summaryrefslogtreecommitdiff
path: root/dante/sockd.conf
blob: b2d3d0bd161889cb3ff1febfe6c47db7e3d9bfec (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# Log locations (what to log is defined below)
logoutput: stdout /var/log/sockd.log

# Traffic comes to "proxy" interface to get sent via "eth0"
internal: proxy port = 1080
external: eth0

# No authentication, let the VPN handle this
socksmethod: none
clientmethod: none

# Don't run as root, you dummy
user.privileged: sockd
user.unprivileged: sockd

# Use same port as client, uncomment to do this for <1024 too
#compatibility: sameport

# Rules when a client is trying to connect
client pass {
	from: 172.16.0.0/24 port 1024-65535 to: 0.0.0.0/0
	log: connect disconnect
}
client block {
	from: 0.0.0.0/0 to: 0.0.0.0/0
	log: connect error
}

# Rules once a client has connected
socks block {
	from: 0.0.0.0/0 to: 127.0.0.1/8
	log: connect error
}
socks pass {
	from: 172.16.0.0/24 to: 0.0.0.0/0
	protocol: tcp udp
	log: connect disconnect
}
socks block {
	from: 0.0.0.0/0 to: 0.0.0.0/0
	log: connect error
}