Man Linux: Main Page and Category List

NAME

       afserver.conf - Configuration File for afserver

INTRODUCTION

       Afserver  supports  several mechanisms to supply configuration and run-
       time parameters: command line  options,  afserver.conf  and  hard-coded
       defaults.  When  the same information is supplied in more than one way,
       the highest precedence mechanism is used. When  configuration  file  is
       used   (option:   -f   FILE)  command  line  options  like  --hostname,
       --listenport,  --manageport  and  --pass  are  ignored.  Options   from
       configuration  file are taken before values from command line (with the
       exception of --cerfile, --keyfile and --dateformat ). When something is
       not declared, hard-coded values are used.

DESCRIPTION

       Afserver uses configuration file, which name is supplied by the -f FILE
       option. The afserver.conf file is composed of two sections  which  have
       to  be  in  fixed  order.  In first section global values like cerfile,
       keyfile and logging options are set. The  second  section  starts  with
       first  realm  command  and includes options describing specific realms.
       There may be several realm commands.

GLOBAL OPTIONS

       cerfile FILE
         the name of the file with certificate (default: server-cert.pem)

       cacerfile FILE
         the name of the file with CA certificates (if used,  require  clients
       to have valid certificates)

       cerdepth N
         the maximum depth of valid certificate-chains

       keyfile FILE
         the name of the file with RSA key (default: server.rsa)

       log LOGCMD
         log choosen information to file/socket

       dateformat FORMAT
         format  of  the date printed in logs (see ’man strftime’ for details)
       (default: %d.%m.%Y %H:%M:%S). Format string is  trimmed.  In  order  to
       include white characters into format string, use dots to mark beginning
       and end of the text. If the  dot  is  first  or  last  character,  it’s
       removed. Only one character from the beginning and one from the end can
       be removed.

REALM OPTIONS

       realm [NAME]
         starts configuration of the next realm. Name  of  the  realm  can  be
       specified using this option.

       hostname NAME
         used when creating listening sockets (default: ’’)

       listenport PORT
         listening port number - users connect to it (required at least one)

       manageport PORT
         manage port number - afclient connects to it (required at least one)

       pass PASSWORD
         password used for client identification (default: no password)

       users N
         the amount of users allowed to use this server (default: 5)

       timeout N
         the timeout value for the client’s connection (default: 5)

       --maxidle N
         the maximum idle time for the client’s connection (default: disabled)

       clients N
         the number of allowed clients to use this server (default: 1)

       raclients N
         the number of allowed clients in remote administration  mode  to  use
       this server (default: 1)

       usrpcli N
         the number of allowed users per client (default: $users)

       climode N
         strategy used to connect users with clients (default: 1)
         Available strategies:
           1. fill first client before go to next

       proto TYPE
         type  of  server  (tcp|udp)  - what protocol it will be operating for
       (default: tcp)

       nossl
         ssl is not used to transfer data (but it’s still used to establish  a
       connection) (default: ssl is used)

       nozlib
         zlib is not used to compress data (default: zlib is used)

       baseport
         listenports are temporary and differ for each client

       audit
         additional information about connections are logged

       dnslookups
         try to obtain dns names of the computers rather than their numeric IP

       ipv4
         use ipv4 only

       ipv6
         use ipv6 only

       enableproxy
         enable http proxy mode

SEE ALSO

       afclient.conf(5), afclient(1), afserver(1)

AUTHOR

       Jeremian <jeremian [at] poczta.fm>

CONTRIBUTIONS

       Alex  Dyatlov  <alex  [at]   gray-world.net>,   Simon   <scastro   [at]
       entreelibre.com>,  Ilia  Perevezentsev  <iliaper  [at]  mail.ru>, Marco
       Solari <marco.solari [at] koinesistemi.it>,  and  Joshua  Judson  Rosen
       <rozzin [at] geekspace.com>

LICENSE

       Active Port Forwarder is distributed under the terms of the GNU General
       Public License v2.0 and is copyright (C) 2003-2007  jeremian  <jeremian
       [at] poczta.fm>. See the file COPYING for details.