diff --git a/.gitignore b/.gitignore index f15df37..14e7412 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ +ndppd.conf ndppd *.o diff --git a/ndppd.conf b/ndppd.conf deleted file mode 100644 index f1a1226..0000000 --- a/ndppd.conf +++ /dev/null @@ -1,7 +0,0 @@ -proxy eth1 { - rule 2a01::/8 { - iface = eth0 - } -} - - diff --git a/ndppd.conf.example b/ndppd.conf.example new file mode 100644 index 0000000..84c7c15 --- /dev/null +++ b/ndppd.conf.example @@ -0,0 +1,52 @@ +# proxy +# This sets up a listener, that will listen for any Neighbor Solicitation +# messages, and respond to them according to a set of rules (see below). +# is required. + +# You may have several 'proxy' sections. + +proxy eth0 { + + # router = + # This option turns on or off the router flag for Neighbor Advertisement + # messages. Default value is 'true'. + + router = yes + + # timeout = + # Controls how long to wait for a Neighbor Advertisment message before + # invalidating the entry, in milliseconds. Default value is '500'. + + timeout = 500 + + # ttl = + # Controls how long a valid or invalid entry remains in the cache, in + # milliseconds. Default value is '30000' (30 seconds). + + ttl = 30000 + + # rule [/] + # This is a rule that the target address is to match against. If no netmask + # is provided, /128 is assumed. You may have several rule sections, and the + # addresses may or may not overlap. + + rule 1111:: { + + # iface = + # By setting this option, ndppd will forward the Neighbor Solicitation + # message to this interface and wait for a response. Only if a client + # responds with a Neighbor Advertisement message will the proxy respond. + + # Note that if you do not provide an interface, this rule will match + # and immediately send a response through the proxy. It's recommended + # that you use the "iface" option as much as possible. + + # Using a prefix <= /120 without an interface will trigger a notice. + + iface = eth1 + } + + rule 1111::1/96 { + iface = eth2 + } +}