diff options
author | Moritz Kaspar Rudert (mortzu) | 2015-05-21 16:25:47 +0200 |
---|---|---|
committer | Moritz Kaspar Rudert (mortzu) | 2015-05-21 16:25:47 +0200 |
commit | 2b7a44da0c4dead062424ac3455bf74ef2ebb2ca (patch) | |
tree | 68aebc6233d92848bbb2979e0b13989c9ef37fc9 /redsocks.conf | |
download | aur-2b7a44da0c4dead062424ac3455bf74ef2ebb2ca.tar.gz |
fixed package
Diffstat (limited to 'redsocks.conf')
-rw-r--r-- | redsocks.conf | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/redsocks.conf b/redsocks.conf new file mode 100644 index 000000000000..85875dc0059c --- /dev/null +++ b/redsocks.conf @@ -0,0 +1,106 @@ +base { + // debug: connection progress & client list on SIGUSR1 + log_debug = off; + + // info: start and end of client session + log_info = off; + + /* possible `log' values are: + * stderr + * "file:/path/to/file" + * syslog:FACILITY facility is any of "daemon", "local0"..."local7" + */ + // log = stderr; + // log = "file:/path/to/file"; + log = "syslog:daemon"; + + // detach from console + daemon = on; + + /* Change uid, gid and root directory, these options require root + * privilegies on startup. + * Note, your chroot may requre /etc/localtime if you write log to syslog. + * Log is opened before chroot & uid changing. + */ + user = redsocks; + group = redsocks; + // chroot = "/var/chroot"; + + /* possible `redirector' values are: + * iptables - for Linux + * ipf - for FreeBSD + * pf - for OpenBSD + * generic - some generic redirector that MAY work + */ + redirector = iptables; +} + +redsocks { + /* `local_ip' defaults to 127.0.0.1 for security reasons, + * use 0.0.0.0 if you want to listen on every interface. + * `local_*' are used as port to redirect to. + */ + local_ip = 127.0.0.1; + local_port = 31338; + + // listen() queue length. Default value is SOMAXCONN and it should be + // good enough for most of us. + // listenq = 128; // SOMAXCONN equals 128 on my Linux box. + + // `max_accept_backoff` is a delay to retry `accept()` after accept + // failure (e.g. due to lack of file descriptors). It's measured in + // milliseconds and maximal value is 65535. `min_accept_backoff` is + // used as initial backoff value and as a damper for `accept() after + // close()` logic. + // min_accept_backoff = 100; + // max_accept_backoff = 60000; + + // `ip' and `port' are IP and tcp-port of proxy-server + // You can also use hostname instead of IP, only one (random) + // address of multihomed host will be used. + ip = 127.0.0.1; + port = 4711; + + + // known types: socks4, socks5, http-connect, http-relay + type = socks5; + + // login = "foobar"; + // password = "baz"; +} + +redudp { + // `local_ip' should not be 0.0.0.0 as it's also used for outgoing + // packets that are sent as replies - and it should be fixed + // if we want NAT to work properly. + local_ip = 127.0.0.1; + local_port = 10053; + + // `ip' and `port' of socks5 proxy server. + ip = 127.0.0.1; + port = 4711; + + // login = username; + // password = pazzw0rd; + + // kernel does not give us this information, so we have to duplicate it + // in both iptables rules and configuration file. By the way, you can + // set `local_ip' to 127.45.67.89 if you need more than 65535 ports to + // forward ;-) + // This limitation may be relaxed in future versions using contrack-tools. + dest_ip = 8.8.8.8; + dest_port = 53; + + udp_timeout = 30; + udp_timeout_stream = 180; +} + +dnstc { + // fake and really dumb DNS server that returns "truncated answer" to + // every query via UDP, RFC-compliant resolver should repeat same query + // via TCP in this case. + local_ip = 127.0.0.1; + local_port = 5300; +} + +// you can add more `redsocks' and `redudp' sections if you need. |