"Fossies" - the Fresh Open Source Software Archive

Member "tcpproxy-2.0.0-beta15/README" (11 Jan 2006, 6410 Bytes) of package /linux/privat/old/tcpproxy-2.0.0-beta15.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 
    2 Version 2.0.0 - 13SEP05wzk
    3 - ------------------------
    4 
    5   * Created simple .deb package.
    6 
    7   * The TCP/IP server argument can now be a comma separated list
    8     of servers, each server is tried till tcpproxy can connect to one.
    9 
   10   * Revised syslog messages.
   11 
   12   * -o <statdir>
   13 
   14   * Can bind to interface like `eth0'.  This actually binds to 0.0.0.0
   15     but uses the interface's real IP number when looking for a
   16     matching configuration.
   17 
   18   * Handles redirects from
   19 
   20 	# iptables -t nat -A PREROUTING --protocol tcp --dport 25 \
   21 		-j REDIRECT --to-port 8025
   22 
   23     when `-r' or `-rr' is set.
   24 
   25   * Changed -V response from "tcpproxy/2.0.0" to "tcpproxy 2.0.0".
   26 
   27   * Changed interpretation of named interface like "interface xyz",
   28     before it was used as name of an IP number an now it's interpreted
   29     as interface name.
   30 
   31   * Change: stderr is not longer connected to the remote client.
   32 
   33   * IP access control lists.
   34 
   35   * Error handler.
   36 
   37   * Changed environment variable names, added variables.
   38 
   39 
   40 
   41 Version 1.1.12 - 15JUN05wzk
   42 - -------------------------
   43 
   44   * Added `-q' option to set a single source IP for the outgoing
   45     connection (`srcip' configuration option).
   46 
   47 
   48 Version 1.1.10 - 28JUL04wzk
   49 - -------------------------
   50 
   51   * Added ability to accept redirected connections with the `-x'
   52     option.
   53 
   54 
   55 Version 1.1.9 - 03APR04wzk
   56 - ------------------------
   57 
   58   * Added debug configuration option.
   59 
   60   * Modified traffic debugging output.
   61 
   62   * Documented the NETBIOS proxy workaround.
   63 
   64   * Changed error exit codes from `-1' to `1'.
   65 
   66 
   67 Version 1.1.7
   68 - -----------
   69 
   70   * Bugfix in while/select loop, additional diagnostic logging.
   71 
   72 
   73 Version 1.1.6 - 24MAR00wzk
   74 - ------------------------
   75 
   76   * Minor bug fix: tcpproxy didn't close all listening sockets after
   77     accepting a connection.
   78 
   79 
   80 Version 1.1.5 - 20MAR00wzk
   81 - ------------------------
   82 
   83   * Changed uid/gid handling: tcpproxy will now keep it's ids after
   84     startup until an incoming connection is accepted.
   85 
   86   * The logname directive sets a different name for syslog logging.
   87 
   88 
   89 Version 1.1.4 - 11NOV99wzk
   90 - ------------------------
   91 
   92   * Added the use of shutdown() when the client closes it's output
   93     channel.
   94 
   95   * Added the -w option.
   96 
   97 
   98 Version 1.1.3 - 13OCT99wzk
   99 - ------------------------
  100 
  101   * Added access control programs to grant or deny requests based
  102     on almost anything.
  103 
  104   * Fixed -z handling, works now also for command line configurations.
  105 
  106   * tcpproxy accepts now port names from /etc/services.
  107 
  108 
  109 Version 1.1.2
  110 - -----------
  111 
  112   * Option -c is now an alias for -f.
  113 
  114   * Option -z: lists the configured server ports.  This data can be
  115     used if the tcpproxy services should be should down with the
  116     netuser or fuser command.
  117     
  118   * tcpproxy tried to write it's pidfile after changing it's user
  119     and failed when opening the file in a directory owned by root.
  120 
  121 
  122 
  123 README for tcpproxy-1.1.0
  124 - -----------------------
  125 
  126   * What is tcpproxy?
  127     tcpproxy is a program that forwards TCP/IP requests to another,
  128     the real server, machine.  Another description for it's function
  129     is `port redirection'.
  130 
  131     It can be used with or without a configuration file either as
  132     standalone daemon or server or from within inetd.
  133 
  134     tcpproxy was written for usage on some kind of firewall or
  135     Internet/intranet access system.
  136 
  137     tcpproxy doesn't protect your server against network attacks like
  138     buffer overflows or application protocol violations because it
  139     simply doesn't care what kind of data it transmits.  You'll have
  140     to use real application gateway proxys for that.
  141 
  142 
  143   * Usage
  144 
  145     tcpproxy is able to forward the following incomplete list of
  146     application protocols:
  147 
  148     	SMTP, POP3, NNTP, NetBIOS (samba), HTTP, gopher ...
  149 	<any protocol using simple TCP connection goes here>
  150 
  151     FTP is not supported because it uses a second TCP connections
  152     for data transmission.
  153 
  154     You can use tcpproxy to access servers on the other side of
  155     your Internet access system.  If you have more outside servers
  156     than one to access you can either use an application gateway
  157     that supports server selection (pop3.proxy not contained in
  158     this archive) or setup a virtual interface on the inner side
  159     of your access system because tcpproxy does server selection
  160     based on it's connected interface.  See the manpage for an
  161     example configuration.
  162 
  163 
  164   * Handling requests by programs -- Service Routing
  165 
  166     tcpproxy supports also server programs residing on the access
  167     system that handle incoming requests in a way normal inetd
  168     does it.  tcpproxy won't however run as root so it's not
  169     possible to start a local POP3 server from within tcpproxy.
  170 
  171     But you can use this feature for service routing.  Consider
  172     the following example:
  173 
  174     Your internal network is 192.168.1.1/24 with the local mail
  175     server on mail.internal.com, the access server's external ip is
  176     192.7.100.114 and the external mail server of your provider
  177     (which we will use as relay) is on mail.provider.com.
  178 
  179     Now you want to forward connects from the internal network be
  180     forwarded to mail.provider.com and connects from the Internet
  181     being forwarded to your local mail server.  The following
  182     setup in /etc/tcpproxy.conf will solve that:
  183 
  184       port 25
  185       
  186         interface 192.7.100.114
  187 	  server mail.internal.com
  188 	
  189 	interface 192.168.1.1
  190 	  server mail.provider.com
  191 
  192     Solving this example with service routing goes this way:  First
  193     we startup the proxy server to forward traffic across the access
  194     server:
  195 
  196       root@access-system/~ # tcpproxy -b 25 /usr/local/sbin/smtp-handler
  197 
  198     The smtp-handler program is something like:
  199 
  200       #!/bin/akanga -p
  201       #
  202       # smtp-handler -- route SMTP connections
  203       #
  204 
  205       ipconf = `{ ipnumber -c 192.168.1.1/24 $PROXY_CLIENT }
  206       if (~ $ipconf(5) -) {
  207               # connect from the internet
  208 	      #
  209       	      exec tcpproxy mail.internal.com:25
  210       } else {
  211 	      # connect from an internal IP number
  212 	      #
  213 	      exec tcpproxy mail.provider.com:25
  214               }
  215 
  216     While this setup is much more complex than the solution with the
  217     configuration file it provides a way of implementing service routing
  218     or access control based on the tcpproxy's client or interface.
  219 
  220     Notice that none of the programs used in smtp-handler is included in
  221     the tcpproxy package.  You'll have to get them separate.
  222