summaryrefslogtreecommitdiff
path: root/doc/afserver.1
blob: 887d79bb79f4acd25b2bf5c08169537afcf5fbe2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
.TH afserver 1 "apf 0.8.4" Jeremian
.SH NAME
afserver \- active port forwarder server
.SH SYNOPSIS
.B afserver [
.I options
.B ]
.SH DESCRIPTION
.B Afserver
is a port forwarding program designed to be efficient and easy to use. It listens for incoming
.B afclient
connections at listenport (default listenport is 50126). After successful client authorization,
.B afserver
listens for incoming user connections. When a new user connection is opened, all the data is redirected to previously connected
.B afclient,
which redirects it to the specified destination host:port.
.SH EXAMPLES
.B afserver
  program starts with default options (become a daemon)
  
.B afserver -v
  verbose mode is enabled (program won't enter daemon mode)
  
.B afserver -n localhost -l 5435 -m 6375
  program will listen on localhost:5435 for users and on localhost:6375 for clients
.SH OPTIONS
.I "Basic options"

.B -n, --hostname NAME
  used when creating listening sockets (default: '')

.B -l, --listenport [HOST:]PORT
  listening [host:]port number - users connect to it (default: 50127)

.B -m, --manageport [HOST:]PORT
  manage [host:]port number -
.I afclient
connects to it (default: 50126)

.B -V, --version
  display version number

.B -h, --help
  prints help screen

.I Authorization

.B --pass PASSWORD
  password used for client identification (default: no password)

.I Configuration

.B -c, --cerfile FILE
  the name of the file with certificate (default: server-cert.pem)

.B -A, --cacerfile FILE
  the name of the file with CA certificates (if used, require clients to have valid certificates)

.B -d, --cerdepth
  the maximum depth of valid certificate-chains

.B -k, --keyfile FILE
  the name of the file with RSA key (default: server.rsa)
  
.B -f, --cfgfile FILE
  the name of the file with the configuration for the
.I afserver

.B -D, --dateformat FORMAT
  format of the date printed in logs (see 'man strftime' for details) (default: %d.%m.%Y %H:%M:%S)

.B -t, --timeout N
  the timeout value for the client's connection (default: 5)

.B --maxidle N
  the maximum idle time for the client's connection (default: disabled)

.B -u, --users N
  the amount of users allowed to use this server (default: 5)

.B -C, --clients N
  the number of allowed clients to use this server (default: 1)

.B -r, --realm
  set the realm name (default: none)

.B -R, --raclients N
  the number of allowed clients in remote administration mode to use this server (default: 1)

.B -U, --usrpcli N
  the number of allowed users per client (default: $users)

.B -M, --climode N
  strategy used to connect users with clients (default: 1)
  Available strategies:
    1. fill first client before go to next

.B -p, --proto TYPE
  type of server (tcp|udp) - what protocol it will be operating for (default: tcp)

.B -b, --baseport
  listenports are temporary and differ for each client

.B -a, --audit
  additional information about connections are logged

.B --nossl
  ssl is not used to transfer data (but it's still used to establish a connection) (default: ssl is used)

.B --nozlib
  zlib is not used to compress data (default: zlib is used)

.B --dnslookups
  try to obtain dns names of the computers rather than their numeric IP

.I Logging

.B -o, --log LOGCMD
  log choosen information to file/socket
  
.B -v, --verbose
  to be verbose - program won't enter the daemon mode (use several times for greater effect)

.I "IP family"

.B -4, --ipv4
  use ipv4 only
  
.B -6, --ipv6
  use ipv6 only

.I HTTP PROXY

.B -P, --enableproxy
  enable http proxy mode

.SH "REMOTE ADMINISTRATION"

Currently available commands are:

.B help
  display help

.B lcmd
  lists available commands

.B info
  prints info about server

.B rshow
  display realms

.B cshow X
  display clients in X realm

.B ushow X
  display users in X realm

.B quit
  quit connection

.B timeout N X
  set timeout value in X realm

.B audit {0|1} X
  set audit mode in X realm

.B dnslookups {0|1} X
  set dnslookups mode in X realm

.B dateformat S
  set dateformat

.B kuser S
  kick user named S

.B kclient N
  kick client with number N

.SH "LOGCMD FORMAT"

.B LOGCMD
has the following synopsis:
.B target,description,msgdesc

Where
.B target
is
.B file
or
.B sock

.B description
is
.B filename
or
.B host,port

and
.B msgdesc
is the subset of:

.B LOG_T_ALL,
.B LOG_T_USER,
.B LOG_T_CLIENT,
.B LOG_T_INIT,
.B LOG_T_MANAGE,
.B LOG_T_MAIN,
.B LOG_I_ALL,
.B LOG_I_CRIT,
.B LOG_I_DEBUG,
.B LOG_I_DDEBUG,
.B LOG_I_INFO,
.B LOG_I_NOTICE,
.B LOG_I_WARNING,
.B LOG_I_ERR

written without spaces.

  Example:

  file,filename,LOG_T_ALL,LOG_I_CRIT,LOG_I_ERR,LOG_I_WARNING

.SH "SEE ALSO"

.BR afserver.conf (5),
.BR afclient (1),
.BR afclient.conf (5)

.SH BUGS

.B Afserver
is still under development. There are no known open bugs at the moment.

.SH "REPORTING BUGS"

Please report bugs to <jeremian [at] poczta.fm>

.SH AUTHOR

Jeremian <jeremian [at] poczta.fm>

.SH CONTRIBUTIONS

Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru> Marco Solari <marco.solari [at] koinesistemi.it>, and Joshua Judson Rosen <rozzin [at] geekspace.com>

.SH LICENSE

Active Port Forwarder is distributed under the terms of the GNU General Public License v2.0 and is copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>. See the file COPYING for details.