deactivated option for ld_kdr

cleanup at options parser and manpage

1 files changed, 49 insertions, 59 deletions

diff --git a/doc/uanytun.8.txt b/doc/uanytun.8.txt
index bb58f87..dc1b934 100644
--- a/doc/uanytun.8.txt
+++ b/doc/uanytun.8.txt
@@ -17,22 +17,21 @@ SYNOPSIS
 [ *-P|--write-pid* <filename> ]
 [ *-i|--interface* <ip-address> ]
 [ *-p|--port* <port> ]
+[ *-s|--sender-id* <sender id> ]
 [ *-r|--remote-host* <hostname|ip> ]
 [ *-o|--remote-port* <port> ]
 [ *-d|--dev* <name> ]
 [ *-t|--type* <tun|tap> ]
 [ *-n|--ifconfig* <local> <remote|netmask> ]
 [ *-x|--post-up-script* <script> ]
-[ *-s|--sender-id* <sender id> ]
-[ *-w|--window-size* <window size> ]
 [ *-m|--mux* <mux-id> ]
-[ *-c|--cipher* <cipher type> ]
-[ *-a|--auth-algo* <algo type> ]
+[ *-w|--window-size* <window size> ]
 [ *-k|--kd-prf* <kd-prf type> ]
-[ *-l|--ld-kdr* <ld-kdr> ]
 [ *-E|--passphrase <pass phrase> ]
 [ *-K|--key* <master key> ]
 [ *-A|--salt* <master salt> ]
+[ *-c|--cipher* <cipher type> ]
+[ *-a|--auth-algo* <algo type> ]
 
 DESCRIPTION
 -----------
@@ -97,6 +96,15 @@ The local UDP port that is used to send and receive the
 payload data. The two tunnel endpoints can use different
 ports. default: 4444
 
+-s|--sender-id  <sender id>
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Each anycast tunnel endpoint needs a uniqe sender id
+(1, 2, 3, ...). It is needed to distinguish the senders
+in case of replay attacks. As *uAnytun* does not support 
+synchronisation it can't be used as an anycast endpoint therefore 
+this option is quite useless. default: 0
+
 -r|--remote-host <hostname|ip>
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -143,13 +151,14 @@ tunnels, tun for IP tunnels.
 *<remote|netmask>* the remote IP address (tun) or netmask (tap)
 
 In tap/Ethernet tunnel mode:
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 The local IP address and subnet mask of the tunnel
 interface, in ifconfig style. The remote tunnel endpoint
 has to use a different IP address in the same subnet.
 
 In tun/IP tunnel mode:
+^^^^^^^^^^^^^^^^^^^^^^
 
 The local IP address of the tunnel interface and the
 IP address of the tunnel interface on the remote tunnel
@@ -161,14 +170,10 @@ endpoint.
 This option instructs *uAnytun* to run this script after the interface 
 is created. By default no script will be executed.
 
--s|--sender-id  <sender id>
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
+-m|--mux <mux-id>
+~~~~~~~~~~~~~~~~~
 
-Each anycast tunnel endpoint needs a uniqe sender id
-(1, 2, 3, ...). It is needed to distinguish the senders
-in case of replay attacks. As *uAnytun* does not support 
-synchronisation it can't be used as an anycast endpoint therefore 
-this option is quite useless. default: 0
+the multiplex id to use. default: 0
 
 -w|--window-size <window size>
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -187,41 +192,6 @@ by filtering packets according to their secuence number.
 By default the sequence window is disabled and therefore a
 window size of 0 is used.
 
--m|--mux <mux-id>
-~~~~~~~~~~~~~~~~~
-
-the multiplex id to use. default: 0
-
--c|--cipher <cipher type>
-~~~~~~~~~~~~~~~~~~~~~~~~~
-
-payload encryption algorithm
-
-Encryption algorithm used for encrypting the payload
-
-Possible values:
-
-* *null* - no encryption
-* *aes-ctr* - AES in counter mode with 128 Bits, default value
-* *aes-ctr-128* - AES in counter mode with 128 Bits
-* *aes-ctr-192* - AES in counter mode with 192 Bits
-* *aes-ctr-256* - AES in counter mode with 256 Bits
-
--a|--auth-algo <algo type>
-~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-message authentication algorithm
-
-This option sets the message authentication algorithm.
-
-Possible values:
-
-* *null* - no message authentication
-* *sha1* - HMAC-SHA1, default value
-
-If HMAC-SHA1 is used, the packet length is increased by
-10 bytes. These 10 bytes contain the authentication data.
-
 -k|--kd--prf <kd-prf type>
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -238,17 +208,6 @@ Possible values:
 * *aes-ctr-192* - AES in counter mode with 192 Bits
 * *aes-ctr-256* - AES in counter mode with 256 Bits
 
--l|--ld-kdr <ld-kdr>
-~~~~~~~~~~~~~~~~~~~~
-
-The log2 of the key derivation rate. This is used by the key
-derivation to determine how ofen a new session key has to be
-generated. A value of -1 means to generate only one key and use
-it forever. The default is 0 which means to calculate a new key
-for every packet. A value of 1 would tell the key derivation
-to generate a new key after 2 packets, for 2 its 4 packets and 
-so on.
-
 -E|--passphrase <pass phrase>
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -276,6 +235,37 @@ Master salt in hexadecimal notation, eg
 01a2b3c4d5e6f708a9b0cadbecfd, with a mandatory length
 of 28 characters (14 bytes).
 
+-c|--cipher <cipher type>
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+payload encryption algorithm
+
+Encryption algorithm used for encrypting the payload
+
+Possible values:
+
+* *null* - no encryption
+* *aes-ctr* - AES in counter mode with 128 Bits, default value
+* *aes-ctr-128* - AES in counter mode with 128 Bits
+* *aes-ctr-192* - AES in counter mode with 192 Bits
+* *aes-ctr-256* - AES in counter mode with 256 Bits
+
+-a|--auth-algo <algo type>
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+message authentication algorithm
+
+This option sets the message authentication algorithm.
+
+Possible values:
+
+* *null* - no message authentication
+* *sha1* - HMAC-SHA1, default value
+
+If HMAC-SHA1 is used, the packet length is increased by
+10 bytes. These 10 bytes contain the authentication data.
+
+
 EXAMPLES
 --------