any later version. |
15 | m4_dnl | |
16 | m4_dnl This program is distributed in the hope that it will be useful, but | |
17 | m4_dnl WITHOUT ANY WARRANTY; without even the implied warranty of | |
18 | m4_dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
19 | m4_dnl General Public License for more details. | |
20 | m4_dnl | |
21 | m4_dnl You should have received a copy of the GNU General Public License | |
9028e234 | 22 | m4_dnl along with userv-utils; if not, see http://www.gnu.org/licenses/. |
2e082dfe | 23 | |
24 | SET( lcommand, [udptunnel]) | |
ed33cd7d | 25 | SET( clock_maxskew, 45) |
2e082dfe | 26 | SET( crypto, |
ed33cd7d | 27 | [-e nonce -e timestamp/V_clock_maxskew/V_clock_maxskew -e pkcs5/8 \ |
2e082dfe | 28 | -e blowfish-cbcmac/128 -e blowfish-cbc/128]) |
29 | ||
30 | SET( lpublic, [`hostname`]) | |
31 | SET( lport, [Any]) | |
32 | m4_dnl rpublic -- usually set in sites | |
33 | SET( rport, [Command]) | |
34 | m4_dnl lend -- usually set in global | |
35 | m4_dnl rend -- usually set in sites | |
36 | SET( mtu, [1000]) | |
34631904 | 37 | SET( proto, [slip]) |
ccd5607e | 38 | SET( to_restart, [10]) |
2e082dfe | 39 | SET( to_poll, [30]) |
40 | SET( to_quit, [130]) | |
41 | SET( to_report, [1800]) | |
42 | SET( timeouts, [V_to_poll,V_to_quit,V_to_report]) | |
43 | SET( lnets, [-])m4_dnl often overridden in global | |
44 | SET( rnets, [-])m4_dnl often overridden in sites | |
45 | SET( forbid_remote, [V_lnets]) | |
46 | ||
47 | SET( rcommandprefix, []) | |
48 | SET( rcommand, [V_rcommandprefix udptunnel]) | |
49 | ||
50 | SET( sshprotoka, [-o 'ProtocolKeepAlives 300']) | |
51 | SET( sshstdopts, [-o 'ForwardAgent no' -o 'ForwardX11 no' -o 'BatchMode yes']) | |
52 | SET( sshverbose, [-v]) | |
53 | SET( sshopts, []) | |
54 | SET( ssh, | |
55 | [ssh V_sshstdopts \ | |
56 | V_sshprotoka V_sshverbose \ | |
57 | V_sshopts]) | |
f21c3bcf | 58 | SET( sshinvoke, [V_ssh V_ruser@V_sshdest]) |
56a03854 | 59 | |
2e082dfe | 60 | SET( sshdest, [V_rpublic]) |
61 | ||
62 | SET( sites, [sites]) | |
63 | SET( tunnels, [tunnels]) | |
64 | ||
65 | m4_dnl varlibvpn -- global can override | |
66 | ||
67 | SET( ipifnetsfile, [V_varlibvpn/ipif-networks]) | |
68 | SET( activesfile, [V_varlibvpn/active-sites]) | |
69 | SET( activesxinfo, []) | |
70 | SET( passivesfile, [V_varlibvpn/passive-sites]) | |
71 | SET( passivesxinfo, []) | |
72 | ||
73 | SET( postconfigure, []) | |
74 | ||
75 | SET( invoke_file, [V_varlibvpn/command.V_site]) | |
76 | SET( invoke_head, [#!/bin/sh]) | |
77 | SET( invoke_hook, []) | |
78 | ||
79 | SET( syslog_facility, local2) | |
80 | SET( syslog_priority, info) | |
81 | ||
82 | SET( inittab_runlevels, 2345) | |
83 | SET( inittab_pfx, []) | |
84 | SET( inittab_sfx, | |
e0bdbf6d | 85 | [</dev/null 2>&1 | logger -p V_syslog_facility.V_syslog_priority -t tunnel-V_site]) |
2e082dfe | 86 | SET( inittab_command,[V_inittab_pfx V_invoke_file V_inittab_sfx]) |
87 | SET( inittab_line, [V_inittab_runlevels:respawn:V_inittab_command]) | |
88 | ||
89 | SET( invoke_body, | |
90 | [set -e | |
91 | V_invoke_hook | |
92 | echo "STARTING TUNNEL `date`" >&2 | |
ccd5607e | 93 | set +e |
2e082dfe | 94 | V_command |
95 | rc=$? | |
ccd5607e | 96 | set -e |
2e082dfe | 97 | echo "TUNNEL CLOSED rc=$rc" >&2 |
ccd5607e | 98 | sleep V_to_restart |
99 | echo "TUNNEL MAYRESTART" >&2 | |
2e082dfe | 100 | exit $rc |
101 | ]) | |
102 | ||
103 | m4_dnl lgroup -- usually set in global | |
104 | ||
105 | SET( command, | |
106 | [V_lcommand \ | |
107 | V_crypto \ | |
108 | V_lpublic,V_lport \ | |
109 | V_rpublic,V_rport \ | |
110 | V_lend,V_rend,V_mtu,V_proto \ | |
111 | V_timeouts \ | |
112 | V_rnets \ | |
113 | V_lnets \ | |
56a03854 | 114 | V_sshinvoke V_rcommand |
2e082dfe | 115 | ]) |