DESCRIPTION

Generic options:

-h [ --help ]

Produce help message.

-v [ --version ]

Get the program version.

-d [ --debug ]

Enables debug output.

-t [ --threads ] arg (=0)

The number of threads to use.

-c [ --configuration_file ] arg The configuration file to use.

FreeLAN Server options:

--server.enabled arg (=no)

Whether to enable the server mechanism.

--server.listen_on arg (=0.0.0.0:443) The endpoint to listen on.

--server.protocol arg (=https)

The protocol to use for clients to contact the server.

--server.server_certificate_file arg (="")

The server certificate file.

--server.server_private_key_file arg (="")

The server private key file.

--server.certification_authority_certificate_file arg (="")

The certification authority certificate file.

--server.certification_authority_private_key_file arg (="")

The certification authority private key file.

--server.authentication_script arg (="")

The authentication script to use.

FreeLAN Client options:

--client.enabled arg (=no)

Whether to enable the client mechanism.

--client.server_endpoint arg (=127.0.0.1:443)

The endpoint to connect to.

--client.protocol arg (=https)

The protocol to use to contact the server.

--client.disable_peer_verification arg (=no)

Whether to disable peer verification.

--client.disable_host_verification arg (=no)

Whether to disable host verification.

--client.username arg

The client username.

--client.password arg

The client password.

--client.public_endpoint arg

A hostname or IP address to advertise.

FreeLAN Secure Channel Protocol (FSCP) options:

--fscp.hostname_resolution_protocol arg (=ipv4)

The hostname resolution protocol to use.

--fscp.listen_on arg (=0.0.0.0:12000) The endpoint to listen on.

--fscp.listen_on_device arg

The endpoint to listen on.

--fscp.hello_timeout arg (=3000)

The default timeout for HELLO messages, in milliseconds.

--fscp.contact arg

The address of an host to contact.

--fscp.accept_contact_requests arg (=yes)

Whether to accept CONTACT-REQUEST messages.

--fscp.accept_contacts arg (=yes)

Whether to accept CONTACT messages.

--fscp.dynamic_contact_file arg

The certificate of an host to dynamically contact.

--fscp.never_contact arg

A network address to avoid when dynamically contacting hosts.

--fscp.cipher_suite_capability arg

A cipher suite to allow.

--fscp.elliptic_curve_capability arg

A elliptic curve to allow.

Security options:

--security.passphrase arg

A passphrase to generate the pre - shared key from.

--security.passphrase_salt arg (=freelan)

The salt to use during the pre-shared key derivation.

--security.passphrase_iterations_count arg (=2000)

The number of iterations to use during the pre-shared key derivation.

--security.signature_certificate_file arg

The certificate file to use for signing.

--security.signature_private_key_file arg

The private key file to use for signing.

--security.certificate_validation_method arg (=default)

The certificate validation method.

--security.certificate_validation_script arg (="")

The certificate validation script to use.

--security.authority_certificate_file arg

An authority certificate file to use.

--security.certificate_revocation_validation_method arg (=none)

The certificate revocation validation method.

--security.certificate_revocation_list_file arg

A certificate revocation list file to use.

Tap adapter options:

--tap_adapter.type arg (=tap)

The TAP adapter type.

--tap_adapter.enabled arg (=yes)

Whether to enable the tap adapter.

--tap_adapter.name arg

The name of the tap adapter to use or create.

--tap_adapter.mtu arg (=auto)

The MTU of the tap adapter.

--tap_adapter.mss_override arg (=auto)

The MSS override.

--tap_adapter.metric arg (=auto)

The metric of the tap adapter.

--tap_adapter.ipv4_address_prefix_length arg

The tap adapter IPv4 address and prefix length.

--tap_adapter.ipv6_address_prefix_length arg

The tap adapter IPv6 address and prefix length.

--tap_adapter.remote_ipv4_address arg The tap adapter IPv4 remote address.

--tap_adapter.arp_proxy_enabled arg (=0)

Whether to enable the ARP proxy.

--tap_adapter.arp_proxy_fake_ethernet_address arg (=00:aa:bb:cc:dd:ee)

The ARP proxy fake ethernet address.

--tap_adapter.dhcp_proxy_enabled arg (=1)

Whether to enable the DHCP proxy.

--tap_adapter.dhcp_server_ipv4_address_prefix_length arg (=9.0.0.0/24)

The DHCP proxy server IPv4 address and prefix length.

--tap_adapter.dhcp_server_ipv6_address_prefix_length arg (=fe80::/10)

The DHCP proxy server IPv6 address and prefix length.

--tap_adapter.up_script arg (="")

The tap adapter up script.

--tap_adapter.down_script arg (="")

The tap adapter down script.

Switch options:

--switch.routing_method arg (=switch) The routing method for messages.

--switch.relay_mode_enabled arg (=no) Whether to enable the relay mode.

Router options:

--router.local_ip_route arg

A route to advertise to the other peers.

--router.local_dns_server arg

A DNS server to advertise to the other peers.

--router.client_routing_enabled arg (=yes)

Whether to enable client routing.

--router.accept_routes_requests arg (=yes)

Whether to accept routes requests.

--router.internal_route_acceptance_policy arg (=unicast_in_network)

The internal route acceptance policy.

--router.system_route_acceptance_policy arg (=none)

The system route acceptance policy.

--router.maximum_routes_limit arg (=1)

The maximum count of routes to accept for a given host.

--router.dns_servers_acceptance_policy arg (=in_network)

The DNS servers acceptance policy.

--router.dns_script arg (="")

The DNS script.

Daemon:

-f [ --foreground ]

Do not run as a daemon.

-s [ --syslog ]

Alwats log to syslog (useful when running with --foreground on OSX with launchd).

-p [ --pid_file ] arg A pid file to use.

Miscellaneous:

--nocolor

Disable color output.