libsock5.cfg - The configuration file for the OS2 Socks5 client library Usually read from ETC. The socks library configuration file contains information that is used by the socks client library. It tells the client library whether to connect directly or through a socks server, what kind of socks server to use, and possibly which server to use as well as which port to connect to on that server. SPECIFYING PORTS Ports can be specified with either a name, number, or range. Ranges begin with either a [ or ( and end with either a ) or a ] depending on whether or not the rang is inclusive. Within the range delimiters should be two port specifiers (names or numbers), separated by a comma. The method of specifying ports is referred to as the portpattern. SPECIFYING HOSTS Host addresses and netmasks are often need for specifying which hosts apply within a given rule. There are several ways to specify the host/mask pair. This method of specifying host is referred to as the hostpattern. hostip/mask to match, a host address "anded" with mask must be the same as hostip "anded" with the mask. This is usually used to "mask" out the host portion of the address from the network or subnetwork portion. - anything matches. All hosts are allowed. n1. equivalent to n1.0.0.0/255.0.0.0 n1.n2. equivalent to n1.n2.0.0/255.255.0.0 n1.n2.n3. equivalent to n1.n2.n3.0/255.255.255.0 .domain.name hostname must end with the string .domain.name. a.host.name hostname must match exactly with a.host.name. There is also support for the older hostpattern syntax. The older method is still supported, but the newer method is recommended and easier to read. hostip/a all match, same as "-". hostip/n network match. Masks out the host and subnet portions of the address to leave only the network portion. The mask used to do this depends on the class of IP address of hostip. hostip/s subnet match. Masks out the host portion of the address to leave the subnetwork and network portion. The mask used to do this depends on the class of IP address of hostip. hostip/h host match. Equivalent to hostip. SPECIFYING COMMANDS Commands can also be specified as a comma separated list of letters. This syntax will be referred to later as a commandpattern. The following letters correspond to the following commands. c for connect. b for bind. u for udp. p for ping. t for traceroute. - for any command. ENTRIES All lines are of the form: proxy protocol dest-addr dest-port [userlist [proxy-addr [proxy-port]]] proxy specifies the type of proxy server. proxy can be "socks4" for socks4 servers, "socks5" for socks5 servers, or "noproxy" for direct connections. command must be a valid commandpattern, dest-addr must be a valid hostpattern, and dest-port must be a valid port pattern. userlist if present must be a valid user-pattern. proxy-addr, if present, must be a valid name or address of the socks server this line should use; "-" means to use the value of the environment variable SOCKS5_SERVER if the line begins with "socks5", SOCKS4_SERVER if it begins with "socks4", SOCKS_SERVER if neither of these is set but it is, or if none of them are set, the compiled in default value (SOCKS_DEFAULT_SERVER). proxy-port if present must be a valid port or address; "-" means to use the compiled in default value. ENVIRONMENT Several environment variables are important to how the client library operates. Most are described under the ENVIROMENT section of runsocks(1). EXAMPLES For the socks5 client to use a socks4 server, the entry would be: socks4 - - - - - To only allow user "fred" to telnet to host 143.101.64.200 using the socks5 server running on 11.22.33.10: socks5 t 143.101.64.200 telnet fred 11.22.33.10 For specifying a direct connection to subnetwork 11.22.33 resides: noproxy - 11.22.33. - - - SEE ALSO socks5cf.txt