The Reference Manual of DeleGate version 9.9
Copyright (c) 1994-2000 Yutaka Sato <ysato AT etl.go.jp> <y DOT sato AT delegate.org>
Copyright (c) 1994-2000 Electrotechnical Laboratory (ETL), AIST, MITI
Copyright (c) 2001-2014 National Institute of Advanced Industrial Science and Technology (AIST)
AIST-Product-ID: 2000-ETL-198715-01, H14PRO-049, H15PRO-165, H18PRO-443

Permission to use this material for evaluation, copy this material for your own use, and distribute the copies via publicly accessible on-line media, without fee, is hereby granted provided that the above copyright notice and this permission notice appear in all copies. AIST makes no representations about the accuracy or suitability of this material for any purpose. it is provided "as is", without any express or implied warranties.


This document is written based on the latest version of DeleGate/9.X. Comments about this document are expected to be directed to mailto:feedback@delegate.org to be open and shared at http://www.delegate.org/feedback/. Watch DeleGate Home Page at http://www.delegate.org/ to see the latest status. Beginners are recommended to read a short tutorial at http://www.delegate.org/delegate/tutorial/ also. A collection of usage examples at http://www.delegate.org/delegate/HowToDG.html might be helpful to see what you can do with DeleGate.


[search] [decomp] [parts] [skeleton] [frame] ... these links are active only when accessed via origin HTTP-DeleGate

PERMUTED INDEX

INDEX

--------- --------- --------- --------- --------- --------- --------- ---------
DELEGATED(8)                MAINTENANCE COMMANDS                   DELEGATED(8)

NAME

SYNOPSIS DESCRIPTION

OPTIONS

   -P option  --  entrance port(s) to the DeleGate
              ==  -Pport[,port]*
        port  ==  [host:]portNum[/udp][/admin][/protocolName]
     portNum  ==  number[-number]
   -Q option* --  entrance port to the DeleGate
              ==  -Qport
   -f option  --  foreground execution
              ==  -f[v]
   -r option  --  restart
   -v option  --  logging level control
              ==  -v[vdtsau]
   -d option  --  debugging of sub components
              ==  -d[hst]
   -D option  --  disabling sub components
              ==  -D[t]
   -S option  --  watch SIGCHLD signal
   -T option  --  trace system calls
              ==  -T[xsdt]*
   -F option  --  extra function
              ==  -Ffunction
   -- option  --  hiding command line arguments
   parameter  ==  name=value
   conditional parameter == (condition)parameter
   -e option  ==  -ename=value
Terminology

PARAMETERS

General

Routing

Access control

Resource usage restriction

Cache control

Mount

Data conversion

Filter control

Local file usage

Host name resolution

Protocol specific
SERVER parameter*   ==  SERVER=protocol[://host[:portNum]][:-:MountOptions]
           portNum  ==  [+|-]number
                    --  default: SERVER=delegate
ADMIN parameter     ==  ADMIN=user@host.domain
                    --  default: built in at compile time
OWNER parameter*    ==  OWNER=user[/group][:srcHostList]
                    --  default: OWNER="nobody/nogroup"
                    --  restriction: super-user only on most of Unix
                    --  restriction: setting the user of a service on Windows
CRON parameter*     ==  CRON="crontab-spec"
       crontab-spec ==  minute hour day month dayOfWeek action
                    --  default: none
INETD parameter*    ==  INETD="inetd-conf"
        inetd-conf  ==  port sockType proto waitStat uid execPath argList
              port  ==  [host:]portNum
          sockType  ==  stream | dgram
             proto  ==  tcp | udp
          waitStat  ==  nowait ("wait" is not yet supported)
                    --  default: none
HOSTLIST parameter* ==  HOSTLIST=listName:HostList
CLUSTER parameter*  ==  CLUSTER=[protoList]:ServerList
        ServerList  ==  [/R,]Server[,ServerList]
            Server  ==  Host[..Port]
CMAP parameter*     ==  CMAP=resultStr:mapName:connMap
           connMap  ==  ProtoList:dstHostList:srcHostList
                    --  default: none
TLSCONF parameter*  ==  TLSCONF=tlsConf[,tlsConf]*
           tlsConf  ==  what:value
                    --  default: TLSCONF=scache:do,xcache:do
STLS parameter*     ==  STLS=stlsSpecs[,sslwayCom][:connMap]
         stlsSpecs  ==  [-]stlsSpec[/im][/ssl][,stlsSpecs]
          stlsSpec  ==  fsv | fcl | mitm | imimSec
         sslwayCom  ==  {sslway [-Vrfy] [-CApath dir] ...}
           connMap  ==  ProtoList:dstHostList:srcHostList
                    --  default: none
                    --  restriction: applicable to HTTP, FTP, SMTP, POP, IMAP, SOCKS
                    --  required: SSLway
CERTDIR parameter   ==  CERTDIR=dir
                    --  default: ${ETCDIR}/certs
                    --  version: DeleGate/9.8.0 + OpenSSL0.9.8g or laters
DGCONF parameter    ==  DGCONF=dir/file
                    --  default: DGCONF='${EXECDIR}/${EXECNAME}.conf'
DYCONF parameter*   ==  DYCONF=[conditions]parameters
        parameters  ==  file:path | cgi:path | arg:{listOfParameters}
                    --  default: none
DYLIB parameter     ==  DYLIB=libfilePattern[,libfilePattern]*
                    --  default: DYLIB='dglib*.so,lib*.so,dglib*.dylib,lib*.dylib'
LDPATH parameter    ==  LDPATH=dirPath[;dirPath]*
                    --  default: LDPATH='${LIBDIR};${EXECDIR};${HOME}/lib;/usr/lib;/lib'
LIBPATH parameter   ==  LIBPATH=dirPath[:dirPath]*
                    --  default: LIBPATH='.:${STARTDIR}:${LIBDIR}:${EXECDIR}:${ETCDIR}'
DATAPATH parameter  ==  DATAPATH=dirPath[:dirPath]*
                    --  default: DATAPATH='.:${DGROOT}:${STARTDIR}
DGPATH parameter    ==  DGPATH=dirPath[:dirPath]*
                    --  default: DGPATH='+:.:${HOME}/delegate:${EXECDIR}:${ETCDIR}'
DGSIGN parameter    ==  DGSIGN=signatureSpec
                    --  default: DGSIGN="V.R.P/Y.M.D"
DGOPTS parameter    ==  DGOPTS=opt[,opt]*
                    --  default: none
SOCKOPT parameter*  ==  SOCKOPT=[no]name[:value]
                    --  default: reuse
PORT parameter      ==  PORT=port[,port]*
              port  ==  [host:]portNum[/udp]
           portNum  ==  number[-number]
                    --  default: none
FORWARD parameter*  ==  FORWARD=gatewayURL[-_-connMap]
        gatewayURL  ==  gwproto://[user:pass@]gwhost[:gwport]
           connMap  ==  protoList:dstHostList:srcHostList
                    --  default: none
ROUTE parameter*    ==  ROUTE=proto://host:port/-_-dstHostList:srcHostList
                    --  default: none
MASTER parameter*   ==  MASTER=host:port[/masterControl][:dstHostList]
                    --  default: none
MASTERP parameter   ==  MASTERP=[host:port]
                    --  default: none
RPORT parameter     ==  RPORT={tcp|udp}[:host]
                    --  default: none
PROXY parameter*    ==  PROXY=host:port[:dstHostList]
                    --  default: none
                    --  restriction: applicable to HTTP, FTP, Telnet
SOCKS parameter*    ==  SOCKS=host[:[port][/socksOpt][:dstHostList[:srcHostList]]]
          socksOpt  ==  [ -4 | -r ]*
                    --  default: none
SSLTUNNEL parameter ==  SSLTUNNEL=host:port
                    --  default: none
VSAP parameter      ==  VSAP=host:port
                    --  default: none
YYMUX parameter*    ==  YYMUX=host[:port][:connMap]
           connMap  ==  ProtoList[:dstHostList[:srcHostList]]
                    --  default: none
YYCONF parameter*   ==  YYCONF=name[:value]
                    --  default: none
CONNECT parameter*  ==  CONNECT=connSeq[:connMap]
           connSeq  ==  connType[,connType]*
          connType  ==  cache|icp|proxy|master|https|vsap|direct|socks|udp
           connMap  ==  ProtoList[:dstHostList[:srcHostList]]
                    --  default: CONNECT="c,i,m,h,y,v,s,d:*:*:*"
SRCIF parameter*    ==  SRCIF=host[:[port][:connMap]]
           connMap  ==  ProtoList:dstHostList:srcHostList
                    --  default: SRCIF="*:*:*:*:*"
TUNNEL parameter    ==  TUNNEL=tunnelType:script
        tunnelType  ==  tty7
                    --  default: none
PERMIT parameter*   ==  PERMIT=connMap
           connMap  ==  ProtoList:dstHostList:srcHostList
                    --  default: none
REJECT parameter*   ==  REJECT=connMap
           connMap  ==  ProtoList:dstHostList:srcHostList
                    --  default: none
REMITTABLE parameter == REMITTABLE=ProtoList
                    --  default: REMITTABLE="*" for generalist
                    --  default: REMITTABLE="." for specialist
REACHABLE parameter* ==  REACHABLE=dstHostList
                    --  default: REACHABLE="*" (any host is reachable)
RELIABLE parameter* ==  RELIABLE=srcHostList
                    --  default: RELIABLE=".localnet"
RELAY parameter*    ==  RELAY=relayTypeList[:connMap]
     relayTypeList  ==  relayType[,relayType]*
         relayType  ==  proxy | delegate | vhost | no | nojava | noapplet
           connMap  ==  ProtoList:dstHostList:srcHostList
                    --  default: RELAY="delegate,nojava:*:*:.localnet"
                                 RELAY="vhost,nojava:http:{*:80}:.localnet"
                                 RELAY="proxy:*:*:*"
SCREEN parameter ==  SCREEN={reject|accept}
                    --  default: none
AUTH parameter*     ==  AUTH=what:authProto:who
                    --  default: none
AUTHORIZER parameter* ==  AUTHORIZER=authServList[@realmValue][:connMap]
       authServList  ==  [authForw,]authServ[,authServ]* | & | *
           authForw  ==  -map{inPat}{localPat}{fwdPat} | -strip | -fwd
           authServ  ==  authHost[/portNum][(reprUser)]
           authHost  ==  hostName | hostAddr
         realmValue  ==  word | {words separated with space}
            connMap  ==  ProtoList:dstHostList:srcHostList
                    --  default: none
                    --  restriction: applicable to Telnet, FTP, NNTP, SMTP, IMAP,
                                     Socks, SockMux, and HTTP
MYAUTH parameter*   ==  MYAUTH=username:password[:connMap]
                    --  default: none
                    --  restriction: applicable to Socks, VSAP, SMTP, and HTTP
RIDENT parameter    ==  RIDENT=ridentType[,ridentType]*
       ridentType   ==  client | server
                    --  default: none
MAXIMA parameter*   ==  MAXIMA=what:number,...
                    --  default: MAXIMA=listen:20,ftpcc:2,...
TIMEOUT parameter*  ==  TIMEOUT=what:seconds,...
                    --  default: TIMEOUT=dns:10,acc:10,con:10,lin:30,...
DELAY parameter*    ==  DELAY=what:seconds
                    --  default: DELAY=reject:60,unknown:60,...
MOUNT parameter*    ==  MOUNT="vURL rURL [MountOptions]"
                    --  default: MOUNT="/* SERVER_URL*"
MountOptions == option[,option]*
URICONV parameter*  ==  URICONV={convSpec|defElem|defAttr}
          convSpec  ==  convList:attrList
           defElem  ==  defelem:+,elemnameList
           defAttr  ==  defattr:+,attrnameList
                    --  default: it will be shown by URICONV=dump
BASEURL parameter   ==  BASEURL=URL
                    --  default: none
DELEGATE parameter  ==  DELEGATE=gwHost:Port[:ProtoList]
                    --  default: DELEGATE=currentHost:currentPort
COUNTER parameter   ==  COUNTER=listOfCounterControl
    counterControl  ==  do | total | acc | ssi | ref | err | ro | no | mntpV
                    --  default: COUNTER=no
                    --  restriction: applicable to HTTP, SMTP, FTP and DNS
CACHE parameter*    ==  CACHE=cacheControl[,cacheControl]*[:connMap]
      cacheControl  ==  do | no | ro
           connMap  ==  ProtoList[:[dstHostList][:srcHostList]]
                    --  default: none
                    --  restriction: applicable to HTTP, FTP, NNTP and Gopher
EXPIRE parameter*   ==  EXPIRE=validity[/custody][:connMap]
           connMap  ==  ProtoList:dstHostList:srcHostList
          validity  ==  period
           custody  ==  period
            period  ==  Num[d|h|m|s]
                    --  default: EXPIRE=1h
CACHEFILE parameter ==  CACHEFILE=fileNameSpec
                    --  default: CACHEFILE='$[server:%P/%L/%p]'
ICP parameter*      ==  ICP=icpServerList[:icpServerSpec[:connMap]]
     icpServerList  ==  icpServer[,icpServer]*
         icpServer  ==  icpHost[/icpType/proxyPort/icpPort]
     icpServerSpec  ==  icpOptions:proxyPort:icpPort
           connMap  ==  ProtoList:dstHostList:srcHostList
                    --  default: none
                    --  restriction: applicable to {HTTP,FTP}-DeleGate
CHARCODE parameter* ==  CHARCODE=[inputCode/]outputCode[:[tosv][:connMap]]
        outputCode  ==  charCode
          charCode  ==  iso-2022-jp | euc-jp | shift_jis | utf-8 | us-ascii |
                               JIS | EUC | SJIS | UTF8 | ASCII | guess
           connMap  ==  [ProtoList][:[dstHostList][:[srcHostList]]]
                    --  restriction: applicable to HTTP, FTP, SMTP, POP,
                                     NNTP, Telnet, Tcprelay
                    --  default: none
CHARMAP parameter*  ==  CHARMAP=mapType:charMap[,charMap]*[:tosv]
           mapType  ==  ascii | ucs | jis | ucsjis | jisucs
           charMap  ==  inCharCode1[-inCharCode2]/outCharCode2[-[outCharCode2]]
          charCode  ==  hexa-decimal code | single ASCII character
                    --  default: none
HTMLCONV parameter  ==  HTMLCONV=convList
          convList  ==  conv[,conv]*
              conv  ==  deent | enent | fullurl
                    --  default: HTMLCONV=deent
MIMECONV parameter  ==  MIMECONV=mimeConv[,mimeConv]
          mimeConv  ==  thru | charcode | nospenc
                                    | textonly | alt:first | alt:plain
                    --  default: none
                    --  MIMECONV="" if CHARCODE parameter is given
FCL parameter       ==  FCL=filterCommand
FTOCL parameter     ==  FTOCL=filterCommand
FFROMCL parameter   ==  FFROMCL=filterCommand
FSV parameter       ==  FSV=filterCommand
FTOSV parameter     ==  FTOSV=filterCommand
FFROMSV parameter   ==  FFROMSV=filterCommand
FMD parameter       ==  FMD=filterCommand
FTOMD parameter     ==  FTOMD=filterCommand
FFROMMD parameter   ==  FFROMMD=filterCommand
filterCommand       ==  [-s,][-p,][-w,]command
                    --  default: none
XCOM parameter      ==  XCOM=filterCommand
XFIL parameter      ==  XFIL=filterCommand
                    --  default: none
CHROOT parameter    ==  CHROOT=dirPath
                    --  default:  none
                    --  restriction: super-user only on most of Unix
DGROOT parameter    ==  DGROOT=dirPath
                    --  default: if ${STARTDIR}/DGROOT exists then use it, or
                                  on Unix: '/' if CHROOT is set or
                                           '${HOME}/delegate' or
                                           '/var/spool/delegate-${OWNER}' or
                                           '/tmp/delegate-${OWNER}'
                               on Windows: '/Program Files/DeleGate'
SHARE parameter     ==  SHARE=dirPatternList
                    --  default: empty
UMASK parameter     ==  UMASK=mask
                    --  default: the value of umask(2)
VARDIR parameter    ==  VARDIR=dirPath
                    --  default: VARDIR='${DGROOT?&:/var/spool/delegate}'
CACHEDIR parameter  ==  CACHEDIR=dirPath
                    --  default: CACHEDIR='${VARDIR}/cache'
ETCDIR parameter    ==  ETCDIR=dirPath
                    --  default: ETCDIR='${VARDIR}/etc'
LOGDIR parameter    ==  LOGDIR=dirPath
                    --  default: LOGDIR='${VARDIR}/log'
LOGFILE parameter   ==  LOGFILE=[LogFilename]
PROTOLOG parameter  ==  PROTOLOG=[LogFilename][:logFormat]
ERRORLOG parameter  ==  ERRORLOG=LogFilename
TRACELOG parameter  ==  TRACELOG=LogFilename
                    --  default: LOGFILE='${LOGDIR}/${PORT}'
                    --  default: PROTOLOG='${LOGDIR}/${PORT}.${PROTO}'
                    --  default: ERRORLOG='${LOGDIR}/errors.log'
                    --  default: TRACELOG='${LOGDIR}/ptrace.log'
SYSLOG parameter*   ==  SYSLOG=[syslogOpts,][syslogServ]
        syslogOpts  ==  syslogOpt[,syslogOpts]
         syslogOpt  ==  -vt | -vs | -vS | -vH | -fname
                    --  default: none

LogFilename and dirPath Substitution for Aging

EXPIRELOG parameter ==  EXPIRELOG=LogFilename
                    --  default: EXPIRELOG='${LOGDIR}/expire.log'
WORKDIR parameter   ==  WORKDIR=dirPath
                    --  default: WORKDIR='${VARDIR}/work/${PORT}'
ACTDIR parameter    ==  ACTDIR=dirPath
TMPDIR parameter    ==  TMPDIR=dirPath
PIDFILE parameter   ==  PIDFILE=fileName
                    --  default: ACTDIR='${DGROOT}/act'
                    --  default: TMPDIR=system dependent
                    --  default: PIDFILE='${ACTDIR}/pid/${PORT}'
HOSTS parameter*    ==  HOSTS=nameList[/addrList]
          nameList  ==  name | {name[,name]*}
          addrList  ==  addr | {addr[,addr]*}
                    --  default: HOSTS=localhost/127.0.0.1
RESOLV parameter    ==  RESOLV=[resolver[,resolver]*]
          resolver  ==  resType[:[resParam][:[queryHostList][:clientHostList]]]
           resType  ==  cache | file | nis | dns | sys
                    --  default: RESOLV=cache,file,nis,dns,sys
RES_WAIT parameter  ==  RES_WAIT=seconds:hostname
                    --  default: RES_WAIT="10:WWW.DeleGate.ORG"
RES_CONF parameter  ==  RES_CONF=URL
                    --  default: RES_CONF="file:/etc/resolv.conf"
                        or from registry (on Windows)
RES_NS parameter    ==  RES_NS=nsList
            nsList  ==  dnsServ[,nsList]
           dnsServ  ==  dnsServer[//socksV5Host] | END.
                    --  default: depend on RES_CONF
RES_AF parameter    ==  RES_AF=afOrder
            afOrder ==  46 | 64 | 4 | 6
                    --  default: 46
RES_RR parameter    ==  RES_RR=HostList
                    --  default: RES_RR="*"
RES_VRFY parameter  ==  RES_VRFY=""
                    --  default: none
RES_DEBUG parameter ==  RES_DEBUG=number
                    --  default: none
PROTOLIST
       ProtoList  ==  [!]protoSpec[,ProtoList]
       protoSpec  ==  protocolName[/[portNumList][/methodList]]
HOSTLIST
        HostList  ==  [!][-iType]hostSpec[,HostList]
           iType  ==  {h|a|c|*}/[iType]
        hostSpec  ==  [{userList}@]hostSpec[/netMask]
        userList  ==  userNamePattern[,userNamePattern]*
        hostSpec  ==  hostNamePattern | hostAddrPattern
 userNamePattern  ==  [*]uname[*]
 hostNamePattern  ==  [*]hname[*]
 hostAddrPattern  ==  IPaddressPattern | IPrange
         netMask  ==  IPaddress | maskLength
PARAMETER SUBSTITUTION

CFI AND CFI SCRIPT

PROXYING BY URL REDIRECTION

PROTOCOL SPECIFIC ISSUE AND EXAMPLES

Common Notation

TCPrelay

UDPrelay

DGAuth server

PAM server

FTPxHTTP server

YYsh server

YYMUX server

SOCKMUX parameter*  ==  SOCKMUX=host:port:option[,option]*
            option  ==  acc | con | ssl
                    --  default: none
                    --  status: tentative
SOXCONF parameter*  ==  SOXCONF=confSpec[,confSpec]*
                    --  default: none

SockMux server

HTMUX parameter     ==  HTMUX=sv[:[hostList][:portList]]
                     |  HTMUX=cl:host:port
                     |  HTMUX=px:host:port
                    --  restriction: requires CAPSKEY
                    --  default: none
CAPSKEY parameter*  ==  CAPSKEY=opaque
                    --  default: none

Socks server

SOCKSTAP parameter*  ==  SOCKSTAP=ProtoList[:[dstHostList][:[srcHostList][:params]]]
                     --  default: none

HTTP proxy/server

HTTP Transfer Log Format

HTTPCONF parameter  ==  HTTPCONF=what:conf
FILETYPE parameter  ==  FILETYPE=suffix:gopherType:altText:iconName:contentType
                    --  default: FILETYPE=".txt:0:TXT:text:text/plain"
                                 FILETYPE=...
CGIENV parameter    ==  CGIENV=name[,name]*
                    --  default: CGIENV="*"
MountOptions for HTTP-DeleGate

AUTH parameters for HTTP-DeleGate

Configuration of DeleGate by Users

Server Side Include in SHTML files

ICP proxy/server

ICPCONF parameter*  ==  ICPCONF={icpMaxima|icpConf}
         icpMaxima  ==  para:N|hitage:N|hitobjage:N|hitobjsize:N|timeout:N
           icpConf  ==  icpOptions:ProtoList:dstHostList:srcHostList
                    --  default: ICPCONF=para:2,hitage:1d,...

FTP proxy/server

FTPCONF parameter*  ==  FTPCONF=ftpControl[:{sv|cl}]
           ftpControl  ==  nopasv | noport | noxdc | rawxdc
                    --  default: none

FTP Transfer Log Format

Telnet proxy/server

SSH/Telnet gateway

POP proxy

IMAP proxy

SMTP proxy/server

SMTPCONF parameter* ==  SMTPCONF=what:conf
                    --  default: SMTPCONF=bgdatasize:64K
SMTPGATE parameter  ==  SMTPGATE=dirPath
                    --  default: SMTPGATE='${ETCDIR}/smtpgate'

NNTP proxy/server

MountOptions for NNTP
NNTPCONF parameter* ==  NNTPCONF=what:conf
                    --  default: NNTPCONF=upact:600/300/120

LDAP proxy

Whois proxy

X proxy

Gopher proxy

SSL proxy

DNS (Domain Name System) proxy/server

DNSCONF parameter*  ==  DNSCONF=what:value

CU-SeeMe proxy

RESERVED NAMES

AF_LOCAL SOCKETS

CUSTOMIZATION

DEFENSE AGAINST ATTACKERS

ENCRYPTED CONFIGURATION

PLATFORM SPECIFIC ISSUE

GENTLE RESTART

FUNCTIONS

FILES

SEE ALSO

AUTHOR

FEEDBACK

DISTRIBUTION

Release 9.9.11             Last change: July 28, 2014
--------- --------- --------- --------- --------- --------- --------- ---------