diff --git a/i2p2www/pages/site/docs/spec/configuration.html b/i2p2www/pages/site/docs/spec/configuration.html
index 4b93d945..f4a03d0b 100644
--- a/i2p2www/pages/site/docs/spec/configuration.html
+++ b/i2p2www/pages/site/docs/spec/configuration.html
@@ -201,37 +201,161 @@ Properties are as follows:
 <pre>
 # Display description for UI
 tunnel.N.description=
+
 # Router IP address or host name. Ignored if in router context.
 tunnel.N.i2cpHost=127.0.0.1
+
 # Router I2CP port. Ignored if in router context.
 tunnel.N.i2cpPort=nnnn
+
 # For clients only. Local listen IP address or host name.
 tunnel.N.interface=127.0.0.1
+
 # For clients only. Local listen port.
 tunnel.N.listenPort=nnnn
+
 # Display name for UI
 tunnel.N.name=
+
+# Servers only. Default false. Originate connections to local server with a unique IP per-remote-destination.
+tunnel.N.option.enableUniqueLocal=true|false
+
+# HTTP client only. Whether to use allow SSL connections to i2p addresses. Default false.
+tunnel.N.option.i2ptunnel.httpclient.allowInternalSSL=true|false
+
+# HTTP client only. Whether to disable address helper links. Default false.
+tunnel.N.option.i2ptunnel.httpclient.disableAddressHelper=true|false
+
+# HTTP client only. Comma- or space-separated list of jump server URLs.
+tunnel.N.option.i2ptunnel.httpclient.jumpServers=http://example.i2p/jump
+
+# HTTP client only. Whether to pass Accept* headers through. Default false.
+tunnel.N.option.i2ptunnel.httpclient.sendAccept=true|false
+
+# HTTP client only. Whether to pass Referer headers through. Default false.
+tunnel.N.option.i2ptunnel.httpclient.sendReferer=true|false
+
+# HTTP client only. Whether to pass User-Agent headers through. Default false.
+tunnel.N.option.i2ptunnel.httpclient.sendUserAgent=true|false
+
+# HTTP client only. Whether to pass Via headers through. Default false.
+tunnel.N.option.i2ptunnel.httpclient.sendVia=true|false
+
+# HTTP client only. Comma- or space-separated list of in-network SSL outproxies.
+tunnel.N.option.i2ptunnel.httpclient.SSLOutproxies=example.i2p
+
+# SOCKS client only. Comma- or space-separated list of in-network outproxies for any ports not specified.
+tunnel.N.option.i2ptunnel.socks.proxy.default=example.i2p
+
+# SOCKS client only. Comma- or space-separated list of in-network outproxies for port NNNN.
+tunnel.N.option.i2ptunnel.socks.proxy.NNNN=example.i2p
+
+# HTTP client only. Whether to use a registered local outproxy plugin. Default true.
+tunnel.N.option.i2ptunnel.useLocalOutproxy=true|false
+
+# IRC Server only. Only used if fakeHostname contains a %c.
+# If unset, cloak with a random value that is persistent for
+# the life of this tunnel. If set, cloak with the hash of this passphrase.
+# Use to have consistent mangling across restarts, or for multiple IRC servers cloak consistently to
+# be able to track users even when they switch servers.
+# Note: don't quote or put spaces in the passphrase, the i2ptunnel gui can't handle it.
+tunnel.N.option.ircserver.cloakKey=
+
+# IRC Server only. Set the fake hostname sent by I2PTunnel,
+# %f is the full B32 destination hash, %c is the cloaked hash.
+tunnel.N.option.ircserver.fakeHostname=%f.b32.i2p
+
+# IRC Server only. Default user.
+tunnel.N.option.ircserver.method=user|webirc
+
+# IRC Server only. The password to use for the webirc protocol.
+# Note: don't quote or put spaces in the passphrase, the i2ptunnel gui can't handle it.
+tunnel.N.option.ircserver.webircPassword=
+
+# IRC Server only.
+tunnel.N.option.ircserver.webircSpoofIP=
+
+# HTTP Server only. Max number of POSTs allowed for one destination per postCheckTime. Default 0 (unlimited)
+tunnel.N.option.maxPosts=nnn
+
+# HTTP Server only. Max number of POSTs allowed for all destinations per postCheckTime. Default 0 (unlimited)
+tunnel.N.option.maxTotalPosts=nnn
+
+# HTTP Clients only. Whether to send authorization to an outproxy. Default false.
+tunnel.N.option.outproxyAuth=true|false
+
+# HTTP Clients only. The password for the outproxy authorization.
+tunnel.N.option.outproxyPassword=
+
+# HTTP Clients only. The username for the outproxy authorization.
+tunnel.N.option.outproxyUsername=
+
+# HTTP Clients only. Whether to send authorization to an outproxy. Default false.
+tunnel.N.option.outproxyAuth=true|false
+
+# Clients only. Whether to store a destination in a private key file and reuse it. Default false.
+tunnel.N.option.persistentClientKey=true|false
+
+# HTTP Server only. Time period for banning POSTs from a single destination after maxPosts is exceeded, in seconds. Default 1800 seconds.
+tunnel.N.option.postBanTime=nnn
+
+# HTTP Server only. Time period for checking maxPosts and maxTotalPosts, in seconds. Default 300 seconds.
+tunnel.N.option.postCheckTime=nnn
+
+# HTTP Server only. Time period for banning all POSTs after maxTotalPosts is exceeded, in seconds. Default 600 seconds.
+tunnel.N.option.postTotalBanTime=nnn
+
+# HTTP Clients only. Whether to require local authorization for the proxy. Default false. "true" is the same as "basic".
+tunnel.N.option.proxyAuth=true|false|basic|digest
+
+# HTTP Clients only. The MD5 of the password for local authorization for user USER.
+tunnel.N.option.proxy.auth.USER.md5=
+
+# HTTP Servers only. Whether to reject incoming connections apparently via an inproxy. Default false.
+tunnel.N.option.rejectInproxy=true|false
+
+# Servers only. Overrides targetHost and targetPort for incoming port NNNN.
+tunnel.N.option.targetForPort.NNNN=hostnameOrIP:nnnn
+
+# Servers only. Default false. Use SSL for connections to local server.
+tunnel.N.option.useSSL=false
+
 # Each option is passed to I2CP and streaming with "tunnel.N.option." stripped off. See those docs.
 tunnel.N.option.*=
+
 # For servers and clients with persistent keys only. Absolute path or relative to config directory.
 tunnel.N.privKeyFile=filename
+
 # For proxies only. Comma- or space-separated host names.
 tunnel.N.proxyList=example.i2p[,example2.i2p]
+
 # For clients only. Default false.
 tunnel.N.sharedClient=true|false
+
 # For HTTP servers only. Host name to be passed to the local server in the HTTP headers.
-tunnel.N.spoofedHost=
+# Default is the base 32 hostname.
+tunnel.N.spoofedHost=example.i2p
+
+# For HTTP servers only. Host name to be passed to the local server in the HTTP headers.
+# Overrides above setting for incoming port NNNN, to allow virtual hosts.
+tunnel.N.spoofedHost.NNNN=example.i2p
+
 # Default true
 tunnel.N.startOnLoad=true|false
+
 # For clients only. Comma- or space-separated host names or host:port.
 tunnel.N.targetDestination=example.i2p[:nnnn][,example2.i2p[:nnnn]]
+
 # For servers only. Local IP address or host name to connect to.
 tunnel.N.targetHost=
-# For servers only.
+
+# For servers only. Port on targetHost to connect to.
 tunnel.N.targetPort=nnnn
+
 # The type of i2ptunnel
 tunnel.N.type=client|connectclient|httpbidirserver|httpclient|httpserver|ircclient|ircserver|
               server|socksirctunnel|sockstunnel|streamrclient|streamrserver
+
 </pre>
 Note: Each 'N' is a tunnel number starting with 0.
 There may not be any gaps in numbering.