diff options
-rw-r--r-- | CMakeLists.txt | 5 | ||||
-rw-r--r-- | config.h.in | 5 | ||||
-rw-r--r-- | src/options.c | 12 | ||||
-rw-r--r-- | src/options.def.h | 14 |
4 files changed, 36 insertions, 0 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index de04693..b260f77 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -71,6 +71,11 @@ set(USE_PKTINFO ${LINUX}) set(WITH_CAPABILITIES ${LINUX} CACHE BOOL "Include support for POSIX capabilities") +set(WITH_CMDLINE_USER TRUE CACHE BOOL "Include support for setting user/group related options on the command line") +set(WITH_CMDLINE_LOGGING TRUE CACHE BOOL "Include support for setting logging related options on the command line") +set(WITH_CMDLINE_OPERATION TRUE CACHE BOOL "Include support for setting options related to the VPN operation (like mode, interface, encryption method) on the command line") +set(WITH_CMDLINE_COMMANDS TRUE CACHE BOOL "Include support for setting handler scripts (e.g. --on-up) on the command line") + if(WITH_CAPABILITIES) find_package(CAP REQUIRED) diff --git a/config.h.in b/config.h.in index 5f41bde..676a180 100644 --- a/config.h.in +++ b/config.h.in @@ -38,6 +38,11 @@ #cmakedefine WITH_CAPABILITIES +#cmakedefine WITH_CMDLINE_USER +#cmakedefine WITH_CMDLINE_LOGGING +#cmakedefine WITH_CMDLINE_OPERATION +#cmakedefine WITH_CMDLINE_COMMANDS + #cmakedefine USE_CRYPTO_AES128CTR #cmakedefine USE_CRYPTO_GHASH diff --git a/src/options.c b/src/options.c index fe5b05f..3cd3017 100644 --- a/src/options.c +++ b/src/options.c @@ -97,6 +97,8 @@ static void option_config_peer_dir(fastd_context_t *ctx, fastd_config_t *conf, c } +#ifdef WITH_CMDLINE_USER + static void option_user(fastd_context_t *ctx, fastd_config_t *conf, const char *arg) { free(conf->user); conf->user = strdup(arg); @@ -107,6 +109,9 @@ static void option_group(fastd_context_t *ctx, fastd_config_t *conf, const char conf->group = strdup(arg); } +#endif + +#ifdef WITH_CMDLINE_LOGGING static int parse_log_level(fastd_context_t *ctx, const char *arg) { if (!strcmp(arg, "fatal")) @@ -146,6 +151,9 @@ static void option_hide_mac_addresses(fastd_context_t *ctx, fastd_config_t *conf conf->hide_mac_addresses = true; } +#endif + +#ifdef WITH_CMDLINE_OPERATION static void option_mode(fastd_context_t *ctx, fastd_config_t *conf, const char *arg) { if (!strcmp(arg, "tap")) @@ -245,6 +253,9 @@ static void option_forward(fastd_context_t *ctx, fastd_config_t *conf) { conf->forward = true; } +#endif + +#ifdef WITH_CMDLINE_COMMANDS static void option_on_pre_up(fastd_context_t *ctx, fastd_config_t *conf, const char *arg) { free(conf->on_pre_up); @@ -302,6 +313,7 @@ static void option_on_verify(fastd_context_t *ctx, fastd_config_t *conf, const c conf->on_verify_dir = get_current_dir_name(); } +#endif static void option_generate_key(fastd_context_t *ctx, fastd_config_t *conf) { conf->generate_key = true; diff --git a/src/options.def.h b/src/options.def.h index 73ce1c5..159a328 100644 --- a/src/options.def.h +++ b/src/options.def.h @@ -3,19 +3,28 @@ OPTION(version, "--version" OR "-v", "Shows the fastd version"); OPTION(option_daemon, "--daemon" OR "-d", "Runs fastd in the background"); OPTION_ARG(option_pid_file, "--pid-file", "<filename>", "Writes fastd's PID to the specified file"); SEPARATOR; + OPTION_ARG(option_config, "--config" OR "-c", "<filename>", "Loads a config file"); OPTION_ARG(option_config_peer, "--config-peer", "<filename>", "Loads a config file for a single peer"); OPTION_ARG(option_config_peer_dir, "--config-peer-dir", "<dir>", "Loads all files from a directory as peer configs"); SEPARATOR; + +#ifdef WITH_CMDLINE_USER OPTION_ARG(option_user, "--user", "<user>", "Sets the user to run fastd as"); OPTION_ARG(option_group, "--group", "<group>", "Sets the group to run fastd as"); SEPARATOR; +#endif + +#ifdef WITH_CMDLINE_LOGGING OPTION_ARG(option_log_level, "--log-level", "error|warn|info|verbose|debug", "Sets the stderr log level; default is info, if no alternative log destination is configured"); OPTION_ARG(option_syslog_level, "--syslog-level", "error|warn|info|verbose|debug", "Sets the log level for syslog output; default is not to use syslog"); OPTION_ARG(option_syslog_ident, "--syslog-ident", "<ident>", "Sets the syslog identification; default is 'fastd'"); OPTION(option_hide_ip_addresses, "--hide-ip-addresses", "Hides IP addresses in log output"); OPTION(option_hide_mac_addresses, "--hide-mac-addresses", "Hides MAC addresses in log output"); SEPARATOR; +#endif + +#ifdef WITH_CMDLINE_OPERATION OPTION_ARG(option_mode, "--mode" OR "-m", "tap|tun", "Sets the mode of the interface"); OPTION_ARG(option_interface, "--interface" OR "-i", "<name>", "Sets the name of the TUN/TAP interface to use"); OPTION_ARG(option_mtu, "--mtu" OR "-M", "<mtu>", "Sets the MTU; must be at least 576"); @@ -24,6 +33,9 @@ OPTION_ARG(option_protocol, "--protocol" OR "-p", "<protocol>", "Sets the protoc OPTION_ARG(option_method, "--method", "<method>", "Sets the encryption method"); OPTION(option_forward, "--forward", "Enables forwarding of packets between peers; read the documentation before use!"); SEPARATOR; +#endif + +#ifdef WITH_CMDLINE_COMMANDS OPTION_ARG(option_on_pre_up, "--on-pre-up", "<command>", "Sets a shell command to execute before interface creation"); OPTION_ARG(option_on_up, "--on-up", "<command>", "Sets a shell command to execute after interface creation"); OPTION_ARG(option_on_down, "--on-down", "<command>", "Sets a shell command to execute before interface destruction"); @@ -32,6 +44,8 @@ OPTION_ARG(option_on_establish, "--on-establish", "<command>", "Sets a shell com OPTION_ARG(option_on_disestablish, "--on-disestablish", "<command>", "Sets a shell command to execute when a connection is lost"); OPTION_ARG(option_on_verify, "--on-verify", "<command>", "Sets a shell command to execute to check a connection attempt by an unknown peer"); SEPARATOR; +#endif + OPTION(option_generate_key, "--generate-key", "Generates a new keypair"); OPTION(option_show_key, "--show-key", "Shows the public key corresponding to the configured secret"); OPTION(option_machine_readable, "--machine-readable", "Suppresses output of explaining text in the --show-key and --generate-key commands"); |