diff options
Diffstat (limited to '')
| -rw-r--r-- | lang/modula-3-socks/files/m3socks.conf.5 | 256 |
1 files changed, 256 insertions, 0 deletions
diff --git a/lang/modula-3-socks/files/m3socks.conf.5 b/lang/modula-3-socks/files/m3socks.conf.5 new file mode 100644 index 000000000000..5c45c364a044 --- /dev/null +++ b/lang/modula-3-socks/files/m3socks.conf.5 @@ -0,0 +1,256 @@ +.\" From: /3a/socks/man/RCS/socks.conf.4,v 2.11 1995/05/05 18:05:26 lamont Exp +.Dd May 5, 1995 +.Os FreeBSD +.Dt M3SOCKS.CONF 5 +.Sh NAME +.Nm m3socks.conf +.Nd configuration file for Modula-3 socks clients +.Sh DESCRIPTION +The Modula-3 SOCKS library reads its configuration information from +.Pa /usr/local/etc/m3socks.conf +when +.Fn bind +or +.Fn connect +is called. +If the file does not exist, then the environment variable +.Ev SOCKS_CONF +is expected to give the name of the configuration file. +.Pp +Each non-blank, non-comment line in the file contains a direction on how +to process requests that match certain criteria. +Comments are denoted by a +.Ql # +at any point in the line prior to the +.Ic : Ns Ar shellcmd , +if present. +Non-comment lines take the form: +.Pp +.Bl -item -compact +.It +.Ic bind default Ns \*(Ba Ns Ic wild +.It +.Ic domain Ar domain +.It +.Ic nameserver Ar nameserver +.It +.Ic findserver Ar findserver +.It +.Ic sockd +.Op Ic @= Ns Ar server +.Op Ic *= Ns Ar users +.Ar destspec +.Op Ar op Ar dport Op Ar dport2 +.Op Ic : Ns Ar shellcmd +.It +.Ic direct +.Op Ic *= Ns Ar users +.Ar destspec +.Op Ar op Ar dport Op Ar dport2 +.Op Ic : Ns Ar shellcmd +.It +.Ic deny +.Op Ic *= Ns Ar users +.Ar destspec +.Op Ar op Ar dport Op Ar dport2 +.Op Ic : Ns Ar shellcmd +.El +.Pp +Fields are constructed as follows: +.Bl -tag -width Fl +.It Ar domain +The +.Dq local +domain: the default name resolver is assumed to have +information for all hosts in +.Ar domain . +The user can override this field using the +.Ev SOCKS_LOCAL_DOMAIN +environment variable. +To indicate that the default server is able to resolve all addresses, +use the command: +.Ql domain \&. . +.It Ar nameserver +A comma separated list of name servers that are able to resolve addresses +outside of +.Ar domain . +The user can override this field using the +.Ev SOCKS_NS +environment variable. +.It Ar findserver +One of +.Ic Yes +or +.Ic \&No . +The default is +.Ic Yes . +If set, the client will attempt to find the +.Dq best +SOCKS server, based +on the results of looking up +.Ar destnet Ns Ic .socks-addr +(note that this is not an FQDN). +.Ar destnet +consists of the first one, two, or three octets of the destination network, +depending on whether the destination network is class A, B, or C. The octets +are used in reverse order, just like +.Ic IN-ADDR.ARPA . +For example, if the destination address is 129.105.69.100, then a search for +TXT records for '105.129.socks-addr' would be made. If any TXT records are +found, the record is prepended +to the list of servers from the config file. There is no environment +variable to override this. +.Pp +If clear +.Pq Ic findserver Ic \&No , +then the lookup is not performed. +.It Ar server +A comma separated list of SOCKS servers that can +be used as proxy for this destination. No spaces or tabs are allowed +inside the list. Names beginning with a +.Ql $ +are expanded from the users +environment. Each server in the list is tried until a successful +connection is established. When a server has multiple addresses, it +is assumed to be a group of hosts: the address list is randomized and +each address is tried before proceeding to the next name in the list. +The user can override this field using the +.Ev SOCKS_SERVER +environment variable. +.It Ar users +Specifies the users on the requesting host (not the destination host +or server host) to whom this line should apply. This is a comma +separated list of names and/or filenames, with no spaces or tabs. +Filenames must be fully qualified with a leading +.Ql / . +Inside the file, user names may be listed one or several +per line, with spaces, tabs, and commas being valid separators. +The appearance of +.Ql # +marks the remainder of the line as a comment. Each line in a file +is limited to 1023 characters. If +.Ar users +is omitted, the line applies to all users. +.It Ar destspec +The destination specification, which is either +.Ar daddr dmask +or +.Ic *. Ns Ar some.domain , +which indicates that the line applies to all IP addresses +whose reverse lookup, using +.Fn gethostbyaddr , +produces a name ending in +.Ql Cm . Ns Ar some.domain . +.It Ar daddr +The destination address to which this line applies. This is +usually specified in dotted form (e.g., 15.28.96.137). +If a hostname is used, then the first address returned by +.Fn gethostbyname +is used. +.It Ar dmask +Mask for +.Ar daddr , +in dotted form. Bits in +.Ar dmask +which are 0 are ignored in +.Ar daddr . +Specifying 255.255.255.255 requires an exact match, while 0.0.0.0 matches +regardless of the value of +.Ar daddr . +This is the same way netmasks are specified, and is the opposite +of the interpretation used in older versions of SOCKS. +.It Ar op dport Op Ar dport2 +A constraint on the destination TCP port. +If +.Ar op +is +.Ic eq , +.Ic neq , +.Ic \< , +.Ic gt , +.Ic le , +or +.Ic ge , +the destination port must have the corresponding relation to +.Ar dport . +If +.Ar op +is +.Ic btw , +the destination port must be between +.Ar dport +and +.Ar dport2 , +inclusive. +.It Ic : Ns Ar shellcmd +When the line is matched, +.Ar shellcmd +is passed to +.Pa /bin/sh , +with stdin, stdout, and stderr redirected to +.Pa /dev/null . +The following substitutions occur before the string +is presented to the shell: +.Bl -tag -width \&%Xxx +.It Cm \&%A +replaced by the client host's domainname if known, +by its IP address otherwise. +.It Cm \&%a +replaced by the client host's IP address. +.It Cm \&%c +replaced by +.Ql connect +or +.Ql bind . +.It Cm \&%p +replaced by the process id of the client program. +.It Cm \&%S +replaced by the service name (e.g., ftp) if known, +by the destination port number otherwise. +.It Cm \&%s +replaced by the destination port number. +.It Cm \&%U +replaced by the user-id at login. +.It Cm \&%u +replaced by the effective user-id. +.It Cm \&%Z +replaced by the destination host's domainname if known, +by its IP address otherwise. +.It Cm \&%z +replaced by the destination host's IP address. +.It Cm \&%% +replaced by a single +.Ql \&% . +.El +.El +.Sh EXAMPLES +All connections to net 15 are local: +.Dl Ic direct 15.0.0.0 255.0.0.0 +.Pp +Deny all requests destined for hosts on network 23: +.Dl Ic deny 23.0.0.0 255.0.0.0 +.Pp +Use the server my-server for hosts on network 36: +.Dl Ic sockd @=my-server 36.0.0.0 255.0.0.0 +.Pp +A typical complete configuration file: +.Bd -literal -offset indent +# The default name server is used for addresses inside +# the FreeBSD.org domain. +domain FreeBSD.org +# ns.FreeBSD.org is used as the name server for addresses +# outside FreeBSD.org. +nameserver ns.FreeBSD.org +# Don't find socks servers automatically. +findserver No +# All local connections are direct. +direct *.FreeBSD.org +# All other connections use the SOCKS server +# on socks.FreeBSD.org. +sockd @=socks.FreeBSD.org 0.0.0.0 0.0.0.0 +.Ed +.Sh SEE ALSO +.Xr m3socks 1 +.Sh AUTHORS +SOCKS was developed by David Koblas and Ying-Da Lee. +The HP enhancements were done by LaMont Jones. |