uml switch2 manual | |||
| NAME
uml_switch2 - virtual network switch for user-mode-linux SYNOPSIS uml_switch2 [-d] configuration_file DESCRIPTION Creates virtual networking for user-mode-linux instances according to configuration file. -d Debug program, increase debugging level. configuration_file File with commands for uml_switch2. The configuration file can contain comments (starting with ♯ and ending at the line end) strings (between " characters) and \ to protect the next character. Commands start at the beginning of a new line and may have a optional argument. Currently the following commands are implemented: tap device Add a connection to the host network using the tap device. Useful arguments are tap0, tap1, etc. Your host must contain support for TUN/TAP-devices (e.g. the module tun must be loaded before). tapupcmd cmd and tapdncmd cmd Either you use preconfigured tap-devices (see the corresponding section on the user-mode-linux homepage) or define commands, that will be executed after the tap-device is created or before it is destroyed again. Useful commands on a debian-box are ifup tap0 and ifdown tap0. socket name This command creates the unix domain socket for the user-mode-linux instances. The suggested name is /tmp/uml.ctl, otherways you need a special configuration of your user-mode-linux instances. uml_switch2 only supports the uml_switch-protocol version 3. sockowner passwd-entry Change the ownership of the control socket to the corresponding unix user. port number Port number to listen for connections from uml_switches running on other hosts (and defining the port used for sending packets to other hosts). The program enforces some kind of security by only accecpting packets originating from the same port as it listens. By using a port number below 1024 you can be sure, that the network packets from the remote host came from a program with root-privileges. remote hostname Hostname or IP-address of remote hosts to send broadcast ethernet packets. pidfile file Create a lockfile containing the process-id of the running process. A useful filename might be "/var/run/uml_switch2.pid". logfile file Log all messages to this file. A good place could be "/var/log/uml_switch2.log". hub Act as a hub instead of a switch. debug Increase debugging level by one. nodebug Stop writing any messages on standard out (except severe error messages). fork Should be the last command in the configuration file. Start polling for network packets on the virtual switch. Has the effect of converting the program to a daemon. wait Should be the last command in the configuration file. Start polling for packets without forking. SIGNALS The following signals are recognized: SIGTERM Terminate daemon. SIGUSR1 Increase debuglevel. SIGUSR2 Set debuglevel to zero. SIGHUP Reopen logfile (not yet tested). SECURITY Depending on the configuration, any user on your network can send arbitrary network packets using the udp-port of the uml_switch2. If you configure uml_switch2 to use a port below 1024, then only root-users can do this. There are maybe other security flaws. Here is some more reasoning. BUGS Maybe. The program works for me (TM). Your mileage may vary. I've not yet tried all options I programmed. | |||
|