Provided by: socks4-server_4.3.beta2-18_amd64 bug

NAME

       sockd.route - Route file for multi-homed SOCKS proxy server

SYNOPSIS

       /etc/sockd.route

DESCRIPTION

       The  file /etc/sockd.route is used by the SOCKS server program sockd to determine which of
       its network interfaces it should use to reach a given destination host. It is needed  only
       if  your  SOCKS  server  host  is multi-homed and your version of sockd supports RBIND.  A
       multi-homed  host  is  a  host  with  more  than  one  network  interfaces  and  with  its
       IP_FORWARDING  turned off. Only the multi-homed version of sockd can be run on such hosts.
       You can find out the version of your sockd (or rsockd) by command

       sockd -ver

       or

       rsockd -ver

       A line in the file can be up to 1024 characters  long.  Lines  starting  with  a  `#'  are
       comments. Non-comment lines must be of the form

       if_addr        dst_addr  dst_mask

       All  three  fields  are  required  and  are  separated  by  spaces or tabs.  Each filed is
       specified in the usual dotted form of IP addresses, e.g., 128.23.16.2.   if_addr  must  be
       the  IP  address  of  one  of  the  network interfaces on the SOCKS server host.  dst_addr
       specifies either the IP address of a host, a network, or a  subnet  in  the  usual  dotted
       form, e.g., 129.201.4.0, or a domain name, e.g., internic.net. dst_mask specifies mask for
       the IP address used in dst_addr.  Bits in dst_mask that are set  to  0  indicate  the  bit
       positions  to be ignored during comparison of IP addresses. So, specifying 255.255.255.255
       in dst_mask demands an exact match with dst_addr, whereas 0.0.0.0  in  dst_mask  causes  a
       matching  with any given destination address regardless of what is specified for dst_addr.
       If a domain name is used for dst_addr, the contents of dst_mask  are  ignored,  though  it
       must  still be supplied (simply use 0.0.0.0).  If the domain name starts with a period, it
       specifies a zone and matches all domain names within that zone, otherwise it matches  only
       the domain name itself. For example, xyz.com matches only xyz.comP, while .xyz.com macthes
       not only xyz.com, but also  abc.xyz.com  and  this.and.that.xyz.com,  among  others.   The
       special  symbol ALL (which must be entirely in uppercase) matches everything. Domain names
       are otherwise case-insentive.

       When using a domain name in dst_addr, you have be very careful  in  maintaining  your  DNS
       setup. See the last few paragraphs in sockd.conf(5).

       When  a  multi-homed  sockd receives a network request, it first checks with /etc/sockd.fc
       (or /etc/sockd.conf) to decide whether the request should be allowed  or  denied.  For  an
       allowable  request,  sockd  then  checks  the  given destination IP address or domain name
       against the dst_addr dst_mask pair in /etc/sockd.route, one line at a line. Once  a  match
       is  found, the network interface of the corresponding if_addr field is used for connection
       to the destination host.  Remaining lines in the file are skipped. Therefore the order  of
       the  lines in the file is of extreme importance. If no match is found throughout the file,
       a line indicating the error is produced using syslog with facility daemon  and  level  err
       and the request is ignored.

       You   have   the   option  of  using  the  frozen  route  file  /etc/sockd.fr  instead  of
       /etc/sockd.route. The frosen file is produced  by  make_sockdfr  and  is  essentially  the
       memory image of the parsed route file. Using it can reduce the start-up delay of the SOCKS
       server since it eliminate the need for parsing. Since the SOCKS server  always  looks  for
       /etc/sockd.fr  first,  be  sure  that  you  always  run  make_sockdfr every time after you
       modifify /etc/sockd.route.

EXAMPLES

       Suppose you have a dual-homed host with interface 129.1.2.3 connecting  to  your  internal
       Class  B  network 129.1, and interface 129.1.254.1 connecting to the outside world. If you
       only use the SOCKS  server  to  provide  connections  to  outside  hosts,  then  the  file
       /etc/sockd.route only needs one line:

       129.1.254.1    0.0.0.0  0.0.0.0

       If you also use the SOCKS server to provide connection to internal hosts as well, then two
       lines would suffice:

       129.1.2.3 129.1.0.0  255.255.0.0
       129.1.254.1    0.0.0.0  0.0.0.0

       Note that these two lines must be in the order given above.

       If you prefer using domain name instead, the lines should be

       129.1.2.3       .myown.com  0.0.0.0
       129.1.254.1     0.0.0.0  0.0.0.0

       assuming that myown.com is your domain.

SEE ALSO

       dump_sockdfr(8), make_sockdfr(8), sockd(8), sockd.fr(5)

                                           May 6, 1996                             SOCKD.ROUTE(5)