SOCKS 5 Client configuration

[hack...@my-deja.com]

I want to configure my AIX server as a socks 5 CLIENT...I downloaded the
software from bull and I know the hostname/IP of the socks server for my
network. What do I do? I guess I need to configure /etc/socks5.conf
but I dont know what each entry means. Again, I want this to be a
client so I can ftp to other sites outside our domain. Do I have to use
rftp or if I configure the client correctly, will I be able to use ftp?
A simple sample client only configuration would help. If it were
annottated, that would be even better, Thanks in advance for any help,
Doug

Sent via Deja.com http://www.deja.com/
Before you buy.

[hack...@my-deja.com]

I am posting to my own post because I seem to have resolved my
problem...It seems that V5 socks clients do not work on V4 socks servers
nor do V4 clients work on V5 servers! I had to use V4 clients and
re-intalled socks and all seems well for now.....

[Richard D. Latham]

hack...@my-deja.com writes:

I've been sort of working thru this same exercise, off and on, and
here's what I've done so far.

I beleive that for client operation, the file you want to modify is
/etc/libsocks5.cfg

This is all pretty much greek to me, but I believ that fundamentally,
you need some lines that says something like the following.

noproxy 206.199.195.160 255.255.255.224
noproxy 206.199.195.192 255.255.255.224
socks4 - - - - socks1.server.ibm.com
socks5 - - - - socks2.server.ibm.com

These lines are the last 4 lines in the file on my system.

I beleive what happens is that the socks library code looks thru this
file, from top to bottom, looking for an explicit instruction for the
destination IP address ( more pedantically, the sub-net in which the
destination IP address resides, I suppose ), and stops looking at "the
first match".

Since I don't want all the IP traffic from my machine to flow through the
corporate socks servers, I have about hundred noproxy lines that tell
the socks library code to NOT send traffic for these destinations to a
socks server.

Finally, at the end of the file, anything that gets to these lines I'm
assuming is probably "on the outside", and I send it to
socks1.server.ibm.com, which I claim is a socks4 server. (I'm really
lying, I think that machine is actually running a Aventail socks5
implementation, but this line appears to work, and I'm not inclined to
screw around with success )

I don't think that any traffic will actually get delivered via the
last (socks5) line, because the line above matchs ALL addresses.

Code that is linked with the socks5 library code ( that you also
downloaded ) will use this file to determine how to "deliver" TCP, and
potentially UDP, IP packets .

The code you downloaded _should_ have contained several pre-built
client executables, such as rftp, rtelnet, etc.

To test whether you've gotten it (the client stuff) installed and
configured correctly, rtelnet to a machine you know is on the "real
Internet" ... maybe one of the public newsservers, like
news.software.ibm.com. If you get a logon prompt, "it's working".

Unless you want to "perform significantly more magic", I suggest that
you use these pre-built clients. If you decide that you're going to
sockisfy the existing executables on your AIX machine "when you get it
all working, please tell me how you did it <smile>".

Now there is a non-zero probability that _all_ the above is fatally
flawed ... I went to the trouble of typing it all in mostly so that
perhaps a real expert would take pity on me, and show me where I've
gone astray :-)

--
#include <disclaimer.std> /* I don't speak for IBM ... */
/* Heck, I don't even speak for myself */
/* Don't believe me ? Ask my wife :-) */
Richard D. Latham lat...@us.ibm.com