diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-07-01 04:08:29 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-07-01 04:08:29 +0200 |
commit | abb1128785fc8e0602820acc95fc0fa370508a84 (patch) | |
tree | e2d0d02152de40d83f3816a44add49c67ae79050 /src | |
parent | Readme: the documentation moved to .io (diff) | |
download | wireguard-tools-abb1128785fc8e0602820acc95fc0fa370508a84.tar.xz wireguard-tools-abb1128785fc8e0602820acc95fc0fa370508a84.zip |
wg.8: wording tweaks
Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/wg.8 | 12 |
1 files changed, 7 insertions, 5 deletions
@@ -55,7 +55,8 @@ Sets configuration values for the specified \fI<interface>\fP. Multiple for a peer, that peer is removed, not configured. If \fIlisten-port\fP is not specified, the port will be automatically generated when the interface comes up. Both \fIprivate-key\fP and \fIpreshared-key\fP must -be a files, for security reasons, but if you're using +be a files, because command line arguments are not considered private on +most systems but if you are using .BR bash (1), you may safely pass in a string by specifying as \fIprivate-key\fP or \fIpreshared-key\fP the expression: <(echo PRIVATEKEYSTRING). If @@ -124,11 +125,12 @@ private key, and usually transmitted out of band to the author of the configuration file. Required. .IP \(bu AllowedIPs \(em a comma-separated list of IP (v4 or v6) addresses with -CIDR masks. The catch-all \fI0.0.0.0/0\fP may be specified for matching -all IPv4 addresses, and \fI::/0\fP may be specified for matching all -IPv6 addresses. Required. +CIDR masks from which this peer is allowed to send incoming traffic and +to which outgoing traffic for this peer is directed. The catch-all +\fI0.0.0.0/0\fP may be specified for matching all IPv4 addresses, and +\fI::/0\fP may be specified for matching all IPv6 addresses. Required. .IP \(bu -Endpoint \(em an endpoint IP or hostname, followed by a comma, and then a +Endpoint \(em an endpoint IP or hostname, followed by a colon, and then a port number. Optional. .SH CONFIGURATION FILE FORMAT EXAMPLE |