GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
NYLON(1) FreeBSD General Commands Manual NYLON(1)

nylon
a lightweight and highly configurable proxy server

nylon [-h] [-v] [-V] [-f] [-s] [-n] [-4] [-5] [-a list] [-d list] [-m addr] [-p port] [-i ip/if] [-I ip/if] [-P file] [-c file]

nylon is a proxy server. This version supports SOCKS 4 and SOCKS 5 protocols, as well as a mirror mode. nylon is fully configurable, and can be configured from either the command line or a provided configuration file.

The options are as follows:

Displays help.
Increases the verbosity level (can be specified multiple times).
Prints version.
Runs nylon in the foreground and prints all output to the terminal.
Forces all output to syslog.
Shows all network addresses as numbers.
Disables SOCKS4 support
Disables SOCKS5 support
list
Sets the host allow list to list.
list
Sets the host deny list to list.
addr
Runs nylon in mirror mode. In this mode, any proxy protocol negotiations are disregarded, and the address provided is simply mirrored. addr is in "host:port" format and specifies the target machine and port to mirror. If no local binding port is specified (via the p switch, or in the configuration file), nylon will bind to a local port matching the remote port specified.
port
Bind server to port port. By default, nylon will bind to the "socks" port (1080).
ip/if
Bind server to the interface or address ip/if.
ip/if
Make outgoing connections through the interface or address ip/if.
file
Specify PID file file. By default, /var/run/nylon.pid is used.
file
Specify configuration file file.

The configuration file can be used as a replacement for the command line options. Please see the provided file nylon.conf for more information.

Access to the services provided by nylon are governed by the the host allow and deny lists. These are lists composed of hosts and networks. Hosts can be specified either by their hostname, or their IP address. Networks are specified by a network address and mask in the form "address/bits", where "bits" specifies how many bits of the address are to be used to represent the network mask.

Given an address, whether access is given or not is determined as such. If the address matches any address in the deny list, access is explicitly denied. If the address matches any address in the allow list, access is explititly allowed, unless it is also matched in the deny list. If the deny list is empty, only addresses in the allow list are allowed. If the allow list is empty, all addresses, except for those that are in the deny list, are allowed

By default, the allow list is set to "localhost" and the deny list set to "" (empty).

nylon -i fxp1 -a "localhost trusted.com 10.0.0.0/24" -m cnn.com:http

Mirrors the http service on cnn.com onto the local http port. Only hosts coming from localhost, trusted.com and the network 10.0.0.0/24 are allowed to use this mirroring service. Additionally, the server binds to the IP address belonging to the ethernet interface fxp1.

nylon -f -a "" -d "nasty.com intruders.com" -vvvvvv

Runs nylon as a SOCKS server in the foreground. All hosts except for nasty.com and intruders.com are allowed to access the service. nylon runs with a high verbosity level.

The nylon server complies with the SOCKS5 (RFC 1928) and SOCKS4 specifications.

This product includes software developed by Ericsson Radio Systems.

This product includes software developed by the University of California, Berkeley and its contributors.

The nylon software has been developed by Marius Aamodt Eriksen ⟨marius@monkey.org⟩.

August 14, 2002 FreeBSD 13.1-RELEASE

Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.