# Logging
logoutput: /var/log/sockd.log
errorlog: stderr

# Server address specification
internal: eth0 port = 1080
external: tun0

# Authentication methods
clientmethod: none
socksmethod: none

# Server identities
user.unprivileged: sockd

##
## SOCKS client access rules
##
# Rule processing stops at the first match; no match results in blocking

# Block access to socks server from 192.0.2.22
# client block {
#       # Block connections from 192.0.2.22/32
#       from: 192.0.2.22/24 to: 0.0.0.0/0
#       log: error # connect disconnect
# }

# Allow all connections
client pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
    log: error connect disconnect
}

##
## SOCKS command rules
##
# Rule processing stops at the first match; no match results in blocking

# Block communication with www.example.org
# socks block {
#        from: 0.0.0.0/0 to: www.example.org
#        command: bind connect udpassociate
#        log: error # connect disconnect iooperation
# }

# Generic pass statement - bind/outgoing traffic
socks pass {  
    from: 0.0.0.0/0 to: 0.0.0.0/0
    command: bind connect udpassociate
    log: error connect disconnect # iooperation
}

# Block incoming connections/packets from ftp.example.org 
# socks block {
#        from: ftp.example.org to: 0.0.0.0/0
#        command: bindreply udpreply
#        log: error # connect disconnect iooperation
# }

# Generic pass statement for incoming connections/packets
socks pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
    command: bindreply udpreply
    log: error connect disconnect # iooperation
}