|PageViews: 79,262 hits / 365 nets|
-P option -- entrance port(s) to the DeleGate
port == [host:]portNum[/udp][/admin][/protocolName]
portNum == number[-number]
This option specifies on which entrance port DeleGate receives
requests from clients.
As a typical example, "-P8080" means it accepts request on TCP port
numbered 8080 on any network interface belong to the host machine.
When the host has multiple interfaces or multiple IP addresses
assigned to a single physical interface, you can select one of them
with the specification format -Phost:portNum, like
"-Plocalhost:8080" for example.
A DeleGate server can accept from multiple ports or (limited) multiple
network interfaces by -Pport,port,...
When no host is specified, only IPv4 addresses are accepted. That is, -P8080 is the abbreviation of "-P0.0.0.0:8080". To specify IPv6 address here, substitute each colon symbol in the IPv6 address notation with an under score symbol. Fore example, "-P__:8080" means accepting at port 8080 with the wild card address of IPv6 "::". If necessary, a scope-ID can be specified with "%" symbol, like "-Pfe80__12_34%en0:8080" for example.
Note: See SRCIF as to selection of a source address of an outgoing connection.
An entrance port is made as a TCP port by default except UDP based application protocol (dns, icp, cuseeme, udprelay) is specified in SERVER=protocol parameter. And regardless of the protocol specified in SERVER, it can be made as a UDP port with postfix "/udp" like -Pport/udp.
If "/protocolName" is specified, as "-P21/ftp,80/http,1080/socks" for example, the DeleGate will act in the specified application protocol on the specified port, rather than in the default protocol specified in the SERVER parameter.
This option MUST be specified except in following cases.
It is ignored when the DeleGate is invoked from inetd(8),
or in most case of -Ffunction option,
or when running as a tunnel server
-Q option* -- entrance port to the DeleGate
-Q option can be used to specify multiple entrance ports separately in
For example, a set of of options "-Q21 -Q80 -Q1080" is equivalent to
a single option "-P21,80,1080".
-f option -- foreground execution
If specified, DeleGate runs in foreground keeping connected with
current control tty so that it can be killed with SIGINT from the tty,
and staying at (without changing work directory from)
the current directory.
With -fv option, the output to the LOGFILE is also put to the console.
-r option -- restart
If specified, currently running DeleGate on the same entrance port if exist
is finalized before starting this DeleGate.
It has the same effect as doing -Fkill before start.
-v option -- logging level control
If specified, DeleGate will run in foreground like -f and
log will be put on the control tty, not to LOGFILE
More detailed log than that
of -v can be got using -vv option. Similarly you can control the
detailness of log to be written into logfile by -vd, -vt or -vs options;
-vd makes logs detailed with debug information whereas
-vt makes it terse and
-vs makes logging stop and be silent;
this option has similar effect with LOGFILE="".
Another option -va makes hidden log in the most detailed level (that of -vd)
which is output only when some kind of ABORT occurred to cause
-vu puts logging level back to usual one.
-d option -- debugging of sub components
-dh enables detailed logging of HostList matching.
-ds enables logging of socket manipulation including bind(), accept()
-dt enables detailed logging of the activity of each thread with its thread-id.
-D option -- disabling sub components
-Dt disables the usage of thread (for SSL and gzip) to force using process.
-S option -- watch SIGCHLD signal
If specified, zombie processes of DeleGate will be
immediately swept by watching the SIGCHLD signal. This option might
be the default in future releases.
-T option -- trace system calls
If specified, signals occurred in DeleGate processes
will be watched by the parent DeleGate using "ptrace(2)" then recorded
into TRACELOG. If -Tx is specified, DeleGate process which is going
to execute "execve(2)" system call will be trapped and killed. This
will be useful for security enhancement preventing any unexpected
execve() which can be the method of intruders.
This -T option automatically turn on -S option to immediately respond to
events occurred in children, but you can turn off it by adding "s"
flag like "-Ts". Adding "d" flag like "-Txd" will make logging detailed,
while adding "t" flag like "-Txt" will make logging terse.
-F option -- extra function
If specified, DeleGate will work as a
program of specified function rather than a DeleGate server.
For example, "delegated -Fkill -Pport" means to kill the
DeleGate running on the port.
is a function to edit implanted parameters in the executable file
of DeleGate, to control authentication and capabilities (who can do what with
the DeleGate), and to configure fixed (not overwritable) parameters
of the executable file.
The usage is shown with "delegated -Fimp -h".
With -Fcgi, DeleGate act as a cgi program which is invoked from a HTTP server.
A list of available functions will be shown
-- option -- hiding command line arguments
If specified, command line arguments before "--" are left visible to
ps(1) command (with pstat(2) system call) on most of Unix systems.
Without this, any arguments are hidden by default.
parameter == name=value
Other options are specified in name=value
format which is named a parameter.
Parameters can be given as environment variables as well as command line
For name parameter, the environment variable DG_name is
retrieved prior to name.
Command line options with "-" prefix listed above can be given as a
parameter like DGOPTS="-P8080;-v" for example.
conditional parameter == (condition)parameter
Some parameters and -v option can be restricted to be applied conditionally,
by prefixing "(condition)" to a parameter.
Currently, condition is a list of client host which is described
For example, "(.localnet)-vs" specifies to suppress logging when the client
is from local networks.
Parameters which can be conditional with this prefix are:
BASEURL, DELAY, DELEGATE,
FCL, FSV, FFROMCL, FFROMSV, FTOCL, FTOSV,
LOGFILE, MAXIMA, RIDENT and TIMEOUT.
This mechanism does not work for UDP sockets.
-e option == -ename=value
This is similar to name=value except that
this name=value pair will be set as
an environment variable to be inherited to child processes
like filter programs and CGI programs.