diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-02-22 21:45:03 +0100 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-02-23 07:09:49 +0100 |
commit | d4edc7baa8be10488b681fd329b2480ac6dc7f0e (patch) | |
tree | e0b1d0ebd8646753469f31d815a6ab44087ebf22 /src/wg.8 | |
parent | wg-quick: allow config files without trailing newline (diff) | |
download | wireguard-tools-d4edc7baa8be10488b681fd329b2480ac6dc7f0e.tar.xz wireguard-tools-d4edc7baa8be10488b681fd329b2480ac6dc7f0e.zip |
wg: give "off" value for fwmark
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to '')
-rw-r--r-- | src/wg.8 | 9 |
1 files changed, 6 insertions, 3 deletions
@@ -67,14 +67,16 @@ it adds an additional layer of symmetric-key cryptography to be mixed into the already existing public-key cryptography, for post-quantum resistance. If \fIallowed-ips\fP is specified, but the value is the empty string, all allowed ips are removed from the peer. The use of \fIpersistent-keepalive\fP -is optional and is by default off; setting it to 0 or "off", disables it. +is optional and is by default off; setting it to 0 or "off" disables it. Otherwise it represents, in seconds, between 1 and 65535 inclusive, how often to send an authenticated empty packet to the peer, for the purpose of keeping a stateful firewall or NAT mapping valid persistently. For example, if the interface very rarely sends traffic, but it might at anytime receive traffic from a peer, and it is behind NAT, the interface might benefit from having a persistent keepalive interval of 25 seconds; however, most users will not need -this. +this. The use of \fIfwmark\fP is optional and is by default off; setting it to +0 or "off" disables it. Otherwise it is a 32-bit fwmark for outgoing packets +and may be specified in hexadecimal by prepending "0x". .TP \fBsetconf\fP \fI<interface>\fP \fI<configuration-filename>\fP Sets the current configuration of \fI<interface>\fP to the contents of @@ -126,7 +128,8 @@ for post-quantum resistance. ListenPort \(em a 16-bit port for listening. Optional; if not specified, chosen randomly. .IP \(bu -FwMark \(em a 32-bit fwmark for outgoing packets. Optional. +FwMark \(em a 32-bit fwmark for outgoing packets. If set to 0 or "off", this +option is disabled. May be specified in hexadecimal by prepending "0x". Optional. .P The \fIPeer\fP sections may contain the following fields: .IP \(bu |