dante   Frontpage - Dante - Download - Status - Support - Modules - Docs - Links - Survey
 

Manual Page: SOCKS.CONF(5)

SOCKS.CONF(5)					    SOCKS.CONF(5)

NAME
       socks.conf - socks client configuration file syntax

DESCRIPTION
       The  configuration file for the socks client library allow control over
       logging and server selection.  It is divided  into  two	parts;	global
       settings	 and  routes.  A line can be commented using the standard com-
       ment character #.

FORMAT
       The global settings are in the form of a keyword followed  by  a	 colon
       and the value.

       debug  Setting this field to 1 turns on debugging.

       logoutput
	      This  value  controls  where the client library sends logoutput.
	      It can be either syslog, stdout, stderr, a filename, or a combi-
	      nation.  The default is no logging.

       resolveprotocol
	      The  protocol  used to resolve hostnames.	 Valid values are udp,
	      tcp and fake.  The default is udp.

       route.badexpire
	      How long the "bad" marking of a route should remain  set	before
	      it is removed.  Default is 300 seconds.

       route.maxfail
	      How  many	 times	a  route  can fail before it is marked as bad.
	      Default is 1.

       timeout.connect
	      The number of seconds the client will wait for a connect to  the
	      proxy  server  to	 complete.   The  default is 0, indicating the
	      client should use the systems default.

ROUTES
       The routes are specified with a route keyword.  Inside a pair of paren-
       thesis  ({}) a set of keywords control the behavior of the route.  Each
       route can contain three address specifications; from, to	 and  via.   A
       route is selected for a connection based on the values within the route
       block.

       When searching for a route to match the clients	request,  the  library
       will  first  look  for  a  direct  route.  Then for a socks_v4 route, a
       socks_v5 route, a http route, and lastly for a upnp route.

       Depending on how the library is configured  and	environment  variables
       set  (see the manual for socksify(1)), there may or may not be an auto-
       matic fallback to an auto-generated direct route if no other  route  is
       found.

       The route block can contain the following:

			 November 1 2009			1

SOCKS.CONF(5)					    SOCKS.CONF(5)

       ADDRESSES
	      Each  address  field can consist of a ipaddress (and where mean-
	      ingful, a netmask, separated from the ipaddress by a '/' sign.),
	      a	 hostname, a domainname (designated by the leading '.'), or an
	      interfacename (where meaningful).	 Each address can be  followed
	      by a optional port specifier.

       from   The route is used only by requests coming from the address given
	      as value.

       to     The route is used only by requests going to the address given as
	      value.

       via    Address of the proxy server that should be used as a gateway for
	      the connection, or the special value direct to indicate the con-
	      nection should be direct rather than go via any proxy server.

	      In the case of upnp, it can also be the name of the interface to
	      use for discovering the upnp controlpoint, if the full  url  for
	      the IGD is not yet known.

       port   Parameter	 to  from,  to	and  via.   Accepts the keywords eq/=,
	      ne/!=, ge/>=, le/<=, gt/>, lt/< followed by a  number.   A  por-
	      trange  can  also	 be given as "port <start #> - <end #>", which
	      will match all port numbers within the range <start #> and  <end
	      #>.

       Options

       clientcompatibility
	      Enables  certain	options for compatibility with broken servers.
	      Valid values are:	 necgssapi,  for  compatibility	 with  servers
	      implementing gssapi the NEC socks way.

       command
	      The  server  supports  the  given	 commands.  Valid commands are
	      bind,  bindreply,	 connect,  udpassociate	 and  udpreply.	   The
	      default  is  all commands supported by the protocols set for the
	      route.

	      Can be used instead of, or to complement, protocol.

       gssapi.enctype
	      Which encryption to enforce for GSSAPI-authenticated  communica-
	      tion.  Possible values are clear, integrity, or confidentiality.
	      The default is to try for confidentially,	 but  accept  whatever
	      the server offers.

       gssapi.servicename
	      Which  servicename  to  use  when	 involving GSSAPI.  Default is
	      "rcmd".

			 November 1 2009			2

SOCKS.CONF(5)					    SOCKS.CONF(5)

       method List of authentication methods the client supports and which  to
	      offer  the server.  Currently supported values are none, gssapi,
	      and username.  The default is all supported methods.

       protocol
	      The protocols the server supports.  Supported values are tcp and
	      udp.  The default is all supported protocols.

       proxyprotocol
	      The  proxy  protocols  the server supports.  Currently supported
	      values are socks_v4, socks_v5, http, and upnp.  The  default  is
	      socks_v4	and  socks_v5.	Note that if the socks server requires
	      any form of authentication, you need to explicitly set  this  to
	      to socks_v5, as v4 does not support authentication.

EXAMPLES
       See the example directory in the distribution.

ENVIRONMENT
       SOCKS_USERNAME
	      Use the value of SOCKS_USERNAME as the username when doing user-
	      name authentication.

       SOCKS_PASSWORD
	      Use the value of SOCKS_PASSWORD as the password when doing user-
	      name authentication.  Not recommended as other users on the sys-
	      tem might be able to see your password.

       SOCKS_AUTOADD_LANROUTES
	      If this variable is set to "no", the  client  will  not  try  to
	      auto-add	direct	routes	for  all  addresses  on	 the lan.  The
	      default is to add them.

       SOCKS_DISABLE_THREADLOCK
	      If this variable is set, the client will not perform threadlock-
	      ing.  The default is for the client to attempt to figure out for
	      itself whether the application to socksify  needs	 threadlocking
	      or not.

       Some additional environment variables are documented in socksify(1).

       FILES  /etc/socks.conf

AUTHORS
       For inferno Nettverk A/S:
	  Michael Shuldman
	  Karl-Andre' Skevik

SEE ALSO
       socksify(1), sockd(8), sockd.conf(5)

       Information about new releases and other related issues can be found
	      on the Dante WWW home page: http://www.inet.no/dante/

			 November 1 2009			3

SOCKS.CONF(5)					    SOCKS.CONF(5)

BUGS
       See  the	 accompanying  BUGS  file.   New  ones	should	be reported to
       dante-bugs@inet.no.

			 November 1 2009			4




Copyright © 1998-2017 Inferno Nettverk A/S