other versions
- wheezy 1.2-3
- wheezy-backports 2.0.0-1~bpo70+1
- jessie 2.0.0-3
- jessie-backports 2.2.0-1~bpo8+1
- testing 2.2.0-1
- unstable 2.2.0-1
other sections
TORSOCKS(8) | System Manager's Manual | TORSOCKS(8) |
NAME¶
torsocks - Library for intercepting outgoing network connections and redirecting them through a SOCKS server.SYNOPSIS¶
Set LD_PRELOAD to load the library then use applications as normalDESCRIPTION¶
torsocks is a library to allow transparent SOCKS proxying. It wraps the normal connect() function. When a connection is attempted, it consults the configuration file (which is defined at configure time but defaults to /etc/torsocks.conf) and determines if the IP address specified is local. If it is not, the library redirects the connection to a SOCKS server specified in the configuration file. It then negotiates that connection with the SOCKS server and passes the connection back to the calling program.ARGUMENTS¶
Most arguments to torsocks are provided in the configuration file (the location of which is defined at configure time by the --with-conf=<file> argument but defaults to /etc/torsocks.conf). The structure of this file is documented in torsocks.conf(8)- TORSOCKS_CONFFILE
- This environment variable overrides the default location of
the torsocks configuration file. This variable is not honored if the
program torsocks is embedded in is setuid. In addition this environment
variable can be compiled out of torsocks with the --disable-envconf
argument to configure at build time
- TORSOCKS_DEBUG
- This environment variable sets the level of debug output
that should be generated by torsocks (debug output is generated in the
form of output to standard error). If this variable is not present by
default the logging level is set to 0 which indicates that only error
messages should be output. Setting it to higher values will cause torsocks
to generate more messages describing what it is doing. If set to -1
torsocks will output absolutely no error or debugging messages. This is
only needed if torsocks output interferes with a program it is embedded
in. Message output can be permanently compiled out of torsocks by
specifying the --disable-debug option to configure at build time
- TORSOCKS_DEBUG_FILE
- This option can be used to redirect the torsocks output
(which would normally be sent to standard error) to a file. This variable
is not honored if the program torsocks is embedded in is setuid. For
programs where torsocks output interferes with normal operation this
option is generally better than disabling messages (with TORSOCKS_DEBUG =
-1)
- TORSOCKS_USERNAME
- This environment variable can be used to specify the
username to be used when version 5 SOCKS servers request username/password
authentication. This overrides the default username that can be specified
in the configuration file using 'default_user', see torsocks.conf(8) for
more information. This variable is ignored for version 4 SOCKS servers.
- TORSOCKS_PASSWORD
- This environment variable can be used to specify the
password to be used when version 5 SOCKS servers request username/password
authentication. This overrides the default password that can be specified
in the configuration file using 'default_pass', see torsocks.conf(8) for
more information. This variable is ignored for version 4 SOCKS servers.
DNS ISSUES¶
torsocks will normally not be able to send DNS queries through a SOCKS server since SOCKS V4 works on TCP and DNS normally uses UDP. Version 1.5 and up do however provide a method to force DNS lookups to use TCP, which then makes them proxyable. This option can only enabled at compile time, please consult the INSTALL file for more information.ERRORS¶
torsocks will generate error messages and print them to stderr when there are problems with the configuration file or the SOCKS negotiation with the server if the TORSOCKS_DEBUG environment variable is not set to -1 or and --disable-debug was not specified at compile time. This output may cause some problems with programs that redirect standard error.CAVEATS¶
torsocks will not in the above configuration be able to provide SOCKS proxying to setuid applications or applications that are not run from a shell. You can force all applications to LD_PRELOAD the library by placing the path to libtorsocks in /etc/ld.so.preload. Please make sure you correctly enter the full path to the library in this file if you do this. If you get it wrong, you will be UNABLE TO DO ANYTHING with the machine and will have to boot it with a rescue disk and remove the file (or try the saveme program, see the INSTALL file for more info). THIS IS A ***WARNING***, please be careful. Also be sure the library is in the root filesystem as all hell will break loose if the directory it is in is not available at boot time.BUGS¶
torsocks can only proxy outgoing TCP connectionsFILES¶
/etc/torsocks.conf - default torsocks configuration fileSEE ALSO¶
torsocks.conf(5) torsocks(1) usewithtor(1)AUTHOR¶
Shaun Clowes (delius@progsoc.uts.edu.au)COPYRIGHT¶
Copyright 2000 Shaun ClowesShaun Clowes |