mdoc(7) police: tidy up the markup.
This commit is contained in:
parent
6bfa982817
commit
4880e93660
@ -34,7 +34,7 @@
|
||||
.Nm
|
||||
.Op Fl v
|
||||
.Ar ifname
|
||||
.Op Ar parameter Ns Op \&= Ns Ar value
|
||||
.Op Ar parameter Ns Op Li = Ns Ar value
|
||||
.Op Ar ...
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
@ -43,7 +43,8 @@ driver might require a number of additional arguments or optional
|
||||
parameters besides the settings that can be adjusted with
|
||||
.Xr ifconfig 8 .
|
||||
These are things like authentication protocol parameters, but also
|
||||
other tunable configuration variables. The
|
||||
other tunable configuration variables.
|
||||
The
|
||||
.Nm
|
||||
utility can be used to display the current settings, or adjust these
|
||||
parameters as required.
|
||||
@ -53,7 +54,8 @@ For whatever intent
|
||||
is being called, at least the parameter
|
||||
.Ar ifname
|
||||
needs to be specified, naming the interface for which the settings
|
||||
are to be performed or displayed. Use
|
||||
are to be performed or displayed.
|
||||
Use
|
||||
.Xr ifconfig 8 ,
|
||||
or
|
||||
.Xr netstat 1
|
||||
@ -63,7 +65,8 @@ If no other parameter is given,
|
||||
.Nm
|
||||
will just list the current settings for
|
||||
.Ar ifname
|
||||
and exit. The reported settings include the current PPP phase the
|
||||
and exit.
|
||||
The reported settings include the current PPP phase the
|
||||
interface is in, which can be one of the names
|
||||
.Em dead ,
|
||||
.Em establish ,
|
||||
@ -74,19 +77,22 @@ or
|
||||
If an authentication protocol is configured for the interface, the
|
||||
name of the protocol to be used, as well as the system name to be used
|
||||
or expected will be displayed, plus any possible options to the
|
||||
authentication protocol if applicable. Note that the authentication
|
||||
authentication protocol if applicable.
|
||||
Note that the authentication
|
||||
secrets (sometimes also called
|
||||
.Em keys )
|
||||
are not being returned by the underlying system call, and are thus not
|
||||
displayed.
|
||||
.Pp
|
||||
If any additional parameter is supplied, superuser privileges are
|
||||
required, and the command works in
|
||||
.Ql set
|
||||
mode. This is normally done quietly, unless the option
|
||||
required, and the command works in the
|
||||
.Dq set
|
||||
mode.
|
||||
This is normally done quietly, unless the option
|
||||
.Fl v
|
||||
is also enabled, which will cause a final printout of the settings as
|
||||
described above once all other actions have been taken. Use of this
|
||||
described above once all other actions have been taken.
|
||||
Use of this
|
||||
mode will be rejected if the interface is currently in any other phase
|
||||
than
|
||||
.Em dead .
|
||||
@ -95,91 +101,107 @@ Note that you can force an interface into
|
||||
phase by calling
|
||||
.Xr ifconfig 8
|
||||
with the parameter
|
||||
.Ql down .
|
||||
.Cm down .
|
||||
.Pp
|
||||
The currently supported parameters include:
|
||||
.Bl -tag -offset indent -width indent
|
||||
.It Ar authproto Ns \&= Ns Em protoname
|
||||
.It Va authproto Ns Li = Ns Ar protoname
|
||||
Set both, his and my authentication protocol to
|
||||
.Em protoname .
|
||||
.Ar protoname .
|
||||
The protocol name can be one of
|
||||
.Ql chap ,
|
||||
.Ql pap ,
|
||||
.Dq Li chap ,
|
||||
.Dq Li pap ,
|
||||
or
|
||||
.Ql none .
|
||||
.Dq Li none .
|
||||
In the latter case, the use of an authentication protocol will be
|
||||
turned off for the named interface. This has the side-effect of
|
||||
turned off for the named interface.
|
||||
This has the side-effect of
|
||||
clearing the other authentication-related parameters for this
|
||||
interface as well (i.e. system name and authentication secret will
|
||||
be forgotten).
|
||||
.It Ar myauthproto Ns \&= Ns Em protoname
|
||||
.It Va myauthproto Ns Li = Ns Ar protoname
|
||||
Same as above, but only for my end of the link.
|
||||
I.e. this is the
|
||||
protocol when remote is authenticator, and I am the peer required to
|
||||
authenticate.
|
||||
.It Ar hisauthproto Ns \&= Ns Em protoname
|
||||
.It Va hisauthproto Ns Li = Ns Ar protoname
|
||||
Same as above, but only for his end of the link.
|
||||
.It Ar myauthname Ns \&= Ns Em name
|
||||
.It Va myauthname Ns Li = Ns Ar name
|
||||
Set my system name for the authentication protocol.
|
||||
.It Ar hisauthname Ns \&= Ns Em name
|
||||
Set his system name for the authentication protocol. For CHAP, this
|
||||
.It Va hisauthname Ns Li = Ns Ar name
|
||||
Set his system name for the authentication protocol.
|
||||
For CHAP, this
|
||||
will only be used as a hint, causing a warning message if remote did
|
||||
supply a different name. For PAP, it's the name remote must use to
|
||||
supply a different name.
|
||||
For PAP, it's the name remote must use to
|
||||
authenticate himself (in connection with his secret).
|
||||
.It Ar myauthsecret Ns \&= Ns Em secret
|
||||
.It Va myauthsecret Ns Li = Ns Ar secret
|
||||
Set my secret (key, password) for use in the authentication phase.
|
||||
For CHAP, this will be used to compute the response hash value, based
|
||||
on remote's challenge. For PAP, it will be transmitted as plain text
|
||||
together with the system name. Don't forget to quote the secrets from
|
||||
on remote's challenge.
|
||||
For PAP, it will be transmitted as plain text
|
||||
together with the system name.
|
||||
Don't forget to quote the secrets from
|
||||
the shell if they contain shell metacharacters (or white space).
|
||||
.It Ar myauthkey Ns \&= Ns Em secret
|
||||
.It Va myauthkey Ns Li = Ns Ar secret
|
||||
Same as above.
|
||||
.It Ar hisauthsecret Ns \&= Ns Em secret
|
||||
Same as above, to be used if we are authenticator and the remote peer
|
||||
.It Va hisauthsecret Ns Li = Ns Ar secret
|
||||
Same as above, to be used if we are an authenticator and the remote peer
|
||||
needs to authenticate.
|
||||
.It Ar hisauthkey Ns \&= Ns Em secret
|
||||
.It Va hisauthkey Ns Li = Ns Va secret
|
||||
Same as above.
|
||||
.It Ar callin
|
||||
.It Va callin
|
||||
Require remote to authenticate himself only when he's calling in, but
|
||||
not when we are caller. This is required for some peers that do not
|
||||
not when we are caller.
|
||||
This is required for some peers that do not
|
||||
implement the authentication protocols symmetrically (like Ascend
|
||||
routers, for example).
|
||||
.It Ar always
|
||||
.It Va always
|
||||
The opposite of
|
||||
.Ar callin .
|
||||
.Va callin .
|
||||
Require remote to always authenticate, regardless of which side is
|
||||
placing the call. This is the default, and will not be explicitly
|
||||
displayed in
|
||||
.Ql list
|
||||
placing the call.
|
||||
This is the default, and will not be explicitly
|
||||
displayed in the
|
||||
.Dq list
|
||||
mode.
|
||||
.It Ar norechallenge
|
||||
Only meaningful with CHAP. Do not re-challenge peer once the initial
|
||||
CHAP handshake was successful. Used to work around broken peer
|
||||
.It Va norechallenge
|
||||
Only meaningful with CHAP.
|
||||
Do not re-challenge peer once the initial
|
||||
CHAP handshake was successful.
|
||||
Used to work around broken peer
|
||||
implementations that can't grok being re-challenged once the
|
||||
connection is up.
|
||||
.It Ar rechallenge
|
||||
With CHAP, send re-challenges at random intervals while the connection
|
||||
is in network phase. (The intervals are currently in the range of 300
|
||||
through approximately 800 seconds.) This is the default, and will not
|
||||
be explicitly displayed in
|
||||
.Ql list
|
||||
is in network phase.
|
||||
(The intervals are currently in the range of 300
|
||||
through approximately 800 seconds.)
|
||||
This is the default, and will not
|
||||
be explicitly displayed in the
|
||||
.Dq list
|
||||
mode.
|
||||
.It Ar lcp-timeout Ns \&= Ns Em timeout-value
|
||||
Allows to change the value of the LCP restart timer. Values are
|
||||
specified in milliseconds. The value must be between 10 and 20000 ms,
|
||||
.It Va lcp-timeout Ns Li = Ns Ar timeout-value
|
||||
Allows to change the value of the LCP restart timer.
|
||||
Values are
|
||||
specified in milliseconds.
|
||||
The value must be between 10 and 20000 ms,
|
||||
defaulting to 3000 ms.
|
||||
.It Ar enable-vj
|
||||
Enable negotiation of Van Jacobsen header compression. (Enabled by default.)
|
||||
.It Ar disable-vj
|
||||
.It Va enable-vj
|
||||
Enable negotiation of Van Jacobsen header compression.
|
||||
(Enabled by default.)
|
||||
.It Va disable-vj
|
||||
Disable negotiation of Van Jacobsen header compression.
|
||||
.It Ar enable-ipv6
|
||||
Enable negotiation of the IPv6 network control protocol. (Enabled by
|
||||
default if the kernel has IPv6 enabled.)
|
||||
.It Ar disable-ipv6
|
||||
Disable negotiation of the IPv6 network control protocol. Since every
|
||||
.It Va enable-ipv6
|
||||
Enable negotiation of the IPv6 network control protocol.
|
||||
(Enabled by default if the kernel has IPv6 enabled.)
|
||||
.It Va disable-ipv6
|
||||
Disable negotiation of the IPv6 network control protocol.
|
||||
Since every
|
||||
IPv4 interface in an IPv6-enabled kernel automatically gets an IPv6
|
||||
address assigned, this option provides for a way to administratively
|
||||
prevent the link from attempting to negotiate IPv6. Note that
|
||||
prevent the link from attempting to negotiate IPv6.
|
||||
Note that
|
||||
initialization of an IPv6 interface causes a multicast packet to be
|
||||
sent, which can cause unwanted traffic costs (for dial-on-demand
|
||||
interfaces).
|
||||
@ -195,18 +217,21 @@ bppp0: phase=dead
|
||||
enable-ipv6
|
||||
.Ed
|
||||
.Pp
|
||||
Display the settings for bppp0. The interface is currently in
|
||||
Display the settings for
|
||||
.Li bppp0 .
|
||||
The interface is currently in
|
||||
.Em dead
|
||||
phase, i.e. the LCP layer is down, and no traffic is possible. Both
|
||||
phase, i.e. the LCP layer is down, and no traffic is possible.
|
||||
Both
|
||||
ends of the connection use the CHAP protocol, my end tells remote the
|
||||
system name
|
||||
.Ql uriah ,
|
||||
.Dq Li uriah ,
|
||||
and remote is expected to authenticate by the name
|
||||
.Ql ifb-gw .
|
||||
.Dq Li ifb-gw .
|
||||
Once the initial CHAP handshake was successful, no further CHAP
|
||||
challenges will be transmitted. There are supposedly some known CHAP
|
||||
challenges will be transmitted.
|
||||
There are supposedly some known CHAP
|
||||
secrets for both ends of the link which are not being shown.
|
||||
.Pp
|
||||
.Bd -literal
|
||||
# spppcontrol bppp0 \e
|
||||
authproto=chap \e
|
||||
|
Loading…
x
Reference in New Issue
Block a user