# # Configuration file example for vtund. # # Maxim Krasnyansky # # Cleanup of english and spelling by Ted Rolle # # Lines which begin with '#' are comments # # File format: # # XXXXX { # option param; option param; # option param; # ...... # } # Where XXXXX: # options - vtund options. # default - default hosts options. # host - host options. # # Options _must_ be grouped by curly braces '{' '}'. # Each option _must_ end with ';' # # Possible vtund options: # port - port number(server listens on that port, client connects # to that port. # # persist - reconnect to the server after connection termination # only used by the client. # # timeout - connect timeout for the client. # # Possible host options: # passwd - Password for authentification. # # program - Full path to the program to start on the tunnel. # # arguments - Arguments to pass to the program. # Must be enclosed in double quotes. # TTY port name or Ethernet device is substituted in place of # %%(double percent sign). # You can use single quotes to group program arguments. # This option may be abbreviated to 'args'. # # type - Tunnel type. # 'tty' - to tunnel PPP, SLIP, etc. # 'pipe' - to tunnel any program. # 'ether' - Ethernet tunnel. # Default type is 'tty'. # This option is ignored by the client. # # proto - Protocol used to create the tunnel. # 'tcp' - TCP protocol. # 'udp' - UDP protocol. # # 'tcp' is default for 'tty' and 'pipe', 'udp' is default for Ethernet. # This option is ignored by the client. # # compress - Enable 'yes' or disable 'no' compression. # Ignored by the client. # # encrypt - Enable 'yes' or disable 'no' encryption. # Ignored by the client. # # speed - Speed of the connection in 'kilo bites per second'. # 8,16,32,64,128,256,etc. # 0 means maximum possible speed without shaping. # You can specify speed in form IN:OUT. # IN(to the client), OUT(from the client). # Single number means same speed for IN and OUT. # Ignored by the client. # # Note: # Options 'Ignored by the client' means that they are supplied by # the server at the run time. # Option names can be abbreviated to a minimum of 4 charactres. # # # ---- Cut Here -------- Server Config -------- Cut Here ----------- # options { port 5000; # Listen on this port. } # Default host options default { program /usr/sbin/pppd; # Default program to start is 'pppd' arguments ""; # By default no arguments compress no; # Compression is off by default speed 0; # By default maximum speed, NO shaping } # PPP example. # Allow connection to 'viper' with password 'TTT$bio' with compression # and encryption. Start default program 'pppd'. # Assign 11.0.0.1 IP address to our side, # 11.0.0.2 to client and add proxy arp entry. viper { pass TTT$bio; comp yes; encr yes; args "11.0.0.1:11.0.0.2 proxyarp" ; } # _ANY_ default option may be changed at _ANY_ place default { program /sbin/slipcfg; # Now default program is 'slipcfg' compress yes; # Compression now on by default } # SLIP example. # Allow connection for 'kram' with password 'VtunCool' with compression # (new default), on speed 256 inbound, 128 outbound. # Start new default program 'slipcfg' and pass port name to it. # Setup point-to-point link with 10.0.0.1 local and 10.0.0.2 # remote addresses. kram { pass VtunCool; args "%% 10.0.0.1 10.0.0.2"; speed 256:128; } # Ethernet example. # Allow connection for 'tap' with password 'Ma&^TU' with compression # and encryption. # Start program 'ifconfig' and pass Ethernet device name to it. # Assign 12.0.0.1 IP address and netmask 255.255.255.0 to that device. tap { pass Ma&^TU ; type ether; proto udp; # UDP is default for Ethernet comp yes; encr yes; prog /sbin/ifconfig; args "%% 12.0.0.1 netmask 255.255.255.0" ; } # Program pipe example. # Allow connection for 'backup' with password 'OnlyME' with compression # and encryption. # Start sh(shell) and tar '/etc' directory to the stdout(pipe tunnel). backup { passwd OnlyME; compress yes; encrypt yes; prog /bin/sh; type pipe; args "-c 'tar cf - /etc/*'"; } # Another silly example to show that VTun can tunnel ALMOST # anything :-). # Allow connection for 'sz' with password 'OnlyME' with encryption # and IN and OUT speed 64K. # Send '/etc/profile' via ZMODEM to the stdout(tty tunnel). sz { pass OnlyME; speed 64; type tty; encr yes; prog /bin/sh; args "-c 'sz /etc/termcap' "; } # # ---- Cut Here ---- End of Server Config ------- Cut Here ----------- # # # ---- Cut Here ---------- Client Config -------- Cut Here ----------- # # Here are client config examples to use with the above server config. # It is mostly the same as the above with ignored options removed # and program args changed. # options { port 5000; # Connect to port 5000 persist no; # Don't reconnect timeout 60; # Connect timeout 60 sec } # Default host options default { program /usr/sbin/pppd; # Default program to start is 'pppd' arguments ""; # By default no arguments } # PPP example. # When connected to the server suply 'viper' as host and 'TTT$bio' # as password. # Start default program 'pppd' without any args. # Use IP address suplied by the server's pppd. viper { pass TTT$bio; } # _ANY_ default options can be changed at _ANY_ place default { program /sbin/slipcfg; # Now default program is 'slipcfg' } # SLIP example. # When connected to the server supply 'kram' as host 'VtunCool' as # password. # Start new default program 'slipcfg' and pass port name to it. # Setup point-to-point link with 10.0.0.2 local and 10.0.0.1 remote # addresses. kram { pass VtunCool; args "%% 10.0.0.2 10.0.0.1" ; } # Ethernet example. (Note: server supplies type 'ether'.) # When connected to the server suply 'tap' as host 'Ma&^TU' as password. # Start program 'ifconfig' and pass Ethernet device name to it. # Assign 12.0.0.2 IP address and netmask 255.255.255.0 to that device. tap { pass Ma&^TU ; prog /sbin/ifconfig; args "%% 12.0.0.2 netmask 255.255.255.0" ; } # Program pipe example. (Note: server supplies type 'pipe'.) # When connected to the server supply 'backup' as host, # 'OnlyME' as password. # Start sh(shell) and cat tar archive of the server's '/etc' # directory from stdout(pipe tunnel) to /var/tmp/etc.tar backup { passwd OnlyME; prog /bin/sh; args "-c 'cat > /var/tmp/etc.tar'"; } # Another silly example to show that VTun can tunnel ALMOST # anything :-). # (Again, the server supplies type 'tty'.) # When connected to the server supply 'sz' as host, # 'OnlyME' as password. # Receive server's '/etc/profile' via ZMODEM from the # stdout(tty tunnel). sz { pass OnlyME; type tty; encr yes; prog /bin/sh; args "-c 'cd /var/tmp; rz' "; } # # ---- Cut Here ------ End of Client Config -------- Cut Here ------- #