From 7ecc26f664e7a31d2981e990289739c88495ea33 Mon Sep 17 00:00:00 2001 From: Michael Kerrisk Date: Wed, 15 Jun 2005 13:26:36 +0000 Subject: [PATCH] Various wording and foratting fixes --- man7/ip.7 | 131 ++++++++++++++++++++++++++++++++---------------------- 1 file changed, 78 insertions(+), 53 deletions(-) diff --git a/man7/ip.7 b/man7/ip.7 index e18b2e91d..21ac3ba32 100644 --- a/man7/ip.7 +++ b/man7/ip.7 @@ -647,65 +647,18 @@ supports the sysctl interface to configure some global options. The sysctls can be accessed by reading or writing the .B /proc/sys/net/ipv4/* files or using the +.\" FIXME As at 2.6.12, 14 Jun 2005, the following are undocumented: +.\" ip_queue_maxlen +.\" ip_conntrack_max .BR sysctl (2) interface. .\" .TP -.B ip_default_ttl -Set the default time-to-live value of outgoing packets. This can be changed -per socket with the -.I IP_TTL -option. -.\" -.TP -.B ip_forward -Enable IP forwarding with a boolean flag. IP forwarding can be also set on a -per interface basis. -.\" -.TP -.B ip_dynaddr -Enable dynamic socket address and masquerading entry rewriting on interface -address change. This is useful for dialup interface with changing IP addresses. -0 means no rewriting, 1 turns it on and 2 enables verbose mode. -.\" -.TP -.B ip_autoconfig -Not documented. -.\" -.TP -.B ip_local_port_range -Contains two integers that define the default local port range allocated to -sockets. Allocation starts with the first number and ends with the second number. -Note that these should not conflict with the ports used by masquerading (although -the case is handled). Also arbitary choices may cause problems with some -firewall packet filters that make assumptions about the local ports in use. -First number should be at least >1024, better >4096 to avoid clashes with well -known ports and to minimize firewall problems. -.\" -.TP -.B ip_no_pmtu_disc -If enabled, don't do Path MTU Discovery for TCP sockets by default. Path MTU -discovery may fail if misconfigured firewalls (that drop all ICMP packets) or -misconfigured interfaces (e.g., a point-to-point link where the both ends don't -agree on the MTU) are on the path. It is better to fix the broken routers on -the path than to turn off Path MTU Discovery globally, because not doing it -incurs a high cost to the network. -.\" -.TP -.BR ipfrag_high_thresh ", " ipfrag_low_thresh -If the amount of queued IP fragments reaches -.BR ipfrag_high_thresh , -the queue -is pruned down to -.BR ipfrag_low_thresh . -Contains an integer with the number of -bytes. -.TP -.B ip_always_defrag -[New with Kernel 2.2.13; in earlier kernel version the feature was controlled +.B ip_always_defrag " (Boolean)" +[New with kernel 2.2.13; in earlier kernel version the feature was controlled at compile time by the .B CONFIG_IP_ALWAYS_DEFRAG -option] +option; this file is not present in 2.4.x and later] When this boolean frag is enabled (not equal 0) incoming fragments (parts of IP packets @@ -722,6 +675,78 @@ also has a large memory and CPU time cost. This is automagically turned on when masquerading or transparent proxying are configured. +.\" +.TP +.B ip_autoconfig +.\" FIXME: +Not documented. +.\" +.TP +.BR ip_default_ttl " (integer; default: 64)" +Set the default time-to-live value of outgoing packets. This can be changed +per socket with the +.I IP_TTL +option. +.\" +.TP +.BR ip_dynaddr " (Boolean; default: disabled)" +Enable dynamic socket address and masquerading entry rewriting on interface +address change. This is useful for dialup interface with changing IP addresses. +0 means no rewriting, 1 turns it on and 2 enables verbose mode. +.\" +.TP +.BR ip_forward " (Boolean; default: disabled)" +Enable IP forwarding with a boolean flag. IP forwarding can be also set on a +per interface basis. +.\" +.TP +.BR ip_local_port_range +Contains two integers that define the default local port range +allocated to sockets. +Allocation starts with the first number and ends with the second number. +Note that these should not conflict with the ports used by masquerading +(although the case is handled). +Also arbitary choices may cause problems with some firewall packet +filters that make assumptions about the local ports in use. +First number should be at least >1024, better >4096 to avoid clashes +with well known ports and to minimize firewall problems. +.\" +.TP +.BR ip_no_pmtu_disc " (Boolean; default: disabled)" +If enabled, don't do Path MTU Discovery for TCP sockets by default. +Path MTU discovery may fail if misconfigured firewalls (that drop +all ICMP packets) or misconfigured interfaces (e.g., a point-to-point +link where the both ends don't agree on the MTU) are on the path. +It is better to fix the broken routers on the path than to turn off +Path MTU Discovery globally, because not doing it incurs a high cost +to the network. +.\" +.\" The following is from 2.6.12: Doumentation/networking/ip-sysctl.txt +.TP +.BR ip_nonlocal_bind " (Boolean; default: disabled)" +If set, allows processes to bind() to non-local IP addresses, +which can be quite useful - but may break some applications. +.\" +.\" The following is from 2.6.12: Doumentation/networking/ip-sysctl.txt +.TP +.BR ip6frag_time " (integer; default 30)" +Time in seconds to keep an IPv6 fragment in memory. +.\" +.\" The following is from 2.6.12: Doumentation/networking/ip-sysctl.txt +.TP +.BR ip6frag_secret_interval " (integer; default 600)" +Regeneration interval (in seconds) of the hash secret (or lifetime +for the hash secret) for IPv6 fragments. +Default: 600 +.TP +.BR ipfrag_high_thresh " (integer), " ipfrag_low_thresh " (integer)" +If the amount of queued IP fragments reaches +.BR ipfrag_high_thresh , +the queue +is pruned down to +.BR ipfrag_low_thresh . +Contains an integer with the number of +bytes. .TP .B neigh/* See