Manual Reference Pages - TCPPROXY (8)
tcpproxy - IPv4/IPv6 tcp connection proxy
[ -h|--help ]
[ -D|--nodaemonize ]
[ -u|--username <username> ]
[ -g|--groupname <groupname> ]
[ -C|--chroot <path> ]
[ -P|--write-pid <filename> ]
[ -L|--log <target>:<level>[,<param1>[,<param2>[..]]] ]
[ -U|--debug ]
[ -l|--local-addr <host> ]
[ -t|--local-resolv (ipv4|4|ipv6|6) ]
[ -p|--local-port <service> ]
[ -r|--remote-addr <host> ]
[ -R|--remote-resolv (ipv4|4|ipv6|6) ]
[ -o|--remote-port <service> ]
[ -s|--source-addr <host> ]
[ -b|--buffer-size <size> ]
[ -c|--config <file> ]
tcpproxy is a simple tcp connection proxy which combines the features of rinetd and 6tunnel. tcpproxy supports IPv4 and IPv6 and also supports connections from IPv6 to IPv4 endpoints and vice versa.
The following options can be passed to the tcpproxy daemon:
This option instructs
to run in foreground instead of becoming a daemon which is the default.
-u, --username <username>
run as this user. If no group is specified (-g) the default group of the user is used. The default is to not drop privileges.
-g, --groupname <groupname>
run as this group. If no username is specified (-u) this gets ignored. The default is to not drop privileges.
-C, --chroot <path>
to run in a chroot jail. The default is to not run in chroot.
-P, --write-pid <filename>
to write its pid to this file. The default is to not create a pid file.
-L, --log <target>:<level>[,<param1>[,<param2>[..]]]
add log target to logging system. This can be invoked several times in order to log to different targets at the same time. Every target has its own log level which is a number between 0 and 5. Where 0 means disabling log and 5 means debug messages are enabled.
The file target can be used more than once with different levels. If no target is provided at the command line a single target with the config
The following targets are supported:
log to syslog daemon, parameters <level>[,<logname>[,<facility>]]
log to file, parameters <level>[,<path>]
log to standard output, parameters <level>
log to standard error, parameters <level>
This option instructs
to run in debug mode. It implicits
(dont daemonize) and adds a log target with the configuration
(logging with maximum level). In future releases there might be additional output when this option is supplied.
-l, --local-addr <host>
The local address to bind to. By default
will listen on any interface (IPv6 and IPv4).
When resolving the local address (see above) use only IPv4 or IPv6. The default is to resolv both.
-p, --local-port <service>
The local port to bind to. By default there is no port defined in which case
will try to read the configuration file.
-r, --remote-addr <host>
The remote address to connect to. Unless the configuration file should be used this must be set to a valid address or hostname.
When resolving the remote address (see above) use only IPv4 or IPv6. The default is to resolv both. Mind that this also effects resolving of the source address (see below) as the remote and source addresses must be of the same protocol familiy.
-o, --remote-port <service>
The remote port to connect to. Unless the configuration file should be used this must be set to a valid port or servicename.
-s, --source-addr <host>
Instruct tcpproxy to use this source address for connections to
-R|--remote-address. By default
uses the default source address for the defined remote host.
-b, --buffer-size <size>
The size of the transmit buffers to use.
will allocate two buffers of this size for any client which is connected. By default a value of 10Kbytes is used.
-c, --config <file>
The path to the configuration file to be used. This is only evaluated if the local port is omitted.
If the configuratin file is used it should contain one or more of the following stanzas:
listen (*|address|hostname) (port-number|service-name)
remote: (address|hostname) (port-number|service-name);
Everything between the curly brackets except for the remote parameter may be omitted.
After receiving the HUP signal tcpproxy tries to reload the configuration file. It only reopens a listen socket if the local address and or port has changed. Therefore reloading the configuration after the daemon has dropped privileges is safe as long as there are no changes in the local address and port. However this is only of concern if any of the listen ports is a privileged port (<1024). If there is a syntax error at the configuration file all changes are discarded. On SIGUSR1 tcpproxy prints some information about the listening sockets and after SIGUSR2 information about open client connections is printed. This is sent to all configured log targets at a level of 3.
Most likely there are some bugs in tcpproxy. If you find a bug, please let the developers know at firstname.lastname@example.org. Of course, patches are preferred.
Christian Pointner <email@example.com>
Main web site: http://www.spreadspace.org/tcpproxy/
Copyright (C) 2010-2015 Christian Pointner. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version.
| & ||TCPPROXY (8) ||05/13/2015 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.