aports/testing/quicktun/quicktun.conf

# To run multiple quicktun instances, copy this file to /etc/quicktun/example.conf,
# create a symlink /etc/init.d/quicktun.example -> quicktun
# and initialize the tunnel by issuing: rc-service quicktun.example start

# interface name
#export INTERFACE=

# set to 1 to operate in tun (IP), unset or 0 (recent versions only) for tap (Ethernet) mode
#export TUN_MODE=0

# set to 1 to include packet information header in wire packets, must be set on both sides if
# used; set to 2 to automatically add the packet information header for cross-platform compatibility
# (also compatible with USE_PI=0), some (BSD) kernels need USE_PI to be enabled for IPv6 support
#export USE_PI=0

# IP address or hostname of the remote end (use 0.0.0.0 for a floating/dynamic remote endpoint)
#export REMOTE_ADDRESS=0.0.0.0

# IP address or hostname of the local end, optional
#export LOCAL_ADDRESS=

# local UDP port, optional, defaults to 2998
#export LOCAL_PORT=2998

# remote UDP port, optional, defaults to LOCAL_PORT
#export REMOTE_PORT=${LOCAL_PORT}

# allows the remote address and port to change when properly encrypted packets are received
#export REMOTE_FLOAT=

# run specified command or script after the tunnel device has been opened
#export TUN_UP_SCRIPT=

# drop privileges and change user and group IDs to specified username after setting up the tunnel
export SETUID=quicktun

# nacl0, nacltai and salty (encrypted) protocols only:
#export PRIVATE_KEY= # local secret key in hexadecimal form (not needed for raw protocol)
#export PUBLIC_KEY= # remote public key in hexadecimal form (not needed for raw protocol)
#export PRIVATE_KEY_FILE= # file containing local secret key in binary or hexadecimal form (not needed for raw protocol)

# nacltai (encrypted) protocol only:
# allowed time window for first received packet in seconds (positive number allows packets from history)
#export TIME_WINDOW=

# the protocol to use, one of "raw", "nacl0" and "nacltai"
#export PROTOCOL=raw