mirror of
https://github.com/wfg/docker-openvpn-client.git
synced 2025-04-22 03:07:06 -04:00
65 lines
1.5 KiB
Text
65 lines
1.5 KiB
Text
# Logging
|
|
logoutput: /var/log/sockd.log
|
|
errorlog: stderr
|
|
|
|
# Server address specification
|
|
internal: eth0 port = 1080
|
|
external: tun0
|
|
|
|
# Authentication methods
|
|
clientmethod: none
|
|
socksmethod: none
|
|
|
|
# Server identities
|
|
user.unprivileged: sockd
|
|
|
|
##
|
|
## SOCKS client access rules
|
|
##
|
|
# Rule processing stops at the first match; no match results in blocking
|
|
|
|
# Block access to socks server from 192.0.2.22
|
|
# client block {
|
|
# # Block connections from 192.0.2.22/32
|
|
# from: 192.0.2.22/24 to: 0.0.0.0/0
|
|
# log: error # connect disconnect
|
|
# }
|
|
|
|
# Allow all connections
|
|
client pass {
|
|
from: 0.0.0.0/0 to: 0.0.0.0/0
|
|
log: error connect disconnect
|
|
}
|
|
|
|
##
|
|
## SOCKS command rules
|
|
##
|
|
# Rule processing stops at the first match; no match results in blocking
|
|
|
|
# Block communication with www.example.org
|
|
# socks block {
|
|
# from: 0.0.0.0/0 to: www.example.org
|
|
# command: bind connect udpassociate
|
|
# log: error # connect disconnect iooperation
|
|
# }
|
|
|
|
# Generic pass statement - bind/outgoing traffic
|
|
socks pass {
|
|
from: 0.0.0.0/0 to: 0.0.0.0/0
|
|
command: bind connect udpassociate
|
|
log: error connect disconnect # iooperation
|
|
}
|
|
|
|
# Block incoming connections/packets from ftp.example.org
|
|
# socks block {
|
|
# from: ftp.example.org to: 0.0.0.0/0
|
|
# command: bindreply udpreply
|
|
# log: error # connect disconnect iooperation
|
|
# }
|
|
|
|
# Generic pass statement for incoming connections/packets
|
|
socks pass {
|
|
from: 0.0.0.0/0 to: 0.0.0.0/0
|
|
command: bindreply udpreply
|
|
log: error connect disconnect # iooperation
|
|
}
|