From: Jaakko Hannikainen <jaakko.hannikai...@intel.com>
This change prettifies man pages with <SYSCONFDIR> and /var/lib so
that it will show the actual value connman was compiled with, rather
than just hinting at some magical compile time variable.
Add only the man page autoconf .in files to the dist tar ball so
that running ./configure with a different prefix generates the man
pages using the given prefix. As the autoconf .in is not created by
standard rules, ensure also that the target directory is created.
---
.gitignore | 8 +-
Makefile.am | 32 ++-
doc/connman-service.config.5 | 197 ----------------
doc/connman-service.config.5.in | 197 ++++++++++++++++
doc/connman-vpn-provider.config.5 | 424 -----------------------------------
doc/connman-vpn-provider.config.5.in | 424 +++++++++++++++++++++++++++++++++++
doc/connman-vpn.8 | 63 ------
doc/connman-vpn.8.in | 62 +++++
doc/connman-vpn.conf.5 | 48 ----
doc/connman-vpn.conf.5.in | 42 ++++
doc/connman.8 | 98 --------
doc/connman.8.in | 97 ++++++++
doc/connman.conf.5 | 144 ------------
doc/connman.conf.5.in | 138 ++++++++++++
doc/connmanctl.1 | 282 -----------------------
doc/connmanctl.1.in | 282 +++++++++++++++++++++++
16 files changed, 1274 insertions(+), 1264 deletions(-)
delete mode 100644 doc/connman-service.config.5
create mode 100644 doc/connman-service.config.5.in
delete mode 100644 doc/connman-vpn-provider.config.5
create mode 100644 doc/connman-vpn-provider.config.5.in
delete mode 100644 doc/connman-vpn.8
create mode 100644 doc/connman-vpn.8.in
delete mode 100644 doc/connman-vpn.conf.5
create mode 100644 doc/connman-vpn.conf.5.in
delete mode 100644 doc/connman.8
create mode 100644 doc/connman.8.in
delete mode 100644 doc/connman.conf.5
create mode 100644 doc/connman.conf.5.in
delete mode 100644 doc/connmanctl.1
create mode 100644 doc/connmanctl.1.in
diff --git a/.gitignore b/.gitignore
index 9c22e4a..bbb44c3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -64,8 +64,12 @@ unit/test-nat
doc/*.bak
doc/*.stamp
doc/connman.*
-!doc/connman.8
-!doc/connman.conf.5
+doc/*.1
+doc/*.5
+doc/*.8
+!doc/*.1.in
+!doc/*.5.in
+!doc/*.8.in
doc/connman-*.txt
vpn/builtin.h
diff --git a/Makefile.am b/Makefile.am
index 3d0645e..4319c4c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -248,8 +248,6 @@ include Makefile.plugins
if CLIENT
bin_PROGRAMS += client/connmanctl
-MANUAL_PAGES += doc/connmanctl.1
-
client_connmanctl_SOURCES = client/dbus_helpers.h client/dbus_helpers.c \
client/services.h client/services.c \
client/commands.h client/commands.c \
@@ -380,14 +378,22 @@ EXTRA_DIST += doc/overview-api.txt doc/behavior-api.txt \
doc/vpn-config-format.txt \
doc/vpn-connection-api.txt \
doc/vpn-manager-api.txt doc/vpn-overview.txt \
- doc/session-policy-format.txt
+ doc/session-policy-format.txt \
+ doc/connmanctl.1.in doc/connman.conf.5.in \
+ doc/connman-service.config.5.in \
+ doc/connman-vpn.conf.5.in \
+ doc/connman-vpn-provider.config.5.in \
+ doc/connman.8.in doc/connman-vpn.8.in
EXTRA_DIST += src/main.conf \
src/eduroam.config
-MANUAL_PAGES += doc/connman.8 doc/connman.conf.5
+MANUAL_PAGES += doc/connmanctl.1 doc/connman.conf.5 \
+ doc/connman-service.config.5 doc/connman-vpn.conf.5 \
+ doc/connman-vpn-provider.config.5 \
+ doc/connman.8 doc/connman-vpn.8
-dist_man_MANS = $(MANUAL_PAGES)
+nodist_man_MANS = $(MANUAL_PAGES)
pkgconfigdir = $(libdir)/pkgconfig
@@ -449,8 +455,22 @@ do_subst = $(AM_V_GEN)$(SED) \
-e 's,[@]prefix[@],$(prefix),g' \
-e 's,[@]sbindir[@],$(sbindir),g' \
-e 's,[@]sysconfdir[@],$(sysconfdir),g' \
+ -e 's,[@]storagedir[@],$(storagedir),g' \
+ -e 's,[@]vpn_storagedir[@],$(vpn_storagedir),g' \
-e 's,[@]localstatedir[@],$(localstatedir),g'
+%.1 : %.1.in
+ $(AM_V_at)$(MKDIR_P) $(dir $@)
+ $(do_subst) < $< > $@
+
+%.5 : %.5.in
+ $(AM_V_at)$(MKDIR_P) $(dir $@)
+ $(do_subst) < $< > $@
+
+%.8 : %.8.in
+ $(AM_V_at)$(MKDIR_P) $(dir $@)
+ $(do_subst) < $< > $@
+
%.service: %.service.in Makefile
$(AM_V_at)$(MKDIR_P) $(dir $@)
$(do_subst) < $< > $@
@@ -468,4 +488,4 @@ include/connman/%.h: $(abs_top_srcdir)/include/%.h
$(AM_V_GEN)$(LN_S) $< $@
clean-local:
- @$(RM) -rf include/connman
+ @$(RM) -rf include/connman $(MANUAL_PAGES)
diff --git a/doc/connman-service.config.5 b/doc/connman-service.config.5
deleted file mode 100644
index 3cf3692..0000000
--- a/doc/connman-service.config.5
+++ /dev/null
@@ -1,197 +0,0 @@
-.\" connman-service.config(5) manual page
-.\"
-.\" Copyright (C) 2015 Intel Corporation
-.\"
-.TH "service-name.config" "5" "2015-10-15" ""
-.SH NAME
-service-name.config \- ConnMan service provisioning file
-.SH SYNOPSIS
-.B /var/lib/connman/\fIservice-name\fB.config
-.SH DESCRIPTION
-.P
-\fIConnMan\fP's services are configured with so called
-"\fBprovisioning files\fP" which reside under \fI/var/lib/connman/\fP.
-The files can be named anything, as long as they end in \fB.config\fP.
-The provisioning files can be used to configure for example secured
-wireless access points which need complex authentication, for example
-eduroam, or for static IPs and so on. Each provisioning file can be
-used for multiple services at once.
-.SH "FILE FORMAT"
-.P
-The configuration file format is key file format.
-It consists of sections (groups) of key-value pairs.
-Lines beginning with a '#' and blank lines are considered comments.
-Sections are started by a header line containing the section enclosed
-in '[' and ']', and ended implicitly by the start of the next section
-or the end of the file. Each key-value pair must be contained in a section.
-.P
-Description of sections and available keys follows:
-.SS [global]
-This section is optional, and can be used to describe the actual file. The
-two allowed fields for this section are:
-.TP
-.BI Name= name
-Name of the network.
-.TP
-.BI Description= description
-Description of the network.
-.SS [service_*]
-Each provisioned service must start with a [service_*] tag, with * replaced
-by an unique name within the file.
-The allowed fields are:
-.TP
-.B Type=ethernet \fR|\fB wifi
-Mandatory. Other types than ethernet or wifi are not supported.
-.TP
-.BI IPv4=off \ \fR|\ dhcp\ \fR|\ network / netmask / gateway
-IPv4 settings for the service. If set to \fBoff\fP, IPv4 won't be used.
-If set to \fBdhcp\fP, dhcp will be used to obtain the network settings.
-\fInetmask\fP can be specified as length of the mask rather than the
-mask itself. The gateway can be omitted when using a static IP.
-.TP
-.BI IPv6=off \ \fR|\ auto\ \fR|\ network / prefixlength / gateway
-IPv6 settings for the service. If set to \fBoff\fP, IPv6 won't be used.
-If set to \fBauto\fP, settings will be obtained from the network.
-.TP
-.B IPv6.Privacy=disabled \fR|\fB enabled \fR|\fB preferred
-IPv6 privacy settings as per RFC3041.
-.TP
-.BI MAC= address
-MAC address of the interface to be used. If not specified, the first
-found interface is used. Must be in format ab:cd:ef:01:23:45.
-.TP
-.BI Nameservers= servers
-Comma separated list of nameservers.
-.TP
-.BI SearchDomains= domains
-Comma separated list of DNS search domains.
-.TP
-.BI Timeservers= servers
-Comma separated list of timeservers.
-.TP
-.BI Domain= domain
-Domain name to be used.
-.TP
-The following keys can only be used for wireless networks:
-.TP
-.BI Name= name
-A string representation of an network SSID. If the SSID field is
-present, the Name field is ignored. If the SSID field is not present,
-this field is mandatory.
-.TP
-.BI SSID= ssid
-SSID: A hexadecimal representation of an 802.11 SSID. Use this format to
-encode special characters including starting or ending spaces.
-.TP
-.BI Passphrase= passphrase
-RSN/WPA/WPA2 Passphrase.
-.TP
-.BI Security= type
-The security type of the network. Possible values are \fBpsk\fP
-(WPA/WPA2 PSK), \fBieee8021x\fP (WPA EAP), \fBnone\fP and \fBwep\fP.
-When not set, the default value is \fBieee8021x\fP if an EAP type is
-configured, \fBpsk\fP if a passphrase is present and \fBnone\fP otherwise.
-.TP
-.B Hidden=true \fR|\fB false
-If set to \fBtrue\fP, then this AP is hidden. If missing or set to
-\fBfalse\fP, then AP is not hidden.
-.TP
-.B EAP=tls \fR|\fB ttls \fR|\fB peap
-EAP type to use. Only \fBtls\fP, \fBttls\fP and \fBpeap\fP are supported.
-.TP
-.BI CACertFile= file
-Path to the CA certificate file. Only PEM and DER formats are supported.
-.TP
-.BI PrivateKeyFile= file
-Path to the private key file. Only PEM, DER and PFX formats are supported.
-.TP
-.BI PrivateKeyPassphrase= passphrase
-Passphrase of the private key.
-.TP
-.B PrivateKeyPassphraseType=fsid
-If specified, use the private key's fsid as the passphrase, and ignore the
-PrivateKeyPassphrase field.
-.TP
-.BI Identity= identity
-Identity string for EAP.
-.TP
-.BI AnonymousIdentity= identity
-Anonymous identity string for EAP.
-.TP
-.BI Phase2= type
-Inner authentication type with for \fBEAP=tls\fP or \fBEAP=ttls\fP. Prefix
-the value with \fBEAP-\fP to indicate usage of EAP-based authentication
-method (should only be used with \fBEAP=ttls\fP).
-.SH "EXAMPLE"
-.SS Eduroam
-This is a configuration file for eduroam networks. This file could for
-example be /var/lib/connman/eduroam.config. Your university's exact
-settings might be different.
-.PP
-.nf
-[service_eduroam]
-Type = wifi
-Name = eduroam
-EAP = peap
-Phase2 = MSCHAPV2
-CACertFile = /etc/ssl/certs/UNIV_CA.crt
-.fi
-.SS Complex networking
-This is a configuration file for a network providing EAP-TLS, EAP-TTLS and
-EAP-PEAP services. The respective SSIDs are tls_ssid, ttls_ssid and peap_ssid
-and the file name could be /var/lib/connman/complex.config.
-.PP
-Please note that the SSID entry is for hexadecimal encoded SSID (e.g. "SSID =
-746c735f73736964"). If your SSID does not contain any exotic character then
-you should use the Name entry instead (e.g. "Name = tls_ssid").
-.PP
-.nf
-[global]
-Name = Example
-Description = Example network configuration
-
-[service_tls]
-Type = wifi
-SSID = 746c735f73736964
-EAP = tls
-CACertFile = /home/user/.certs/ca.pem
-ClientCertFile = /home/user/devlp/.certs/client.pem
-PrivateKeyFile = /home/user/.certs/client.fsid.pem
-PrivateKeyPassphraseType = fsid
-Identity = user
-
-[service_ttls]
-Type = wifi
-Name = ttls_ssid
-EAP = ttls
-CACertFile = /home/user/.cert/ca.pem
-Phase2 = MSCHAPV2
-Identity = user
-
-[service_peap]
-Type = wifi
-Name = peap_ssid
-EAP = peap
-CACertFile = /home/user/.cert/ca.pem
-Phase2 = MSCHAPV2
-Identity = user
-
-[service_home_ethernet]
-Type = ethernet
-IPv4 = 192.168.1.42/255.255.255.0/192.168.1.1
-IPv6 = 2001:db8::42/64/2001:db8::1
-MAC = 01:02:03:04:05:06
-Nameservers = 10.2.3.4,192.168.1.99
-SearchDomains = my.home,isp.net
-Timeservers = 10.172.2.1,ntp.my.isp.net
-Domain = my.home
-
-[service_home_wifi]
-Type = wifi
-Name = my_home_wifi
-Passphrase = password
-IPv4 = 192.168.2.2/255.255.255.0/192.168.2.1
-MAC = 06:05:04:03:02:01
-.fi
-.SH "SEE ALSO"
-.BR connman (8)
diff --git a/doc/connman-service.config.5.in b/doc/connman-service.config.5.in
new file mode 100644
index 0000000..535c626
--- /dev/null
+++ b/doc/connman-service.config.5.in
@@ -0,0 +1,197 @@
+.\" connman-service.config(5) manual page
+.\"
+.\" Copyright (C) 2015 Intel Corporation
+.\"
+.TH "service-name.config" "5" "2015-10-15" ""
+.SH NAME
+service-name.config \- ConnMan service provisioning file
+.SH SYNOPSIS
+.B @storagedir@/\fIservice-name\fB.config
+.SH DESCRIPTION
+.P
+\fIConnMan\fP's services are configured with so called
+"\fBprovisioning files\fP" which reside under \fI@storagedir@/\fP.
+The files can be named anything, as long as they end in \fB.config\fP.
+The provisioning files can be used to configure for example secured
+wireless access points which need complex authentication, for example
+eduroam, or for static IPs and so on. Each provisioning file can be
+used for multiple services at once.
+.SH "FILE FORMAT"
+.P
+The configuration file format is key file format.
+It consists of sections (groups) of key-value pairs.
+Lines beginning with a '#' and blank lines are considered comments.
+Sections are started by a header line containing the section enclosed
+in '[' and ']', and ended implicitly by the start of the next section
+or the end of the file. Each key-value pair must be contained in a section.
+.P
+Description of sections and available keys follows:
+.SS [global]
+This section is optional, and can be used to describe the actual file. The
+two allowed fields for this section are:
+.TP
+.BI Name= name
+Name of the network.
+.TP
+.BI Description= description
+Description of the network.
+.SS [service_*]
+Each provisioned service must start with a [service_*] tag, with * replaced
+by an unique name within the file.
+The allowed fields are:
+.TP
+.B Type=ethernet \fR|\fB wifi
+Mandatory. Other types than ethernet or wifi are not supported.
+.TP
+.BI IPv4=off \ \fR|\ dhcp\ \fR|\ network / netmask / gateway
+IPv4 settings for the service. If set to \fBoff\fP, IPv4 won't be used.
+If set to \fBdhcp\fP, dhcp will be used to obtain the network settings.
+\fInetmask\fP can be specified as length of the mask rather than the
+mask itself. The gateway can be omitted when using a static IP.
+.TP
+.BI IPv6=off \ \fR|\ auto\ \fR|\ network / prefixlength / gateway
+IPv6 settings for the service. If set to \fBoff\fP, IPv6 won't be used.
+If set to \fBauto\fP, settings will be obtained from the network.
+.TP
+.B IPv6.Privacy=disabled \fR|\fB enabled \fR|\fB preferred
+IPv6 privacy settings as per RFC3041.
+.TP
+.BI MAC= address
+MAC address of the interface to be used. If not specified, the first
+found interface is used. Must be in format ab:cd:ef:01:23:45.
+.TP
+.BI Nameservers= servers
+Comma separated list of nameservers.
+.TP
+.BI SearchDomains= domains
+Comma separated list of DNS search domains.
+.TP
+.BI Timeservers= servers
+Comma separated list of timeservers.
+.TP
+.BI Domain= domain
+Domain name to be used.
+.TP
+The following keys can only be used for wireless networks:
+.TP
+.BI Name= name
+A string representation of an network SSID. If the SSID field is
+present, the Name field is ignored. If the SSID field is not present,
+this field is mandatory.
+.TP
+.BI SSID= ssid
+SSID: A hexadecimal representation of an 802.11 SSID. Use this format to
+encode special characters including starting or ending spaces.
+.TP
+.BI Passphrase= passphrase
+RSN/WPA/WPA2 Passphrase.
+.TP
+.BI Security= type
+The security type of the network. Possible values are \fBpsk\fP
+(WPA/WPA2 PSK), \fBieee8021x\fP (WPA EAP), \fBnone\fP and \fBwep\fP.
+When not set, the default value is \fBieee8021x\fP if an EAP type is
+configured, \fBpsk\fP if a passphrase is present and \fBnone\fP otherwise.
+.TP
+.B Hidden=true \fR|\fB false
+If set to \fBtrue\fP, then this AP is hidden. If missing or set to
+\fBfalse\fP, then AP is not hidden.
+.TP
+.B EAP=tls \fR|\fB ttls \fR|\fB peap
+EAP type to use. Only \fBtls\fP, \fBttls\fP and \fBpeap\fP are supported.
+.TP
+.BI CACertFile= file
+Path to the CA certificate file. Only PEM and DER formats are supported.
+.TP
+.BI PrivateKeyFile= file
+Path to the private key file. Only PEM, DER and PFX formats are supported.
+.TP
+.BI PrivateKeyPassphrase= passphrase
+Passphrase of the private key.
+.TP
+.B PrivateKeyPassphraseType=fsid
+If specified, use the private key's fsid as the passphrase, and ignore the
+PrivateKeyPassphrase field.
+.TP
+.BI Identity= identity
+Identity string for EAP.
+.TP
+.BI AnonymousIdentity= identity
+Anonymous identity string for EAP.
+.TP
+.BI Phase2= type
+Inner authentication type with for \fBEAP=tls\fP or \fBEAP=ttls\fP. Prefix
+the value with \fBEAP-\fP to indicate usage of EAP-based authentication
+method (should only be used with \fBEAP=ttls\fP).
+.SH "EXAMPLE"
+.SS Eduroam
+This is a configuration file for eduroam networks. This file could for
+example be @storagedir@/eduroam.config. Your university's exact
+settings might be different.
+.PP
+.nf
+[service_eduroam]
+Type = wifi
+Name = eduroam
+EAP = peap
+Phase2 = MSCHAPV2
+CACertFile = /etc/ssl/certs/UNIV_CA.crt
+.fi
+.SS Complex networking
+This is a configuration file for a network providing EAP-TLS, EAP-TTLS and
+EAP-PEAP services. The respective SSIDs are tls_ssid, ttls_ssid and peap_ssid
+and the file name could be @storagedir@/complex.config.
+.PP
+Please note that the SSID entry is for hexadecimal encoded SSID (e.g. "SSID =
+746c735f73736964"). If your SSID does not contain any exotic character then
+you should use the Name entry instead (e.g. "Name = tls_ssid").
+.PP
+.nf
+[global]
+Name = Example
+Description = Example network configuration
+
+[service_tls]
+Type = wifi
+SSID = 746c735f73736964
+EAP = tls
+CACertFile = /home/user/.certs/ca.pem
+ClientCertFile = /home/user/devlp/.certs/client.pem
+PrivateKeyFile = /home/user/.certs/client.fsid.pem
+PrivateKeyPassphraseType = fsid
+Identity = user
+
+[service_ttls]
+Type = wifi
+Name = ttls_ssid
+EAP = ttls
+CACertFile = /home/user/.cert/ca.pem
+Phase2 = MSCHAPV2
+Identity = user
+
+[service_peap]
+Type = wifi
+Name = peap_ssid
+EAP = peap
+CACertFile = /home/user/.cert/ca.pem
+Phase2 = MSCHAPV2
+Identity = user
+
+[service_home_ethernet]
+Type = ethernet
+IPv4 = 192.168.1.42/255.255.255.0/192.168.1.1
+IPv6 = 2001:db8::42/64/2001:db8::1
+MAC = 01:02:03:04:05:06
+Nameservers = 10.2.3.4,192.168.1.99
+SearchDomains = my.home,isp.net
+Timeservers = 10.172.2.1,ntp.my.isp.net
+Domain = my.home
+
+[service_home_wifi]
+Type = wifi
+Name = my_home_wifi
+Passphrase = password
+IPv4 = 192.168.2.2/255.255.255.0/192.168.2.1
+MAC = 06:05:04:03:02:01
+.fi
+.SH "SEE ALSO"
+.BR connman (8)
diff --git a/doc/connman-vpn-provider.config.5
b/doc/connman-vpn-provider.config.5
deleted file mode 100644
index cb12854..0000000
--- a/doc/connman-vpn-provider.config.5
+++ /dev/null
@@ -1,424 +0,0 @@
-.\" connman-vpn-provider.config(5) manual page
-.\"
-.\" Copyright (C) 2015 Intel Corporation
-.\"
-.TH "connection_name.config" "5" "2015-10-15" ""
-.SH NAME
-connection_name.config \- ConnMan vpn connection provisioning file
-.SH SYNOPSIS
-.B /var/lib/connman-vpn/\fIconnection-name\fB.config
-.SH DESCRIPTION
-.P
-\fIConnMan\fP's vpn connections are configured with so called
-"\fBprovisioning files\fP" which reside under \fI/var/lib/connman-vpn/\fP.
-The files can be named anything, as long as they contain only printable
-ascii characers, for example letters, numbers and underscores. The file
-must end with \fB.config\fP. Each VPN connection requires a provisioning
-file, but multiple connections can be specified in the same file.
-.SH "FILE FORMAT"
-.P
-The configuration file format is key file format.
-It consists of sections (groups) of key-value pairs.
-Lines beginning with a '#' and blank lines are considered comments.
-Sections are started by a header line containing the section enclosed
-in '[' and ']', and ended implicitly by the start of the next section
-or the end of the file. Each key-value pair must be contained in a section.
-.P
-Description of sections and available keys follows:
-.SS [global]
-This section is optional, and can be used to describe the actual file. The
-two allowed fields for this section are:
-.TP
-.BI Name= name
-Name of the network.
-.TP
-.BI Description= description
-Description of the network.
-.SS [provider_*]
-Each provisioned connection must start with a [provider_*] tag,
-with * replaced by an unique name within the file.
-The following fields are mandatory:
-.TP
-.B Type=OpenConnect \fR|\fB OpenVPN \fR|\fB VPNC \fR|\fB L2TP \fR|\fB PPTP
-Specifies the VPN type.
-.TP
-.BI Host= IP
-VPN server IP address.
-.TP
-.BI Domain= domain
-Domain name for the VPN service.
-.TP
-The following field is optional:
-.TP
-.BI Networks= network / netmask / gateway [,...]
-Networks behind the VPN. If all traffic should go through the VPN, this
-field can be left out. The gateway can be left out. For IPv6 addresses,
-only the prefix length is accepted as the netmask.
-.SS OpenConnect
-The following keys can be used for \fBopenconnect\fP(8) networks:
-.TP
-.BI OpenConnect.ServerCert= cert
-SHA1 fingerprint of the VPN server's certificate.
-.TP
-.BI OpenConnect.CACert= cert
-File containing additional CA certificates in addition to the system
-trusted certificate authorities.
-.TP
-.BI OpenConnect.ClientCert= cert
-Client certificate, if needed by web authentication.
-.TP
-.BI OpenConnect.MTU= mtu
-Request \fImtu\fP from the server as the MTU of the tunnel.
-.TP
-.BI OpenConnect.Cookie= cookie
-The resulting cookie of the authentication process. As the cookie lifetime
-can be very limited, it does not usually make sense to add it into the
-configuration file.
-.TP
-.BI OpenConnect.VPNHost= host
-The final VPN server to use after completing the web authentication. Only
-usable for extremely simple VPN configurations and should normally be set
-only via the VPN Agent API.
-.PP
-If \fBOpenConnect.Cookie\fP, \fBOpenConnect.VPNHost\fP or
-\fBOpenConnect.ServerCert\fP are missing, the VPN Agent will be contacted
-to supply the information.
-.SS OpenVPN
-The following keys are mandatory for \fBopenvpn\fP(8) networks:
-.TP
-.BI OpenVPN.CACert= cert
-Certificate authority file.
-.TP
-.BI OpenVPN.Cert= cert
-Local peer's signed certificate.
-.TP
-.BI OpenVPN.Cert= cert
-Local peer's signed certificate.
-.TP
-.BI OpenVPN.Key= key
-Local peer's private key.
-.TP
-The following keys are optional for \fBopenvpn\fP(8) networks:
-.TP
-.BI OpenVPN.MTU= mtu
-MTU of the tunnel.
-.TP
-.B OpenVPN.NSCertType=client \fR|\fB server
-Peer certificate type, either \fBclient\fP or \fBserver\fP.
-.TP
-.BI OpenVPN.Protocol= protocol
-Use \fIprotocol\fP.
-.TP
-.BI OpenVPN.Port= port
-TCP/UDP port number.
-.TP
-.B OpenVPN.AuthUserPass=true \fR|\fB false
-Authenticate on the server using username/password.
-.TP
-.BI OpenVPN.AskPass= file
-Get certificate password from \fIfile\fP.
-.TP
-.B OpenVPN.AuthNoCache=true \fR|\fB false
-Don't cache AskPass or AuthUserPass value.
-.TP
-.BI OpenVPN.TLSRemote= name
-Accept connections only from a host with X509 name or common
-name equal to \fIname\fP.
-.TP
-.BI OpenVPN.TLSAuth= file
-Use \fIfile\fP for HMAC authentication.
-.TP
-.BI OpenVPN.TLSAuthDir= direction
-Use \fIdirection\fP for HMAC authentication direction.
-.TP
-.BI OpenVPN.Cipher= cipher
-Use \fIcipher\fP as the cipher.
-.TP
-.B OpenVPN.Auth=true \fR|\fB false
-Use HMAC authentication.
-.TP
-.B OpenVPN.CompLZO=yes \fR|\fB no \fR|\fB adaptive
-Use fast LZO compression.
-.TP
-.B OpenVPN.RemoteCertTls=client \fR|\fB server
-Require that remote certificate is signed based on RFC3280 TLS rules.
-.TP
-.BI OpenVPN.ConfigFile= file
-OpenVPN config file for extra options not supported by the OpenVPN plugin.
-.SS VPNC
-The following key is mandatory for \fBvpnc\fP(8) networks:
-.TP
-.BI VPNC.IPSec.ID= id
-Group username.
-.TP
-The following keys are optional for \fBvpnc\fP(8) networks:
-.TP
-.BI VPNC.IPSec.Secret= secret
-Group password.
-.TP
-.BI VPNC.XAuth.Username= username
-Username.
-.TP
-.BI VPNC.XAuth.Password= password
-Password.
-.TP
-.BI VPNC.IKE.Authmode= mode
-IKE authentication mode.
-.TP
-.BI VPNC.IKE.DHGroup= group
-IKE DH group name.
-.TP
-.BI VPNC.PFS= group
-Diffie-Hellman group for perfect forward secrecy.
-.TP
-.BI VPNC.Domain= domain
-Domain name for authentication.
-.TP
-.BI VPNC.Vendor= vendor
-Vendor of the IPSec gateway.
-.TP
-.BI VPNC.LocalPort= port
-Local ISAKMP port number to use.
-.TP
-.BI VPNC.CiscoPort= port
-Cisco UDP Encapsulation Port.
-.TP
-.BI VPNC.AppVersion= version
-Application version to report.
-.TP
-.BI VPNC.NATTMode= mode
-NAT-Traversal Method to use.
-.TP
-.BI VPNC.DPDTimeout= timeout
-DPD idle timeout.
-.TP
-.B VPNC.SingleDES=true \fR|\fB false
-Enable single DES encryption.
-.TP
-.B VPNC.NoEncryption=true \fR|\fB false
-Enable usage of no encryption for data traffic.
-.SS L2TP
-The following keys are optional for l2tp (\fBxl2tp.conf\fP(5), \fBpppd\fP(8))
-networks:
-.TP
-.BI L2TP.User= user
-L2TP username.
-.TP
-.BI L2TP.Password= password
-L2TP password.
-.TP
-.BI L2TP.BPS= bps
-Max bandwidth to use.
-.TP
-.BI L2TP.TXBPS= bps
-Max transmit bandwidth to use.
-.TP
-.BI L2TP.RXBPS= bps
-Max receive bandwidth to use.
-.TP
-.B L2TP.LengthBit=yes \fR|\fB no
-Use length bit.
-.TP
-.B L2TP.Challenge=yes \fR|\fB no
-Use challenge authentication.
-.TP
-.BI L2TP.DefaultRoute= route
-Add \fIroute\fP to the routing tables.
-.TP
-.B L2TP.FlowBit=yes \fR|\fB no
-Use seq numbers.
-.TP
-.BI L2TP.TunnelRWS= size
-Window size.
-.TP
-.B L2TP.Exclusive=yes \fR|\fB no
-Use only one control channel.
-.TP
-.B L2TP.Redial=yes \fR|\fB no
-Redial if disconnected.
-.TP
-.BI L2TP.RedialTimeout= timeout
-Redial timeout.
-.TP
-.BI L2TP.MaxRedials= count
-Maximum amount of redial tries.
-.TP
-.B L2TP.RequirePAP=yes \fR|\fB no
-Require PAP.
-.TP
-.B L2TP.RequireCHAP=yes \fR|\fB no
-Require CHAP.
-.TP
-.B L2TP.ReqAuth=yes \fR|\fB no
-Require authentication.
-.TP
-.B L2TP.AccessControl=yes \fR|\fB no
-Use access control.
-.TP
-.BI L2TP.AuthFile= file
-Authentication file location.
-.TP
-.BI L2TP.ListenAddr= address
-Listen address.
-.TP
-.B L2TP.IPSecSaref=yes \fR|\fB no
-Listen address.
-.TP
-.BI L2TP.Port= port
-UDP port used.
-.TP
-.BI PPPD.EchoFailure= count
-Echo failure count.
-.TP
-.BI PPPD.EchoFailure= count
-Dead peer check count.
-.TP
-.BI PPPD.EchoInterval= interval
-Dead peer check interval.
-.TP
-.BI PPPD.Debug= level
-Debug level.
-.TP
-.B PPPD.RefuseEAP=true \fR|\fB false
-Refuse EAP authentication.
-.TP
-.B PPPD.RefusePAP=true \fR|\fB false
-Refuse PAP authentication.
-.TP
-.B PPPD.RefuseCHAP=true \fR|\fB false
-Refuse CHAP authentication.
-.TP
-.B PPPD.RefuseMSCHAP=true \fR|\fB false
-Refuse MSCHAP authentication.
-.TP
-.B PPPD.RefuseMSCHAP2=true \fR|\fB false
-Refuse MSCHAPv2 authentication.
-.TP
-.B PPPD.NoBSDComp=true \fR|\fB false
-Disable BSD compression.
-.TP
-.B PPPD.NoPcomp=true \fR|\fB false
-Disable protocol compression.
-.TP
-.B PPPD.UseAccomp=true \fR|\fB false
-Disable Access/Control compression.
-.TP
-.B PPPD.NoDeflate=true \fR|\fB false
-Disable deflate compression.
-.TP
-.B PPPD.ReqMPPE=true \fR|\fB false
-Require the use of MPPE.
-.TP
-.B PPPD.ReqMPPE40=true \fR|\fB false
-Require the use of MPPE 40 bit.
-.TP
-.B PPPD.ReqMPPE128=true \fR|\fB false
-Require the use of MPPE 128 bit.
-.TP
-.B PPPD.ReqMPPEStateful=true \fR|\fB false
-Allow MPPE to use stateful mode.
-.TP
-.B PPPD.NoVJ=true \fR|\fB false
-No Van Jacobson compression.
-.SS PPTP
-The following keys are optional for \fBpptp\fP(8) (see also \fBpppd\fP(8))
-networks:
-.TP
-.BI PPTP.User= username
-Username.
-.TP
-.BI PPTP.Password= password
-Password.
-.TP
-.BI PPPD.EchoFailure= count
-Echo failure count.
-.TP
-.BI PPPD.EchoFailure= count
-Dead peer check count.
-.TP
-.BI PPPD.EchoInterval= interval
-Dead peer check interval.
-.TP
-.BI PPPD.Debug= level
-Debug level.
-.TP
-.B PPPD.RefuseEAP=true \fR|\fB false
-Refuse EAP authentication.
-.TP
-.B PPPD.RefusePAP=true \fR|\fB false
-Refuse PAP authentication.
-.TP
-.B PPPD.RefuseCHAP=true \fR|\fB false
-Refuse CHAP authentication.
-.TP
-.B PPPD.RefuseMSCHAP=true \fR|\fB false
-Refuse MSCHAP authentication.
-.TP
-.B PPPD.RefuseMSCHAP2=true \fR|\fB false
-Refuse MSCHAPv2 authentication.
-.TP
-.B PPPD.NoBSDComp=true \fR|\fB false
-Disable BSD compression.
-.TP
-.B PPPD.NoPcomp=true \fR|\fB false
-Disable protocol compression.
-.TP
-.B PPPD.UseAccomp=true \fR|\fB false
-Disable Access/Control compression.
-.TP
-.B PPPD.NoDeflate=true \fR|\fB false
-Disable deflate compression.
-.TP
-.B PPPD.ReqMPPE=true \fR|\fB false
-Require the use of MPPE.
-.TP
-.B PPPD.ReqMPPE40=true \fR|\fB false
-Require the use of MPPE 40 bit.
-.TP
-.B PPPD.ReqMPPE128=true \fR|\fB false
-Require the use of MPPE 128 bit.
-.TP
-.B PPPD.ReqMPPEStateful=true \fR|\fB false
-Allow MPPE to use stateful mode.
-.TP
-.B PPPD.NoVJ=true \fR|\fB false
-No Van Jacobson compression.
-
-.SH "EXAMPLE"
-This is a configuration file for a VPN providing L2TP, OpenVPN and
-OpenConnect services. It could, for example, be in the file
-.B /var/lib/connman-vpn/example.config\fR.
-.PP
-.nf
-[global]
-Name = Example
-Description = Example VPN configuration
-
-[provider_l2tp]
-Type = L2TP
-Name = Connection to corporate network
-Host = 1.2.3.4
-Domain = corporate.com
-Networks = 10.10.30.0/24
-L2TP.User = username
-
-[provider_openconnect]
-Type = OpenConnect
-Name = Connection to corporate network using Cisco VPN
-Host = 7.6.5.4
-Domain = corporate.com
-Networks = 10.10.20.0/255.255.255.0/10.20.1.5,192.168.99.1/24,2001:db8::1/64
-OpenConnect.ServerCert = 263AFAB4CB2E6621D12E90182008AEF44AEFA031
-OpenConnect.CACert = /etc/certs/certificate.p12
-
-[provider_openvpn]
-Type = OpenVPN
-Name = Connection to corporate network using OpenVPN
-Host = 3.2.5.6
-Domain = my.home.network
-OpenVPN.CACert = /etc/certs/cacert.pem
-OpenVPN.Cert = /etc/certs/cert.pem
-OpenVPN.Key = /etc/certs/cert.key
-.fi
-.SH "SEE ALSO"
-.BR connmanctl (1),\ connman (8),\ connman-vpn (8)
diff --git a/doc/connman-vpn-provider.config.5.in
b/doc/connman-vpn-provider.config.5.in
new file mode 100644
index 0000000..5393260
--- /dev/null
+++ b/doc/connman-vpn-provider.config.5.in
@@ -0,0 +1,424 @@
+.\" connman-vpn-provider.config(5) manual page
+.\"
+.\" Copyright (C) 2015 Intel Corporation
+.\"
+.TH "connection_name.config" "5" "2015-10-15" ""
+.SH NAME
+connection_name.config \- ConnMan vpn connection provisioning file
+.SH SYNOPSIS
+.B @vpn_storagedir@/\fIconnection-name\fB.config
+.SH DESCRIPTION
+.P
+\fIConnMan\fP's vpn connections are configured with so called
+"\fBprovisioning files\fP" which reside under \fI@vpn_storagedir@/\fP.
+The files can be named anything, as long as they contain only printable
+ascii characers, for example letters, numbers and underscores. The file
+must end with \fB.config\fP. Each VPN connection requires a provisioning
+file, but multiple connections can be specified in the same file.
+.SH "FILE FORMAT"
+.P
+The configuration file format is key file format.
+It consists of sections (groups) of key-value pairs.
+Lines beginning with a '#' and blank lines are considered comments.
+Sections are started by a header line containing the section enclosed
+in '[' and ']', and ended implicitly by the start of the next section
+or the end of the file. Each key-value pair must be contained in a section.
+.P
+Description of sections and available keys follows:
+.SS [global]
+This section is optional, and can be used to describe the actual file. The
+two allowed fields for this section are:
+.TP
+.BI Name= name
+Name of the network.
+.TP
+.BI Description= description
+Description of the network.
+.SS [provider_*]
+Each provisioned connection must start with a [provider_*] tag,
+with * replaced by an unique name within the file.
+The following fields are mandatory:
+.TP
+.B Type=OpenConnect \fR|\fB OpenVPN \fR|\fB VPNC \fR|\fB L2TP \fR|\fB PPTP
+Specifies the VPN type.
+.TP
+.BI Host= IP
+VPN server IP address.
+.TP
+.BI Domain= domain
+Domain name for the VPN service.
+.TP
+The following field is optional:
+.TP
+.BI Networks= network / netmask / gateway [,...]
+Networks behind the VPN. If all traffic should go through the VPN, this
+field can be left out. The gateway can be left out. For IPv6 addresses,
+only the prefix length is accepted as the netmask.
+.SS OpenConnect
+The following keys can be used for \fBopenconnect\fP(8) networks:
+.TP
+.BI OpenConnect.ServerCert= cert
+SHA1 fingerprint of the VPN server's certificate.
+.TP
+.BI OpenConnect.CACert= cert
+File containing additional CA certificates in addition to the system
+trusted certificate authorities.
+.TP
+.BI OpenConnect.ClientCert= cert
+Client certificate, if needed by web authentication.
+.TP
+.BI OpenConnect.MTU= mtu
+Request \fImtu\fP from the server as the MTU of the tunnel.
+.TP
+.BI OpenConnect.Cookie= cookie
+The resulting cookie of the authentication process. As the cookie lifetime
+can be very limited, it does not usually make sense to add it into the
+configuration file.
+.TP
+.BI OpenConnect.VPNHost= host
+The final VPN server to use after completing the web authentication. Only
+usable for extremely simple VPN configurations and should normally be set
+only via the VPN Agent API.
+.PP
+If \fBOpenConnect.Cookie\fP, \fBOpenConnect.VPNHost\fP or
+\fBOpenConnect.ServerCert\fP are missing, the VPN Agent will be contacted
+to supply the information.
+.SS OpenVPN
+The following keys are mandatory for \fBopenvpn\fP(8) networks:
+.TP
+.BI OpenVPN.CACert= cert
+Certificate authority file.
+.TP
+.BI OpenVPN.Cert= cert
+Local peer's signed certificate.
+.TP
+.BI OpenVPN.Cert= cert
+Local peer's signed certificate.
+.TP
+.BI OpenVPN.Key= key
+Local peer's private key.
+.TP
+The following keys are optional for \fBopenvpn\fP(8) networks:
+.TP
+.BI OpenVPN.MTU= mtu
+MTU of the tunnel.
+.TP
+.B OpenVPN.NSCertType=client \fR|\fB server
+Peer certificate type, either \fBclient\fP or \fBserver\fP.
+.TP
+.BI OpenVPN.Protocol= protocol
+Use \fIprotocol\fP.
+.TP
+.BI OpenVPN.Port= port
+TCP/UDP port number.
+.TP
+.B OpenVPN.AuthUserPass=true \fR|\fB false
+Authenticate on the server using username/password.
+.TP
+.BI OpenVPN.AskPass= file
+Get certificate password from \fIfile\fP.
+.TP
+.B OpenVPN.AuthNoCache=true \fR|\fB false
+Don't cache AskPass or AuthUserPass value.
+.TP
+.BI OpenVPN.TLSRemote= name
+Accept connections only from a host with X509 name or common
+name equal to \fIname\fP.
+.TP
+.BI OpenVPN.TLSAuth= file
+Use \fIfile\fP for HMAC authentication.
+.TP
+.BI OpenVPN.TLSAuthDir= direction
+Use \fIdirection\fP for HMAC authentication direction.
+.TP
+.BI OpenVPN.Cipher= cipher
+Use \fIcipher\fP as the cipher.
+.TP
+.B OpenVPN.Auth=true \fR|\fB false
+Use HMAC authentication.
+.TP
+.B OpenVPN.CompLZO=yes \fR|\fB no \fR|\fB adaptive
+Use fast LZO compression.
+.TP
+.B OpenVPN.RemoteCertTls=client \fR|\fB server
+Require that remote certificate is signed based on RFC3280 TLS rules.
+.TP
+.BI OpenVPN.ConfigFile= file
+OpenVPN config file for extra options not supported by the OpenVPN plugin.
+.SS VPNC
+The following key is mandatory for \fBvpnc\fP(8) networks:
+.TP
+.BI VPNC.IPSec.ID= id
+Group username.
+.TP
+The following keys are optional for \fBvpnc\fP(8) networks:
+.TP
+.BI VPNC.IPSec.Secret= secret
+Group password.
+.TP
+.BI VPNC.XAuth.Username= username
+Username.
+.TP
+.BI VPNC.XAuth.Password= password
+Password.
+.TP
+.BI VPNC.IKE.Authmode= mode
+IKE authentication mode.
+.TP
+.BI VPNC.IKE.DHGroup= group
+IKE DH group name.
+.TP
+.BI VPNC.PFS= group
+Diffie-Hellman group for perfect forward secrecy.
+.TP
+.BI VPNC.Domain= domain
+Domain name for authentication.
+.TP
+.BI VPNC.Vendor= vendor
+Vendor of the IPSec gateway.
+.TP
+.BI VPNC.LocalPort= port
+Local ISAKMP port number to use.
+.TP
+.BI VPNC.CiscoPort= port
+Cisco UDP Encapsulation Port.
+.TP
+.BI VPNC.AppVersion= version
+Application version to report.
+.TP
+.BI VPNC.NATTMode= mode
+NAT-Traversal Method to use.
+.TP
+.BI VPNC.DPDTimeout= timeout
+DPD idle timeout.
+.TP
+.B VPNC.SingleDES=true \fR|\fB false
+Enable single DES encryption.
+.TP
+.B VPNC.NoEncryption=true \fR|\fB false
+Enable usage of no encryption for data traffic.
+.SS L2TP
+The following keys are optional for l2tp (\fBxl2tp.conf\fP(5), \fBpppd\fP(8))
+networks:
+.TP
+.BI L2TP.User= user
+L2TP username.
+.TP
+.BI L2TP.Password= password
+L2TP password.
+.TP
+.BI L2TP.BPS= bps
+Max bandwidth to use.
+.TP
+.BI L2TP.TXBPS= bps
+Max transmit bandwidth to use.
+.TP
+.BI L2TP.RXBPS= bps
+Max receive bandwidth to use.
+.TP
+.B L2TP.LengthBit=yes \fR|\fB no
+Use length bit.
+.TP
+.B L2TP.Challenge=yes \fR|\fB no
+Use challenge authentication.
+.TP
+.BI L2TP.DefaultRoute= route
+Add \fIroute\fP to the routing tables.
+.TP
+.B L2TP.FlowBit=yes \fR|\fB no
+Use seq numbers.
+.TP
+.BI L2TP.TunnelRWS= size
+Window size.
+.TP
+.B L2TP.Exclusive=yes \fR|\fB no
+Use only one control channel.
+.TP
+.B L2TP.Redial=yes \fR|\fB no
+Redial if disconnected.
+.TP
+.BI L2TP.RedialTimeout= timeout
+Redial timeout.
+.TP
+.BI L2TP.MaxRedials= count
+Maximum amount of redial tries.
+.TP
+.B L2TP.RequirePAP=yes \fR|\fB no
+Require PAP.
+.TP
+.B L2TP.RequireCHAP=yes \fR|\fB no
+Require CHAP.
+.TP
+.B L2TP.ReqAuth=yes \fR|\fB no
+Require authentication.
+.TP
+.B L2TP.AccessControl=yes \fR|\fB no
+Use access control.
+.TP
+.BI L2TP.AuthFile= file
+Authentication file location.
+.TP
+.BI L2TP.ListenAddr= address
+Listen address.
+.TP
+.B L2TP.IPSecSaref=yes \fR|\fB no
+Listen address.
+.TP
+.BI L2TP.Port= port
+UDP port used.
+.TP
+.BI PPPD.EchoFailure= count
+Echo failure count.
+.TP
+.BI PPPD.EchoFailure= count
+Dead peer check count.
+.TP
+.BI PPPD.EchoInterval= interval
+Dead peer check interval.
+.TP
+.BI PPPD.Debug= level
+Debug level.
+.TP
+.B PPPD.RefuseEAP=true \fR|\fB false
+Refuse EAP authentication.
+.TP
+.B PPPD.RefusePAP=true \fR|\fB false
+Refuse PAP authentication.
+.TP
+.B PPPD.RefuseCHAP=true \fR|\fB false
+Refuse CHAP authentication.
+.TP
+.B PPPD.RefuseMSCHAP=true \fR|\fB false
+Refuse MSCHAP authentication.
+.TP
+.B PPPD.RefuseMSCHAP2=true \fR|\fB false
+Refuse MSCHAPv2 authentication.
+.TP
+.B PPPD.NoBSDComp=true \fR|\fB false
+Disable BSD compression.
+.TP
+.B PPPD.NoPcomp=true \fR|\fB false
+Disable protocol compression.
+.TP
+.B PPPD.UseAccomp=true \fR|\fB false
+Disable Access/Control compression.
+.TP
+.B PPPD.NoDeflate=true \fR|\fB false
+Disable deflate compression.
+.TP
+.B PPPD.ReqMPPE=true \fR|\fB false
+Require the use of MPPE.
+.TP
+.B PPPD.ReqMPPE40=true \fR|\fB false
+Require the use of MPPE 40 bit.
+.TP
+.B PPPD.ReqMPPE128=true \fR|\fB false
+Require the use of MPPE 128 bit.
+.TP
+.B PPPD.ReqMPPEStateful=true \fR|\fB false
+Allow MPPE to use stateful mode.
+.TP
+.B PPPD.NoVJ=true \fR|\fB false
+No Van Jacobson compression.
+.SS PPTP
+The following keys are optional for \fBpptp\fP(8) (see also \fBpppd\fP(8))
+networks:
+.TP
+.BI PPTP.User= username
+Username.
+.TP
+.BI PPTP.Password= password
+Password.
+.TP
+.BI PPPD.EchoFailure= count
+Echo failure count.
+.TP
+.BI PPPD.EchoFailure= count
+Dead peer check count.
+.TP
+.BI PPPD.EchoInterval= interval
+Dead peer check interval.
+.TP
+.BI PPPD.Debug= level
+Debug level.
+.TP
+.B PPPD.RefuseEAP=true \fR|\fB false
+Refuse EAP authentication.
+.TP
+.B PPPD.RefusePAP=true \fR|\fB false
+Refuse PAP authentication.
+.TP
+.B PPPD.RefuseCHAP=true \fR|\fB false
+Refuse CHAP authentication.
+.TP
+.B PPPD.RefuseMSCHAP=true \fR|\fB false
+Refuse MSCHAP authentication.
+.TP
+.B PPPD.RefuseMSCHAP2=true \fR|\fB false
+Refuse MSCHAPv2 authentication.
+.TP
+.B PPPD.NoBSDComp=true \fR|\fB false
+Disable BSD compression.
+.TP
+.B PPPD.NoPcomp=true \fR|\fB false
+Disable protocol compression.
+.TP
+.B PPPD.UseAccomp=true \fR|\fB false
+Disable Access/Control compression.
+.TP
+.B PPPD.NoDeflate=true \fR|\fB false
+Disable deflate compression.
+.TP
+.B PPPD.ReqMPPE=true \fR|\fB false
+Require the use of MPPE.
+.TP
+.B PPPD.ReqMPPE40=true \fR|\fB false
+Require the use of MPPE 40 bit.
+.TP
+.B PPPD.ReqMPPE128=true \fR|\fB false
+Require the use of MPPE 128 bit.
+.TP
+.B PPPD.ReqMPPEStateful=true \fR|\fB false
+Allow MPPE to use stateful mode.
+.TP
+.B PPPD.NoVJ=true \fR|\fB false
+No Van Jacobson compression.
+
+.SH "EXAMPLE"
+This is a configuration file for a VPN providing L2TP, OpenVPN and
+OpenConnect services. It could, for example, be in the file
+.B @vpn_storagedir@/example.config\fR.
+.PP
+.nf
+[global]
+Name = Example
+Description = Example VPN configuration
+
+[provider_l2tp]
+Type = L2TP
+Name = Connection to corporate network
+Host = 1.2.3.4
+Domain = corporate.com
+Networks = 10.10.30.0/24
+L2TP.User = username
+
+[provider_openconnect]
+Type = OpenConnect
+Name = Connection to corporate network using Cisco VPN
+Host = 7.6.5.4
+Domain = corporate.com
+Networks = 10.10.20.0/255.255.255.0/10.20.1.5,192.168.99.1/24,2001:db8::1/64
+OpenConnect.ServerCert = 263AFAB4CB2E6621D12E90182008AEF44AEFA031
+OpenConnect.CACert = /etc/certs/certificate.p12
+
+[provider_openvpn]
+Type = OpenVPN
+Name = Connection to corporate network using OpenVPN
+Host = 3.2.5.6
+Domain = my.home.network
+OpenVPN.CACert = /etc/certs/cacert.pem
+OpenVPN.Cert = /etc/certs/cert.pem
+OpenVPN.Key = /etc/certs/cert.key
+.fi
+.SH "SEE ALSO"
+.BR connmanctl (1),\ connman (8),\ connman-vpn (8)
diff --git a/doc/connman-vpn.8 b/doc/connman-vpn.8
deleted file mode 100644
index 968ef50..0000000
--- a/doc/connman-vpn.8
+++ /dev/null
@@ -1,63 +0,0 @@
-.\" connman-vpn(8) manual page
-.\"
-.\" Copyright (C) 2015 Intel Corporation
-.\"
-.TH CONNMAN-VPN "8" "2015-10-15"
-.SH NAME
-ConnMan-VPN \- VPN management daemon
-.SH SYNOPSIS
-.B connman-vpnd
-.RB [\| \-\-version \||\| \-\-help \|]
-.PP
-.B connman-vpnd
-.RB [\| \-c
-.IR file \|]
-.RB [\| \-d\ [\c
-.IR file [,...]\|]\|]
-.RB [\| \-p
-.IR plugin [,...]\|]
-.RB [\| \-P
-.IR plugin [,...]\|]
-.RB [\| \-n \|]
-.RB [\| \-r \|]
-.SH DESCRIPTION
-The \fIConnMan-VPN\fP provides a daemon for managing vpn connections together
-with \fBconnmand\fP(8). The Connection Manager is designed to be slim and to
-use as few resources as possible. The VPN daemon supports \fBopenconnect\fP(8),
-\fBopenvpn\fP(8), \fBvpnc\fP(8) and L2TP/PPTP (\fBxl2tpd.conf\fP(5),
-\fBpptp\fP(8), \fBpppd\fP(8)).
-.P
-.SH OPTIONS
-The following options are supported:
-.TP
-.BR \-v ", " \-\-version
-Print the ConnMan-VPN software version and exit.
-.TP
-.BR \-h ", " \-\-help
-Print ConnMan-VPN's available options and exit.
-.TP
-.BI \-c\ file\fR,\ \fB\-\-config= \fIfile
-Specify configuration file to set up various settings for ConnMan. If not
-specified, the default value of \fI<SYSCONFDIR>/connman/connman-vpn.conf\fP
-is used; where \fI<SYSCONFDIR>\fP is dependent on your distribution (usually
-it's \fI/etc\fP). See \fBconnman-vpn.conf\fP(5) for more information on
-configuration file. The use of config file is optional and sane default values
-are used if config file is missing.
-.TP
-.BR \-d\ [ \fIfile [,...]],\ \-\-debug [= \fIfile [,...]]
-Sets how much information ConnMan-VPN sends to the log destination (usually
-syslog's "daemon" facility). If the file options are omitted, then debugging
-information from all the source files are printed. If file options are
-present, then only debug prints from that source file are printed. Example:
-.PP
- connman-vpnd --debug=vpn/vpn-provider.c,vpn/vpn-config.c
-.TP
-.BR \-n ", " \-\-nodaemon
-Do not daemonize. This is useful for debugging, and directs log output to
-the controlling terminal in addition to syslog.
-.TP
-.BR \-r ", " \-\-routes
-Manage VPN routes instead of telling \fBconnmand\fP(8) to do it.
-.SH SEE ALSO
-.BR connmanctl (1), \ connman-vpn.conf (5), \c
-.BR \ connman-vpn-provider.config (5), \ connmand (8)
diff --git a/doc/connman-vpn.8.in b/doc/connman-vpn.8.in
new file mode 100644
index 0000000..6130b3b
--- /dev/null
+++ b/doc/connman-vpn.8.in
@@ -0,0 +1,62 @@
+.\" connman-vpn(8) manual page
+.\"
+.\" Copyright (C) 2015 Intel Corporation
+.\"
+.TH CONNMAN-VPN "8" "2015-10-15"
+.SH NAME
+ConnMan-VPN \- VPN management daemon
+.SH SYNOPSIS
+.B connman-vpnd
+.RB [\| \-\-version \||\| \-\-help \|]
+.PP
+.B connman-vpnd
+.RB [\| \-c
+.IR file \|]
+.RB [\| \-d\ [\c
+.IR file [,...]\|]\|]
+.RB [\| \-p
+.IR plugin [,...]\|]
+.RB [\| \-P
+.IR plugin [,...]\|]
+.RB [\| \-n \|]
+.RB [\| \-r \|]
+.SH DESCRIPTION
+The \fIConnMan-VPN\fP provides a daemon for managing vpn connections together
+with \fBconnmand\fP(8). The Connection Manager is designed to be slim and to
+use as few resources as possible. The VPN daemon supports \fBopenconnect\fP(8),
+\fBopenvpn\fP(8), \fBvpnc\fP(8) and L2TP/PPTP (\fBxl2tpd.conf\fP(5),
+\fBpptp\fP(8), \fBpppd\fP(8)).
+.P
+.SH OPTIONS
+The following options are supported:
+.TP
+.BR \-v ", " \-\-version
+Print the ConnMan-VPN software version and exit.
+.TP
+.BR \-h ", " \-\-help
+Print ConnMan-VPN's available options and exit.
+.TP
+.BI \-c\ file\fR,\ \fB\-\-config= \fIfile
+Specify configuration file to set up various settings for ConnMan. If not
+specified, the default value of \fI@sysconfdir@/connman/connman-vpn.conf\fP
+is used. See \fBconnman-vpn.conf\fP(5) for more information on
+configuration file. The use of config file is optional and sane default values
+are used if config file is missing.
+.TP
+.BR \-d\ [ \fIfile [,...]],\ \-\-debug [= \fIfile [,...]]
+Sets how much information ConnMan-VPN sends to the log destination (usually
+syslog's "daemon" facility). If the file options are omitted, then debugging
+information from all the source files are printed. If file options are
+present, then only debug prints from that source file are printed. Example:
+.PP
+ connman-vpnd --debug=vpn/vpn-provider.c,vpn/vpn-config.c
+.TP
+.BR \-n ", " \-\-nodaemon
+Do not daemonize. This is useful for debugging, and directs log output to
+the controlling terminal in addition to syslog.
+.TP
+.BR \-r ", " \-\-routes
+Manage VPN routes instead of telling \fBconnmand\fP(8) to do it.
+.SH SEE ALSO
+.BR connmanctl (1), \ connman-vpn.conf (5), \c
+.BR \ connman-vpn-provider.config (5), \ connmand (8)
diff --git a/doc/connman-vpn.conf.5 b/doc/connman-vpn.conf.5
deleted file mode 100644
index 5facd37..0000000
--- a/doc/connman-vpn.conf.5
+++ /dev/null
@@ -1,48 +0,0 @@
-.\" connman-vpn.conf(5) manual page
-.\"
-.\" Copyright (C) 2015 Intel Corporation
-.\"
-.TH "connman-vpn.conf" "5" "2015-10-15" ""
-.SH NAME
-connman-vpn.conf \- ConnMan-VPN configuration file
-.SH SYNOPSIS
-.B /etc/connman/connman-vpn.conf
-.br
-or
-.br
-\fI<SYSCONFDIR>\fB/connman/connman-vpn.conf
-.br
-.RI where\ <SYSCONFDIR> " depends on your distribution or build."
-.SH DESCRIPTION
-.P
-.B connman-vpn.conf
-is a configuration file for ConnMan-VPN. The configuration file is
-optional but it can be used to set up various aspects of ConnMan-VPN's
-behavior. The location of the file may be changed through use of
-the \fB\-\-config= \fRargument for \fBconnman-vpn\fP(8).
-.SH "FILE FORMAT"
-.P
-The configuration file format is key file format.
-It consists of sections (groups) of key-value pairs.
-Lines beginning with a '#' and blank lines are considered comments.
-Sections are started by a header line containing the section enclosed
-in '[' and ']', and ended implicitly by the start of the next section
-or the end of the file. Each key-value pair must be contained in a section.
-.P
-Description of sections and available keys follows:
-.SS [General]
-This section is the only mandatory section of the configuration file.
-.TP
-.BI InputRequestTimeout= secs
-Set input request timeout. Default is 300 seconds. The request for inputs
-like passphrase will timeout after certain amount of time. Use this setting
-to increase the value in case of different user interface designs.
-.SH "EXAMPLE"
-The following example configuration sets InputRequestTimeout to 10 minutes.
-.PP
-.nf
-[General]
-InputRequestTimeout = 600
-.fi
-.SH "SEE ALSO"
-.BR connman (8), \ connman-vpn (8)
diff --git a/doc/connman-vpn.conf.5.in b/doc/connman-vpn.conf.5.in
new file mode 100644
index 0000000..fcc4c69
--- /dev/null
+++ b/doc/connman-vpn.conf.5.in
@@ -0,0 +1,42 @@
+.\" connman-vpn.conf(5) manual page
+.\"
+.\" Copyright (C) 2015 Intel Corporation
+.\"
+.TH "connman-vpn.conf" "5" "2015-10-15" ""
+.SH NAME
+connman-vpn.conf \- ConnMan-VPN configuration file
+.SH SYNOPSIS
+.B @sysconfdir@/connman/connman-vpn.conf
+.SH DESCRIPTION
+.P
+.B connman-vpn.conf
+is a configuration file for ConnMan-VPN. The configuration file is
+optional but it can be used to set up various aspects of ConnMan-VPN's
+behavior. The location of the file may be changed through use of
+the \fB\-\-config= \fRargument for \fBconnman-vpn\fP(8).
+.SH "FILE FORMAT"
+.P
+The configuration file format is key file format.
+It consists of sections (groups) of key-value pairs.
+Lines beginning with a '#' and blank lines are considered comments.
+Sections are started by a header line containing the section enclosed
+in '[' and ']', and ended implicitly by the start of the next section
+or the end of the file. Each key-value pair must be contained in a section.
+.P
+Description of sections and available keys follows:
+.SS [General]
+This section is the only mandatory section of the configuration file.
+.TP
+.BI InputRequestTimeout= secs
+Set input request timeout. Default is 300 seconds. The request for inputs
+like passphrase will timeout after certain amount of time. Use this setting
+to increase the value in case of different user interface designs.
+.SH "EXAMPLE"
+The following example configuration sets InputRequestTimeout to 10 minutes.
+.PP
+.nf
+[General]
+InputRequestTimeout = 600
+.fi
+.SH "SEE ALSO"
+.BR connman (8), \ connman-vpn (8)
diff --git a/doc/connman.8 b/doc/connman.8
deleted file mode 100644
index 3d065db..0000000
--- a/doc/connman.8
+++ /dev/null
@@ -1,98 +0,0 @@
-.\" connman(8) manual page
-.\"
-.\" Copyright (C) 2012,2015 Intel Corporation
-.\"
-.TH CONNMAN "8" "2015-10-15"
-.SH NAME
-ConnMan \- network management daemon
-.SH SYNOPSIS
-.B connmand
-.RB [\| \-\-version \||\| \-\-help \|]
-.PP
-.B connmand
-.RB [\| \-c
-.IR file \|]
-.RB [\| \-d\ [\c
-.IR file [,...]\|]\|]
-.RB [\| \-i
-.IR interface [,...]\|]
-.RB [\| \-I
-.IR interface [,...]\|]
-.RB [\| \-W
-.IR driver [,...]\|]
-.RB [\| \-p
-.IR plugin [,...]\|]
-.RB [\| \-P
-.IR plugin [,...]\|]
-.RB [\| \-n \|]
-.RB [\| \-r \|]
-.SH DESCRIPTION
-The \fIConnMan\fP provides a daemon for managing internet connections
-within devices running the Linux operating system. The Connection Manager is
-designed to be slim and to use as few resources as possible.
-It is a fully modular system that can be extended, through plug-ins,
-to support all kinds of wired or wireless technologies.
-Also, configuration methods, like DHCP and domain name resolving,
-are implemented using plug-ins.
-The plug-in approach allows for easy adaption and modification for various
-use cases.
-.P
-.SH OPTIONS
-The following options are supported:
-.TP
-.BR \-v ", " \-\-version
-Print the ConnMan software version and exit.
-.TP
-.BR \-h ", " \-\-help
-Print ConnMan's available options and exit.
-.TP
-.BI \-c\ file\fR,\ \fB\-\-config= \fIfile
-Specify configuration file to set up various settings for ConnMan. If not
-specified, the default value of \fI<SYSCONFDIR>/connman/main.conf\fP
-is used; where \fI<SYSCONFDIR>\fP is dependent on your distribution (usually
-it's \fI/etc\fP). See \fBconnman.conf\fP(5) for more information on
-configuration file. The use of config file is optional and sane default values
-are used if config file is missing.
-.TP
-.BR \-d\ [ \fIfile [,...]],\ \-\-debug [= \fIfile [,...]]
-Sets how much information ConnMan sends to the log destination (usually
-syslog's "daemon" facility). If the file options are omitted, then debugging
-information from all the source files are printed. If file options are
-present, then only debug prints from that source file are printed. Example:
-.PP
- connmand --debug=src/service.c,plugins/wifi.c
-.TP
-.BR \-i\ \fIinterface \fR[,...],\ \-\-device= \fIinterface \fR[,...]
-Only manage these network interfaces. By default all network interfaces
-are managed.
-.TP
-.BR \-I\ \fIinterface \fR[,...],\ \-\-nodevice= \fIinterface \fR[,...]
-Never manage these network interfaces.
-.TP
-.BI \-p\ plugin \fR[,...],\ \fB\-\-plugin= plugin \fR[,...]
-Load these plugins only. The option can be a pattern containing
-"*" and "?" characters.
-.TP
-.BI \-P\ plugin \fR[,...],\ \fB\-\-noplugin= plugin \fR[,...]
-Never load these plugins. The option can be a pattern containing
-"*" and "?" characters.
-.TP
-.BI \-W\ driver \fR[,...],\ \fB\-\-wifi= driver \fR[,...]
-Wifi driver that WiFi/Supplicant should use. If this flag is omitted,
-then the value "nl80211,wext" is used by default.
-.TP
-.BR \-n ", " \-\-nodaemon
-Do not daemonize. This is useful for debugging, and directs log output to
-the controlling terminal in addition to syslog.
-.TP
-.BR \-r ", " \-\-nodnsproxy
-Do not act as a DNS proxy. By default ConnMan will direct all DNS traffic
-to itself by setting nameserver to 127.0.0.1 in \fBresolv.conf\fP(5) file.
-If this is not desired and you want that all programs call directly some
-DNS server, then you can use the \fB--nodnsproxy\fP option.
-If this option is used, then ConnMan is not able to cache the DNS queries
-because the DNS traffic is not going through ConnMan and that can cause
-some extra network traffic.
-.SH SEE ALSO
-.BR connmanctl (1), \ connman.conf (5), \ connman-service.config (5), \c
-.BR \ connman-vpn (8)
diff --git a/doc/connman.8.in b/doc/connman.8.in
new file mode 100644
index 0000000..9b71779
--- /dev/null
+++ b/doc/connman.8.in
@@ -0,0 +1,97 @@
+.\" connman(8) manual page
+.\"
+.\" Copyright (C) 2012,2015 Intel Corporation
+.\"
+.TH CONNMAN "8" "2015-10-15"
+.SH NAME
+ConnMan \- network management daemon
+.SH SYNOPSIS
+.B connmand
+.RB [\| \-\-version \||\| \-\-help \|]
+.PP
+.B connmand
+.RB [\| \-c
+.IR file \|]
+.RB [\| \-d\ [\c
+.IR file [,...]\|]\|]
+.RB [\| \-i
+.IR interface [,...]\|]
+.RB [\| \-I
+.IR interface [,...]\|]
+.RB [\| \-W
+.IR driver [,...]\|]
+.RB [\| \-p
+.IR plugin [,...]\|]
+.RB [\| \-P
+.IR plugin [,...]\|]
+.RB [\| \-n \|]
+.RB [\| \-r \|]
+.SH DESCRIPTION
+The \fIConnMan\fP provides a daemon for managing internet connections
+within devices running the Linux operating system. The Connection Manager is
+designed to be slim and to use as few resources as possible.
+It is a fully modular system that can be extended, through plug-ins,
+to support all kinds of wired or wireless technologies.
+Also, configuration methods, like DHCP and domain name resolving,
+are implemented using plug-ins.
+The plug-in approach allows for easy adaption and modification for various
+use cases.
+.P
+.SH OPTIONS
+The following options are supported:
+.TP
+.BR \-v ", " \-\-version
+Print the ConnMan software version and exit.
+.TP
+.BR \-h ", " \-\-help
+Print ConnMan's available options and exit.
+.TP
+.BI \-c\ file\fR,\ \fB\-\-config= \fIfile
+Specify configuration file to set up various settings for ConnMan. If not
+specified, the default value of \fI@sysconfdir@/connman/main.conf\fP
+is used. See \fBconnman.conf\fP(5) for more information on
+configuration file. The use of config file is optional and sane default values
+are used if config file is missing.
+.TP
+.BR \-d\ [ \fIfile [,...]],\ \-\-debug [= \fIfile [,...]]
+Sets how much information ConnMan sends to the log destination (usually
+syslog's "daemon" facility). If the file options are omitted, then debugging
+information from all the source files are printed. If file options are
+present, then only debug prints from that source file are printed. Example:
+.PP
+ connmand --debug=src/service.c,plugins/wifi.c
+.TP
+.BR \-i\ \fIinterface \fR[,...],\ \-\-device= \fIinterface \fR[,...]
+Only manage these network interfaces. By default all network interfaces
+are managed.
+.TP
+.BR \-I\ \fIinterface \fR[,...],\ \-\-nodevice= \fIinterface \fR[,...]
+Never manage these network interfaces.
+.TP
+.BI \-p\ plugin \fR[,...],\ \fB\-\-plugin= plugin \fR[,...]
+Load these plugins only. The option can be a pattern containing
+"*" and "?" characters.
+.TP
+.BI \-P\ plugin \fR[,...],\ \fB\-\-noplugin= plugin \fR[,...]
+Never load these plugins. The option can be a pattern containing
+"*" and "?" characters.
+.TP
+.BI \-W\ driver \fR[,...],\ \fB\-\-wifi= driver \fR[,...]
+Wifi driver that WiFi/Supplicant should use. If this flag is omitted,
+then the value "nl80211,wext" is used by default.
+.TP
+.BR \-n ", " \-\-nodaemon
+Do not daemonize. This is useful for debugging, and directs log output to
+the controlling terminal in addition to syslog.
+.TP
+.BR \-r ", " \-\-nodnsproxy
+Do not act as a DNS proxy. By default ConnMan will direct all DNS traffic
+to itself by setting nameserver to 127.0.0.1 in \fBresolv.conf\fP(5) file.
+If this is not desired and you want that all programs call directly some
+DNS server, then you can use the \fB--nodnsproxy\fP option.
+If this option is used, then ConnMan is not able to cache the DNS queries
+because the DNS traffic is not going through ConnMan and that can cause
+some extra network traffic.
+.SH SEE ALSO
+.BR connmanctl (1), \ connman.conf (5), \ connman-service.config (5), \c
+.BR \ connman-vpn (8)
diff --git a/doc/connman.conf.5 b/doc/connman.conf.5
deleted file mode 100644
index 0da3b47..0000000
--- a/doc/connman.conf.5
+++ /dev/null
@@ -1,144 +0,0 @@
-.\" connman.conf(5) manual page
-.\"
-.\" Copyright (C) 2012,2015 Intel Corporation
-.\"
-.TH "connman.conf" "5" "2015-10-15" ""
-.SH NAME
-main.conf \- ConnMan configuration file
-.SH SYNOPSIS
-.B /etc/connman/main.conf
-.br
-or
-.br
-\fI<SYSCONFDIR>\fB/connman/main.conf
-.br
-.RI where\ <SYSCONFDIR> " depends on your distribution or build."
-.SH DESCRIPTION
-.P
-.B main.conf
-is a configuration file for ConnMan. The configuration file is
-optional but it can be used to set up various aspects of ConnMan's
-behavior. The location of the file may be changed through use of
-the \fB\-\-config= \fRargument for \fBconnman\fP(8).
-.SH "FILE FORMAT"
-.P
-The configuration file format is key file format.
-It consists of sections (groups) of key-value pairs.
-Lines beginning with a '#' and blank lines are considered comments.
-Sections are started by a header line containing the section enclosed
-in '[' and ']', and ended implicitly by the start of the next section
-or the end of the file. Each key-value pair must be contained in a section.
-.P
-Description of sections and available keys follows:
-.SS [General]
-This section is the only mandatory section of the configuration file.
-.TP
-.BI InputRequestTimeout= secs
-Set input request timeout. Default is 120 seconds
-The request for inputs like passphrase will timeout
-after certain amount of time. Use this setting to
-increase the value in case of different user
-interface designs.
-.TP
-.BI BrowserLaunchTimeout= secs
-Set browser launch timeout. Default is 300 seconds
-The request for launching a browser for portal pages
-will timeout after certain amount of time. Use this
-setting to increase the value in case of different
-user interface designs.
-.TP
-.BI BackgroundScanning=true\ \fR|\fB\ false
-Enable background scanning. Default is true.
-Background scanning will start every 5 minutes unless
-the scan list is empty. In that case, a simple backoff
-mechanism starting from 10s up to 5 minutes will run.
-.TP
-.BI FallbackTimeservers= server\fR[,...]
-List of Fallback timeservers separated by ",".
-These timeservers are used for NTP sync when there are
-no timeserver set by the user or by the service.
-These can contain mixed combination of fully qualified
-domain names, IPv4 and IPv6 addresses.
-.TP
-.BI FallbackNameservers= server\fR[,...]
-List of fallback nameservers separated by "," appended
-to the list of nameservers given by the service. The
-nameserver entries must be in numeric format, host
-names are ignored.
-.TP
-.BI DefaultAutoConnectTechnologies= technology\fR[,...]
-List of technologies that are marked autoconnectable
-by default, separated by commas ",". The default value
-for this entry when empty is ethernet,wifi,cellular.
-Services that are automatically connected must have been
-set up and saved to storage beforehand.
-.TP
-.BI PreferredTechnologies= technology\fR[,...]
-List of preferred technologies from the most preferred
-one to the least preferred one separated by commas ",".
-Services of the listed technology type will be tried one
-by one in the order given, until one of them gets connected
-or they are all tried. A service of a preferred technology
-type in state 'ready' will get the default route when
-compared to another preferred type further down the list
-with state 'ready' or with a non-preferred type; a service
-of a preferred technology type in state 'online' will get
-the default route when compared to either a non-preferred
-type or a preferred type further down in the list.
-.TP
-.BI NetworkInterfaceBlacklist= interface\fR[,...]
-List of blacklisted network interfaces separated by ",".
-Found interfaces will be compared to the list and will
-not be handled by connman, if their first characters
-match any of the list entries. Default value is
-vmnet,vboxnet,virbr,ifb.
-.TP
-.BI AllowHostnameUpdates=true\ \fR|\fB\ false
-Allow connman to change the system hostname. This can
-happen for example if we receive DHCP hostname option.
-Default value is true.
-.TP
-.BI SingleConnectedTechnology=true\ \fR|\fB\ false
-Keep only a single connected technology at any time. When a new
-service is connected by the user or a better one is found according
-to PreferredTechnologies, the new service is kept connected and all
-the other previously connected services are disconnected. With this
-setting it does not matter whether the previously connected services
-are in 'online' or 'ready' states, the newly connected service is
-the only one that will be kept connected. A service connected by the
-user will be used until going out of network coverage. With this
-setting enabled applications will notice more network breaks than
-normal. Default value is false.
-.TP
-.BI TetheringTechnologies= technology\fR[,...]
-List of technologies that are allowed to enable tethering separated by ",".
-The default value is wifi,bluetooth,gadget. Only those technologies listed
-here are used for tethering. If one wants to tether ethernet,
-then add "ethernet" in the list.
-NOTE that if ethernet tethering is enabled, then a DHCP server is
-started on all ethernet interfaces. Tethered ethernet should
-never be connected to corporate or home network as it will disrupt
-normal operation of these networks. Due to this ethernet is not
-tethered by default. Do not activate ethernet tethering unless you
-really know what you are doing.
-.TP
-.BI PersistentTetheringMode=true\ \fR|\fB\ false
-Restore earlier tethering status when returning from offline mode,
-re-enabling a technology, and after restarts and reboots.
-Default value is false.
-.TP
-.BI Enable6to4=true\ \fR|\fB\ false
-Automatically enable Anycast 6to4 if possible. This is not recommended, as the
-use of 6to4 will generally lead to a severe degradation of connection quality.
-See RFC6343. Default value is false (as recommended by RFC6343 section 4.1).
-.SH "EXAMPLE"
-The following example configuration disables hostname updates and enables
-ethernet tethering.
-.PP
-.nf
-[General]
-AllowHostnameUpdates = false
-TetheringTechnologies = ethernet,wifi,bluetooth,gadget
-.fi
-.SH "SEE ALSO"
-.BR connman (8)
diff --git a/doc/connman.conf.5.in b/doc/connman.conf.5.in
new file mode 100644
index 0000000..ff97b7c
--- /dev/null
+++ b/doc/connman.conf.5.in
@@ -0,0 +1,138 @@
+.\" connman.conf(5) manual page
+.\"
+.\" Copyright (C) 2012,2015 Intel Corporation
+.\"
+.TH "connman.conf" "5" "2015-10-15" ""
+.SH NAME
+main.conf \- ConnMan configuration file
+.SH SYNOPSIS
+.B @sysconfdir@/connman/main.conf
+.SH DESCRIPTION
+.P
+.B main.conf
+is a configuration file for ConnMan. The configuration file is
+optional but it can be used to set up various aspects of ConnMan's
+behavior. The location of the file may be changed through use of
+the \fB\-\-config= \fRargument for \fBconnman\fP(8).
+.SH "FILE FORMAT"
+.P
+The configuration file format is key file format.
+It consists of sections (groups) of key-value pairs.
+Lines beginning with a '#' and blank lines are considered comments.
+Sections are started by a header line containing the section enclosed
+in '[' and ']', and ended implicitly by the start of the next section
+or the end of the file. Each key-value pair must be contained in a section.
+.P
+Description of sections and available keys follows:
+.SS [General]
+This section is the only mandatory section of the configuration file.
+.TP
+.BI InputRequestTimeout= secs
+Set input request timeout. Default is 120 seconds
+The request for inputs like passphrase will timeout
+after certain amount of time. Use this setting to
+increase the value in case of different user
+interface designs.
+.TP
+.BI BrowserLaunchTimeout= secs
+Set browser launch timeout. Default is 300 seconds
+The request for launching a browser for portal pages
+will timeout after certain amount of time. Use this
+setting to increase the value in case of different
+user interface designs.
+.TP
+.BI BackgroundScanning=true\ \fR|\fB\ false
+Enable background scanning. Default is true.
+Background scanning will start every 5 minutes unless
+the scan list is empty. In that case, a simple backoff
+mechanism starting from 10s up to 5 minutes will run.
+.TP
+.BI FallbackTimeservers= server\fR[,...]
+List of Fallback timeservers separated by ",".
+These timeservers are used for NTP sync when there are
+no timeserver set by the user or by the service.
+These can contain mixed combination of fully qualified
+domain names, IPv4 and IPv6 addresses.
+.TP
+.BI FallbackNameservers= server\fR[,...]
+List of fallback nameservers separated by "," appended
+to the list of nameservers given by the service. The
+nameserver entries must be in numeric format, host
+names are ignored.
+.TP
+.BI DefaultAutoConnectTechnologies= technology\fR[,...]
+List of technologies that are marked autoconnectable
+by default, separated by commas ",". The default value
+for this entry when empty is ethernet,wifi,cellular.
+Services that are automatically connected must have been
+set up and saved to storage beforehand.
+.TP
+.BI PreferredTechnologies= technology\fR[,...]
+List of preferred technologies from the most preferred
+one to the least preferred one separated by commas ",".
+Services of the listed technology type will be tried one
+by one in the order given, until one of them gets connected
+or they are all tried. A service of a preferred technology
+type in state 'ready' will get the default route when
+compared to another preferred type further down the list
+with state 'ready' or with a non-preferred type; a service
+of a preferred technology type in state 'online' will get
+the default route when compared to either a non-preferred
+type or a preferred type further down in the list.
+.TP
+.BI NetworkInterfaceBlacklist= interface\fR[,...]
+List of blacklisted network interfaces separated by ",".
+Found interfaces will be compared to the list and will
+not be handled by connman, if their first characters
+match any of the list entries. Default value is
+vmnet,vboxnet,virbr,ifb.
+.TP
+.BI AllowHostnameUpdates=true\ \fR|\fB\ false
+Allow connman to change the system hostname. This can
+happen for example if we receive DHCP hostname option.
+Default value is true.
+.TP
+.BI SingleConnectedTechnology=true\ \fR|\fB\ false
+Keep only a single connected technology at any time. When a new
+service is connected by the user or a better one is found according
+to PreferredTechnologies, the new service is kept connected and all
+the other previously connected services are disconnected. With this
+setting it does not matter whether the previously connected services
+are in 'online' or 'ready' states, the newly connected service is
+the only one that will be kept connected. A service connected by the
+user will be used until going out of network coverage. With this
+setting enabled applications will notice more network breaks than
+normal. Default value is false.
+.TP
+.BI TetheringTechnologies= technology\fR[,...]
+List of technologies that are allowed to enable tethering separated by ",".
+The default value is wifi,bluetooth,gadget. Only those technologies listed
+here are used for tethering. If one wants to tether ethernet,
+then add "ethernet" in the list.
+NOTE that if ethernet tethering is enabled, then a DHCP server is
+started on all ethernet interfaces. Tethered ethernet should
+never be connected to corporate or home network as it will disrupt
+normal operation of these networks. Due to this ethernet is not
+tethered by default. Do not activate ethernet tethering unless you
+really know what you are doing.
+.TP
+.BI PersistentTetheringMode=true\ \fR|\fB\ false
+Restore earlier tethering status when returning from offline mode,
+re-enabling a technology, and after restarts and reboots.
+Default value is false.
+.TP
+.BI Enable6to4=true\ \fR|\fB\ false
+Automatically enable Anycast 6to4 if possible. This is not recommended, as the
+use of 6to4 will generally lead to a severe degradation of connection quality.
+See RFC6343. Default value is false (as recommended by RFC6343 section 4.1).
+.SH "EXAMPLE"
+The following example configuration disables hostname updates and enables
+ethernet tethering.
+.PP
+.nf
+[General]
+AllowHostnameUpdates = false
+TetheringTechnologies = ethernet,wifi,bluetooth,gadget
+.fi
+.SH "SEE ALSO"
+.BR connman (8)
diff --git a/doc/connmanctl.1 b/doc/connmanctl.1
deleted file mode 100644
index 0f891bd..0000000
--- a/doc/connmanctl.1
+++ /dev/null
@@ -1,282 +0,0 @@
-.TH connmanctl 1 "2015-10-15" ""
-.SH
-NAME
-connmanctl \- Connman CLI
-.SH
-SYNOPSIS
-.BR connmanctl \ [\|\c
-.BI state\fR\ |
-.BI technologies\fR\ |
-.BI enable \ technology\fR|offline\ |
-.BI disable \ technology\fR|offline\ |
-.BI tether \ technology\ \fRon|off\ |
-.BI tether\fR\ wifi\ on|off\ ssid\ passphrase\fR\ |
-.BR services \ [\fIservice\fR]\ |
-.BI peers \ peer\fR\ |
-.BI scan \ technology\fR\ |
-.RI \fBconnect \ service | peer \ |
-.RI \fBdisconnect \ service | peer \ |
-.B config \ \fIservice\ option\ arg\fR...\ |
-.BR vpnconnections \ [\fIconnection\fR]\ |
-.BI help \fR\|]
-.PP
-.SH
-DESCRIPTION
-Connmanctl is a Connman command line interface which can be run in two modes:
-a plain synchronous command input, and an asynchronous interactive shell.
-To run a specific command the user may enter
-.RI \fBconnmanctl\ command\ [ options ] \fR
-or just \fBconnmanctl\fR, in the latter case an interactive shell will start.
-.PP
-Connmanctl can handle most network connections. It can be used to
-enable/disable any technology that exists on the system, display a list of
-services available, connect/disconnect networks, show properties of the system,
-the technologies, and any individual service, and configure all of the
-properties. It is also able to monitor changes in the properties of the
-services, technologies, and the system.
-.PP
-In the interactive shell, all of the same commands can be used. It
-provides quicker usage when needing to use connmanctl more extensively. In
-addition, connecting to protected wireless access points for the first time
-requires interactive shell.
-.SH
-COMMANDS AND OPTIONS
-.TP
-.B help
-Shows the abbreviated help menu in the terminal.
-.PP
-.TP
-.B state
-Shows the system properties. Includes ths online state of the
-system, offline mode, and session mode.
-.PP
-.TP
-.B technologies
-Shows a list of all technology types existing on the system and
-their properties. See the properties section of the Technology
-API for explanations of each property.
-.PP
-.TP
-.BI enable \ technology
-Enables the given technology type (e.g. ethernet, wifi, 3g, etc.)
-Turns power on to the technology, but doesn't connect unless
-there is a service with autoconnect set to True.
-.PP
-.TP
-.BI disable \ technology
-Disables the given technology type. Turns power off to the
-technology and disconnects if it is already connected.
-.PP
-.TP
-.B enable offline
-Enables offline mode. Disconnects and powers down all
-technologies system-wide, however each technology can be powered
-back on individually.
-.PP
-.TP
-.B disable offline
-Disables offline mode. Technologies are powered back on according
-to their individual policies.
-.PP
-.TP
-.BI tether \ technology \ on \ \fR|\ off
-Enable or disable tethering on \fItechnology\fR. Ethernet cannot be tethered
-by default since tethering it usually breaks local networks. See
-.BR connman.conf (5)
-for enabling.
-.PP
-.TP
-.BR tether\ wifi\ on \ |\ off \ \fIssid\ passphrase
-Enable or disable wireless tethering, as well set the SSID and passphrase.
-.PP
-.TP
-.B services
-Shows a list of all available services. This includes the
-nearby wifi networks, the wired ethernet connections, bluetooth devices, etc.
-An asterisk in front of the service indicates that the service
-has been connected before.
-.PP
-.TP
-.BI services \ service
-Shows a list of all properties for that service.
-Only the service path (e.g. wifi_6834534139723_managed_none)
-is accepted as a parameter.
-.PP
-.TP
-.BI scan \ technology
-Scans for new services on the given technology.
-.PP
-.TP
-.BI connect \ service
-Connects to the given service. Some services need a so-called
-\fBprovisioning file\fR in order to connect to them, see
-\fBconnman-service.config\fR(5).
-.PP
-.TP
-.BI disconnect \ service
-Disconnects from the given service.
-.PP
-.TP
-.BI move-before \ service\ target-service
-Prefer connecting to \fIservice\fR over \fItarget-service\fR.
-.PP
-.TP
-.BI move-after \ service\ target-service
-Prefer connecting to \fItarget-service\fR over \fIservice\fR.
-.PP
-.TP
-.BI config \ service\ option\ arg\fR...
-Configures a writable property of the given service to the value(s) entered
-after \fIoption\fR. See the \fBConfig Options\fR subsection for details.
-.PP
-.TP
-.BI monitor \ target
-Listens for and displays DBus signals sent by Connman. If a currently monitored
-property changes, the changes will be shown. If no \fItarget\fR is specified,
-all changes will be shown. See the \fBMonitor Options\fR subsection for a
-summary of parameters.
-.PP
-.TP
-.BI vpnconnections
-Shows a list of all available vpn connections.
-.PP
-.TP
-.BI vpnconnections \ connection
-Shows the current properties of \fIconnection\fR.
-.PP
-.SS
-Commands only available in interactive mode:
-.PP
-.TP
-.BR agent\ on \ |\ off
-Enable or disable the wireless agent, used for entering wireless
-network passphrases. See the \fBEXAMPLE\fR section of this man page for
-an example of connecting to a wireless access point.
-.PP
-.TP
-.BR vpnagent\ on \ |\ off
-Enable or disable the vpn agent, used for entering vpn credentials.
-.SS
-Config Options:
-.PP
-.TP
-.BR \fBautoconnect\ on \ |\ off
-Sets the autoconnect property of the service.
-.PP
-.TP
-.BR ipv4\ off \ |\ dhcp \ |\ manual\ \fIaddress\ netmask\ gateway
-Configures the IPv4 settings for the service. The argument
-\fBoff\fR means that IPv4 won't be used, \fBdhcp\fR means that
-dhcp will be used to get the settings and \fBmanual\fR means
-that the given arguments will be used as IPv4 settings.
-.IR address ,\ netmask " and " gateway
-must be valid IPv4 addresses. See the \fBEXAMPLE\fR section
-of this man page for details.
-.PP
-.TP
-.BR ipv6\ off \ |\ auto \ |\ manual\ \fIaddress\ prefixlength\ gateway
-Configures the IPv6 settings for the service. The argument
-\fBoff\fR means that IPv6 won't be used, \fBauto\fR means that
-settings will be asked from the network and \fBmanual\fR means
-that the given arguments will be used as IPv6 settings.
-.IR address " and " gateway
-must be valid IPv4 addresses. \fIprefixlength\fR is the length
-of the prefix in bits. See the \fBEXAMPLE\fR section of this man
-page for details.
-.PP
-.TP
-.BI nameservers\ dns\fR\ [...]
-Set the list of nameservers, separated by spaces.
-.PP
-.TP
-.BI timeservers\ server\fR\ [...]
-Set the list of timeservers, separated by spaces.
-.PP
-.TP
-.BI domains\ domain\fR\ [...]
-Set the list of search domains, separated by spaces.
-.PP
-.TP
-.BR proxy\ direct \ |\ auto\fI\ URL \ |\ manual\ \fIserver [...]\
[--excludes\ \fIserver [...]]
-Configures the proxy settings for the service. \fBdirect\fR means that no
-proxy will be used. If using \fBauto\fR without a parameter, the network
-will be asked for the proxy settings. Otherwise, use \fIURL\fR as an
-proxy autoconfiguration URL. When set to \fBmanual\fR, the first list of
servers
-is used as proxy servers, and the traffic to the second list of servers are
-excluded from the proxy. The list of excluded servers is optional. See the
-\fBEXAMPLE\fR section of this man page for details.
-.PP
-.SS
-Monitor Options:
-.PP
-.TP
-.BR services\ [ off ]
-Listens for changes to services, for example a service getting an IP address.
-.PP
-.TP
-.BR tech\ [ off ]
-Listens for changes to technologies, for example a technology getting enabled.
-.PP
-.TP
-.BR manager\ [ off ]
-Listens for the changes to global properties, available technologies,
-services, and peers.
-.PP
-.TP
-.BR vpnmanager\ [ off ]
-Listens for added or removed vpn connections.
-.PP
-.TP
-.BR vpnconnection\ [ off ]
-Listens for the changes to vpn connections, for example connecting to a VPN.
-.PP
-.SH
-EXAMPLE
-Listing available technologies:
-.PP
- $ connmanctl technologies
-.PP
-Listing available services:
-.PP
- $ connmanctl services
-.PP
-Scanning for wireless networks:
-.PP
- $ connmanctl scan wifi
-.PP
-Using the interactive mode to access a wireless access point:
-.PP
- $ connmanctl
- connmanctl> agent on
- Agent registered
- connmanctl> connect wifi_100ba9d170fc_666f6f626172_managed_psk
- Agent RequestInput wifi_100ba9d170fc_666f6f626172_managed_psk
- Passphrase = [ Type=psk, Requirement=mandatory ]
- Passphrase? password
- Connected wifi_100ba9d170fc_666f6f626172_managed_psk
- connmanctl>
-.PP
-Configuring a static IP from the command line:
-.PP
- $ connmanctl config wifi_100ba9d170fc_666f6f626172_managed_psk ipv4
manual 192.168.1.101 255.255.255.0 192.168.1.1
-.PP
-Changing the IP back to dhcp:
-.PP
- $ connmanctl config wifi_100ba9d170fc_666f6f626172_managed_psk ipv4 dhcp
-.PP
-Setting a proxy server:
-.PP
- $ connmanctl config wifi_100ba9d170fc_666f6f626172_managed_psk proxy
manual proxy.example.com
-.PP
-Setting multiple proxy servers:
-.PP
- $ connmanctl config wifi_100ba9d170fc_666f6f626172_managed_psk proxy
manual proxy.example.com http://httpproxy.example.com --excludes
internal.example.com
-.PP
-Tethering a wireless connection (ssid "SSID", passphrase "password"):
-.PP
- $ connmanctl tether wifi on SSID password
-.PP
-.SH
-SEE ALSO
-.BR connman.conf (5), \ connman-service.config (5), \c
-.BR \ connman-vpn-provider.config (5), \ connman (8), \ connman-vpn (8)
diff --git a/doc/connmanctl.1.in b/doc/connmanctl.1.in
new file mode 100644
index 0000000..0f891bd
--- /dev/null
+++ b/doc/connmanctl.1.in
@@ -0,0 +1,282 @@
+.TH connmanctl 1 "2015-10-15" ""
+.SH
+NAME
+connmanctl \- Connman CLI
+.SH
+SYNOPSIS
+.BR connmanctl \ [\|\c
+.BI state\fR\ |
+.BI technologies\fR\ |
+.BI enable \ technology\fR|offline\ |
+.BI disable \ technology\fR|offline\ |
+.BI tether \ technology\ \fRon|off\ |
+.BI tether\fR\ wifi\ on|off\ ssid\ passphrase\fR\ |
+.BR services \ [\fIservice\fR]\ |
+.BI peers \ peer\fR\ |
+.BI scan \ technology\fR\ |
+.RI \fBconnect \ service | peer \ |
+.RI \fBdisconnect \ service | peer \ |
+.B config \ \fIservice\ option\ arg\fR...\ |
+.BR vpnconnections \ [\fIconnection\fR]\ |
+.BI help \fR\|]
+.PP
+.SH
+DESCRIPTION
+Connmanctl is a Connman command line interface which can be run in two modes:
+a plain synchronous command input, and an asynchronous interactive shell.
+To run a specific command the user may enter
+.RI \fBconnmanctl\ command\ [ options ] \fR
+or just \fBconnmanctl\fR, in the latter case an interactive shell will start.
+.PP
+Connmanctl can handle most network connections. It can be used to
+enable/disable any technology that exists on the system, display a list of
+services available, connect/disconnect networks, show properties of the system,
+the technologies, and any individual service, and configure all of the
+properties. It is also able to monitor changes in the properties of the
+services, technologies, and the system.
+.PP
+In the interactive shell, all of the same commands can be used. It
+provides quicker usage when needing to use connmanctl more extensively. In
+addition, connecting to protected wireless access points for the first time
+requires interactive shell.
+.SH
+COMMANDS AND OPTIONS
+.TP
+.B help
+Shows the abbreviated help menu in the terminal.
+.PP
+.TP
+.B state
+Shows the system properties. Includes ths online state of the
+system, offline mode, and session mode.
+.PP
+.TP
+.B technologies
+Shows a list of all technology types existing on the system and
+their properties. See the properties section of the Technology
+API for explanations of each property.
+.PP
+.TP
+.BI enable \ technology
+Enables the given technology type (e.g. ethernet, wifi, 3g, etc.)
+Turns power on to the technology, but doesn't connect unless
+there is a service with autoconnect set to True.
+.PP
+.TP
+.BI disable \ technology
+Disables the given technology type. Turns power off to the
+technology and disconnects if it is already connected.
+.PP
+.TP
+.B enable offline
+Enables offline mode. Disconnects and powers down all
+technologies system-wide, however each technology can be powered
+back on individually.
+.PP
+.TP
+.B disable offline
+Disables offline mode. Technologies are powered back on according
+to their individual policies.
+.PP
+.TP
+.BI tether \ technology \ on \ \fR|\ off
+Enable or disable tethering on \fItechnology\fR. Ethernet cannot be tethered
+by default since tethering it usually breaks local networks. See
+.BR connman.conf (5)
+for enabling.
+.PP
+.TP
+.BR tether\ wifi\ on \ |\ off \ \fIssid\ passphrase
+Enable or disable wireless tethering, as well set the SSID and passphrase.
+.PP
+.TP
+.B services
+Shows a list of all available services. This includes the
+nearby wifi networks, the wired ethernet connections, bluetooth devices, etc.
+An asterisk in front of the service indicates that the service
+has been connected before.
+.PP
+.TP
+.BI services \ service
+Shows a list of all properties for that service.
+Only the service path (e.g. wifi_6834534139723_managed_none)
+is accepted as a parameter.
+.PP
+.TP
+.BI scan \ technology
+Scans for new services on the given technology.
+.PP
+.TP
+.BI connect \ service
+Connects to the given service. Some services need a so-called
+\fBprovisioning file\fR in order to connect to them, see
+\fBconnman-service.config\fR(5).
+.PP
+.TP
+.BI disconnect \ service
+Disconnects from the given service.
+.PP
+.TP
+.BI move-before \ service\ target-service
+Prefer connecting to \fIservice\fR over \fItarget-service\fR.
+.PP
+.TP
+.BI move-after \ service\ target-service
+Prefer connecting to \fItarget-service\fR over \fIservice\fR.
+.PP
+.TP
+.BI config \ service\ option\ arg\fR...
+Configures a writable property of the given service to the value(s) entered
+after \fIoption\fR. See the \fBConfig Options\fR subsection for details.
+.PP
+.TP
+.BI monitor \ target
+Listens for and displays DBus signals sent by Connman. If a currently monitored
+property changes, the changes will be shown. If no \fItarget\fR is specified,
+all changes will be shown. See the \fBMonitor Options\fR subsection for a
+summary of parameters.
+.PP
+.TP
+.BI vpnconnections
+Shows a list of all available vpn connections.
+.PP
+.TP
+.BI vpnconnections \ connection
+Shows the current properties of \fIconnection\fR.
+.PP
+.SS
+Commands only available in interactive mode:
+.PP
+.TP
+.BR agent\ on \ |\ off
+Enable or disable the wireless agent, used for entering wireless
+network passphrases. See the \fBEXAMPLE\fR section of this man page for
+an example of connecting to a wireless access point.
+.PP
+.TP
+.BR vpnagent\ on \ |\ off
+Enable or disable the vpn agent, used for entering vpn credentials.
+.SS
+Config Options:
+.PP
+.TP
+.BR \fBautoconnect\ on \ |\ off
+Sets the autoconnect property of the service.
+.PP
+.TP
+.BR ipv4\ off \ |\ dhcp \ |\ manual\ \fIaddress\ netmask\ gateway
+Configures the IPv4 settings for the service. The argument
+\fBoff\fR means that IPv4 won't be used, \fBdhcp\fR means that
+dhcp will be used to get the settings and \fBmanual\fR means
+that the given arguments will be used as IPv4 settings.
+.IR address ,\ netmask " and " gateway
+must be valid IPv4 addresses. See the \fBEXAMPLE\fR section
+of this man page for details.
+.PP
+.TP
+.BR ipv6\ off \ |\ auto \ |\ manual\ \fIaddress\ prefixlength\ gateway
+Configures the IPv6 settings for the service. The argument
+\fBoff\fR means that IPv6 won't be used, \fBauto\fR means that
+settings will be asked from the network and \fBmanual\fR means
+that the given arguments will be used as IPv6 settings.
+.IR address " and " gateway
+must be valid IPv4 addresses. \fIprefixlength\fR is the length
+of the prefix in bits. See the \fBEXAMPLE\fR section of this man
+page for details.
+.PP
+.TP
+.BI nameservers\ dns\fR\ [...]
+Set the list of nameservers, separated by spaces.
+.PP
+.TP
+.BI timeservers\ server\fR\ [...]
+Set the list of timeservers, separated by spaces.
+.PP
+.TP
+.BI domains\ domain\fR\ [...]
+Set the list of search domains, separated by spaces.
+.PP
+.TP
+.BR proxy\ direct \ |\ auto\fI\ URL \ |\ manual\ \fIserver [...]\
[--excludes\ \fIserver [...]]
+Configures the proxy settings for the service. \fBdirect\fR means that no
+proxy will be used. If using \fBauto\fR without a parameter, the network
+will be asked for the proxy settings. Otherwise, use \fIURL\fR as an
+proxy autoconfiguration URL. When set to \fBmanual\fR, the first list of
servers
+is used as proxy servers, and the traffic to the second list of servers are
+excluded from the proxy. The list of excluded servers is optional. See the
+\fBEXAMPLE\fR section of this man page for details.
+.PP
+.SS
+Monitor Options:
+.PP
+.TP
+.BR services\ [ off ]
+Listens for changes to services, for example a service getting an IP address.
+.PP
+.TP
+.BR tech\ [ off ]
+Listens for changes to technologies, for example a technology getting enabled.
+.PP
+.TP
+.BR manager\ [ off ]
+Listens for the changes to global properties, available technologies,
+services, and peers.
+.PP
+.TP
+.BR vpnmanager\ [ off ]
+Listens for added or removed vpn connections.
+.PP
+.TP
+.BR vpnconnection\ [ off ]
+Listens for the changes to vpn connections, for example connecting to a VPN.
+.PP
+.SH
+EXAMPLE
+Listing available technologies:
+.PP
+ $ connmanctl technologies
+.PP
+Listing available services:
+.PP
+ $ connmanctl services
+.PP
+Scanning for wireless networks:
+.PP
+ $ connmanctl scan wifi
+.PP
+Using the interactive mode to access a wireless access point:
+.PP
+ $ connmanctl
+ connmanctl> agent on
+ Agent registered
+ connmanctl> connect wifi_100ba9d170fc_666f6f626172_managed_psk
+ Agent RequestInput wifi_100ba9d170fc_666f6f626172_managed_psk
+ Passphrase = [ Type=psk, Requirement=mandatory ]
+ Passphrase? password
+ Connected wifi_100ba9d170fc_666f6f626172_managed_psk
+ connmanctl>
+.PP
+Configuring a static IP from the command line:
+.PP
+ $ connmanctl config wifi_100ba9d170fc_666f6f626172_managed_psk ipv4
manual 192.168.1.101 255.255.255.0 192.168.1.1
+.PP
+Changing the IP back to dhcp:
+.PP
+ $ connmanctl config wifi_100ba9d170fc_666f6f626172_managed_psk ipv4 dhcp
+.PP
+Setting a proxy server:
+.PP
+ $ connmanctl config wifi_100ba9d170fc_666f6f626172_managed_psk proxy
manual proxy.example.com
+.PP
+Setting multiple proxy servers:
+.PP
+ $ connmanctl config wifi_100ba9d170fc_666f6f626172_managed_psk proxy
manual proxy.example.com http://httpproxy.example.com --excludes
internal.example.com
+.PP
+Tethering a wireless connection (ssid "SSID", passphrase "password"):
+.PP
+ $ connmanctl tether wifi on SSID password
+.PP
+.SH
+SEE ALSO
+.BR connman.conf (5), \ connman-service.config (5), \c
+.BR \ connman-vpn-provider.config (5), \ connman (8), \ connman-vpn (8)
--
2.1.4
_______________________________________________
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman
