diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2023-10-19 11:59:19 +0200 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2023-10-19 11:59:19 +0200 |
commit | 858647ab4b2465430800689bda2c2837601c48d1 (patch) | |
tree | 048818f625a501cd3c4fc22c814f4e1717353a22 /src/service/exit/exit.conf | |
parent | 579d9473bb75072303789599b23be9b0203336fc (diff) | |
download | gnunet-858647ab4b2465430800689bda2c2837601c48d1.tar.gz gnunet-858647ab4b2465430800689bda2c2837601c48d1.zip |
BUILD: Move exit/pt to service
Diffstat (limited to 'src/service/exit/exit.conf')
-rw-r--r-- | src/service/exit/exit.conf | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/src/service/exit/exit.conf b/src/service/exit/exit.conf new file mode 100644 index 000000000..829c5bf80 --- /dev/null +++ b/src/service/exit/exit.conf | |||
@@ -0,0 +1,68 @@ | |||
1 | [exit] | ||
2 | BINARY = gnunet-daemon-exit | ||
3 | |||
4 | # IPv6 address for the TUN interface (must be changed as this | ||
5 | # must be within the global IPv6 range of your system!) | ||
6 | IPV6ADDR = 2001:DB8::1 | ||
7 | |||
8 | # Prefix for our IPv6 subnet on the TUN interface. | ||
9 | IPV6PREFIX = 64 | ||
10 | |||
11 | # IPv4 address to use on our TUN interface (may need to be | ||
12 | # changed to avoid conflicts with existing addresses on your system). | ||
13 | # Use RFC 3927-style link-local address | ||
14 | IPV4ADDR = 169.254.86.1 | ||
15 | |||
16 | # Netmask for the IPv4 subnet on the TUN interface. | ||
17 | IPV4MASK = 255.255.255.0 | ||
18 | |||
19 | # IPv4 networks to which we are allowed to exit. | ||
20 | # The format is "(network[/netmask][:[!]SPORT-DPORT];)*" | ||
21 | EXIT_RANGE_IPV4_POLICY = 0.0.0.0/0:!25; | ||
22 | |||
23 | # IPv6 networks to which we are allowed to exit. | ||
24 | # The format is "(network[/netmask][:[!]SPORT-DPORT];)*" | ||
25 | EXIT_RANGE_IPV6_POLICY = ::/0:!25; | ||
26 | |||
27 | # Not a service, tell ARM no binding! | ||
28 | NOARMBIND = YES | ||
29 | |||
30 | # Name of the (virtual) tunnel interface the exit daemon will manage | ||
31 | TUN_IFNAME = exit-gnunet | ||
32 | |||
33 | # Name of the "real" interface that IPv4 traffic from this system will | ||
34 | # leave from; this is the name of the interface where we need to | ||
35 | # enable NAT on postrouting (typically something like 'eth0' or 'eth1' | ||
36 | # or 'wlan0'). Not needed if EXIT_IPv4 is disabled AND if all | ||
37 | # offered services run on 'localhost'. In this case, the value | ||
38 | # of the option can instead be set to "%" (to not enable NAT on any | ||
39 | # interface). | ||
40 | EXIT_IFNAME = eth0 | ||
41 | |||
42 | # Set this to YES to allow exiting this system via IPv4 to the Internet | ||
43 | EXIT_IPV4 = NO | ||
44 | |||
45 | # Set this to YES to allow exiting this system via IPv6 to the Internet | ||
46 | EXIT_IPV6 = NO | ||
47 | |||
48 | # This option should be set to YES to allow the DNS service to | ||
49 | # perform lookups against the locally configured DNS resolver. | ||
50 | # (set to "NO" if no normal ISP is locally available and thus | ||
51 | # requests for normal ".com"/".org"/etc. must be routed via | ||
52 | # the GNUnet VPN (the GNUNET PT daemon then needs to be configured | ||
53 | # to intercept and route DNS queries via cadet). | ||
54 | # Set this to YES to allow using this system for DNS queries. | ||
55 | EXIT_DNS = NO | ||
56 | |||
57 | # Set this to an IPv4 or IPv6 address of a DNS resolver to use for DNS queries | ||
58 | DNS_RESOLVER = 8.8.8.8 | ||
59 | |||
60 | # For IPv4-services offered by this peer, we need to at least enable IPv4 | ||
61 | ENABLE_IPV4 = YES | ||
62 | |||
63 | # For IPv6-services offered by this peer, we need to at least enable IPv6 | ||
64 | ENABLE_IPV6 = YES | ||
65 | |||
66 | |||
67 | # Maximum number of concurrent connections this exit supports. | ||
68 | MAX_CONNECTIONS = 256 | ||