From c3c9fef22fa6e4657c3fc862bad365b440ee2305 Mon Sep 17 00:00:00 2001 From: Nils Gillmann Date: Fri, 4 May 2018 19:57:38 +0000 Subject: Follow-up commit to format most of the other man pages code. Signed-off-by: Nils Gillmann --- doc/man/gnunet-nat-server.1 | 43 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 34 insertions(+), 9 deletions(-) (limited to 'doc/man/gnunet-nat-server.1') diff --git a/doc/man/gnunet-nat-server.1 b/doc/man/gnunet-nat-server.1 index dcf856e1c..3d79d5bc5 100644 --- a/doc/man/gnunet-nat-server.1 +++ b/doc/man/gnunet-nat-server.1 @@ -11,15 +11,40 @@ gnunet\-nat\-server \- help GNUnet setup test network setup with NAT .SH DESCRIPTION -Normal GNUnet end-users should not concern themselves with gnunet\-nat\-server. In fact, distributions are encouraged to consider not shipping it at all. Running gnunet\-nat\-server's is similar to running hostlist servers: it is a special service to the community with special requirements and no benefit to those running the service. - -This program will listen on the specified PORT for incoming requests to test a peer's network connectivity. Incoming requests can ask it to connect to a given IPv4 address (and port) using TCP or UDP and to send a 2-byte test message using the specified address. The program can also be asked to send a "fake" ICMP response message to a given IPv4 address (for autonomous NAT traversal \-\-\- see the description in the respective research paper). - -The idea is that gnunet\-nat\-server will be run on some trusted hosts with unrestricted connectivity to allow GNUnet users to test their network configuration. As written, the code allows any user on the Internet to cause the gnunet\-nat\-server to send 2-bytes of arbitrary data to any TCP or UDP port at any address. We believe that this is generally harmless. - -When running gnunet\-nat\-server, make sure to use a configuration that disables most NAT options but enables 'enable_nat_client' and sets 'internal_address' to the global IP address of your local host. Also, the gnunet\-helper\-nat\-client should be installed locally and run with root privileges (SUID), otherwise the gnunet\-nat\-server will not work properly. - -Note that gnunet\-nat\-server could be run via gnunet\-arm but typically is not. Also, the name of the host and port that gnunet\-nat\-server is run on should be specified in the NATSERVER option in the [setup] section of the configuration file of hosts that are supposed to autoconfigure with this server. +Normal GNUnet end-users should not concern themselves with +gnunet\-nat\-server. In fact, distributions are encouraged to +consider not shipping it at all. Running gnunet\-nat\-server's is +similar to running hostlist servers: it is a special service to the +community with special requirements and no benefit to those running +the service. + +This program will listen on the specified PORT for incoming requests +to test a peer's network connectivity. Incoming requests can ask it +to connect to a given IPv4 address (and port) using TCP or UDP and to +send a 2-byte test message using the specified address. The program +can also be asked to send a "fake" ICMP response message to a given +IPv4 address (for autonomous NAT traversal \-\-\- see the description +in the respective research paper). + +The idea is that gnunet\-nat\-server will be run on some trusted hosts +with unrestricted connectivity to allow GNUnet users to test their +network configuration. As written, the code allows any user on the +Internet to cause the gnunet\-nat\-server to send 2-bytes of arbitrary +data to any TCP or UDP port at any address. We believe that this is +generally harmless. + +When running gnunet\-nat\-server, make sure to use a configuration +that disables most NAT options but enables 'enable_nat_client' and +sets 'internal_address' to the global IP address of your local host. +Also, the gnunet\-helper\-nat\-client should be installed locally and +run with root privileges (SUID), otherwise the gnunet\-nat\-server +will not work properly. + +Note that gnunet\-nat\-server could be run via gnunet\-arm but +typically is not. Also, the name of the host and port that +gnunet\-nat\-server is run on should be specified in the NATSERVER +option in the [setup] section of the configuration file of hosts that +are supposed to autoconfigure with this server. .SH OPTIONS -- cgit v1.2.3