1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
|
.TH afserver 1 "apf 0.8.5" Jeremian
.SH NAME
afserver \- active port forwarder server
.SH SYNOPSIS
.B afserver [
.I options
.B ]
.SH DESCRIPTION
.B Afserver
is a port forwarding program designed to be efficient and easy to use. It listens for incoming
.B afclient
connections at listenport (default listenport is 50126). After successful client authorization,
.B afserver
listens for incoming user connections. When a new user connection is opened, all the data is redirected to previously connected
.B afclient,
which redirects it to the specified destination host:port.
.SH EXAMPLES
.B afserver
program starts with default options (become a daemon)
.B afserver -v
verbose mode is enabled (program won't enter daemon mode)
.B afserver -n localhost -l 5435 -m 6375
program will listen on localhost:5435 for users and on localhost:6375 for clients
.SH OPTIONS
.I "Basic options"
.B -n, --hostname NAME
used when creating listening sockets (default: '')
.B -l, --listenport [HOST:]PORT
listening [host:]port number - users connect to it (default: 50127)
.B -m, --manageport [HOST:]PORT
manage [host:]port number -
.I afclient
connects to it (default: 50126)
.B -V, --version
display version number
.B -h, --help
prints help screen
.I Authorization
.B --pass PASSWORD
password used for client identification (default: no password)
.I Configuration
.B -c, --cerfile FILE
the name of the file with certificate (default: server-cert.pem)
.B -A, --cacerfile FILE
the name of the file with CA certificates (if used, require clients to have valid certificates)
.B -d, --cerdepth
the maximum depth of valid certificate-chains
.B -k, --keyfile FILE
the name of the file with RSA key (default: server.rsa)
.B -f, --cfgfile FILE
the name of the file with the configuration for the
.I afserver
.B -D, --dateformat FORMAT
format of the date printed in logs (see 'man strftime' for details) (default: %d.%m.%Y %H:%M:%S)
.B -t, --timeout N
the timeout value for the client's connection (default: 5)
.B --maxidle N
the maximum idle time for the client's connection (default: disabled)
.B -u, --users N
the amount of users allowed to use this server (default: 5)
.B -C, --clients N
the number of allowed clients to use this server (default: 1)
.B -r, --realm
set the realm name (default: none)
.B -R, --raclients N
the number of allowed clients in remote administration mode to use this server (default: 1)
.B -U, --usrpcli N
the number of allowed users per client (default: $users)
.B -M, --climode N
strategy used to connect users with clients (default: 1)
Available strategies:
1. fill first client before go to next
.B -p, --proto TYPE
type of server (tcp|udp) - what protocol it will be operating for (default: tcp)
.B -b, --baseport
listenports are temporary and differ for each client
.B -a, --audit
additional information about connections are logged
.B --nossl
ssl is not used to transfer data (but it's still used to establish a connection) (default: ssl is used)
.B --nozlib
zlib is not used to compress data (default: zlib is used)
.B --dnslookups
try to obtain dns names of the computers rather than their numeric IP
.I Logging
.B -o, --log LOGCMD
log choosen information to file/socket
.B -v, --verbose
to be verbose - program won't enter the daemon mode (use several times for greater effect)
.I "IP family"
.B -4, --ipv4
use ipv4 only
.B -6, --ipv6
use ipv6 only
.SH "REMOTE ADMINISTRATION"
Currently available commands are:
.B help
display help
.B lcmd
lists available commands
.B info
prints info about server
.B rshow
display realms
.B cshow X
display clients in X realm
.B ushow X
display users in X realm
.B quit
quit connection
.B timeout N X
set timeout value in X realm
.B audit {0|1} X
set audit mode in X realm
.B dnslookups {0|1} X
set dnslookups mode in X realm
.B dateformat S
set dateformat
.B kuser S
kick user named S
.B kclient N
kick client with number N
.SH "LOGCMD FORMAT"
.B LOGCMD
has the following synopsis:
.B target,description,msgdesc
Where
.B target
is
.B file
or
.B sock
.B description
is
.B filename
or
.B host,port
and
.B msgdesc
is the subset of:
.B LOG_T_ALL,
.B LOG_T_USER,
.B LOG_T_CLIENT,
.B LOG_T_INIT,
.B LOG_T_MANAGE,
.B LOG_T_MAIN,
.B LOG_I_ALL,
.B LOG_I_CRIT,
.B LOG_I_DEBUG,
.B LOG_I_DDEBUG,
.B LOG_I_INFO,
.B LOG_I_NOTICE,
.B LOG_I_WARNING,
.B LOG_I_ERR
written without spaces.
Example:
file,filename,LOG_T_ALL,LOG_I_CRIT,LOG_I_ERR,LOG_I_WARNING
.SH "SEE ALSO"
.BR afserver.conf (5),
.BR afclient (1),
.BR afclient.conf (5)
.SH BUGS
.B Afserver
is still under development. There are no known open bugs at the moment.
.SH "REPORTING BUGS"
Please report bugs to <jeremian [at] poczta.fm>
.SH AUTHOR
Jeremian <jeremian [at] poczta.fm>
.SH CONTRIBUTIONS
Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru> Marco Solari <marco.solari [at] koinesistemi.it>, and Joshua Judson Rosen <rozzin [at] geekspace.com>
.SH LICENSE
Active Port Forwarder is distributed under the terms of the GNU General Public License v2.0 and is copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>. See the file COPYING for details.
|