Man Linux: Main Page and Category List


       rsockd - SOCKSified SOCKS server


       rsockd [ -ver | -i | -I ]


       rsockd   is   the   SOCKSified  version  of  the  SOCKS  server  sockd.
       Functionally rsockd is identical to sockd except that  it  may  (though
       not  necessarily  has to) make use of other SOCKS servers to reach some
       destinations. A number of rsockd’s can be strung together or  organized
       in a cascade or other more complicated structures to serve the needs of
       a particular network configuration and  restrictions.   Obviously  this
       complicates  the  issues  and  make  the  setup  and maintenance of the
       firewall more difficult. So use sockd instead whenever you can.

       This document only describes the features of rsockd that are  different
       from  sockd.  You  should  read  sockd(5)  carefully  to  gain  a basic
       understanding of of how the SOCKS server works.

       When rsockd receives  a  request,  it  checks  the  request  again  its
       configuration  (in  exactly  the  same  way that sockd does) to decider
       whether the request is to be accepted. The primary  difference  between
       sockd and rsockd is in how they establish connection to the destination
       host of a accepted request. sockd assumes that it can connect  directly
       to  the  destination  host and proceeds to do so.  rsockd makes no such
       assumption. Instead, it consults another configuration file  to  decide
       whether  it  can connect directly to the particular destination host or
       whether it has to use a proxy connection through another SOCKS  server.
       In  other  words, it behaves just like a versatile SOCKS client in this
       regard.  Therefore  rsockd  requires  not   only   the   SOCKS   server
       configuration  file  /etc/sockd.fc or /etc/sockd.conf to decide whether
       to accept or reject a request, but also the client  configuration  file
       /etc/socks.fc or /etc/socks.conf to decide how to reach the destination
       host.  If it is a multi-homed version and supports RBIND, it also needs
       the  route  file /etc/ or /etc/ to decide which network
       interface to use for a connection.

       Look at it in a different way, you can think of sockd as a special case
       of  rsockd, one which can connect directly to all destination hosts. In
       fact, an rsockd using the client configuration consisting of only  this

       direct    ALL

       is functinally identical to the regular sockd.

       Anther thing to mention is related to the use of identd. Only the SOCKS
       server which the requesting host directly connects to can find out  the
       identity  of the real user. Suppose user x on host C connects to rsockd
       on server B which in turn connects to sockd on server  A  in  order  to
       reach  destination  z.  Host  B  can query identd on host C to find out
       whether the user is indeed  x.  To  host  A,  the  request  appears  to
       originate  from user x on host B. An identd query from Host A to host B
       returns the userid that owns the rsockd process on host B, not the real
       user x.


       See sockd(8).


       The  follwoing  is  an  example  of  the client configuration file. See
       related man pages for examples on server configuration and route files.

       # /etc/socks.conf for rsockd of domain
       # Use proxy connection through SOCKS server on
       # to reach hosts within
       # Use direct connect to all other hosts within
       # Use proxy connection through SOCKS server on
       # to reach all others
       sockd  ALL


       /etc/sockd.fc,    /etc/sockd.conf,   /etc/,   /etc/sockd.route,
       /etc/socks.fc,   /etc/socks.conf,    /etc/inetd.conf,    /etc/services,
       /var/adm/messages, /etc/syslog.conf


       sockd(8),      socks_clients(1),     sockd.conf(5),     sockd.route(5),
       socks.conf(5),   make_sockdfc(8),   make_sockdfr(8),   dump_sockdfc(8),


       Ying-Da Lee,

                                  May 6, 1996