bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
90
by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Added "--xinclude". |
1 |
<?xml version="1.0" encoding="UTF-8"?>
|
2 |
<!DOCTYPE simplesect PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
|
3 |
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
|
|
4 |
||
5 |
<!--
|
|
6 |
This file is used by both mandos(8) and mandos.conf(5), since these
|
|
7 |
options can be used both on the command line and in the config file.
|
|
8 |
-->
|
|
9 |
||
10 |
<simplesect>
|
|
11 |
<title/> |
|
12 |
|
|
13 |
<para id="interface"> |
|
14 |
If this is specified, the server will only announce the service |
|
15 |
and listen to requests on network interface |
|
16 |
<replaceable>IF</replaceable>. Default is to use all available |
|
17 |
interfaces. <emphasis>Note:</emphasis> a failure to bind to the |
|
18 |
specified interface is not considered critical, and the server |
|
19 |
does not exit. |
|
20 |
</para> |
|
21 |
|
|
22 |
<para id="address"> |
|
23 |
If this option is used, the server will only listen to a specific |
|
24 |
address. This must currently be an IPv6 address; an IPv4 address |
|
25 |
can only be specified using the <quote><systemitem |
|
26 |
class="ipaddress">::FFFF:192.0.2.3</systemitem></quote> format. |
|
27 |
Also, if a link-local address is specified, an interface should be |
|
28 |
set, since a link-local address is only valid on a single |
|
29 |
interface. By default, the server will listen to all available |
|
30 |
addresses.
|
|
31 |
</para> |
|
32 |
|
|
33 |
<para id="port"> |
|
34 |
If this option is used, the server will bind to that port. By |
|
35 |
default, the server will listen to an arbitrary port given by the |
|
36 |
operating system. |
|
37 |
</para> |
|
38 |
|
|
39 |
<para id="debug"> |
|
40 |
If the server is run in debug mode, it will run in the foreground |
|
41 |
and print a lot of debugging information. The default is |
|
42 |
<emphasis>not</emphasis> to run in debug mode. |
|
43 |
</para> |
|
44 |
|
|
45 |
<para id="priority"> |
|
46 |
GnuTLS priority string for the TLS handshake with the clients. |
|
47 |
The default is |
|
48 |
<quote><literal>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP</literal></quote>. |
|
49 |
See <citerefentry><refentrytitle>gnutls_priority_init |
|
50 |
</refentrytitle><manvolnum>3</manvolnum></citerefentry> for the |
|
51 |
syntax. <emphasis>Warning</emphasis>: changing this may make the |
|
52 |
TLS handshake fail, making communication with clients impossible. |
|
53 |
</para> |
|
54 |
|
|
55 |
<para id="servicename"> |
|
56 |
Zeroconf service name. The default is |
|
57 |
<quote><literal>Mandos</literal></quote>. This only needs to be |
|
58 |
changed this if it, for some reason, is necessary to run more than |
|
59 |
one server on the same <emphasis>host</emphasis>, which would not |
|
60 |
normally be useful. If there are name collisions on the same |
|
61 |
<emphasis>network</emphasis>, the newer server will automatically |
|
62 |
rename itself to <quote><literal>Mandos #2</literal></quote>, and |
|
63 |
so on; therefore, this option is not needed in that case. |
|
64 |
</para> |
|
65 |
|
|
66 |
</simplesect>
|