# Logging configuration # # level may be none, alert, normal, info, debug # priv may be yes or no # facility (syslog only) may be user, daemon, local0..local7 # ident (syslog only) may be any string no longer than 15 chars, # the default is "fedaserv", pass "-" (dash alone) to leave the ident # unconfigured (the system will use the actual program name) # name (custom file log only) _should_ be a valid absolute file name # # It is safe to leave the log configured to default values: both file and # stderr channels are disabled, syslog uses "fedaserv" as the indent str, # the user facility and the normal level, and is NOT considered private # #log_syslog_level normal #log_syslog_priv no #log_syslog_facility user #log_syslog_ident fedaserv # #log_file_level none #log_file_priv yes #log_file_name /path/to/your/log # #log_stderr_level none #log_stderr_priv yes # Address and port (UDP) # by default, the port 65242 is used, being listened to on all interfaces # just in case: decimal 65242 is the same as hexadecimal FEDA # #listen_address 198.51.100.37 #listen_port 65242 # Cooldown timeout is the time for which all dgrams from the given # addr/port are rejected, once something incorrect received from there # #cooldown_timeout 3600 # Peer timeout is the time the peer keeping silence gets completely forgotten # #peer_timeout 36000 # Keepalive interval is the interval at which keepalive dgrams are sent to # each peer # #keepalive_interval 120 # Where to get the local point's configuration, keys, certs, to store # foreign hashes and certs, etc. (by default, $HOME/.fedanet/keys, where # '$HOME' is your home directory, taken from the HOME env. variable; please # note variables in fact are NOT expanded in this value, so you can't use # anything like '$HOME' for real here) # #keys_dir /path/to/your/keydir # Should we open the socket for the fedactl program? ("no" by default). # *WARNING* some non-Linux systems ignore permissions on the socket file # and may even ignore the permissions for directories in the path to it. # Fedaserv does not perform any credentials checking here, so if you're # not on a Linux system, please tripple-check your kernel doesn't let # any unprivileged process to connect to the socket; if unsure, simply # don't enable this feature. # #control_socket yes # The path for the control_socket (by default, $HOME/.fedanet/servctl) # #control_socket_path /path/to/your/control_socket # Preconfigured peers # # The 'peer' parameter sets the name, which must be distinct; it is used # primarily for logging. # # For each peer, either ip+port or node_id+point (or both) must be # specified. # # Please see the file doc/peer_types.txt for the list of accepted peer # types, their meaning and explanations. # # # #peer venus #type natcheck #ip 198.51.100.12 #port 65242 # # # #peer mars #type natcheck #ip 198.51.100.241 #port 65242 # # # #peer pluto #type nodenets #node_id c508097bd6c347a4a317 #point 200 # # #endpeer # Tunneling-related options # # Enable dealing with IPv6 packets and datagrams carrying them. Please # note this is disabled by default! # #forwarding yes # # # # The name of the tun (virtual) network interface to be used by the # instance to accept locally-originated IPv6 packets for delivery through # the FEDAnet transport network, as well as to pass to the kernel the # packets destined to the locally configured point (and/or pseudopoints # 0, 254 and 255). By default no interface is configured and the local # accepting and delivery of the packets is not done. See the program # feda-if for some ideas on how to let this interface exist on your system. # Please note fedaserv won't create the interface for you, as this requires # root access, and fedaserv MUST NEVER EVER be run as root. # #tun_iface feda0 # # # # Do we serve the 'node-wide' subnets, that is, the nets for point numbers # 0x00, 0xFE and 0xFF? This option is ignored if our point number is 0xFE, # as in this case we definitely do. Once a cryptographic association # established with a peer marked with the 'nodenets' flag, it overrides # whatever decisions made both with this option and the point number. # # Possible values are 'none', 'some' (we serve only 0x00 and 0xFF) and # 'all' (we serve all the three). # #nodenets none