SOCKD
This screen displays the current configuration information for the socks
daemon. The administrator can modify the sockd configuration on this
screen and then save the updates to the firewall. After saving the
modifications, the administrator will have to go to the T.Rex
Start/Stop Services Menu to refresh
sockd before the modifications will take effect.
Edit Button
Edit the config file directly rather than using this configuration
screen.
Log output to
Names the log output facilities to use. One or more of
four choices can be selected. If more than one is chosen, sockd will
write its log output to more than one facility.
-
syslog - if selected, log output will go to the syslog.
-
stderr - if selected, log output will go to the stderr of process which
started sockd.
-
stdout - if selected, log output will go to the stdout of process which
started sockd.
-
Optional filename - if non-blank, sockd log output will go to the filename
specified.
External IP address
Select one IP address from the list to be used as the external
IP address of the firewall.
Listen to Internal
Specifies the IP address/port pairs for sockd to listen to.
IP Addresses
Select one or more IP addresses from the list. sockd
will listen to all the selected IP addresses.
Ports
Specifies the port number to listen to for each IP addresses.
Privileged username
Username which will be used for doing privileged operations.
Non-Privileged username
Username which sockd runs as most of the time.
Connection request timeout
The number of seconds a client has to send the request after
a connect. Set it to 0 for forever.
Idle timeout
The number of seconds an established connection can be idle.
Set it to 0 for forever.
Accepted source hosts
Select one from the list:
-
ALL - accept connects from all.
-
nounknown - do no accept connects from addresses whithout a DNS record.
Client Rules
This is the area where new client permit/deny rules can be added and
existing rules can be modified or removed. See Working
With a Rules Panel for more information. Client rules are
checked before Socks Rules and are used
to determine if the client is allowed to connect to the sockd server.
Permit/Deny
Select 'permit' or 'deny' from this choice button to define the rule type.
From Address
Permit (or deny) requests originating from this IP address.
From Address Mask
Specifies an optional IP mask which further qualifies the from
address . This can be a mask (for example 255.255.255.0) or a
number specifying the number of significant bits in the from
address to use.
Local Address
Permit (or deny) requests targeted to this local IP address.
Local Address Mask
Specifies an optional IP mask which further qualifies the
local address . his can be a mask (for example 255.255.255.0)
or a number specifying the number of significant bits in the local
address to use.
Port op
Specifies a comparison operator for the port
number .
-
None - no port comparison
-
= - equals
-
!= - not equal
-
<- less than
-
> - greater than
-
<= - less than or equal to
-
>= - greater than or equal to
Port Number
Specifies the port number for this rule.
Log
Select one or more from the list to control which sockd events to log for
this rule.
Socks Rules
This is the area where new socks permit/deny rules can be added and
existing rules can be modified or removed. See Working
With a Rules Panel for more information. Socks Rules are
a level higher and are checked after the client connection has been accepted
by the Client Rules. The Socks
Rules are used to evaluate the socks request that the client sends.
Permit/Deny
Select 'permit' or 'deny' from this choice button to define the rule type.
From Address
Permit (or deny) requests originating from this IP address.
From Address Mask
Specifies an optional IP mask which further qualifies the from
address . This can be a mask (for example 255.255.255.0) or
a number specifying the number of significant bits in the from
address to use.
Dest Address
Permit (or deny) requests to connect to this destination IP address.
Dest Address Mask
Specifies an optional IP mask which further qualifies the
dest address . his can be a mask (for example 255.255.255.0) or
a number specifying the number of significant bits in the dest
address to use.
Port op
Specifies a comparison operator for the port
number .
-
None - no port comparison
-
= - equals
-
!= - not equal
-
<- less than
-
> - greater than
-
<= - less than or equal to
-
>= - greater than or equal to
Port Number
Specifies the port number for this rule.
Log
Select one or more from the list to control which sockd events to log for
this rule.
Command
The commands this rule applies to. Select zero or more from the list.
Protocol
The protocols this rule applies to. Select zero or more from the
list.
ProxyProtocol
The proxy protocol this rule applies to. Select one from the list.
Taskbar Pulldown Menu
Task Buttons