Lines Matching +full:on +full:- +full:resistance

4 wg - set and retrieve configuration of WireGuard interfaces
29 utility provides a series of sub-commands for changing WireGuard-specific
34 Sub-commands that take an INTERFACE must be passed a WireGuard interface.
39-key\fP | \fIprivate-key\fP | \fIlisten-port\fP | \fIfwmark\fP | \fIpeers\fP | \fIpreshared-keys\f…
46 newlines and tabs, meant to be used in scripts. For this script-friendly display,
49 the first contains in order separated by tab: private-key, public-key, listen-port,
51 by tab: public-key, preshared-key, endpoint, allowed-ips, latest-handshake,
52 transfer-rx, transfer-tx, persistent-keepalive.
58-port\fP \fI<port>\fP] [\fIfwmark\fP \fI<fwmark>\fP] [\fIprivate-key\fP \fI<file-path>\fP] [\fIpee…
61 for a peer, that peer is removed, not configured. If \fIlisten-port\fP
63 interface comes up. Both \fIprivate-key\fP and \fIpreshared-key\fP must
64 be files, because command line arguments are not considered private on
67 you may safely pass in a string by specifying as \fIprivate-key\fP or
68 \fIpreshared-key\fP the expression: <(echo PRIVATEKEYSTRING). If
70 either \fIprivate-key\fP or \fIpreshared-key\fP, the key is removed from
71 the device. The use of \fIpreshared-key\fP is optional, and may be omitted;
72 it adds an additional layer of symmetric-key cryptography to be mixed into
73 the already existing public-key cryptography, for post-quantum resistance.
74 If \fIallowed-ips\fP is specified, but the value is the empty string, all
75 allowed ips are removed from the peer. By default, \fIallowed-ips\fP replaces
76 a peer's allowed ips. If + or - is prepended to any of the ips then
78 allowed ips if not present while ips prefixed with '-' are removed if present.
79 The use of \fIpersistent-keepalive\fP
88 0 or "off" disables it. Otherwise it is a 32-bit fwmark for outgoing packets
91 \fBsetconf\fP \fI<interface>\fP \fI<configuration-filename>\fP
93 \fI<configuration-filename>\fP, which must be in the format described
96 \fBaddconf\fP \fI<interface>\fP \fI<configuration-filename>\fP
97 Appends the contents of \fI<configuration-filename>\fP, which must
101 \fBsyncconf\fP \fI<interface>\fP \fI<configuration-filename>\fP
106 \fI<configuration-filename>\fP must be in the format described by
120 \fIgenkey\fP) given in base64 on standard input.
132 The configuration file format is based on \fIINI\fP. There are two top level sections
133 -- \fIInterface\fP and \fIPeer\fP. Multiple \fIPeer\fP sections may be specified, but
141 ListenPort \(em a 16-bit port for listening. Optional; if not specified, chosen
144 FwMark \(em a 32-bit fwmark for outgoing packets. If set to 0 or "off", this
154 and may be omitted. This option adds an additional layer of symmetric-key
155 cryptography to be mixed into the already existing public-key cryptography,
156 for post-quantum resistance.
158 AllowedIPs \(em a comma-separated list of IP (v4 or v6) addresses with
160 which outgoing traffic for this peer is directed. The catch-all
180 INI-like syntax. Characters after and including a '#' are considered comments and
220 …mes it is useful to have information on the current runtime state of a tunnel. When using the Linu…
228 on a per-interface basis by using
241 If set to \fInever\fP, then the pretty-printing \fBshow\fP sub-command will show private and presha…
244 … resolution for each peer's endpoint will be retried that many times for non-permanent errors, wit…
259 For updates and more information, a project page is available on the