Provided by: socks4-clients_4.3.beta2-18_i386 bug


       rfinger - SOCKS client version of finger
       rftp - SOCKS client version of ftp
       rtelnet - SOCKS client version of telnet
       rwhois - SOCKS client version of whois


       See the man pages on finger(1), ftp(1), telnet(1), whois(1).


       These programs provide the well-known functionalities to hosts within a
       firewall. Normally, when a firewall  is  constructed,  IP-accessibility
       across  the firewall is cut off to reduce security risk to hosts within
       the firewall. As a result, inside hosts can no longer use many  of  the
       well-known tools directly to access the resources outside the firewall.

       These  programs  restore  the convenience of the well-known tools while
       maintaining the security requirement. Though the programs  differ  very
       much  from  their  counterparts in the use of the communication scheme,
       they should behave almost indistinguishable to the users.  Note  though
       that  rftp  does  echo  the password as you type it in if you are using
       anonymous as log-in name. Unlike those of the previous versions,  these
       are  "versatile" clients, meaning that they can be used for connections
       to inside hosts directly and to outside hosts via SOCKS proxy  servers.
       So they can be used as replacements of their traditional counterparts.

       When  any  of  these  programs  starts,  if  the  environment  variable
       SOCKS_BANNER is defined, the  program  prints  to  stderr  its  version
       number  and  the  name or IP address of its default SOCKS proxy server.
       It then consults the configuration file to determine whether a  request
       should  be  allowed  or  denied  based  on  the  requesting  user,  the
       destination host, and the requested service.  For  allowable  requests,
       the configuration file also dictates whether direct or proxy connection
       should be used to the given  destination,  and  optionally  the  actual
       SOCKS  servers  to  use  for  the proxy connection.  The program lookps
       first for the frozen configuration file /etc/socks.fc first. If  that's
       not  found,  it then looks for the file /etc/socks.conf.  If both files
       are absent, these programs will only  try  direct  connections  to  the
       destination   hosts,   making   them   behaving   like   their  regular

       You can use environment variable SOCKS_NS to  set  the  nameserver  for
       domainname  resolutions.  Be  sure  you  use  the  IP  address  of  the
       nameserver you want to use, not its  domainname.  If  SOCKS_NS  doesn't
       exist, the IP address defined by the symbol SOCKS_DEFAULT_NS at compile
       time is used if the programs were compiled with  that  symbol  defined.
       Otherwise the nameservers specified in /etc/resolv.conf are used.

       All  the  client  programs  uses  syslog with facility daemon and level
       notice to log their activities.  These log lines usually appear in file
       /var/adm/messages   though   that   can   be   changed   by   modifying
       /etc/syslog.conf. (See syslogd(8) and syslog.conf(5).)   Typical  lines
       look like

        Apr 11 10:02:23 eon rfinger[631]: connect() from don(don) to (finger) using sockd at socksserv
        May 10 08:39:07 eon rftp[603]: connect() directly from blue(blue) to (ftp)
        May 10 08:39:09 eon rftp[603]: bind() directly from blue(blue) for (ftp)
        May 18 13:31:19 eon rtelnet[830]: connect() from root(jon) to (telnet) using sockd at sockd2
        May 18 14:51:19 eon rtelnet[921]: refused -- connect() from jon(jon) to (telnet)

       Of  the  two  user-ids  appearing  in  each  log line, the first is the
       effective user-id when the program is invoked, the second (that  within
       the  parentheses)  is  the one used at login. Access control applies to
       the effective user-ids.


       finger(1),  ftp(1), sockd(8), sockd.conf(5), socks.conf(5),  telnet(1),


       SOCKS_SERVER, if defined, specifies the name or IP address of the SOCKS
       proxy server host to use, overriding the default server  compiled  into
       the programs.

       SOCKS_NS,  if  defined, specify the IP address of the domain nameserver
       that should be used for name resolution, overriding both the definition
       of symbol SOCKS_DEFAULT_NS and the file /etc/resolv.conf.

       ORIG_FINGER,  if  defined, specified the (altered) full pathname of the
       original  finger  program,  which  should  have  been  renamed   before
       installing  the  rfinger  as  the  regular  finger. The rfinger program
       invokes the original finger program  to  lookup  information  on  local
       users.   Normally  this  name should be compiled directly into rfinger,
       avoiding the need for this environment variable. Use  ORIG_FINGER  only
       if you want to override what is compiled into rfinger.


       David Koblas,

       Ying-Da Lee,

                                  May 6, 1996                 SOCKS_CLIENTS(1)