About / etc / service real service is started here. When a customer requests a known port (<1024) to the firewall computer, such as the 23 port of Telnet, inetd looks for this service in the / etc / service file Name. Then call the corresponding application specified in inetd.conf. Some services we create are often not in / etc / services, you have the freedom to specify ports. For example, I specified as 24 of the Administrator's Telnet port. You can even use 2323. Therefore, as an administrator, you must Telnet to 24 ports when accessing the firewall, and if you set netperm-table, you can only access the firewall from the internal network. Telnet-A 24 / TCP FTP-GW 21 / TCP # this named Changed Auth 113 / TCP Ident # User Verification SSL-GW 443 / TCP 8.SOCKS Proxy Server 8.1 Installation (Translation: This article is based on SOCKS4.2 (SOCKS4), given that SOCKS5 has become At present, the translator will specify as much as possible for both.
From ftp://sunsite.unc.edu/pub/linux/system/neetwork/misc/socks-linux-src.tgz to get a SOCKS proxy server. There is also a sample profile "Socks-Conf" in the same directory. Unwrapping Make. I have touched some questions, the key is to ensure that the makefile is correct. It is worth noting to join the Proxy Server. Etc / inetd.conf. You must join a line: (Translation: SOCKS5 can also be launched in other ways, seeing its document) Socks Stream TCP NOWAIT NOBODY / USR / LOCAL / ETC / SOCKD SOCKD to start the service when requested. 8.2 Configuring a proxy service SOCKS program requires two profiles. One is used to confirm access licenses, and another route between the client is between the agent server. Access the license profile on the server, while routing configuration files in each un * x On the machine, DOS can drive itself, and the MAC should also be routing themselves. Configuration Access License In SOCKS4.2Beta, the configuration file is "sockd.conf". It contains two rows, which are used to accept and reject access. Each line consists of three items: * Mark (deny) * IP address * address * The value of the modified marker is Permit / deny, each occupied one line. The IP address is a typical 4byte format separated by the sentence. For example: 192.168.2.0 address correction, similar to subnet, this number is 32, if a Bit is 1, it must be the same as the value of the IP address it examined, for example, if the behavior: Permit 192.168.2.0 255.255.255.0 indicates all in the range of 192.168.2.2.0 to 192.168.255 Class C address, the following line is dangerous: Permit 192.168.2.0 0.0.0.0 Because this is equal to no address matching check, all access is allowed to allow all access! Therefore, first set the allowable range and restroom. The following two lines are allowed to be from 192.168.2.xxx all access: permit 192.168.2.0 255.255.0.0 deny 0.0.0.0 0.0.0.0 Note the back, the first "0.0." 0.0. 0.0 "What does not matter, because its shield value is" 0.0.0.0 ", all zero is easy to write. It is also legal for more than one item. It is also possible to configure the receipt or rejection of the specified user access. Completed by authentication. But not all systems support, including Trumpet Winsock, so I no longer introduce the relevant content, specifically refer to SOCKS text. Configure the routing routing profile being crowning with a bad name: "SOCKS.CONF "The reason is bad because the previous file name is too like, it is easy to make people misunderstand. The routing profile determines when using SOCK. For example: in our network, 192.168.2.3 between 192.168.2.1 You don't need to use Sock and firewall dialogue, but through the Ethernet. It also defines your IP loop, 127.0.0.1, you don't need to use SOCK to talk to your own: * Deny * Direct * SOCKD DENY Indicates when SOCKS rejects requests. That is the same as sockd.conf, each line contains three domains, IP, IP, IP, these also by Sockd.conf and access files, so IP correction this The item can be set here 0.0.0.0. If you can't access yourself, you can set it here.
