| General Settings |
| Name |
Value |
Description |
backlog |
Non-negative Integer |
The maximum length of the queue of incoming client connections to the SOCKS server (default is 50) |
bindHost |
Host |
The default binding host name or address for all sockets (default is 0.0.0.0) |
bindTcpPortRanges |
Port Ranges |
The comma separated list of default binding port ranges for all TCP sockets (default is 0) |
bindUdpPortRanges |
Port Ranges |
The comma separated list of default binding port ranges for all UDP sockets (default is 0) |
clientSocketSettings |
Socket Settings |
The comma separated list of socket settings for the client socket |
doc |
java.lang.String |
A documentation setting |
externalFacingBindHost |
Host |
The default binding host name or address for all external-facing sockets |
externalFacingBindTcpPortRanges |
Port Ranges |
The comma separated list of default binding port ranges for all external-facing TCP sockets |
externalFacingBindUdpPortRanges |
Port Ranges |
The comma separated list of default binding port ranges for all external-facing UDP sockets |
externalFacingSocketSettings |
Socket Settings |
The comma separated list of default socket settings for all external-facing sockets |
internalFacingBindHost |
Host |
The default binding host name or address for all internal-facing sockets |
internalFacingBindTcpPortRanges |
Port Ranges |
The comma separated list of default binding port ranges for all internal-facing TCP sockets |
internalFacingBindUdpPortRanges |
Port Ranges |
The comma separated list of default binding port ranges for all internal-facing UDP sockets |
internalFacingSocketSettings |
Socket Settings |
The comma separated list of default socket settings for all internal-facing sockets |
lastRouteId |
java.lang.String |
The ID for the last and unassigned route (default is lastRoute) |
port |
Port |
The port for the SOCKS server |
routeSelectionLogAction |
Log Action |
The logging action to take if a route is selected |
routeSelectionStrategy |
Selection Strategy |
The selection strategy for the next route (default is CYCLICAL) |
rule |
Rule |
A rule for the SOCKS server (default is firewallAction=ALLOW) |
socketSettings |
Socket Settings |
The comma separated list of default socket settings for all sockets |
socksServerBindHost |
Host |
The binding host name or address for the SOCKS server socket |
socksServerBindPortRanges |
Port Ranges |
The comma separated list of binding port ranges for the SOCKS server socket |
socksServerSocketSettings |
Socket Settings |
The comma separated list of socket settings for the SOCKS server socket |
| Chaining General Settings |
| Name |
Value |
Description |
chaining.clientBindHost |
Host |
The binding host name or address for the client socket that is used to connect to the other SOCKS server (default is 0.0.0.0) |
chaining.clientBindPortRanges |
Port Ranges |
The comma separated list of binding port ranges for the client socket that is used to connect to the other SOCKS server (default is 0) |
chaining.clientConnectTimeout |
Positive Integer |
The timeout in milliseconds on waiting for the client socket to connect to the other SOCKS server (default is 60000) |
chaining.clientSocketSettings |
Socket Settings |
The comma separated list of socket settings for the client socket that is used to connect to the other SOCKS server |
chaining.routeId |
java.lang.String |
The ID for a route through a chain of other SOCKS servers. This setting also marks the current other SOCKS server as the last SOCKS server in the chain of other SOCKS servers |
chaining.socksServerUri |
SOCKS Server URI |
The URI of the other SOCKS server |
| Chaining DTLS Settings |
| Name |
Value |
Description |
chaining.dtls.enabled |
java.lang.Boolean.toString() |
The boolean value to indicate if DTLS connections to the other SOCKS server are enabled (default is false) |
chaining.dtls.enabledCipherSuites |
Comma Separated Values |
The comma separated list of acceptable cipher suites enabled for DTLS connections to the other SOCKS server |
chaining.dtls.enabledProtocols |
Comma Separated Values |
The comma separated list of acceptable protocol versions enabled for DTLS connections to the other SOCKS server |
chaining.dtls.protocol |
java.lang.String |
The protocol version for the DTLS connections to the other SOCKS server (default is DTLSv1.2) |
chaining.dtls.trustStoreFile |
java.io.File.toString() |
The trust store file for the DTLS connections to the other SOCKS server |
chaining.dtls.trustStorePassword |
java.lang.String |
The password for the trust store for the DTLS connections to the other SOCKS server |
chaining.dtls.trustStoreType |
java.lang.String |
The type of trust store file for the DTLS connections to the other SOCKS server (default is PKCS12) |
chaining.dtls.wrappedReceiveBufferSize |
Positive Integer |
The buffer size for receiving DTLS wrapped datagrams for the DTLS connections to the other SOCKS server |
| Chaining SOCKS5 Settings |
| Name |
Value |
Description |
chaining.socks5.gssapimethod.mechanismOid |
org.ietf.jgss.Oid.toString() |
The object ID for the GSS-API authentication mechanism to the other SOCKS5 server (default is 1.2.840.113554.1.2.2) |
chaining.socks5.gssapimethod.necReferenceImpl |
java.lang.Boolean.toString() |
The boolean value to indicate if the exchange of the GSS-API protection level negotiation must be unprotected should the other SOCKS5 server use the NEC reference implementation (default is false) |
chaining.socks5.gssapimethod.protectionLevels |
SOCKS5 GSS-API Method Protection Levels |
The comma separated list of acceptable protection levels after GSS-API authentication with the other SOCKS5 server (The first is preferred. The remaining are acceptable if the server does not accept the first.) (default is REQUIRED_INTEG_AND_CONF,REQUIRED_INTEG,NONE) |
chaining.socks5.gssapimethod.serviceName |
java.lang.String |
The GSS-API service name for the other SOCKS5 server |
chaining.socks5.gssapimethod.suggestedConf |
java.lang.Boolean.toString() |
The suggested privacy (i.e. confidentiality) state for GSS-API messages sent after GSS-API authentication with the other SOCKS5 server (applicable if the negotiated protection level is SELECTIVE_INTEG_OR_CONF) (default is true) |
chaining.socks5.gssapimethod.suggestedInteg |
java.lang.Integer.toString() |
The suggested quality-of-protection (i.e. integrity) value for GSS-API messages sent after GSS-API authentication with the other SOCKS5 server (applicable if the negotiated protection level is SELECTIVE_INTEG_OR_CONF) (default is 0) |
chaining.socks5.methods |
SOCKS5 Methods |
The comma separated list of acceptable authentication methods to the other SOCKS5 server (default is NO_AUTHENTICATION_REQUIRED) |
chaining.socks5.socks5DatagramSocket.clientInfoUnavailable |
java.lang.Boolean.toString() |
The boolean value to indicate if the client information expected to be used to send UDP datagrams (address and port) is unavailable to be sent to the other SOCKS5 server (an address and port of all zeros is sent instead) (default is false) |
chaining.socks5.socks5HostResolver.resolveFromSocks5Server |
java.lang.Boolean.toString() |
The boolean value to indicate if host names are to be resolved from the other SOCKS5 server (default is false) |
chaining.socks5.userpassmethod.password |
java.lang.String |
The password to be used to access the other SOCKS5 server |
chaining.socks5.userpassmethod.username |
java.lang.String |
The username to be used to access the other SOCKS5 server |
| Chaining SSL/TLS Settings |
| Name |
Value |
Description |
chaining.ssl.enabled |
java.lang.Boolean.toString() |
The boolean value to indicate if SSL/TLS connections to the other SOCKS server are enabled (default is false) |
chaining.ssl.enabledCipherSuites |
Comma Separated Values |
The comma separated list of acceptable cipher suites enabled for SSL/TLS connections to the other SOCKS server |
chaining.ssl.enabledProtocols |
Comma Separated Values |
The comma separated list of acceptable protocol versions enabled for SSL/TLS connections to the other SOCKS server |
chaining.ssl.keyStoreFile |
java.io.File.toString() |
The key store file for the SSL/TLS connections to the other SOCKS server |
chaining.ssl.keyStorePassword |
java.lang.String |
The password for the key store for the SSL/TLS connections to the other SOCKS server |
chaining.ssl.keyStoreType |
java.lang.String |
The type of key store file for the SSL/TLS connections to the other SOCKS server (default is PKCS12) |
chaining.ssl.protocol |
java.lang.String |
The protocol version for the SSL/TLS connections to the other SOCKS server (default is TLSv1.2) |
chaining.ssl.trustStoreFile |
java.io.File.toString() |
The trust store file for the SSL/TLS connections to the other SOCKS server |
chaining.ssl.trustStorePassword |
java.lang.String |
The password for the trust store for the SSL/TLS connections to the other SOCKS server |
chaining.ssl.trustStoreType |
java.lang.String |
The type of trust store file for the SSL/TLS connections to the other SOCKS server (default is PKCS12) |
| DTLS Settings |
| Name |
Value |
Description |
dtls.enabled |
java.lang.Boolean.toString() |
The boolean value to indicate if DTLS connections to the SOCKS server are enabled (default is false) |
dtls.enabledCipherSuites |
Comma Separated Values |
The comma separated list of acceptable cipher suites enabled for DTLS connections to the SOCKS server |
dtls.enabledProtocols |
Comma Separated Values |
The comma separated list of acceptable protocol versions enabled for DTLS connections to the SOCKS server |
dtls.keyStoreFile |
java.io.File.toString() |
The key store file for the DTLS connections to the SOCKS server |
dtls.keyStorePassword |
java.lang.String |
The password for the key store for the DTLS connections to the SOCKS server |
dtls.keyStoreType |
java.lang.String |
The type of key store file for the DTLS connections to the SOCKS server (default is PKCS12) |
dtls.protocol |
java.lang.String |
The protocol version for the DTLS connections to the SOCKS server (default is DTLSv1.2) |
dtls.wrappedReceiveBufferSize |
Positive Integer |
The buffer size for receiving DTLS wrapped datagrams for the DTLS connections to the SOCKS server |
| SOCKS5 Settings |
| Name |
Value |
Description |
socks5.gssapimethod.necReferenceImpl |
java.lang.Boolean.toString() |
The boolean value to indicate if the exchange of the GSS-API protection level negotiation must be unprotected according to the NEC reference implementation (default is false) |
socks5.gssapimethod.protectionLevels |
SOCKS5 GSS-API Method Protection Levels |
The comma separated list of acceptable protection levels after GSS-API authentication (The first is preferred if the client does not provide a protection level that is acceptable.) (default is REQUIRED_INTEG_AND_CONF,REQUIRED_INTEG,NONE) |
socks5.gssapimethod.suggestedConf |
java.lang.Boolean.toString() |
The suggested privacy (i.e. confidentiality) state for GSS-API messages sent after GSS-API authentication (applicable if the negotiated protection level is SELECTIVE_INTEG_OR_CONF) (default is true) |
socks5.gssapimethod.suggestedInteg |
java.lang.Integer.toString() |
The suggested quality-of-protection (i.e. integrity) value for GSS-API messages sent after GSS-API authentication (applicable if the negotiated protection level is SELECTIVE_INTEG_OR_CONF) (default is 0) |
socks5.methods |
SOCKS5 Methods |
The comma separated list of acceptable authentication methods in order of preference (default is NO_AUTHENTICATION_REQUIRED) |
socks5.onBindRequest.inboundSocketSettings |
Socket Settings |
The comma separated list of socket settings for the inbound socket |
socks5.onBindRequest.listenBindHost |
Host |
The binding host name or address for the listen socket if the provided host address is all zeros |
socks5.onBindRequest.listenBindPortRanges |
Port Ranges |
The comma separated list of binding port ranges for the listen socket if the provided port is zero |
socks5.onBindRequest.listenSocketSettings |
Socket Settings |
The comma separated list of socket settings for the listen socket |
socks5.onBindRequest.relayBufferSize |
Positive Integer |
The buffer size in bytes for relaying the data |
socks5.onBindRequest.relayIdleTimeout |
Positive Integer |
The timeout in milliseconds on relaying no data |
socks5.onBindRequest.relayInboundBandwidthLimit |
Positive Integer |
The upper limit on bandwidth in bytes per second of receiving inbound data to be relayed |
socks5.onBindRequest.relayOutboundBandwidthLimit |
Positive Integer |
The upper limit on bandwidth in bytes per second of receiving outbound data to be relayed |
socks5.onConnectRequest.prepareTargetFacingSocket |
java.lang.Boolean.toString() |
The boolean value to indicate if the target-facing socket is to be prepared before connecting (involves applying the specified socket settings, resolving the target host name, and setting the specified timeout on waiting to connect) (default is false) |
socks5.onConnectRequest.relayBufferSize |
Positive Integer |
The buffer size in bytes for relaying the data |
socks5.onConnectRequest.relayIdleTimeout |
Positive Integer |
The timeout in milliseconds on relaying no data |
socks5.onConnectRequest.relayInboundBandwidthLimit |
Positive Integer |
The upper limit on bandwidth in bytes per second of receiving inbound data to be relayed |
socks5.onConnectRequest.relayOutboundBandwidthLimit |
Positive Integer |
The upper limit on bandwidth in bytes per second of receiving outbound data to be relayed |
socks5.onConnectRequest.targetFacingBindHost |
Host |
The binding host name or address for the target-facing socket |
socks5.onConnectRequest.targetFacingBindPortRanges |
Port Ranges |
The comma separated list of binding port ranges for the target-facing socket |
socks5.onConnectRequest.targetFacingConnectTimeout |
Positive Integer |
The timeout in milliseconds on waiting for the target-facing socket to connect (default is 60000) |
socks5.onConnectRequest.targetFacingSocketSettings |
Socket Settings |
The comma separated list of socket settings for the target-facing socket |
socks5.onRequest.bindHost |
Host |
The binding host name or address for all sockets |
socks5.onRequest.bindTcpPortRanges |
Port Ranges |
The comma separated list of binding port ranges for all TCP sockets |
socks5.onRequest.bindUdpPortRanges |
Port Ranges |
The comma separated list of binding port ranges for all UDP sockets |
socks5.onRequest.externalFacingBindHost |
Host |
The binding host name or address for all external-facing sockets |
socks5.onRequest.externalFacingBindTcpPortRanges |
Port Ranges |
The comma separated list of binding port ranges for all external-facing TCP sockets |
socks5.onRequest.externalFacingBindUdpPortRanges |
Port Ranges |
The comma separated list of binding port ranges for all external-facing UDP sockets |
socks5.onRequest.externalFacingSocketSettings |
Socket Settings |
The comma separated list of socket settings for all external-facing sockets |
socks5.onRequest.internalFacingBindHost |
Host |
The binding host name or address for all internal-facing sockets |
socks5.onRequest.internalFacingBindUdpPortRanges |
Port Ranges |
The comma separated list of binding port ranges for all internal-facing UDP sockets |
socks5.onRequest.internalFacingSocketSettings |
Socket Settings |
The comma separated list of socket settings for all internal-facing sockets |
socks5.onRequest.relayBufferSize |
Positive Integer |
The buffer size in bytes for relaying the data (default is 1024) |
socks5.onRequest.relayIdleTimeout |
Positive Integer |
The timeout in milliseconds on relaying no data (default is 60000) |
socks5.onRequest.relayInboundBandwidthLimit |
Positive Integer |
The upper limit on bandwidth in bytes per second of receiving inbound data to be relayed |
socks5.onRequest.relayOutboundBandwidthLimit |
Positive Integer |
The upper limit on bandwidth in bytes per second of receiving outbound data to be relayed |
socks5.onRequest.socketSettings |
Socket Settings |
The comma separated list of socket settings for all sockets |
socks5.onUdpAssociateRequest.clientFacingBindHost |
Host |
The binding host name or address for the client-facing UDP socket |
socks5.onUdpAssociateRequest.clientFacingBindPortRanges |
Port Ranges |
The comma separated list of binding port ranges for the client-facing UDP socket |
socks5.onUdpAssociateRequest.clientFacingSocketSettings |
Socket Settings |
The comma separated list of socket settings for the client-facing UDP socket |
socks5.onUdpAssociateRequest.peerFacingBindHost |
Host |
The binding host name or address for the peer-facing UDP socket |
socks5.onUdpAssociateRequest.peerFacingBindPortRanges |
Port Ranges |
The comma separated list of binding port ranges for the peer-facing UDP socket |
socks5.onUdpAssociateRequest.peerFacingSocketSettings |
Socket Settings |
The comma separated list of socket settings for the peer-facing UDP socket |
socks5.onUdpAssociateRequest.relayBufferSize |
Positive Integer |
The buffer size in bytes for relaying the data |
socks5.onUdpAssociateRequest.relayIdleTimeout |
Positive Integer |
The timeout in milliseconds on relaying no data |
socks5.onUdpAssociateRequest.relayInboundBandwidthLimit |
Positive Integer |
The upper limit on bandwidth in bytes per second of receiving inbound data to be relayed |
socks5.onUdpAssociateRequest.relayOutboundBandwidthLimit |
Positive Integer |
The upper limit on bandwidth in bytes per second of receiving outbound data to be relayed |
socks5.userpassmethod.userRepository |
SOCKS5 Username Password Method User Repository |
The user repository used for username password authentication (default is StringSourceUserRepository:) |
| SSL/TLS Settings |
| Name |
Value |
Description |
ssl.enabled |
java.lang.Boolean.toString() |
The boolean value to indicate if SSL/TLS connections to the SOCKS server are enabled (default is false) |
ssl.enabledCipherSuites |
Comma Separated Values |
The comma separated list of acceptable cipher suites enabled for SSL/TLS connections to the SOCKS server |
ssl.enabledProtocols |
Comma Separated Values |
The comma separated list of acceptable protocol versions enabled for SSL/TLS connections to the SOCKS server |
ssl.keyStoreFile |
java.io.File.toString() |
The key store file for the SSL/TLS connections to the SOCKS server |
ssl.keyStorePassword |
java.lang.String |
The password for the key store for the SSL/TLS connections to the SOCKS server |
ssl.keyStoreType |
java.lang.String |
The type of key store file for the SSL/TLS connections to the SOCKS server (default is PKCS12) |
ssl.needClientAuth |
java.lang.Boolean.toString() |
The boolean value to indicate that client authentication is required for SSL/TLS connections to the SOCKS server (default is false) |
ssl.protocol |
java.lang.String |
The protocol version for the SSL/TLS connections to the SOCKS server (default is TLSv1.2) |
ssl.trustStoreFile |
java.io.File.toString() |
The trust store file for the SSL/TLS connections to the SOCKS server |
ssl.trustStorePassword |
java.lang.String |
The password for the trust store for the SSL/TLS connections to the SOCKS server |
ssl.trustStoreType |
java.lang.String |
The type of trust store file for the SSL/TLS connections to the SOCKS server (default is PKCS12) |
ssl.wantClientAuth |
java.lang.Boolean.toString() |
The boolean value to indicate that client authentication is requested for SSL/TLS connections to the SOCKS server (default is false) |
