Poster of Linux kernelThe best gift for a Linux geek
RSOCKD

RSOCKD

Section: Maintenance Commands (8) Updated: May 6, 1996 Local index Up
 

NAME

rsockd - SOCKSified SOCKS server  

SYNOPSIS

rsockd [ -ver | -i | -I ]  

DESCRIPTION

rsockd is the SOCKSified version of the SOCKS server sockd. Functionally rsockd is identical to sockd except that it may (though not necessarily has to) make use of other SOCKS servers to reach some destinations. A number of rsockd's can be strung together or organized in a cascade or other more complicated structures to serve the needs of a particular network configuration and restrictions. Obviously this complicates the issues and make the setup and maintenance of the firewall more difficult. So use sockd instead whenever you can.

This document only describes the features of rsockd that are different from sockd. You should read sockd(5) carefully to gain a basic understanding of of how the SOCKS server works.

When rsockd receives a request, it checks the request again its configuration (in exactly the same way that sockd does) to decider whether the request is to be accepted. The primary difference between sockd and rsockd is in how they establish connection to the destination host of a accepted request. sockd assumes that it can connect directly to the destination host and proceeds to do so. rsockd makes no such assumption. Instead, it consults another configuration file to decide whether it can connect directly to the particular destination host or whether it has to use a proxy connection through another SOCKS server. In other words, it behaves just like a versatile SOCKS client in this regard. Therefore rsockd requires not only the SOCKS server configuration file /etc/sockd.fc or /etc/sockd.conf to decide whether to accept or reject a request, but also the client configuration file /etc/socks.fc or /etc/socks.conf to decide how to reach the destination host. If it is a multi-homed version and supports RBIND, it also needs the route file /etc/sockd.fr or /etc/sockd.fr to decide which network interface to use for a connection.

Look at it in a different way, you can think of sockd as a special case of rsockd, one which can connect directly to all destination hosts. In fact, an rsockd using the client configuration consisting of only this line 

direct  ALL  0.0.0.0

is functinally identical to the regular sockd.

Anther thing to mention is related to the use of identd. Only the SOCKS server which the requesting host directly connects to can find out the identity of the real user. Suppose user x on host C connects to rsockd on server B which in turn connects to sockd on server A in order to reach destination z. Host B can query identd on host C to find out whether the user is indeed x. To host A, the request appears to originate from user x on host B. An identd query from Host A to host B returns the userid that owns the rsockd process on host B, not the real user x.  

OPTIONS

See sockd(8).  

EXAMPLES

The follwoing is an example of the client configuration file. See related man pages for examples on server configuration and route files. 

# /etc/socks.conf for rsockd of domain rnd.xyz.com
#
# Use proxy connection through SOCKS server on socks.market.xyz.com
# to reach hosts within market.xyz.com
sockd   @=socks.market.xyz.com  .market.xyz.com  0.0.0.0
#
# Use direct connect to all other hosts within xyz.com
direct  .xyz.com  0.0.0.0
#
# Use proxy connection through SOCKS server on gateway.xyz.com
# to reach all others
sockd   @=gateway.xyz.com  ALL  0.0.0.0
 

FILES

/etc/sockd.fc, /etc/sockd.conf, /etc/sockd.fr, /etc/sockd.route, /etc/socks.fc, /etc/socks.conf, /etc/inetd.conf, /etc/services, /var/adm/messages, /etc/syslog.conf  

SEE ALSO

sockd(8), socks_clients(1), sockd.conf(5), sockd.route(5), socks.conf(5), make_sockdfc(8), make_sockdfr(8), dump_sockdfc(8), dump_sockdfr(8)  

AUTHOR

Ying-Da Lee, ylee@syl.dl.nec.com
 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXAMPLES
FILES
SEE ALSO
AUTHOR
This document was created by man2html, using the manual pages.
Time: 22:02:17 GMT, April 16, 2011