The figure below illustrates how Socks Templates can become a part of connection configurations.
![]() |
Configuring the Socks Server |
![]() |
Controlling Traffic Through the Firewall |
![]() |
Example of Socks |
None Use the identification option selected in the sockd entry in /etc/rc.tcpip, if any are specified. ?=I The identd must be used to verify the user's identity. Access is denied if connection to client's identd fails or if the result does not match the user ID reported by the client program. ?=i Verification must be used. Access is denied if the identd result does not match the user ID reported by the client program. ?=n Do not use the identd program. This overrides the setting on the socks entry in rc.tcpip.
- The user list is limited to 396 characters. - User IDs must be IDs of users on the requesting host, not those on the destination host or Socks server host. - A user ID can consist of 1 to 8 characters, including a through z A through Z 0 through 9 _ (underscore) - A user ID should not contain the following characters pipe symbol (|) double quote character(") - If file names are used, they must be fully qualified (with the leading "/" to prevent their being interpreted as user IDs). Each file can contain a list of user IDs, with one or more per line, separated by commas, and optionally including a comment that is delimited with the # character. Full comment lines - those that begin with the # character are also supported. Each line in the file can be up to 1023 characters long and must be terminated by a "newline" character.Note: When SMIT constructs a rule consisting of user list data obtained from this field,it will accept an arbitrary number of blank characters or a comma as entry delimiters and will build a userlist entry consisting of a contiguous string of entries, separated by commas. This is done at rule creation time, NOT rule evaluation time. Do NOT rely on this behavior if you manually edit the configuration file and change the contents of a userlist. A rule created or changed manually to include imbedded spaces (or tabs) will cause that rule to be rejected as invalid.
When used with Port Number, the operator establishes a relationship that must be met. For example, if you enter "Greater than" and Port Number 23, then the port number must be greater than 23 for the rule to be invoked.
%A replaced by the client host's domain name if known, by its IP address otherwise %a replaced by the client host's IP address %c replaced by connect or bind, the command sockd is asked to execute %p replaced by the process id of sockd %S replaced by the service name (for example, ftp) if known, by the destination port number other- wise %s replaced by the destination port number %U replaced by the user-id reported by identd %u replaced by the user-id reported by the client program %Z replaced by the destination host's domain name if known, by its IP address otherwise %z replaced by the destination host's IP address %% replaced by a single % You can string together several shell commands in a line with a | or ; symbol.
Note: Anytime you click on a checkbox that pertains to a Predefined Service, and you click on "OK", you must activate these changes via the Connection Activation window. You do not need to activate after changing either of the Transparent Proxy checkboxes as these two do not pertain to Predefined Services.
![]() |
Using the Configuration Client to Define a Security Policy |
Warning: Use of this Service can open your Firewall up to security exposures. Use this service with extreme caution.
![]() | Create new |
![]() | Carrier |
![]() | Create new modem |
![]() | Modem |