Changes between Version 18 and Version 19 of Openvpn23ManPage
- Timestamp:
- 05/10/16 07:19:49 (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Openvpn23ManPage
v18 v19 1676 1676 parameter, i.e. the UDP packet size after encapsulation 1677 1677 overhead has been added in, but not including 1678 the UDP header itself. 1678 the UDP header itself. Resulting packet would be at most 28 1679 bytes larger for IPv4 and 48 bytes for IPv6 (20/40 bytes for IP 1680 header and 8 bytes for UDP header). Default value of 1450 allows 1681 IPv4 packets to be transmitted over a link with MTU 1473 or higher 1682 without IP level fragmentation. 1679 1683 <P> 1680 1684 The … … 2611 2615 are executed after the chroot operation. 2612 2616 <P> 2613 Note: if OpenVPN is built using the PolarSSL SSL 2614 library, 2615 <B>--chroot</B> 2616 2617 will only work if a /dev/urandom device node is available 2618 inside the chroot directory 2617 Note: The SSL library will probably need /dev/urandom to be available inside 2618 the chroot directory 2619 2619 <B>dir.</B> 2620 2620 2621 This is due to the way PolarSSL works (it wants to open2622 /dev/urandom every time randomness is needed, not just once 2623 at startup) and nothing OpenVPN can influence.2621 This is because SSL libraries occasionally need to collect fresh random. Newer 2622 linux kernels and some BSDs implement a getrandom() or getentropy() syscall 2623 that removes the need for /dev/urandom to be available. 2624 2624 2625 2625 <DT><B>--setcon context</B> … … 5550 5550 <P> 5551 5551 The default for --tls-cipher is to use PolarSSL's default cipher list 5552 when using PolarSSL or "DEFAULT:!EXP:!PSK:!SRP:!kRSA" when using OpenSSL. 5552 when using PolarSSL or "DEFAULT:!EXP:!LOW:!MEDIUM:!PSK:!SRP:!kRSA" when using 5553 OpenSSL. 5553 5554 5554 5555 <DT><B>--tls-timeout n</B> … … 6669 6670 Windows Filtering Platform (WFP) and works on Windows Vista or 6670 6671 later. 6672 <P> 6673 This option is considered unknown on non-Windows platforms 6674 and unsupported on Windows XP, resulting in fatal error. 6675 You may want to use 6676 <B>--setenv opt</B> 6677 6678 or 6679 <B>--ignore-unknown-option</B> 6680 6681 (not suitable for Windows XP) to ignore said error. 6682 Note that pushing unknown options from server does not trigger 6683 fatal errors. 6671 6684 6672 6685 <DT><B>--dhcp-renew</B> … … 8530 8543 <A HREF="/man/man2html">man2html</A>, 8531 8544 using the manual pages.<BR> 8532 Time: 12:35:03 GMT, January 04, 20168545 Time: 07:18:23 GMT, May 10, 2016 8533 8546 }}}