ViewVC Help
View File | Revision Log | Show Annotations | View Changeset | Root Listing
root/svn/vendor/pxys2-2.0.0/pxyscand/doc-pxyscandconf.xml
Revision: 3252
Committed: Wed Apr 2 20:41:43 2014 UTC (9 years, 11 months ago) by michael
Content type: application/xml
File size: 5655 byte(s)
Log Message:
- Imported pxys2-2.0.0

File Contents

# Content
1 <?xml version="1.0"?>
2 <!-- Documented configuration file for pxyscand (from pxys v2 package)
3 $Id: doc-pxyscandconf.xml,v 1.1 2004/01/03 00:04:58 mbuna Exp $
4 -->
5 <pxyscand>
6
7 <!-- pxyscand uses a lightweight binary protocol (currently only implemented
8 over TCP) called the OPAS protocol. Protocol's draft is located in
9 pxys2/libopas/doc/draft-opas-1.txt.
10
11 port: the port to listen to
12 bind-address: source address of the listener (empty for default)
13 protocol: only tcp for now
14 allow: can be defined several times, it defines an IP to allow
15 requests from.
16 limit: not implemented yet
17 -->
18 <opas>
19 <port>9601</port>
20 <bind-address>172.16.0.5</bind-address>
21 <protocol>tcp</protocol>
22 <allow>172.16.0.5</allow>
23 <limit>0</limit><!-- requests per minute, 0=unlimited -->
24 </opas>
25
26 <!-- The scanner tag defines very important settings of your proxy scanner:
27
28 maxscans: number of max socket to open for scanning - the more you have,
29 the more you can scan at the same time. I use a value > 10000 on the
30 Undernet. Be careful, you often need to do some system's tunning to
31 increase this value (using sysctl for example on BSD systems...).
32 The total number of simultaneous IPs you can scan is
33 maxscans/number_of_modules_enabled.
34 4000 is already a very big value; a good way to do it is to try a low
35 value and see: if the scanning activity stays at 100% (use the
36 "/msg prox status -scan" command) then increase it.
37
38 module: see, it's easy to add other http proxy ports, or to comment
39 a type of scan... Note that the wingate module contains the insecure
40 Cisco detection (2 in 1 scan).
41
42 source-pool, optional tag: 1 or more source IPs to scan from ("vhosts").
43 An uniform random shuffle is done by the scanner to fool firewalls.
44
45 target, for some scans like socks4 scanning, because the proxy doesn't
46 reply a proper error or status flag, we need to be sure the socks has
47 really connected to something (eg. an IRC server). IMPORTANT: so please
48 maintain an up-to-date list of one or a few targets (i recommend the
49 more stable servers of your IRC network). If the scanner has no more
50 target IP up, it can't scan!
51
52 target-check: pxyscand performs a simple connect check on the current
53 target IP, to verify it's still up. If not, it trys the next one.
54 target-check is a delay in seconds of these checks' frequency.
55
56 log-agent: relative or (prefered) full path of http agents logging, for
57 stats purpose, it's fun.
58
59 timeout: connect() timeout in seconds. Important setting. If your
60 scanner get lagged, increase this value as some proxies might not be
61 found.
62
63 string: a string to match when connecting to a target host via a proxy,
64 used to detect a real proxy connection, and thus to detect the proxy.
65 You can define several matching strings.
66
67 -->
68 <scanner>
69 <maxscans>4000</maxscans>
70 <!-- built-in module types: wingate,socks,crazybandit,http -->
71 <module type="wingate" />
72 <module type="socks" />
73 <module type="crazybandit" />
74 <module type="http">3128</module>
75 <module type="http">6588</module>
76 <module type="http">8080</module>
77 <module type="http">4480</module>
78 <module type="http">80</module>
79 <module type="http">8000</module>
80
81 <!--
82 <source-pool>
83 <address>172.16.0.51</address>
84 <address>172.16.0.52</address>
85 <address>172.16.0.53</address>
86 <address>172.16.0.54</address>
87 <address>172.16.0.55</address>
88 </source-pool>
89 -->
90
91
92 <!-- set scans target (for some scans): IPs of some of your network's stable
93 servers..
94 -->
95 <target>
96 <address>193.109.122.67</address>
97 <port>6668</port>
98 </target>
99 <target>
100 <address>62.235.13.228</address>
101 <port>6668</port>
102 </target>
103 <target-check>600</target-check>
104 <log-agent>agent.log</log-agent>
105 <timeout>30</timeout>
106 <string>NOTICE AUTH :</string>
107 <string>ERROR :</string>
108 </scanner>
109
110
111 <!-- pxyscand uses an efficient LRU IP cache for proxy and non-proxy IPs.
112 This usually avoid a LOT of scans to be performed again.
113
114 directory: a (prefered) full path of the directory where the cache
115 files should be stored. The directory must exist.
116
117 expire: expire duration in seconds for non-proxy IPs, should probably
118 be at least 1 day to not annoy too much.
119
120 proxy-expire: expire duration in seconds of a proxy IP found. Please,
121 don't set a too high expiration duration here, some users fix their
122 proxy in a few hours, or sometimes it can be accidental, etc.
123
124 maxips: max number of IPs of the noproxy IP cache. A prime number
125 increases performance.
126
127 -->
128 <cache>
129 <directory>ipcache</directory>
130 <expire>86400</expire><!-- seconds -->
131 <proxy-expire>21600</proxy-expire>
132 <maxips>1000003</maxips><!-- a prime number is better -->
133 <!-- http://www.utm.edu/research/primes/lists/small/100ktwins.txt -->
134 </cache>
135
136
137 <!-- pxyscand has its own noscan tag too, like pxyservd, but only for IP
138 or IP ranges! By default, the local networks are enabled:
139 -->
140 <noscan>
141 <address>127.0.0.1</address>
142 <address>255.255.255.255</address>
143 <address>0/8</address>
144 <address>10/8</address>
145 <address>172.16/12</address>
146 <address>192.168/16</address>
147 </noscan>
148
149 </pxyscand>