
SOCKS_CLIENTS(1)                                 SOCKS_CLIENTS(1)


NAME
       rfinger - SOCKS client version of finger
       rftp - SOCKS client version of ftp

SYNOPSIS
       See   ftp(1),  telnet(1),

DESCRIPTION
       These programs provide the well-known  functionalities  to
       hosts within a firewall. Normally, when a firewall is con-
       structed, IP-accessibility across the firewall is cut  off
       to reduce security risk to hosts within the firewall. As a
       result, inside hosts can no longer use many of  the  well-
       known  tools  directly to access the resources outside the
       firewall.

       These programs restore the convenience of  the  well-known
       tools  while  maintaining the security requirement. Though
       the programs differ very much from their  counterparts  in
       the  use  of  the communication scheme, they should behave
       almost indistinguishably to the users.  Note  though  that
       rftp  does  echo the password as you type it in if you are
       using anonymous as log-in name. Unlike those of the previ-
       ous  versions, these are "versatile" clinets, meaning that
       they can be used for connections to inside hosts  directly
       and  to outside hosts via SOCKS proxy servers. So they can
       be used as replacements of their traditional counterparts.

       When any of these programs starts, it prints to stderr its
       version number and the name or IP address of  its  default
       SOCKS  proxy  server.   It then consults the configuration
       file /etc/socks.conf to determine whether a request should
       be  allowed  or  denied  based on the requesting user, the
       destination host, and the requested service. For allowable
       requests,  the  configuration  file  also dictates whether
       direct or proxy connection should be  used  to  the  given
       destination,  and  optionally  the actual SOCKS servers to
       use for the proxy connection.  See socks.conf(5).

       You can use environment variable SOCKS_NS to set the name-
       server  for domainname resolutions. Be sure you use the IP
       address of the nameserver you want to use, not its domain-
       name. If SOCKS_NS doesn't exist, the IP address defined by
       the symbol SOCKS_DEFAULT_NS at compile time is used if the
       programs were compiled with that symbol defined. Otherwise
       the nameservers specified in /etc/resolv.conf are used.

       All the client programs uses syslog with  facility  daemon
       and level notice to log their activities.  

SOCKS_CLIENTS(1)                                 SOCKS_CLIENTS(1)


       Typical lines look like

        Apr 11 10:02:23 eon rfinger[631]: connect() from don(don) to abc.com (finger) using sockd at socksserv
        May 10 08:39:07 eon rftp[603]: connect() directly from blue(blue) to xyz.edu (ftp)
        May 10 08:39:09 eon rftp[603]: bind() directly from blue(blue) for xyz.edu (ftp)
        May 18 13:31:19 eon rtelnet[830]: connect() from root(jon) to xyz.edu (telnet) using sockd at sockd2
        May 18 14:51:19 eon rtelnet[921]: refused -- connect() from jon(jon) to xyz.edu (telnet)

       Of the two user-ids appearing in each log line, the  first
       is  the effective user-id when the program is invoked, the
       second (that within the parentheses) is the  one  used  at
       login. Access control applies to the effective user-ids.

SEE ALSO
       ftp(1), telnet(1)

ENVIRONMENT
       SOCKS_SERVER, if defined, specifies the name or IP address
       of the SOCKS proxy server  host  to  use,  overriding  the
       default server compiled into the programs.

       SOCKS_NS, if defined, specify the IP address of the domain
       nameserver that should be used for name resolution,  over-
       riding  both the definition of symbol SOCKS_DEFAULT_NS and
       the file /etc/resolv.conf.

       ORIG_FINGER, if  defined,  specified  the  (altered)  full
       pathname of the original finger program, which should have
       been renamed before installing the rfinger as the  regular
       finger.  The  rfinger  program invokes the original finger
       program to lookup information on  local  users.   Normally
       this name should be compiled directly into rfinger, avoid-
       ing  the  need  for   this   environment   variable.   Use
       ORIG_FINGERFR  only  if  you want to override what is com-
       piled into rfinger.

AUTHOR
       David Koblas, koblas@netcom.com
       Ying-Da Lee, ylee@syl.dl.nec.com
