1# libsdp.conf - configuration file for libsdp 2# 3# $Id$ 4# 5# Comments are starts with # and cause the entire line after it to be ignored. 6# Any beginning whitespace is skipped. Any line that is empty is also skipped. 7# 8# There are 2 main types of statements supported by this configuration file: 9# - "use" - which defines the address family to be used for the sockets that 10# match the line 11# - "log" - for setting logging related configuration. As the log settings 12# takes immidiate effect we define these at the beggining of the file. 13# 14############################################################################## 15# DEAFUALT SETTINGS: 16# Please do not forget to comment if you want to change these. 17# (the rest of this file explains the syntax and give examples) 18# 19# Get errors printed into the files /tmp/libsdp.log.<uid>/log 20# or /var/log/<path> for root 21log min-level 9 destination file libsdp.log 22# 23# By default we let all servers and client try SDP first. 24# to exclude SDP add "use tcp" rules before these defaults. 25use both server * *:* 26use both client * *:* 27# 28# 29############################################################################## 30# 31# LOG CONFIGURATION: 32# ------------------ 33# The log directive allows the user to specify which and where debug and error 34# messages get sent. The log statement format is: 35# log [destination stderr|syslog|file <path>] [min-level <1-9>] 36# 37# destination - defines the destination of the log messages: 38# stderr - messages will be forwarded to the stderr 39# syslog - messages sent to the syslog service 40# file <path> - messages will be written to the file /var/log/<path> for root. 41# for regular user, if full path is requsted <path>.<uid>/log 42# or /tmp/<path>.<uid>/log if no path is requested 43# Due to security reasons, <path> must not be: 44# 1. a soft link 45# 2. owned by other user. 46# 3. Other permissions except User permissions. 47# 48# min-level - defines the verbosity of the log: 49# 9 - only errors are printed 50# 8 - warnings 51# 7 - connect and listen summary (useful for tracking SDP usage) 52# 4 - positive match summary (useful for config file debug) 53# 3 - negative match summary (useful for config file debug) 54# 2 - function calls and return values 55# 1 - debug messages 56# 57# Examples: 58# 59# Get SDP usage per connect and listen into stderr 60# log min-level 7 destination stderr 61# 62# Send errors only into syslog 63# log min-level 9 destination syslog 64# 65############################################################################## 66# 67# SOCKET ADDRESS FAMILY CONTROL: 68# ------------------------------ 69# The socket control statements allows the user to specify when libsdp will 70# replace AF_INET/SOCK_STREAM sockets with AF_SDP/SOCK_STREAM 71# sockets. Each control statement specifies a matching rule that all its 72# subexpressions must evaluate as true (logical and) to apply. 73# 74# The statements that control which type of sockets to open are made 75# of the following: 76# use <address-family> <role> <program name> <address|*>:<port range|*> 77# 78# <address-family> can be one of: 79# "sdp" - for specifying when an SDP should be used 80# "tcp" - for specifying when SDP socket should not be matched 81# "both" - for specifying when both SDP and AF_INET sockets should be used. 82# 83# Note: that "both" semantics is different between "server" and "client" roles: 84# For a "server" is means that the server will be listening on both sdp and tcp 85# For a "client" the connect will prefer using sdp but will silently 86# fall back to tcp if the sdp connection failed. 87# 88# <role> can be one of: 89# "server" or "listen" - for defining the listening port address family 90# "client" or "connect" - for defining the connected port address family 91# 92# <program-name|*> field: 93# Defines the program name (not including the path) the rule applies to. 94# Wildcards with same semantics as "ls" are supported (* and ?). 95# So db2* would match on any program with a name starting with db2. 96# t?cp would match on ttcp, etc. 97# If not provided (default) the statement matches all programs. 98# 99# <address|*> means: 100# Either the local address the server is bind to or the remote server 101# address the client connects to. Syntax for address matching is: 102# <IPv4 address>[/<prefix_length>]|* 103# IPv4 address = [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ each sub number < 255 104# prefix_length = [0-9]+ and with value <= 32. A prefix_length of 24 105# matches the subnet mask 255.255.255.0 . A prefix_length of 32 106# requires matching of the exact IP. 107# 108# <port range> is: 109# start-port[-end-port] where port numbers are >0 and < 65536 110# 111# Rules are evaluated in order of definition. So the first match wins. 112# If no match is made libsdp will default to "both". 113# 114# Examples: 115# 116# Use SDP by clients connecting to machines that belongs to subnet 192.168.1.* 117# family role program address:port[-range] 118# use sdp connect * 192.168.1.0/24:* 119# 120# Use SDP by ttcp when it connects to port 5001 of any machine 121# family role program address:port[-range] 122# use sdp listen ttcp *:5001 123# 124# Use TCP for any program with name starting with ttcp* serving ports 22 to 25 125# family role program address:port[-range] 126# use tcp server ttcp* *:22-25 127# 128# Listen on both TCP and SDP by any server that listen on port 8080 129# family role program address:port[-range] 130# use both server * *:8080 131# 132# Connect ssh through SDP and fallback to TCP to hosts on 11.4.8.* port 22 133# family role program address:port[-range] 134# use both connect * 11.4.8.0/24:22 135# 136# NOTE: If all "use" rules are commented SDP will take "simple SDP" 137# mode and use SDP for all connections 138# 139############################################################################## 140