1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
|
'\" t
.\" Title: tcpproxy
.\" Author: [see the "AUTHORS" section]
.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
.\" Date: 12/02/2010
.\" Manual: \ \&
.\" Source: \ \&
.\" Language: English
.\"
.TH "TCPPROXY" "8" "12/02/2010" "\ \&" "\ \&"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
tcpproxy \- IPv4/IPv6 tcp connection proxy
.SH "SYNOPSIS"
.sp
.nf
\fBtcpproxy\fR
[ \fB\-h|\-\-help\fR ]
[ \fB\-D|\-\-nodaemonize\fR ]
[ \fB\-u|\-\-username\fR <username> ]
[ \fB\-g|\-\-groupname\fR <groupname> ]
[ \fB\-C|\-\-chroot\fR <path> ]
[ \fB\-P|\-\-write\-pid\fR <filename> ]
[ \fB\-L|\-\-log\fR <target>:<level>[,<param1>[,<param2>[\&.\&.]]] ]
[ \fB\-U|\-\-debug\fR ]
[ \fB\-l|\-\-local\-addr\fR <host> ]
[ \fB\-t|\-\-local\-resolv\fR (ipv4|4|ipv6|6) ]
[ \fB\-p|\-\-local\-port\fR <service> ]
[ \fB\-r|\-\-remote\-addr\fR <host> ]
[ \fB\-R|\-\-remote\-resolv\fR (ipv4|4|ipv6|6) ]
[ \fB\-o|\-\-remote\-port\fR <service> ]
[ \fB\-s|\-\-source\-addr\fR <host> ]
[ \fB\-S|\-\-source\-resolv\fR (ipv4|4|ipv6|6) ]
[ \fB\-b|\-\-buffer\-size\fR <size> ]
[ \fB\-c|\-\-config\fR <file> ]
.fi
.SH "DESCRIPTION"
.sp
\fBtcpproxy\fR is a simple tcp connection proxy which combines the features of rinetd and 6tunnel\&. \fBtcpproxy\fR supports IPv4 and IPv6 and also supports connections from IPv6 to IPv4 endpoints and vice versa\&.
.SH "OPTIONS"
.sp
The following options can be passed to the \fBtcpproxy\fR daemon:
.PP
\fB\-D, \-\-nodaemonize\fR
.RS 4
This option instructs
\fBtcpproxy\fR
to run in foreground instead of becoming a daemon which is the default\&.
.RE
.PP
\fB\-u, \-\-username <username>\fR
.RS 4
run as this user\&. If no group is specified (\fB\-g\fR) the default group of the user is used\&. The default is to not drop privileges\&.
.RE
.PP
\fB\-g, \-\-groupname <groupname>\fR
.RS 4
run as this group\&. If no username is specified (\fB\-u\fR) this gets ignored\&. The default is to not drop privileges\&.
.RE
.PP
\fB\-C, \-\-chroot <path>\fR
.RS 4
Instruct
\fBtcpproxy\fR
to run in a chroot jail\&. The default is to not run in chroot\&.
.RE
.PP
\fB\-P, \-\-write\-pid <filename>\fR
.RS 4
Instruct
\fBtcpproxy\fR
to write it\(cqs pid to this file\&. The default is to not create a pid file\&.
.RE
.PP
\fB\-L, \-\-log <target>:<level>[,<param1>[,<param2>[\&.\&.]]]\fR
.RS 4
add log target to logging system\&. This can be invoked several times in order to log to different targets at the same time\&. Every target hast its own log level which is a number between 0 and 5\&. Where 0 means disabling log and 5 means debug messages are enabled\&.
The file target can be used more the once with different levels\&. If no target is provided at the command line a single target with the config
\fBsyslog:3,tcpproxy,daemon\fR
is added\&.
The following targets are supported:
.PP
\fBsyslog\fR
.RS 4
log to syslog daemon, parameters <level>[,<logname>[,<facility>]]
.RE
.PP
\fBfile\fR
.RS 4
log to file, parameters <level>[,<path>]
.RE
.PP
\fBstdout\fR
.RS 4
log to standard output, parameters <level>
.RE
.PP
\fBstderr\fR
.RS 4
log to standard error, parameters <level>
.RE
.RE
.PP
\fB\-U, \-\-debug\fR
.RS 4
This option instructs
\fBtcpproxy\fR
to run in debug mode\&. It implicits
\fB\-D\fR
(don\(cqt daemonize) and adds a log target with the configuration
\fBstdout:5\fR
(logging with maximum level)\&. In future releases there might be additional output when this option is supplied\&.
.RE
.PP
\fB\-l, \-\-local\-addr <host>\fR
.RS 4
The local address to bind to\&. By default
\fBtcpproxy\fR
will listen on any interface (IPv6 and IPv4)\&.
.RE
.PP
\fB\-t|\-\-local\-resolv (ipv4|4|ipv6|6)\fR
.RS 4
When resolving the local address (see above) use only IPv4 or IPv6\&. The default is to resolv both\&.
.RE
.PP
\fB\-p, \-\-local\-port <service>\fR
.RS 4
The local port to bind to\&. By default there is no port defined in which case
\fBtcpproxy\fR
will try to read the configuration file\&.
.RE
.PP
\fB\-r, \-\-remote\-addr <host>\fR
.RS 4
The remote address to connect to\&. Unless the configuration file should be used this must be set to a valid address or hostname\&.
.RE
.PP
\fB\-R|\-\-remote\-resolv (ipv4|4|ipv6|6)\fR
.RS 4
When resolving the remote address (see above) use only IPv4 or IPv6\&. The default is to resolv both\&.
.RE
.PP
\fB\-o, \-\-remote\-port <service>\fR
.RS 4
The remote port to connect to\&. Unless the configuration file should be used this must be set to a valid port or servicename\&.
.RE
.PP
\fB\-s, \-\-source\-addr <host>\fR
.RS 4
Instruct tcpproxy to use this source address for connections to
\fB\-R|\-\-remote\-address\fR\&. By default
\fBtcpproxy\fR
uses the default source address for the defined remote host\&.
.RE
.PP
\fB\-S|\-\-source\-resolv (ipv4|4|ipv6|6)\fR
.RS 4
When resolving the source address (see above) use only IPv4 or IPv6\&. The default is to resolv both\&.
.RE
.PP
\fB\-b, \-\-buffer\-size <size>\fR
.RS 4
The size of the transmit buffers to use\&.
\fBtcpproxy\fR
will allocate two buffers of this size for any client which is connected\&. By default a value of 10Kbytes is used\&.
.RE
.PP
\fB\-c, \-\-config <file>\fR
.RS 4
The path to the configuration file to be used\&. This is only evaluated if the local port is omitted\&.
.RE
.SH "EXAMPLES"
.sp
nothing yet\&.\&.
.SH "BUGS"
.sp
Most likely there are some bugs in \fBtcpproxy\fR\&. If you find a bug, please let the developers know at tcpproxy@spreadspace\&.org\&. Of course, patches are preferred\&.
.SH "SEE ALSO"
.sp
nothing yet\&.\&.
.SH "AUTHORS"
.sp
Christian Pointner <equinox@spreadspace\&.org>
.SH "RESOURCES"
.sp
Main web site: http://www\&.spreadspace\&.org/tcpproxy/
.SH "COPYING"
.sp
Copyright (C) 2010 Christian Pointner\&. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version\&.
|