Radix cross Linux

The main Radix cross Linux repository contains the build scripts of packages, which have the most complete and common functionality for desktop machines

452 Commits   2 Branches   1 Tag
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
radix/system/trunk/net/openvpn/2.5.2/conf/radix.conf 
Index: radix.conf
===================================================================
--- radix.conf	(nonexistent)
+++ radix.conf	(revision 5)
@@ -0,0 +1,178 @@
+# openvpn.conf.sample
+#
+# This is a sample configuration file for OpenVPN.
+# Not all options are listed here; you can find good documentation 
+# about all of the options in OpenVPN's manual page - openvpn(8).
+#
+# You can make a P-t-P connection by creating a shared key, 
+# copying this key to other hosts in your network, and changing
+# the IP addresses in this file.
+#
+# Commented options are provided for some typical configurations 
+
+# Change the "search" path to /etc/openvpn
+# All files referenced in this configuration will be relative to 
+# whatever directory is specified here - we default to /etc/openvpn 
+cd /etc/openvpn
+
+# If running as a server, which local IP address should OpenVPN
+# listen on? Specify this as either a hostname or IP address. If
+# this is left blank, OpenVPN will default to listening on all
+# interfaces.
+#local a.b.c.d
+
+# This option defines the IP or DNS name of the other side of your VPN
+# connection.  This option is needed if you are making client or P-t-P 
+# connections.  If you are the server, use "local" instead.  This may
+# be specified as a domain name or IP address.
+#remote vpn.server.org
+
+# This option defins the protocol to use.  Valid options are:
+# udp, tcp-server, or tcp-client.  Default is udp, and generally
+# speaking, tcp is a bad idea.
+proto udp
+
+# This option defines the port on which your server will be listening 
+# or trying to connect. The default is 1194
+port 1194
+
+# This option defines whether to use LZO compression. 
+# If enabled, it must be enabled at both ends of the VPN connection. 
+#comp-lzo
+
+# Debug level (default 1)
+#verb 3
+
+# VPN logfile location
+# If you don't specify a location here, logging will be done through
+# syslogd and write to /var/log/messages
+log-append /var/log/openvpn.log
+
+# If you want to use OpenVPN as a daemon, uncomment this line.
+# Generally speaking, servers should run OpenVPN as a daemon
+# and clients should not.
+#daemon
+
+# Device type to use, you can choose between tun or tap. 
+# TUN is the most common option. If you have multiple connections, 
+# it is a good idea to bind each connection to a separate TUN/TAP 
+# interface using tunX/tapX, where X is the number of each interface.
+dev tun
+
+# This option prevents OpenVPN from closing and re-opening the tun/tap 
+# device every time it receives a SIGUSR1 signal
+#persist-tun
+
+# This is similar to the previous option, but it prevents OpenVPN from
+# re-reading the key files every time
+#persist-key
+
+# If you are using a client-server architecture, you need to specify the 
+# role of your computer in your VPN network.  To use one of these options,
+# you need to configure TLS options too.
+#
+# To use the "server" option, you must specify a network subnet such
+# as 172.16.1.0 255.255.255.0.  The first number is the network, the
+# second is the netmask.  OpenVPN will take the first available IP
+# for itself (in our example, 172.16.1.1) and the rest will be
+# given to connecting clients dynamically.
+#
+# Leave these commented out if you are using OpenVPN in bridging mode.
+#
+#server 10.1.2.0 255.255.255.0
+#client
+
+# This option defines a file with IP address to client mapping. 
+# This is useful in general, and necessary if clients use persist-tun.
+#ifconfig-pool-persist ips.txt
+
+# Enable this option if you want clients connected to this VPN to be
+# able to talk directly to each other
+#client-to-client
+
+# This option defines the directory in which configuration files for clients 
+# will reside.  With individual files you can make each client get different 
+# options using "push" parameters
+#client-config-dir ccd
+
+# If you are using P-t-P, you need to specify the IP addresses at both ends 
+# of your VPN connection.  The IP addresses are reversed at the other side.
+#
+# You can use this to specify client IP addresses in ccd files (on server) 
+# or directly in client configuration
+#ifconfig 10.1.2.1 10.1.2.2
+
+# You can set routes to specific networks. In the sample below, "vpn_gateway"
+# is an internal OpenVPN alias to your VPN gateway - leave it as is.
+# This will enable you to talk with the networks behind your VPN server. 
+# Multiple routes can be specified.
+#
+# +------------+ <eth>-<tun>               <tun>-<eth> +------------+
+# |  Network1  |---| VPN1 |--[10.1.2.0/24]--| VPN2 |---|  Network2  |
+# +------------+   +------+                 +------+   +------------+
+# 192.168.0.0/24                                       192.168.2.0/24
+#
+# The sample below shows how VPN1 server can reach Network2
+#route 192.168.2.0 255.255.255.0 vpn_gateway
+
+# You can send clients many network configuration options using the 
+# "push" directive and sending commands.
+# Multiple "push" directives can be used.  You should only put global
+# "push" directives here.  You can "push" different options to
+# different clients in per-client configuration files.  See
+# "client-config-dir" above.
+#
+# Using the same network configuration that you see above, the route statment 
+# here allows VPN2 to reach Network1 
+#push "route-delay 2 600"
+#push "route 192.168.2.0 255.255.255.0 vpn_gateway"
+#push "persist-key"
+
+# This option sets the encryption algorithm to use in the VPN connection.
+# Available options are:
+# DES-CBC, RC2-CBC, DES-EDE-CBC,  DES-EDE3-CBC, 
+# DESX-CBC, BF-CBC, RC2-40-CBC, CAST5-CBC, 
+# RC2-64-CBC, AES-128-CBC, AES-192-CBC and AES-256-CBC
+cipher BF-CBC
+
+# Shared Key Connection
+# ---------------------
+# Secret is one shared key between the hosts that want to connect through VPNs.
+# Without secret or TLS options, your data will not be encrypted.
+# 
+# To generate an encryption key do:
+#   openvpn --genkey --secret /etc/openvpn/keys/shared.key
+#
+# Do the above on one host and copy it to the others
+secret keys/shared.key
+
+# TLS Connections
+# ---------------
+# TLS must be used if you use option "server" or "client"
+# The basic idea there is: You have one Certificate Authority, and all 
+# machines in your VPN network need to have individual certificates and 
+# keys signed by Certificate Authority.  This means each client can
+# have its own key, making it easier to revoke a key without copying
+# a shared secret key to every client.
+#
+# Inside the /usr/doc/openvpn-$VERSION documentation directory, you can
+# find "easy-rsa" scripts to make certificate and key management easier.
+
+# Certificate Authority file 
+# This file must be identical on all hosts that connect to your VPN
+#ca certs/ca.crt
+
+# If you are the server, you need to specify some Diffie Hellman parameters. 
+# OpenVPN provides some sample .pem files in documentation directory
+#dh my-dh.pem
+
+# Certificate and Key signed by Certificate Authority
+# Each machine needs to have their own unique certificate
+#cert certs/machine.cert
+#key keys/machine.key
+
+# To prevent some DoS attacks we can add another authentication layer in the
+# TLS control channel.  This needs to be enabled at both ends to work
+# client uses the value 1; server uses the value 0
+#tls-auth keys/shared.key 0
+
cSvn-ui 0.1.5
Subversion 1.14.2
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.