persistent-keepalive: change range to [1,65535]
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
parent
e938263886
commit
822ae991d8
|
@ -193,8 +193,8 @@ static inline bool parse_persistent_keepalive(__u16 *interval, const char *value
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = strtoul(value, &end, 10);
|
ret = strtoul(value, &end, 10);
|
||||||
if (!*value || *value == '-' || *end || (ret && (ret < 10 || ret > 3600))) {
|
if (!*value || *value == '-' || *end || ret > 65535) {
|
||||||
fprintf(stderr, "The persistent keepalive interval must be 0/off or 10-3600. Found: `%s`\n", value);
|
fprintf(stderr, "The persistent keepalive interval must be 0/off or 1-65535. Found: `%s`\n", value);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
4
src/wg.8
4
src/wg.8
|
@ -68,7 +68,7 @@ public-key cryptography, for post-quantum resistance. If \fIallowed-ips\fP
|
||||||
is specified, but the value is the empty string, all allowed ips are removed
|
is specified, but the value is the empty string, all allowed ips are removed
|
||||||
from the peer. The use of \fIpersistent-keepalive\fP is optional and is by
|
from the peer. The use of \fIpersistent-keepalive\fP is optional and is by
|
||||||
default off; setting it to 0 or "off", disables it. Otherwise it represents,
|
default off; setting it to 0 or "off", disables it. Otherwise it represents,
|
||||||
in seconds, between 10 and 3600 inclusive, how often to send an authenticated
|
in seconds, between 1 and 65535 inclusive, how often to send an authenticated
|
||||||
empty packet to the peer, for the purpose of keeping a stateful firewall or NAT
|
empty packet to the peer, for the purpose of keeping a stateful firewall or NAT
|
||||||
mapping valid persistently. For example, if the interface very rarely sends
|
mapping valid persistently. For example, if the interface very rarely sends
|
||||||
traffic, but it might at anytime receive traffic from a peer, and it is behind
|
traffic, but it might at anytime receive traffic from a peer, and it is behind
|
||||||
|
@ -142,7 +142,7 @@ port number. This endpoint will be updated automatically to the most recent
|
||||||
source IP address and port of correctly authenticated packets from the peer.
|
source IP address and port of correctly authenticated packets from the peer.
|
||||||
Optional.
|
Optional.
|
||||||
.IP \(bu
|
.IP \(bu
|
||||||
PersistentKeepalive \(em a seconds interval, between 10 and 3600 inclusive, of
|
PersistentKeepalive \(em a seconds interval, between 1 and 65535 inclusive, of
|
||||||
how often to send an authenticated empty packet to the peer for the purpose of keeping a
|
how often to send an authenticated empty packet to the peer for the purpose of keeping a
|
||||||
stateful firewall or NAT mapping valid persistently. For example, if the interface
|
stateful firewall or NAT mapping valid persistently. For example, if the interface
|
||||||
very rarely sends traffic, but it might at anytime receive traffic from a peer,
|
very rarely sends traffic, but it might at anytime receive traffic from a peer,
|
||||||
|
|
Loading…
Reference in a new issue