FreeBSD Manual Pages
SOCKS.CONF(5) File Formats Manual SOCKS.CONF(5) NAME socks.conf - socks client configuration file syntax DESCRIPTION The configuration file for the socks client library allow control over logging and server selection. It is divided into two parts; global settings and routes. A line can be commented using the standard com- ment character #. FORMAT The global settings are in the form of a keyword followed by a colon and the value. debug Setting this field to 1 turns on debugging. logoutput This value controls where the client library sends logoutput. It can be either syslog, stdout, stderr, a filename, or a combi- nation. The default is no logging. Note that the value syslog may conflict with the program being socksified if the program also uses syslog. resolveprotocol The protocol used to resolve hostnames. Valid values are udp, tcp and fake. The default is udp. route.badexpire How long the "bad" marking of a route should remain set before it is removed. Default is 300 seconds. route.maxfail How many times a route can fail before it is marked as bad. De- fault is 1. timeout.connect The number of seconds the client will wait for a connect to the proxy server to complete. The default is 0, indicating the client should use the systems default. ROUTES The routes are specified with a route keyword. Inside a pair of paren- thesis ({}) a set of keywords control the behavior of the route. Each route can contain three address specifications; from, to and via. A route is selected for a connection based on the values within the route block. When searching for a route to match the clients request, the library will first look for a direct route. Then for a socks_v4 route, a socks_v5 route, a http route, and lastly for a upnp route. Depending on how the library is configured and environment variables set (see the manual for socksify(1)), there may or may not be an auto- matic fallback to an auto-generated direct route if no other route is found. The route block can contain the following: ADDRESSES Each address field can consist of a IP-address (and where mean- ingful, a netmask, separated from the IP-address by a '/' sign.), a hostname, a domainname (designated by the leading '.'), or an interfacename (where meaningful). Each address can be followed by a optional port specifier. from The route is used only by requests coming from the address given as value. to The route is used only by requests going to the address given as value. via Address of the proxy server that should be used as a gateway for the connection, or the special value direct to indicate the con- nection should be direct rather than go via any proxy server. In the case of upnp, the address can also be the name of the in- terface to use for discovering the upnp controlpoint, if the full url for the IGD is not yet known, or the special value broadcast to indicate the client should broadcast for an upnp- router on all available network interfaces. port Parameter to from, to and via. Accepts the keywords eq/=, ne/!=, ge/>=, le/<=, gt/>, lt/< followed by a number. A por- trange can also be given as "port <start #> - <end #>", which will match all port numbers within the range <start #> and <end #>. Options clientcompatibility Enables certain options for compatibility with broken servers. Valid values are: necgssapi, for compatibility with servers im- plementing gssapi the NEC socks way. command The server supports the given commands. Valid commands are bind, bindreply, connect, udpassociate and udpreply. The de- fault is all commands supported by the protocols set for the route. Can be used instead of, or to complement, protocol. gssapi.enctype Which encryption to enforce for GSSAPI-authenticated communica- tion. Possible values are clear, integrity, or confidentiality. The default is to try for confidentially, but accept whatever the server offers except clear, as clear is not part of the SOCKS GSSAPI standard. gssapi.servicename Which servicename to use when involving GSSAPI. Default is "rcmd". method List of authentication methods the client supports and which to offer the server. Currently supported values are none, gssapi, and username. The default is all supported methods. protocol The protocols the server supports. Supported values are tcp and udp. The default is all supported protocols. proxyprotocol The proxy protocols the server supports. Currently supported values are socks_v4, socks_v5, http, and upnp. The default is socks_v4 and socks_v5. Note that if the socks server requires any form of authentication, you need to explicitly set this to to socks_v5, as v4 does not support authentication. EXAMPLES See the example directory in the distribution. ENVIRONMENT SOCKS_USERNAME Use the value of SOCKS_USERNAME as the username when doing user- name authentication. SOCKS_PASSWORD Use the value of SOCKS_PASSWORD as the password when doing user- name authentication. Not recommended as other users on the sys- tem might be able to see your password. SOCKS_AUTOADD_LANROUTES If this variable is set to "no", the client will not try to auto-add direct routes for all addresses on the LAN. The de- fault is to add them. SOCKS_DISABLE_THREADLOCK If this variable is set, the client will not perform threadlock- ing. The default is for the client to attempt to figure out for itself whether the application to socksify needs threadlocking or not. Some additional environment variables are documented in socksify(1). FILES /etc/socks.conf AUTHORS For inferno Nettverk A/S: Michael Shuldman Karl-Andre' Skevik SEE ALSO socksify(1), sockd(8), sockd.conf(5) Information about new releases and other related issues can be found on the Dante WWW home page: http://www.inet.no/dante/ BUGS See the accompanying BUGS file. New ones should be reported to dante-bugs@inet.no. July 29 2013 SOCKS.CONF(5)
NAME | DESCRIPTION | FORMAT | ROUTES | EXAMPLES | ENVIRONMENT | AUTHORS | SEE ALSO | BUGS
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=socks.conf&sektion=5&manpath=FreeBSD+Ports+14.3.quarterly>