Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
NYLON(1)		FreeBSD	General	Commands Manual		      NYLON(1)

     nylon -- a	lightweight and	highly configurable proxy server

     nylon [-h]	[-v] [-V] [-f] [-s] [-n] [-4] [-5] [-a list] [-d list]
	   [-m addr] [-p port] [-i ip/if] [-I ip/if] [-P file] [-c file]

     nylon is a	proxy server.  This version supports SOCKS 4 and SOCKS 5 pro-
     tocols, as	well as	a mirror mode.	nylon is fully configurable, and can
     be	configured from	either the command line	or a provided configuration

     The options are as	follows:

     -h		  Displays help.

     -v		  Increases the	verbosity level	(can be	specified multiple

     -V		  Prints version.

     -f		  Runs nylon in	the foreground and prints all output to	the

     -s		  Forces all output to syslog.

     -n		  Shows	all network addresses as numbers.

     -4		  Disables SOCKS4 support

     -5		  Disables SOCKS5 support

     -a	list	  Sets the host	allow list to list.

     -d	list	  Sets the host	deny list to list.

     -m	addr	  Runs nylon in	mirror mode.  In this mode, any	proxy protocol
		  negotiations are disregarded,	and the	address	provided is
		  simply mirrored.  addr is in "host:port" format and speci-
		  fies the target machine and port to mirror.  If no local
		  binding port is specified (via the p switch, or in the con-
		  figuration file), nylon will bind to a local port matching
		  the remote port specified.

     -p	port	  Bind server to port port.  By	default, nylon will bind to
		  the "socks" port (1080).

     -i	ip/if	  Bind server to the interface or address ip/if.

     -I	ip/if	  Make outgoing	connections through the	interface or address

     -P	file	  Specify PID file file.  By default, /var/run/ is

     -c	file	  Specify configuration	file file.

     The configuration file can	be used	as a replacement for the command line
     options.  Please see the provided file nylon.conf for more	information.

     Access to the services provided by	nylon are governed by the the host
     allow and deny lists.  These are lists composed of	hosts and networks.
     Hosts can be specified either by their hostname, or their IP address.
     Networks are specified by a network address and mask in the form "ad-
     dress/bits", where	"bits" specifies how many bits of the address are to
     be	used to	represent the network mask.

     Given an address, whether access is given or not is determined as such.
     If	the address matches any	address	in the deny list, access is explicitly
     denied.  If the address matches any address in the	allow list, access is
     explititly	allowed, unless	it is also matched in the deny list.  If the
     deny list is empty, only addresses	in the allow list are allowed.	If the
     allow list	is empty, all addresses, except	for those that are in the deny
     list, are allowed

     By	default, the allow list	is set to "localhost" and the deny list	set to
     ""	(empty).

     nylon -i fxp1 -a "localhost" -m

     Mirrors the http service on onto the local	http port.  Only hosts
     coming from localhost,	and the	network are	al-
     lowed to use this mirroring service.  Additionally, the server binds to
     the IP address belonging to the ethernet interface	fxp1.

     nylon -f -a "" -d "" -vvvvvv

     Runs nylon	as a SOCKS server in the foreground.  All hosts	except for and are allowed to	access the service.  nylon
     runs with a high verbosity	level.

     The nylon server complies with the	SOCKS5 (RFC 1928) and SOCKS4 specifi-

     This product includes software developed by Ericsson Radio	Systems.

     This product includes software developed by the University	of California,
     Berkeley and its contributors.

     The nylon software	has been developed by Marius Aamodt Eriksen

FreeBSD	13.0			August 14, 2002			  FreeBSD 13.0


Want to link to this manual page? Use this URL:

home | help