# libsdp.conf - configuration file for libsdp # # $Id$ # # Comments are starts with # and cause the entire line after it to be ignored. # Any beginning whitespace is skipped. Any line that is empty is also skipped. # # There are 2 main types of statements supported by this configuration file: # - "use" - which defines the address family to be used for the sockets that # match the line # - "log" - for setting logging related configuration. As the log settings # takes immidiate effect we define these at the beggining of the file. # ############################################################################## # DEAFUALT SETTINGS: # Please do not forget to comment if you want to change these. # (the rest of this file explains the syntax and give examples) # # Get errors printed into the files /tmp/libsdp.log./log # or /var/log/ for root log min-level 9 destination file libsdp.log # # By default we let all servers and client try SDP first. # to exclude SDP add "use tcp" rules before these defaults. use both server * *:* use both client * *:* # # ############################################################################## # # LOG CONFIGURATION: # ------------------ # The log directive allows the user to specify which and where debug and error # messages get sent. The log statement format is: # log [destination stderr|syslog|file ] [min-level <1-9>] # # destination - defines the destination of the log messages: # stderr - messages will be forwarded to the stderr # syslog - messages sent to the syslog service # file - messages will be written to the file /var/log/ for root. # for regular user, if full path is requsted ./log # or /tmp/./log if no path is requested # Due to security reasons, must not be: # 1. a soft link # 2. owned by other user. # 3. Other permissions except User permissions. # # min-level - defines the verbosity of the log: # 9 - only errors are printed # 8 - warnings # 7 - connect and listen summary (useful for tracking SDP usage) # 4 - positive match summary (useful for config file debug) # 3 - negative match summary (useful for config file debug) # 2 - function calls and return values # 1 - debug messages # # Examples: # # Get SDP usage per connect and listen into stderr # log min-level 7 destination stderr # # Send errors only into syslog # log min-level 9 destination syslog # ############################################################################## # # SOCKET ADDRESS FAMILY CONTROL: # ------------------------------ # The socket control statements allows the user to specify when libsdp will # replace AF_INET/SOCK_STREAM sockets with AF_SDP/SOCK_STREAM # sockets. Each control statement specifies a matching rule that all its # subexpressions must evaluate as true (logical and) to apply. # # The statements that control which type of sockets to open are made # of the following: # use : # # can be one of: # "sdp" - for specifying when an SDP should be used # "tcp" - for specifying when SDP socket should not be matched # "both" - for specifying when both SDP and AF_INET sockets should be used. # # Note: that "both" semantics is different between "server" and "client" roles: # For a "server" is means that the server will be listening on both sdp and tcp # For a "client" the connect will prefer using sdp but will silently # fall back to tcp if the sdp connection failed. # # can be one of: # "server" or "listen" - for defining the listening port address family # "client" or "connect" - for defining the connected port address family # # field: # Defines the program name (not including the path) the rule applies to. # Wildcards with same semantics as "ls" are supported (* and ?). # So db2* would match on any program with a name starting with db2. # t?cp would match on ttcp, etc. # If not provided (default) the statement matches all programs. # # means: # Either the local address the server is bind to or the remote server # address the client connects to. Syntax for address matching is: # [/]|* # IP address = IPv4 in dotted-quad format, "ddd.ddd.ddd.ddd" or IPv6 network # address in any allowed IPv6 address format. # prefix_length = Number of bits to match. A prefix_length of 16 matches the # subnet mask 255.255.0.0 in IPv4, or ffff::0 in IPv6. # A prefix_length of 32 for IPv4 or 128 for IPv6 requires # matching of the exact IP. # # is: # start-port[-end-port] where port numbers are >0 and < 65536 # # Rules are evaluated in order of definition. So the first match wins. # If no match is made libsdp will default to "both". # # Examples: # # Use SDP by clients connecting to machines that belongs to subnet 192.168.1.* # family role program address:port[-range] # use sdp connect * 192.168.1.0/24:* # # Use SDP by clients connecting to machines that belongs to subnet 1234:5678::* # family role program address:port[-range] # use sdp connect * 1234:5678::0/64:* # # Use SDP by ttcp when it connects to port 5001 of any machine # family role program address:port[-range] # use sdp listen ttcp *:5001 # # Use TCP for any program with name starting with ttcp* serving ports 22 to 25 # family role program address:port[-range] # use tcp server ttcp* *:22-25 # # Listen on both TCP and SDP by any server that listen on port 8080 # family role program address:port[-range] # use both server * *:8080 # # Connect ssh through SDP and fallback to TCP to hosts on 11.4.8.* port 22 # family role program address:port[-range] # use both connect * 11.4.8.0/24:22 # # NOTE: If all "use" rules are commented SDP will take "simple SDP" # mode and use SDP for all connections # ##############################################################################