netgpd(1M) DG/UX B2 Security R4.12MU02 netgpd(1M)
NAME
netgpd - NETwork Generic Proxy Daemon
SYNOPSIS
netgpd [-gqrv] [-b begin-port] [-e end-port] [-F FTP-proxy-port] [-f
FTP2-proxy-port] [-i UDP-inactivity-timeout] [-I TCP-
inactivity-timeout] [-m max-sessions] [-T TCP-proxy-port]
[-U UDP-proxy-port]
DESCRIPTION
Netgpd provides transparent proxy support for generic TCP and UDP
services, as well as for FTP. The proxy-port ports identify which
ports netgpd listens on in order to provide transparent support. In
order to redirect packets to these proxy ports, a netctrl(1M) filter
with a PROXY action must be installed.
Options
-b Specifies the beginning of the port number range to utilize
when creating proxy endpoints. The default is 10000.
-e Specifies the end of the port number range to utilize when
creating proxy endpoints. The default is 65535.
-F Specifies the FTP port to listen on. All TCP connections to
FTP-proxy-port are automatically treated as FTP connections
even if the destination port is not 21. If the destination
port is 21, a TCP connection is automatically treated as an
FTP connection; therefore, netgpd can listen on a single port
for TELNET and FTP traffic.
-f The same as the -F option except that the IP address in the
PORT command is automatically over-written by the IP address
of the client. This will be necessary if address translation
occurs between the client and the proxy. If a normal FTP
connection is used and address translation does occur between
the client and the proxy, then the FTP command connection will
succeed, but the FTP data connections will fail.
-g This option only affects UDP sessions. Transmit and receive
UDP packets on an unconnected endpoint. The default is to use
a connected UDP endpoint. This option is required in order
for tftp to work.
-i Specifies the inactivity timeout value in seconds for all UDP
sessions. A value of 0 means that there is no timeout. The
default value is 600 (i.e. 10 minutes).
-I Specifies the inactivity timeout value in seconds for all TCP
sessions. A value of 0 means that there is no timeout. The
default value is 0. TCP connections are automatically dropped
when both the client and server have closed the connection.
-m Max-sessions specifies the maximum number of sessions to
concurrently proxy. The default value is 500. Note that this
value directly affects the swap space usage of netgpd.
-q Quiet. Decrements the verbosity level. The verbosity levels
in increasing cumulative order are: usage (usage errors),
fatal (fatal run-time errors), error (non-fatal run-time
errors), warning (unexpected behavior detected), debug (open
and close sessions), and ftp (commands traversing an FTP
command connection). The default level is warning.
-r Reuse option. Set the REUSEADDR socket option on all sockets
listening on a proxy-port port.
-T Specifies the TCP port to listen on. All TCP connections are
transparently proxied to their intended destination.
Connections to port 21 are specially handled as FTP
connections.
-U Specifies the UDP port to listen on. All UDP connections are
transparently proxied to their intended destination.
-v Verbose. Increments the verbosity level. See -q for a
description of the verbosity levels.
EXAMPLES
Start the proxy daemon on port 9999 for generic TCP and FTP
connections.
# netgpd -T 9999 > /etc/log/netgpd.log 2>&1 &
SEE ALSO
netctrl(1M), netctrl.config(4M)
Licensed material--property of copyright holder(s)