X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2Ftinc.conf.5.in;h=cd7d1a0d2e268e26a3550055b1f22fe18696d240;hp=0f91b7f6aa52827e10872a37a25b28a06cf0363e;hb=5865fd2676b8c77ac8f71b3fd997593cafbd153f;hpb=4a5c12ec97fa1e82aae2d327fdc648e5203eb478

diff --git a/doc/tinc.conf.5.in b/doc/tinc.conf.5.in
index 0f91b7f6..cd7d1a0d 100644
--- a/doc/tinc.conf.5.in
+++ b/doc/tinc.conf.5.in
@@ -1,4 +1,4 @@
-.Dd 2016-02-27
+.Dd 2016-10-29
 .Dt TINC.CONF 5
 .\" Manual page created by:
 .\" Ivo Timmermans
@@ -222,7 +222,7 @@ Also note that this can cause decrypted VPN packets to be sent out on a real net
 Create a UNIX socket with the filename specified by
 .Va Device ,
 or
-.Pa @localstatedir@/run/ Ns Ar NETNAME Ns Pa .umlsocket
+.Pa @runstatedir@/ Ns Ar NETNAME Ns Pa .umlsocket
 if not specified.
 .Nm tinc
 will wait for a User Mode Linux instance to connect to this socket.
@@ -231,7 +231,7 @@ Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
 using the UNIX socket specified by
 .Va Device ,
 or
-.Pa @localstatedir@/run/vde.ctl
+.Pa @runstatedir@/vde.ctl
 if not specified.
 .El
 Also, in case tinc does not seem to correctly interpret packets received from the virtual network device,
@@ -250,6 +250,10 @@ Tinc will expect packets read from the virtual network device
 to start with a four byte header containing the address family,
 followed by an IP header.
 This mode should support both IPv4 and IPv6 packets.
+.It utun Pq OS X
+Set type to utun.
+This is only supported on OS X version 10.6.8 and higher, but doesn't require the tuntaposx module.
+This mode should support both IPv4 and IPv6 packets.
 .It tap Pq BSD and Linux
 Set type to tap.
 Tinc will expect packets read from the virtual network device
@@ -464,9 +468,9 @@ Multiple
 .Va Address
 variables can be specified, in which case each address will be tried until a working
 connection has been established.
-.It Va Cipher Li = Ar cipher Pq blowfish
+.It Va Cipher Li = Ar cipher Pq aes-256-cbc
 The symmetric cipher algorithm used to encrypt UDP packets.
-Any cipher supported by OpenSSL is recognised.
+Any cipher supported by LibreSSL or OpenSSL is recognised.
 Furthermore, specifying
 .Qq none
 will turn off packet encryption.
@@ -479,9 +483,9 @@ Fragmentation Needed or Packet too Big messages are dropped by firewalls.
 This option sets the level of compression used for UDP packets.
 Possible values are 0 (off), 1 (fast zlib) and any integer up to 9 (best zlib),
 10 (fast lzo) and 11 (best lzo).
-.It Va Digest Li = Ar digest Pq sha1
+.It Va Digest Li = Ar digest Pq sha256
 The digest algorithm used to authenticate UDP packets.
-Any digest supported by OpenSSL is recognised.
+Any digest supported by LibreSSL or OpenSSL is recognised.
 Furthermore, specifying
 .Qq none
 will turn off packet authentication.
@@ -653,7 +657,7 @@ its connection to the virtual network device.
 .El
 .Sh SEE ALSO
 .Xr tincd 8 ,
-.Pa http://www.tinc-vpn.org/ ,
+.Pa https://www.tinc-vpn.org/ ,
 .Pa http://www.tldp.org/LDP/nag2/ .
 .Pp
 The full documentation for