added man page

2 files changed, 316 insertions, 0 deletions

diff --git a/doc/Makefile b/doc/Makefile
new file mode 100644
index 0000000..3e24531
--- /dev/null
+++ b/doc/Makefile
@@ -0,0 +1,43 @@
+##
+##  ľAnytun
+##
+##  ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+##  featured implementation ľAnytun has no support for multiple connections
+##  or synchronisation. It is a small single threaded implementation intended
+##  to act as a client on small platforms.
+##  The secure anycast tunneling protocol (satp) defines a protocol used
+##  for communication between any combination of unicast and anycast
+##  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
+##  mode and allows tunneling of every ETHER TYPE protocol (e.g.
+##  ethernet, ip, arp ...). satp directly includes cryptography and
+##  message authentication based on the methodes used by SRTP.  It is
+##  intended to deliver a generic, scaleable and secure solution for
+##  tunneling and relaying of packets of any protocol.
+##  
+##
+##  Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+##
+##  This file is part of ľAnytun.
+##
+##  ľAnytun is free software: you can redistribute it and/or modify
+##  it under the terms of the GNU General Public License version 3 as
+##  published by the Free Software Foundation.
+##
+##  ľAnytun is distributed in the hope that it will be useful,
+##  but WITHOUT ANY WARRANTY; without even the implied warranty of
+##  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+##  GNU General Public License for more details.
+##
+##  You should have received a copy of the GNU General Public License
+##  along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+##
+
+all: manpage
+
+uanytun.8: uanytun.8.txt
+	a2x -f manpage uanytun.8.txt
+
+manpage: uanytun.8
+
+clean:
+	rm -f uanytun.8 uanytun.8.xml
diff --git a/doc/uanytun.8.txt b/doc/uanytun.8.txt
new file mode 100644
index 0000000..9b134ff
--- /dev/null
+++ b/doc/uanytun.8.txt
@@ -0,0 +1,273 @@
+uanytun(8)
+==========
+
+NAME
+----
+uanytun - micro anycast tunneling daemon
+
+SYNOPSIS
+--------
+
+*uanytun*
+[ *-h|--help* ]
+[ *-D|--nodaemonize* ]
+[ *-C|--chroot* ]
+[ *-u|--username* <username> ]
+[ *-H|--chroot-dir* <directory> ]
+[ *-P|--write-pid* <filename> ]
+[ *-i|--interface* <ip-address> ]
+[ *-p|--port* <port> ]
+[ *-r|--remote-host* <hostname|ip> ]
+[ *-o|--remote-port* <port> ]
+[ *-d|--dev* <name> ]
+[ *-t|--type* <tun|tap> ]
+[ *-n|--ifconfig* <local> <remote|netmask> ]
+[ *-x|--post-up-script* <script> ]
+[ *-s|--sender-id* <sender id> ]
+[ *-w|--window-size* <window size> ]
+[ *-m|--mux* <mux-id> ]
+[ *-c|--cipher* <cipher type> ]
+[ *-a|--auth-algo* <algo type> ]
+[ *-K|--key* <master key> ]
+[ *-A|--salt* <master salt> ]
+
+DESCRIPTION
+-----------
+
+*uAnytun* is a tiny implementation of the Secure Anycast Tunneling Protocol
+(SATP). It provides a complete VPN solution similar to OpenVPN or
+IPsec in tunnel mode. The main difference is that anycast enables the
+setup of tunnels between an arbitrary combination of anycast, unicast
+and multicast hosts. Unlike Anytun which is a full featured implementation 
+uAnytun has no support for multiple connections or synchronisation. It is a 
+small single threaded implementation intended to act as a client on small 
+platforms.
+
+OPTIONS
+-------
+
+*uAnytun* has been designed as a peer to peer application, so there is
+no difference between client and server. The following options can be
+passed to the daemon:
+
+-D|--nodaemonize
+~~~~~~~~~~~~~~~~
+
+This option instructs *uAnytun* to run in the foreground
+instead of becoming a daemon which is the default.
+
+-C|--chroot
+~~~~~~~~~~~
+
+Instruct *uAnytun* to run in a chroot chail and drop privileges. The 
+default is not to run in chroot.
+
+-u|--username <username>
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+if chroot change to this user. default: nobody
+
+-H|--chroot-dir <directory>
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+chroot to this directory. default: /var/run/uanytun
+
+-P|--write-pid <filename>
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Instruct *uAnytun* to write it's pid to this file. The default is 
+not to create a pid file.
+
+-i|--interface <ip address>
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+This IP address is used as the sender address for outgoing
+packets. The default is to not use a special inteface and just
+bind on all interfaces.
+
+-p|--port <port>
+~~~~~~~~~~~~~~~~
+
+local port to bind to
+
+The local UDP port that is used to send and receive the
+payload data. The two tunnel endpoints can use different
+ports. default: 4444
+
+-r|--remote-host <hostname|ip>
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+remote host
+
+This option can be used to specify the remote tunnel
+endpoint. In case of anycast tunnel endpoints, the
+anycast IP address has to be used. If you do not specify
+an address, it is automatically determined after receiving
+the first data packet.
+
+-o|--remote-port <port>
+~~~~~~~~~~~~~~~~~~~~~~~
+
+remote port
+
+The UDP port used for payload data by the remote host
+(specified with -p on the remote host). If you do not specify
+a port, it is automatically determined after receiving
+the first data packet.
+
+-d|--dev <name>
+~~~~~~~~~~~~~~~
+
+device name
+
+By default, tapN is used for Ethernet tunnel interfaces,
+and tunN for IP tunnels, respectively. This option can
+be used to manually override these defaults.
+
+-t|--type <tun|tap>
+~~~~~~~~~~~~~~~~~~~
+
+device type
+
+Type of the tunnels to create. Use tap for Ethernet
+tunnels, tun for IP tunnels.
+
+-n|--ifconfig <local> <remote|netmask>
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+*<local>* the local IP address for the tun/tap device
+
+*<remote|netmask>* the remote IP address (tun) or netmask (tap)
+
+In tap/Ethernet tunnel mode:
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The local IP address and subnet mask of the tunnel
+interface, in ifconfig style. The remote tunnel endpoint
+has to use a different IP address in the same subnet.
+
+In tun/IP tunnel mode:
+
+The local IP address of the tunnel interface and the
+IP address of the tunnel interface on the remote tunnel
+endpoint.
+
+-x|--post-up-script <script>
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+This option instructs *uAnytun* to run this script after the interface 
+is created. By default no script will be executed.
+
+-s|--sender-id  <sender id>
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Each anycast tunnel endpoint needs a uniqe sender id
+(1, 2, 3, ...). It is needed to distinguish the senders
+in case of replay attacks. As *uAnytun* does not support 
+synchronisation it can't be used as an anycast endpoint therefore 
+this option is quite useless. default: 0
+
+-w|--window-size <window size>
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+seqence window size
+
+Sometimes, packets arrive out of order on the receiver
+side. This option defines the size of a list of received
+packets' sequence numbers. If, according to this list,
+a received packet has been previously received or has
+been transmitted in the past, and is therefore not in
+the list anymore, this is interpreted as a replay attack
+and the packet is dropped. A value of 0 deactivates this
+list and, as a consequence, the replay protection employed
+by filtering packets according to their secuence number.
+By default the sequence window is disabled and therefore a
+window size of 0 is used.
+
+-m|--mux <mux-id>
+~~~~~~~~~~~~~~~~~
+
+the multiplex id to use. default: 0
+
+-c|--cipher <cipher type>
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+payload encryption algorithm
+
+Encryption algorithm used for encrypting the payload
+
+Possible values:
+
+* *null* - no encryption
+* *aes-ctr* - AES in counter mode, default value
+
+-a|--auth-algo <algo type>
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+message authentication algorithm
+
+This option sets the message authentication algorithm.
+
+Possible values:
+
+* *null* - no message authentication
+* *sha1* - HMAC-SHA1, default value
+
+
+If HMAC-SHA1 is used, the packet length is increased by
+10 bytes. These 10 bytes contain the authentication data.
+
+-K|--key <master key>
+~~~~~~~~~~~~~~~~~~~~~
+
+master key to use for encryption
+
+Master key in hexadecimal notation, eg
+01a2b3c4d5e6f708a9b0cadbecfd0fa1, with a mandatory length
+of 32 characters (16 bytes).
+
+-A|--salt <master salt>
+~~~~~~~~~~~~~~~~~~~~~~~
+
+master salt to use for encryption
+
+Master salt in hexadecimal notation, eg
+01a2b3c4d5e6f708a9b0cadbecfd, with a mandatory length
+of 28 characters (14 bytes).
+
+EXAMPLES
+--------
+
+One unicast and one anycast tunnel endpoint:
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ 
+Unicast tunnel endpoint:
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+uanytun -r anycast.anytun.org -d anytun0 -t tun -n 192.0.2.2 192.0.2.1 -w 0 -c null
+
+
+BUGS
+----
+Most likely there are some bugs in *uAnytun*. If you find a bug, please let
+the developers know at uanytun@anytun.org. Of course, patches are preferred.
+
+AUTHORS
+-------
+
+Christian Pointner <equinox@anytun.org>
+
+RESOURCES
+---------
+
+Main web site: http://www.anytun.org/
+
+
+COPYING
+-------
+
+Copyright \(C) 2008-2009 Christian Pointner. This  program is  free 
+software; you can redistribute it and/or modify it under the terms 
+of the GNU General Public License version 2 as published by the 
+Free Software Foundation.
+