summaryrefslogtreecommitdiff
path: root/doc/afserver.conf.5
blob: b9a399a9a9980c50605a1e67468bca8da404959d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
.TH afserver.conf 5 "apf 0.8.5" Jeremian
.SH NAME
afserver.conf \- Configuration File for afserver
.SH INTRODUCTION
.B Afserver
supports several mechanisms to supply configuration and run-time parameters: command line options,
.B afserver.conf
and hard-coded defaults. When the same information is supplied in more than one way, the highest precedence mechanism is used. When configuration file is used (option:
.IR "-f FILE")
command line options like
.IR --hostname ,
.IR --listenport ,
.I --manageport
and
.I --pass
are ignored. Options from configuration file are taken before values from command line (with the exception of
.IR --cerfile ,
.I --keyfile
and
.I --dateformat
). When something is not declared, hard-coded values are used.

.SH DESCRIPTION
.B Afserver
uses configuration file, which name is supplied by the
.I -f FILE
option. The
.B afserver.conf
file is composed of two sections which have to be in fixed order. In first section global values like cerfile, keyfile and logging options are set. The second section starts with first
.B realm
command and includes options describing specific realms. There may be several
.B realm
commands.

.SH "GLOBAL OPTIONS"

.B cerfile FILE
  the name of the file with certificate (default: server-cert.pem)

.B cacerfile FILE
  the name of the file with CA certificates (if used, require clients to have valid certificates)

.B cerdepth N
  the maximum depth of valid certificate-chains

.B keyfile FILE
  the name of the file with RSA key (default: server.rsa)

.B log LOGCMD
  log choosen information to file/socket

.B dateformat FORMAT
  format of the date printed in logs (see 'man strftime' for details) (default: %d.%m.%Y %H:%M:%S). Format string is trimmed. In order to include white characters into format string, use dots to mark beginning and end of the text. If the dot is first or last character, it's removed. Only one character from the beginning and one from the end can be removed.

.SH "REALM OPTIONS"

.B realm [NAME]
  starts configuration of the next realm. Name of the realm can be specified using this option.

.B hostname NAME
  used when creating listening sockets (default: '')

.B listenport PORT
  listening port number - users connect to it (required at least one)

.B manageport PORT
  manage port number - afclient connects to it (required at least one)

.B pass PASSWORD
  password used for client identification (default: no password)

.B users N
  the amount of users allowed to use this server (default: 5)
  
.B timeout N
  the timeout value for the client's connection (default: 5)
 
.B --maxidle N
  the maximum idle time for the client's connection (default: disabled)
 
.B clients N
  the number of allowed clients to use this server (default: 1)
  
.B raclients N
  the number of allowed clients in remote administration mode to use this server (default: 1)
  
.B usrpcli N
  the number of allowed users per client (default: $users)
  
.B climode N
  strategy used to connect users with clients (default: 1)
  Available strategies:
    1. fill first client before go to next
    
.B proto TYPE
  type of server (tcp|udp) - what protocol it will be operating for (default: tcp)

.B nossl
  ssl is not used to transfer data (but it's still used to establish a connection) (default: ssl is used)
  
.B nozlib
  zlib is not used to compress data (default: zlib is used)
  
.B baseport
  listenports are temporary and differ for each client

.B audit
  additional information about connections are logged
  
.B dnslookups
  try to obtain dns names of the computers rather than their numeric IP
  
.B ipv4
  use ipv4 only
  
.B ipv6
  use ipv6 only

.SH "SEE ALSO"

.BR afclient.conf (5),
.BR afclient (1),
.BR afserver (1)

.SH AUTHOR

Jeremian <jeremian [at] poczta.fm>

.SH CONTRIBUTIONS

Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru>, Marco Solari <marco.solari [at] koinesistemi.it>, and Joshua Judson Rosen <rozzin [at] geekspace.com>

.SH LICENSE

Active Port Forwarder is distributed under the terms of the GNU General Public License v2.0 and is copyright (C) 2003-2007 jeremian <jeremian [at] poczta.fm>. See the file COPYING for details.