Manual Page: SOCKS.CONF(5)

SOCKS.CONF(5)                 File Formats Manual                SOCKS.CONF(5)



NAME
       socks.conf - socks client configuration file syntax

DESCRIPTION
       The configuration file for the socks client library allow control over
       logging and server selection.  It is divided into two parts,
       miscellaneous settings and routes.  A line can be commented using the
       standard comment character #.

FORMAT
       The miscellaneous settings have a keyword followed by a colon and the
       value.

       debug  Setting this field to 1 turns on debugging.

       logoutput
              This value controls where the client library sends logoutput.
              It can be either syslog, stdout, stderr, a filename, or a
              combination.  The default is no logging.

       resolveprotocol
              The protocol used to resolve hostnames.  Valid values are udp,
              tcp and fake.  The default is udp.

ROUTES
       The routes are specified with a route keyword.  Inside a pair of
       parenthesis ({}) a set of keywords control the behavior of the route.
       Each route can contain three address specifications; from, to and via.
       A route is selected for a connection based on the values within the
       route block.

       When searching for a route to match the clients request, the library
       will first look for a direct route.  Then for a socks_v5 route, a
       socks_v4 route, a http_v1.0 route, and lastly for a upnp route.

       Depending on how the library is configured and environment variables
       set (see the manual for socksify(1)), there may or may not be an
       automatic fallback to an auto-generated direct route if no other route
       is found.

       The route block can contain the following:


       ADDRESSES
              Each address field can consist of a ipaddress (and where
              meaningful, a netmask, separated from the ipaddress by a '/'
              sign.), a hostname, a domainname (designated by the leading
              '.'), or an interfacename (where meaningful).  Each address can
              be followed by a optional port specifier.


       from   The route is used only by requests coming from the address given
              as value.

       to     The route is used only by requests going to the address given as
              value.

       via    Address of server to be used as gateway for the connection.  In
              the case of upnp, it can also be the name of the interface to
              use for discovering the upnp controlpoint, if the full url for
              the IGD is not yet known.

       port   Parameter to from, to and via.  Accepts the keywords eq/=,
              ne/!=, ge/>=, le/<=, gt/>, lt/< followed by a number.  A
              portrange can also be given as "port <start #> - <end #>", which
              will match all port numbers within the range <start #> and <end
              #>.



       Options

       clientcompatibility
              Enables certain options for compatibility with broken servers.
              Valid values are: necgssapi, for compatibility with servers
              implementing gssapi the NEC socks way.

       command
              The server supports the given commands.  Valid commands are
              bind, bindreply, connect, udpassociate and udpreply.   The
              default is all commands supported by the protocols set for the
              route.

       gssapi.enctype
              Which encryption to enforce for GSSAPI-authenticated
              communication.  Possible values are clear, integrity, or
              confidentiality.  The default is to try for confidentially, but
              accept whatever the server offers.

       gssapi.servicename
              Which servicename to use when involving GSSAPI.  Default is
              "rcmd".

              Can be used instead of, or to complement, protocol.

       method List of authentication methods the client supports and which to
              offer the server.  Currently supported values are none, gssapi,
              and username.  The default is all supported methods.

       protocol
              The protocols the server supports.  Supported values are tcp and
              udp.  The default is all supported protocols.

       proxyprotocol
              The proxy protocols the server supports.  Currently supported
              values are socks_v4, socks_v5, http_v1.0, and upnp.  The default
              is socks_v5.

EXAMPLES
       See the example directory in the distribution.

ENVIRONMENT
       SOCKS_USERNAME
              Use the value of SOCKS_USERNAME as the username when doing
              username authentication.

       SOCKS_PASSWORD
              Use the value of SOCKS_PASSWORD as the password when doing
              username authentication.  Not recommended as other users on the
              system might be able to see your password.

       SOCKS_AUTOADD_LANROUTES
              If this variable is set to "no", the client will not try to
              auto-add direct routes for all addresses on the lan.  The
              default is to add them.

       SOCKS_DISABLE_THREADLOCK
              If this variable is set, the client will not perform
              threadlocking.  The default is for the client to attempt to
              figure out for itself whether the application to socksify needs
              threadlocking or not.

       Some additional environment variables are documented in socksify(1).


       FILES  /etc/socks.conf

AUTHORS
       For inferno Nettverk A/S:
          Michael Shuldman
          Karl-Andre' Skevik

SEE ALSO
       socksify(1) sockd(8) sockd.conf(5)

       Information about new releases and other related issues can be found
              on the Dante WWW home page: http://www.inet.no/dante/

BUGS
       See the accompanying BUGS file.  New ones should be reported to
       dante-bugs@inet.no.



                                 January, 2009                   SOCKS.CONF(5)