File: rsockd.8

package info (click to toggle)
socks4-server 4.3.beta2-13
  • links: PTS
  • area: main
  • in suites: sarge
  • size: 1,512 kB
  • ctags: 1,778
  • sloc: ansic: 19,305; makefile: 404; sh: 52
file content (98 lines) | stat: -rw-r--r-- 4,186 bytes parent folder | download | duplicates (9) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
 
.TH RSOCKD 8 "May 6, 1996"
.SH NAME
rsockd \- SOCKSified SOCKS server
.SH SYNOPSIS
\fBrsockd [ \-ver | \-i | \-I ]\fP
.SH DESCRIPTION
\fIrsockd\fR is the SOCKSified version of the SOCKS server \fIsockd\fR.
Functionally \fIrsockd\fR is identical to \fIsockd\fR except that it
may (though not necessarily has to) make use of other SOCKS servers
to reach some destinations. A number of \fIrsockd\fR's can be strung
together or organized in a cascade or other more complicated structures to
serve the needs of a particular network configuration and restrictions.
Obviously this complicates the issues and make the setup and maintenance
of the firewall more difficult. So use \fIsockd\fR instead whenever you
can.

This document only describes the features of \fIrsockd\fR that are
different from \fIsockd\fR. You should read \fIsockd\fR(5) carefully
to gain a basic understanding of of how the SOCKS server works.

When \fIrsockd\fR receives a request, it checks the request again its
configuration (in exactly the same way that \fIsockd\fR does) to decider
whether the request is to be accepted. The primary difference between
\fIsockd\fR and \fIrsockd\fR is in how they establish connection to
the destination host of a accepted request. \fIsockd\fR assumes that it
can connect directly to the destination host and proceeds to do so. 
\fIrsockd\fR makes no such assumption. Instead, it consults another
configuration file to decide whether it can connect directly to the
particular destination host or whether it has to use a proxy connection
through another SOCKS server. In other words, it behaves just like a
versatile SOCKS client in this regard. Therefore \fIrsockd\fR requires
not only the SOCKS server configuration file \fB/etc/sockd.fc\fP or
\fB/etc/sockd.conf\fP to decide whether to accept or reject a request,
but also the client configuration file \fB/etc/socks.fc\fP or
\fB/etc/socks.conf\fP to decide how to reach the destination host.
If it is a multi-homed version \fIand\fR supports RBIND, it also needs
the route file \fB/etc/sockd.fr\fP or \fB/etc/sockd.fr\fP to decide
which network interface to use for a connection.

Look at it in a different way, you can think of \fIsockd\fP as
a special case of \fIrsockd\fP, one which can connect directly to all
destination hosts. In fact, an \fIrsockd\fP using the client configuration
consisting of only this line

.nf
.+1
\fBdirect	ALL  0.0.0.0\fP
.-1
.fi

is functinally identical to the regular \fIsockd\fP.

Anther thing to mention is related to the use of \fIidentd\fR. Only the
SOCKS server which the requesting host directly connects to can
find out the identity of the real user. Suppose user x on host C connects
to \fIrsockd\fP on server B which in turn connects to \fIsockd\fP
on server A in order to reach destination z. Host B can query \fIidentd\fR
on host C to find out whether the user is indeed x. To host A, the
request appears to originate from user x on host B. An \fIidentd\fR query
from Host A to host B returns the userid that owns the \fIrsockd\fP
process on host B, not the real user x.
.SH OPTIONS
See \fIsockd\fR(8).
.SH EXAMPLES
The follwoing is an example of the client configuration file. See related
man pages for examples on server configuration and route files.

.nf
.+1
# /etc/socks.conf for rsockd of domain rnd.xyz.com
#
# Use proxy connection through SOCKS server on socks.market.xyz.com
# to reach hosts within market.xyz.com
sockd	@=socks.market.xyz.com  .market.xyz.com  0.0.0.0
#
# Use direct connect to all other hosts within xyz.com
direct	.xyz.com  0.0.0.0
#
# Use proxy connection through SOCKS server on gateway.xyz.com
# to reach all others
sockd	@=gateway.xyz.com  ALL  0.0.0.0
.-1
.fi
.SH FILES
\fB/etc/sockd.fc\fP, \fB/etc/sockd.conf\fP,
\fB/etc/sockd.fr\fP, \fB/etc/sockd.route\fP,
\fB/etc/socks.fc\fP, \fB/etc/socks.conf\fP,
\fB/etc/inetd.conf\fP, \fB/etc/services\fP,
\fB/var/adm/messages\fP, \fB/etc/syslog.conf\fP
.SH SEE ALSO
\fIsockd\fR(8),
\fIsocks_clients\fR(1), \fIsockd.conf\fR(5),
\fIsockd.route\fR(5), \fIsocks.conf\fR(5),
\fImake_sockdfc\fR(8), \fImake_sockdfr\fR(8),
\fIdump_sockdfc\fR(8), \fIdump_sockdfr\fR(8)
.SH AUTHOR
.nf
Ying-Da Lee, ylee@syl.dl.nec.com