test

Sun Java System Web Proxy Server 4.0.3 2006Q2 Administration Guide

Configuring the SOCKS v5 Server

ProcedureTo configure the SOCKS server

Steps

  1. Access the Server Manager for a server instance and click the SOCKS tab.

  2. Click the Configure SOCKS v5 link.

  3. In the SOCKS Port field, enter the port number on which the SOCKS server will listen (1080 by default).

  4. Select the SOCKS options you want to use.

    The following options are available:

    • Disable Reverse DNS Lookup. Disables reverse DNS lookup for the SOCKS server. Reverse DNS translates IP addresses into host names. Disabling reverse DNS lookup can conserve network resources. This is disabled by default (that is, the Disable Reverse DNS Lookup checkbox is selected by default). If reverse DNS lookup is disabled, and a URL is requested with a host name, the server will not map the host name to the IP address. If reverse DNS lookup is enabled, the server performs the mapping, and an entry is added to the SOCKS log file, listing the DNS translation.

      • Use Client-specific Bind Port. Allows the client to specify the port in a BIND request. With this option disabled, SOCKS ignores the client’s requested port and assigns a random port. This is disabled by default.

      • Allow Wildcard As Bind IP Address. Allows the client to specify an IP address of all zeros (0.0.0.0) in a BIND request, which means that any IP address can connect. With this option disabled, the client must specify the IP address that will be connecting to the bind port, and the SOCKS server rejects requests to bind to 0.0.0.0. This is disabled by default.

      • Quench Updates. Disables the automatic stat file writing once an hour. If disabled, the writing takes place with every request (see Logging).

    The Quench Updates element displays in the user interface but is not implemented in this release of Proxy Server 4.

  5. In the Log File field, enter the full path name of the SOCKS log file.

    The default is server_root/proxy-serverid/logs/socks5.log.

  6. From the Log Level drop-down list, select whether the log file should contain warnings and errors only, all requests, or debugging messages.

  7. Select an RFC 1413 ident response.

    Ident allows the SOCKS server to determine the user name for a client. Generally, this feature only works when the client is running some flavor of UNIX. The following options are available

    • Don’t Ask. Never use ident to determine the user name for a client. This is the recommended and default setting.

      • Ask But Don’t Require. Ask for the user name of all clients, but do not require it. This option uses ident for logging purposes only.

      • Require. Ask for the user name of all clients, and only permit access to those with valid responses.

  8. In the SOCKS Tuning section, specify the number of worker and accept threads the SOCKS server should use (these numbers influence performance of the SOCKS server), and then click OK:

    • Number Of Worker Threads. The default is 40. If the SOCKS server is too slow, increase the number of worker threads. If it is unstable, decrease the number. When changing this number, start with the default and increase or decrease as necessary. The typical number of worker threads is between 10 and 150. The absolute maximum is 512, but having more than 150 tends to be wasteful and unstable.

      • Number Of Posted Accepts. The default is 1. If the SOCKS server is dropping connections, increase the number of accept threads. If it is unstable, decrease the number. When changing this number, start with the default and increase or decrease as necessary. The typical number of accept threads is between 1 and 10. The absolute maximum is 512, but having more than 60 tends to be wasteful and unstable. This is a very important setting. Tune this setting if requests are failing when the SOCKS server is put under load and connections are being dropped.