summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CMakeLists.txt5
-rw-r--r--config.h.in5
-rw-r--r--src/options.c12
-rw-r--r--src/options.def.h14
4 files changed, 36 insertions, 0 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt
index de04693..b260f77 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -71,6 +71,11 @@ set(USE_PKTINFO ${LINUX})
set(WITH_CAPABILITIES ${LINUX} CACHE BOOL "Include support for POSIX capabilities")
+set(WITH_CMDLINE_USER TRUE CACHE BOOL "Include support for setting user/group related options on the command line")
+set(WITH_CMDLINE_LOGGING TRUE CACHE BOOL "Include support for setting logging related options on the command line")
+set(WITH_CMDLINE_OPERATION TRUE CACHE BOOL "Include support for setting options related to the VPN operation (like mode, interface, encryption method) on the command line")
+set(WITH_CMDLINE_COMMANDS TRUE CACHE BOOL "Include support for setting handler scripts (e.g. --on-up) on the command line")
+
if(WITH_CAPABILITIES)
find_package(CAP REQUIRED)
diff --git a/config.h.in b/config.h.in
index 5f41bde..676a180 100644
--- a/config.h.in
+++ b/config.h.in
@@ -38,6 +38,11 @@
#cmakedefine WITH_CAPABILITIES
+#cmakedefine WITH_CMDLINE_USER
+#cmakedefine WITH_CMDLINE_LOGGING
+#cmakedefine WITH_CMDLINE_OPERATION
+#cmakedefine WITH_CMDLINE_COMMANDS
+
#cmakedefine USE_CRYPTO_AES128CTR
#cmakedefine USE_CRYPTO_GHASH
diff --git a/src/options.c b/src/options.c
index fe5b05f..3cd3017 100644
--- a/src/options.c
+++ b/src/options.c
@@ -97,6 +97,8 @@ static void option_config_peer_dir(fastd_context_t *ctx, fastd_config_t *conf, c
}
+#ifdef WITH_CMDLINE_USER
+
static void option_user(fastd_context_t *ctx, fastd_config_t *conf, const char *arg) {
free(conf->user);
conf->user = strdup(arg);
@@ -107,6 +109,9 @@ static void option_group(fastd_context_t *ctx, fastd_config_t *conf, const char
conf->group = strdup(arg);
}
+#endif
+
+#ifdef WITH_CMDLINE_LOGGING
static int parse_log_level(fastd_context_t *ctx, const char *arg) {
if (!strcmp(arg, "fatal"))
@@ -146,6 +151,9 @@ static void option_hide_mac_addresses(fastd_context_t *ctx, fastd_config_t *conf
conf->hide_mac_addresses = true;
}
+#endif
+
+#ifdef WITH_CMDLINE_OPERATION
static void option_mode(fastd_context_t *ctx, fastd_config_t *conf, const char *arg) {
if (!strcmp(arg, "tap"))
@@ -245,6 +253,9 @@ static void option_forward(fastd_context_t *ctx, fastd_config_t *conf) {
conf->forward = true;
}
+#endif
+
+#ifdef WITH_CMDLINE_COMMANDS
static void option_on_pre_up(fastd_context_t *ctx, fastd_config_t *conf, const char *arg) {
free(conf->on_pre_up);
@@ -302,6 +313,7 @@ static void option_on_verify(fastd_context_t *ctx, fastd_config_t *conf, const c
conf->on_verify_dir = get_current_dir_name();
}
+#endif
static void option_generate_key(fastd_context_t *ctx, fastd_config_t *conf) {
conf->generate_key = true;
diff --git a/src/options.def.h b/src/options.def.h
index 73ce1c5..159a328 100644
--- a/src/options.def.h
+++ b/src/options.def.h
@@ -3,19 +3,28 @@ OPTION(version, "--version" OR "-v", "Shows the fastd version");
OPTION(option_daemon, "--daemon" OR "-d", "Runs fastd in the background");
OPTION_ARG(option_pid_file, "--pid-file", "<filename>", "Writes fastd's PID to the specified file");
SEPARATOR;
+
OPTION_ARG(option_config, "--config" OR "-c", "<filename>", "Loads a config file");
OPTION_ARG(option_config_peer, "--config-peer", "<filename>", "Loads a config file for a single peer");
OPTION_ARG(option_config_peer_dir, "--config-peer-dir", "<dir>", "Loads all files from a directory as peer configs");
SEPARATOR;
+
+#ifdef WITH_CMDLINE_USER
OPTION_ARG(option_user, "--user", "<user>", "Sets the user to run fastd as");
OPTION_ARG(option_group, "--group", "<group>", "Sets the group to run fastd as");
SEPARATOR;
+#endif
+
+#ifdef WITH_CMDLINE_LOGGING
OPTION_ARG(option_log_level, "--log-level", "error|warn|info|verbose|debug", "Sets the stderr log level; default is info, if no alternative log destination is configured");
OPTION_ARG(option_syslog_level, "--syslog-level", "error|warn|info|verbose|debug", "Sets the log level for syslog output; default is not to use syslog");
OPTION_ARG(option_syslog_ident, "--syslog-ident", "<ident>", "Sets the syslog identification; default is 'fastd'");
OPTION(option_hide_ip_addresses, "--hide-ip-addresses", "Hides IP addresses in log output");
OPTION(option_hide_mac_addresses, "--hide-mac-addresses", "Hides MAC addresses in log output");
SEPARATOR;
+#endif
+
+#ifdef WITH_CMDLINE_OPERATION
OPTION_ARG(option_mode, "--mode" OR "-m", "tap|tun", "Sets the mode of the interface");
OPTION_ARG(option_interface, "--interface" OR "-i", "<name>", "Sets the name of the TUN/TAP interface to use");
OPTION_ARG(option_mtu, "--mtu" OR "-M", "<mtu>", "Sets the MTU; must be at least 576");
@@ -24,6 +33,9 @@ OPTION_ARG(option_protocol, "--protocol" OR "-p", "<protocol>", "Sets the protoc
OPTION_ARG(option_method, "--method", "<method>", "Sets the encryption method");
OPTION(option_forward, "--forward", "Enables forwarding of packets between peers; read the documentation before use!");
SEPARATOR;
+#endif
+
+#ifdef WITH_CMDLINE_COMMANDS
OPTION_ARG(option_on_pre_up, "--on-pre-up", "<command>", "Sets a shell command to execute before interface creation");
OPTION_ARG(option_on_up, "--on-up", "<command>", "Sets a shell command to execute after interface creation");
OPTION_ARG(option_on_down, "--on-down", "<command>", "Sets a shell command to execute before interface destruction");
@@ -32,6 +44,8 @@ OPTION_ARG(option_on_establish, "--on-establish", "<command>", "Sets a shell com
OPTION_ARG(option_on_disestablish, "--on-disestablish", "<command>", "Sets a shell command to execute when a connection is lost");
OPTION_ARG(option_on_verify, "--on-verify", "<command>", "Sets a shell command to execute to check a connection attempt by an unknown peer");
SEPARATOR;
+#endif
+
OPTION(option_generate_key, "--generate-key", "Generates a new keypair");
OPTION(option_show_key, "--show-key", "Shows the public key corresponding to the configured secret");
OPTION(option_machine_readable, "--machine-readable", "Suppresses output of explaining text in the --show-key and --generate-key commands");