afserver(1)
NAME
afserver - active port forwarder server
SYNOPSIS
afserver [ options ]
DESCRIPTION
Afserver is a port forwarding program designed to be efficient and easy to use. It listens for incoming afclient connections at listenport (default listenport is 50126). After successful client authorization, afserver listens for incoming user connections. When a new user connection is opened, all the data is redirected to previously connected afclient, which redirects it to the specified destination host:port.
EXAMPLES
- afserver
- program starts with default options (become a daemon)
- afserver -v
- verbose mode is enabled (program won't enter daemon mode)
- afserver -n localhost -l 5435 -m 6375
- program will listen on localhost:5435 for users and on localhost:6375
- for clients
OPTIONS
Basic options
- -n, --hostname NAME
- used when creating listening sockets (default: '')
- -l, --listenport [HOST:]PORT
- listening [host:]port number - users connect to it (default: 50127)
- -m, --manageport [HOST:]PORT
- manage [host:]port number - afclient connects to it (default: 50126)
- -V, --version
- display version number
- -h, --help
- prints help screen
- Authorization
- --pass PASSWORD
- password used for client identification (default: no password)
- Configuration
- -c, --cerfile FILE
- the name of the file with certificate (default: server-cert.pem)
- -A, --cacerfile FILE
- the name of the file with CA certificates (if used, require clients
- to have valid certificates)
- -d, --cerdepth
- the maximum depth of valid certificate-chains
- -k, --keyfile FILE
- the name of the file with RSA key (default: server.rsa)
- -f, --cfgfile FILE
- the name of the file with the configuration for the afserver
- -D, --dateformat FORMAT
- format of the date printed in logs (see 'man strftime' for details)
- (default: %d.%m.%Y %H:%M:%S)
- -t, --timeout N
- the timeout value for the client's connection (default: 5)
- --maxidle N
- the maximum idle time for the client's connection (default: disabled)
- -u, --users N
- the amount of users allowed to use this server (default: 5)
- -C, --clients N
- the number of allowed clients to use this server (default: 1)
- -r, --realm
- set the realm name (default: none)
- -R, --raclients N
- the number of allowed clients in remote administration mode to use
- this server (default: 1)
- -U, --usrpcli N
- the number of allowed users per client (default: $users)
- -M, --climode N
- strategy used to connect users with clients (default: 1)
Available strategies:
1. fill first client before go to next - -p, --proto TYPE
type of server (tcp|udp) - what protocol it will be operating for - (default: tcp)
- -b, --baseport
listenports are temporary and differ for each client - -a, --audit
additional information about connections are logged - --nossl
ssl is not used to transfer data (but it's still used to establish a - connection) (default: ssl is used)
- --nozlib
zlib is not used to compress data (default: zlib is used) - --dnslookups
try to obtain dns names of the computers rather than their numeric IP - Logging
- -o, --log LOGCMD
log choosen information to file/socket - -v, --verbose
to be verbose - program won't enter the daemon mode (use several - times for greater effect)
- IP family
- -4, --ipv4
use ipv4 only - -6, --ipv6
use ipv6 only - HTTP PROXY
- -P, --enableproxy
enable http proxy mode
REMOTE ADMINISTRATION
Currently available commands are:
- help
- display help
- lcmd
lists available commands - info
prints info about server - rshow
display realms - cshow X
display clients in X realm - ushow X
display users in X realm - quit
quit connection - timeout N X
set timeout value in X realm - audit {0|1} X
set audit mode in X realm - dnslookups {0|1} X
set dnslookups mode in X realm - dateformat S
set dateformat - kuser S
kick user named S - kclient N
kick client with number N
LOGCMD FORMAT
LOGCMD has the following synopsis: target,description,msgdesc
Where target is file or sock
description is filename or host,port
and msgdesc is the subset of:
LOG_T_ALL, LOG_T_USER, LOG_T_CLIENT, LOG_T_INIT, LOG_T_MANAGE, LOG_T_MAIN, LOG_I_ALL, LOG_I_CRIT, LOG_I_DEBUG, LOG_I_DDEBUG, LOG_I_INFO, LOG_I_NOTICE, LOG_I_WARNING, LOG_I_ERR
- written without spaces.
- Example:
- file,filename,LOG_T_ALL,LOG_I_CRIT,LOG_I_ERR,LOG_I_WARNING
SEE ALSO
afserver.conf(5), afclient(1), afclient.conf(5)
BUGS
Afserver is still under development. There are no known open bugs at
the moment.
REPORTING BUGS
Please report bugs to <jeremian [at] poczta.fm>
AUTHOR
Jeremian <jeremian [at] poczta.fm>
CONTRIBUTIONS
Alex Dyatlov <alex [at] gray-world.net>, Simon <scastro [at] entreelibre.com>, Ilia Perevezentsev <iliaper [at] mail.ru> Marco Solari
<marco.solari [at] koinesistemi.it>, and Joshua Judson Rosen <rozzin
[at] geekspace.com>
LICENSE
- Active Port Forwarder is distributed under the terms of the GNU General
Public License v2.0 and is copyright (C) 2003-2007 jeremian <jeremian
[at] poczta.fm>. See the file COPYING for details.