initial import to git

.gitattributes

@@ -0,0 +1,22 @@
+# Auto detect text files and perform LF normalization
+* text=auto
+
+# Custom for Visual Studio
+*.cs     diff=csharp
+*.sln    merge=union
+*.csproj merge=union
+*.vbproj merge=union
+*.fsproj merge=union
+*.dbproj merge=union
+
+# Standard to msysgit
+*.doc	 diff=astextplain
+*.DOC	 diff=astextplain
+*.docx diff=astextplain
+*.DOCX diff=astextplain
+*.dot  diff=astextplain
+*.DOT  diff=astextplain
+*.pdf  diff=astextplain
+*.PDF	 diff=astextplain
+*.rtf	 diff=astextplain
+*.RTF	 diff=astextplain

.gitignore

@@ -0,0 +1,215 @@
+#################
+## Eclipse
+#################
+
+*.pydevproject
+.project
+.metadata
+bin/
+tmp/
+*.tmp
+*.bak
+*.swp
+*~.nib
+local.properties
+.classpath
+.settings/
+.loadpath
+
+# External tool builders
+.externalToolBuilders/
+
+# Locally stored "Eclipse launch configurations"
+*.launch
+
+# CDT-specific
+.cproject
+
+# PDT-specific
+.buildpath
+
+
+#################
+## Visual Studio
+#################
+
+## Ignore Visual Studio temporary files, build results, and
+## files generated by popular Visual Studio add-ons.
+
+# User-specific files
+*.suo
+*.user
+*.sln.docstates
+
+# Build results
+
+[Dd]ebug/
+[Rr]elease/
+x64/
+build/
+[Bb]in/
+[Oo]bj/
+
+# MSTest test Results
+[Tt]est[Rr]esult*/
+[Bb]uild[Ll]og.*
+
+*_i.c
+*_p.c
+*.ilk
+*.meta
+*.obj
+*.pch
+*.pdb
+*.pgc
+*.pgd
+*.rsp
+*.sbr
+*.tlb
+*.tli
+*.tlh
+*.tmp
+*.tmp_proj
+*.log
+*.vspscc
+*.vssscc
+.builds
+*.pidb
+*.log
+*.scc
+
+# Visual C++ cache files
+ipch/
+*.aps
+*.ncb
+*.opensdf
+*.sdf
+*.cachefile
+
+# Visual Studio profiler
+*.psess
+*.vsp
+*.vspx
+
+# Guidance Automation Toolkit
+*.gpState
+
+# ReSharper is a .NET coding add-in
+_ReSharper*/
+*.[Rr]e[Ss]harper
+
+# TeamCity is a build add-in
+_TeamCity*
+
+# DotCover is a Code Coverage Tool
+*.dotCover
+
+# NCrunch
+*.ncrunch*
+.*crunch*.local.xml
+
+# Installshield output folder
+[Ee]xpress/
+
+# DocProject is a documentation generator add-in
+DocProject/buildhelp/
+DocProject/Help/*.HxT
+DocProject/Help/*.HxC
+DocProject/Help/*.hhc
+DocProject/Help/*.hhk
+DocProject/Help/*.hhp
+DocProject/Help/Html2
+DocProject/Help/html
+
+# Click-Once directory
+publish/
+
+# Publish Web Output
+*.Publish.xml
+*.pubxml
+
+# NuGet Packages Directory
+## TODO: If you have NuGet Package Restore enabled, uncomment the next line
+#packages/
+
+# Windows Azure Build Output
+csx
+*.build.csdef
+
+# Windows Store app package directory
+AppPackages/
+
+# Others
+sql/
+*.Cache
+ClientBin/
+[Ss]tyle[Cc]op.*
+~$*
+*~
+*.dbmdl
+*.[Pp]ublish.xml
+*.pfx
+*.publishsettings
+
+# RIA/Silverlight projects
+Generated_Code/
+
+# Backup & report files from converting an old project file to a newer
+# Visual Studio version. Backup files are not needed, because we have git ;-)
+_UpgradeReport_Files/
+Backup*/
+UpgradeLog*.XML
+UpgradeLog*.htm
+
+# SQL Server files
+App_Data/*.mdf
+App_Data/*.ldf
+
+#############
+## Windows detritus
+#############
+
+# Windows image file caches
+Thumbs.db
+ehthumbs.db
+
+# Folder config file
+Desktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Mac crap
+.DS_Store
+
+
+#############
+## Python
+#############
+
+*.py[co]
+
+# Packages
+*.egg
+*.egg-info
+dist/
+build/
+eggs/
+parts/
+var/
+sdist/
+develop-eggs/
+.installed.cfg
+
+# Installer logs
+pip-log.txt
+
+# Unit test / coverage reports
+.coverage
+.tox
+
+#Translations
+*.mo
+
+#Mr Developer
+.mr.developer.cfg

Changelog

@@ -0,0 +1,2215 @@
+08.04.2014
+Releasing as 0.7
+Significant changes since 0.6.1:
+!! auth iponly by default
+! maxconn is 500 by default
+! Improved HTTP/1.1 compatibility
+! Functionality bugfixes
++ Few new plugins
+
+11.07.2012
+! fixed: counters over 4GB in webadmin
+
+26.06.2012
+! OpenSSL thread support functions added to SSL plugin
+
+10.05.2012
+! SSL plugin works. Commands to enable/disable SSL spoofing will be added later.
+
+25.04.2012
+! pcre_rewrite slash sequence logic corrected
+
+16.04.2012
++ Added: SSLPlugin for SSL decryption with certificates spoofing
+
+12.04.2012
++ Added: new filter callback function type (pre data filter) for things like SSL/TLS, gzip, etc.
+  WARNING: all plugins with filter functions need to be reviewed for compatibility
+
+06.02.2012
++ Added: transparent redirection plugin for linux. Automatically detects redirection
+  address if traffic is redirected via iptables
+
+15.08.2011
+! Fixed: 100% CPU because of usleep with large value on NetBSD
+
+11.06.2011
++ Support for extusername/extpassword added to smtpp
+
+04.06.2011
+! Fixed: web admin access
+! Fixed: wrong error code in logfile in some rare cases
+! Migrated to VC 9.0 compiler
+
+14.04.2011
+! Authentication: do not request username/password in mixed authentication
+  if all modules deny access.
+
+12.04.2011
+! Minor code cleanup
+
+17.12.2010
+- Debugging output to stdout removed
+
+09.12.2010
+! Code cleanup for sockets mapping and chunked encoding, 
+! Content-Length up to 4GB
+
+25.11.2010
++ System locale handling added for mixed case username in WindowAuthentication 
+
+13.11.2010
++ Plugin utf8tocp1251 added to automatically detect UTF-8 (used by Chrome and
+  Opera in username/password.
+
+  usage 
+
+  plugin "utf8tocp1251" utf8tocp1251
+  auth utf8tocp1251 strong
+
+  or
+
+  auth utf8tocp1251 cache windows
+
+
+11.11.2010
+! encoding paramter added to WWW-Authenticate and Proxy-Authenticate headers in
+  .3ps files according to
+  http://tools.ietf.org/id/draft-reschke-basicauth-enc-01.txt
+
+12.08.2010
+! Removed getservbyport() from webadmin to avoid potential race condition
+
+09.08.2010
+! Default .3ps files corrected
+
+26.06.2010
+! Fixed: keep-alive connections detection for HTTP/1.1
+
+10.12.2009
+! Fixed: external address may be incorrectly set if few requests are
+  received in single connection.
+
+02.12.2009
+! zero sockaddr before bind for some FreeBSD versions compatibity
+
+26.10.2009
+! Some changes for MD4/MD5 libraries 64-bit compatibility
+
+01.10.2009
+! Fixed: Content-Length is sent twice to server if there are content-handling
+  plugins.
+
+17.09.2009
+! Makefile.Linux: add3proxyuser.sh moved to INSTALL_CFG_OBJS
+  (thanks to Martin Wanicki)
++ Functionality added to intercept all socket-related calls for plugins
+
+03.09.2009
+! Fixed: client connection was not closed on removed Content-Length (may
+  cause connection hang for timeout at the end of large file transfer 
+  if filtering plugins are used).
+
+24.08.2009
++ Added transparent redirection to ICQ and MSN proxy
++ Added (untested) Last.fm ripper plugin - initial version, code needs to be
+  cleaned to work under *nix. Thanks to Denis Stanishevskiy.
+
+14.08.2009
++ WinCE (Windows Mobile) support added
+
+27.07.2009
+! Fixed: use authnserver for name match check if configured
+
+22.07.2009
++ authnserver command added (nserver to use only with auth dnsname)
+
+13.07.2009
++ man pages for smtpp and icqpr added
+! traffic correction plugin logics fixed
+
+10.07.2009
++ 3proxy configuration parser: support added for empty strings ("").
+
+09.07.2009
++ dnsname authentication added (auth dnsname) - puts validated reverse DNS
+  record (PTR) instead of username
++ PCREPlugin: Added: \r, \n support from pcre_rewrite rewrite string. Use \0
+  for empty string
++ PCREPlugin: Added: * may be used instead of regex (no regex is created
+  and checked in this case)
+
+24.06.2009
+! random redirections are really fixed (incomplete fix on 08.04.2009)
+! icqpr "Need recync" problem fixed
+! disable NTLM by default (because of Windows Vista) until NTLMv2 implemented
+! set auth iponly to be default
+
+
+08.04.2009
+! Fixed: distribution between parent proxies was not even because of
+  non-linear probability
+
+18.03.2009
+! Marking as 0.7-devel
+
+06.03.2009
+! Fixed: filters were applied in reverse order
+
+25.02.2009
+! Fixed: beginning of HTTP data may be not passed to filter
+
+22.02.2009
+! handle Content-Length as unsigned long to allow files > 2GB.
+
+10.02.2009
+! Ldapauth plugin corrected according to changes on 02.02.2009
+
+02.02.2009
++ countout / nocountout commands added
+! Added workaround for Mac OS X / iPhone OS poll() (mis)behaviour.
+
+30.01.2009
+! Flush buffer in case of POLLxxx - probably required for Mac OS X / iPhone OS
+
+24.01.2009
+! Changed WindowsAuthentication to convert username to lowercase
+
+10.12.2008
+! Fixed: login may hang in ftppr in case of large server banner
+
+30.10.2008
+! WindowsAuthentication plugin may sometimes fail with 100122 error
+  on startup because of uninitialized variable.
+
+30.09.2008
+! -lXXX moved to $LIBS in Makefiles for linkers compatibility 
++ 3proxy for Dummies v.1.2 by Kurmaeff Halit added (in Russian)
+
+26.08.2008
+! Fixed: end of chunked-encoded page may be incorrectly detected
+
+24.07.2008
+! Fixed: buffering problem on multiple chunks
+
+21.07.2008
+! Previous fix was incomplete
+
+13.07.2008
+  Thanks to Hostile Fork:
+! Fixed directory listing building for some rare FTP servers (e.g. HP)
+! Fixed (probably) chunked encoding should now work. REQUIRES TESTING.
+  please report, if you have problems with chunked. 
+
+
+11.05.2008
++ minor plugin interface additions
+
+03.05.2008
++ pcre_options implemented
+
+24.04.2008
+! Fixed: bandlimsout may not work if both bandlimsin and bandlimsout
+  are configured.
+
+01.04.2008
+! Fixed: chunked was actually converted to non-chunked
+
+25.03.2008
++ HTTP chunked support (hopefully) added, not tested yet
+
+13.02.2008
+! Do not shutdown listening socket
+! FTPPR was broken on 10.02 fix
+! ':' may be encoded in ftp:// URI's in proxy
+
+12.02.2008
+! LOGIN and PLAIN authentication were swapped in smtpp.
+
+10.02.2008
+! FTPPR: potential race condition on socket close fixed
+
+07.02.2008
+! MSN: message channels were not captured
+
+05.02.2008
+! Use CDATA for XML data in webadmin module
+
+03.02.2008
++ MSN / Live messenger proxy (msnpr) addded
+
+02.02.2008
+! Fixed: counters may be flushed on configureation reload
+
+01.02.2008
+! Work with counters with more safe way on configuration reload
+
+28.01.2008
+! Do not compile empty PCRE
+
+17.01.2008
++ APPE support added to ftppr
+! Fixed problem with counters dumping on reload
+
+16.01.2008
++ reqip/reqport added to XML data export
+
+15.01.2008
+! cache auth: set default cache type to user/password with 600 sec timeout
+
+14.01.2008
+! Fixed EAGAIN handling in sockmap
+! Fixed: plugins: some data may be sent to the filter functions more than once
+  on incomplete send.
+! int * offset_p  changed to  int offset  in plugins interface
+
+13.01.2008
+! icqpr: fixed new services request hijacking
+
+12.01.2008
++ icqpr: added support for ICQ 6.0 greeting
++ icqpr: added support for insecure authentication
++ icqpr: added support for server migration
+
+11.01.2008
++ Support for new service requests hijacking added to icqpr
+! Fixed: icqpr: sequence number can be > 0x8000 in current protocol verion
+
+10.01.2008
+! Fixed few rare cases where small amount of data may pass in/out statistics
+  (e.g parent proxy request/response).
+
+09.01.2008
++ Initial version of icqpr (ICQ proxy). Use it as portmapper to ICQ server:
+  You can also control access by UIN (use 'auth useronly'):
+	auth useronly
+	allow 1369139,1234567
+	icqpr 5190 login.icq.com 5190
+! Corrected seconds fractions calculation in poll() emulation code
+  (probably did not affected any functionality)
+! PCRE library updated to 7.4	
+
+07.01.2008
+!! Error code is now 5-digit
+
+
+27.12.2007
++ StringsPlugin now supports strings substitution for 'admin' service (Kirill Lopuchov)
++ PamAuth plugin added (Kirill Lopuchov)
++ LdapPlugin added (Kirill Lopuchov)
+
+19.12.2007
+ Copyright text fixed in source files
+
+18.12.2007
++ Export added for weadmin strings to use/replace in plugins
+
+17.12.2007
++ Proxy-support: Session-Based-Authentication added for compatibility
+  with NTLM/Negotiate authentication in IE7.
+
+03.12.2007
+! StringPlugin fixed
+
+23.11.2007
++ Developer's documentation added
+
+19.11.2007
+! StringPlugin fixes (by Kirill Lopuchov)
+
+09.11.2007
+! Fixed: SOCKS5 authentication was broken some time ago
+
+28.10.2007
+! Fixed: do flush() if logged to file given with -l
+
+25.10.2007
+! Improper extparam structure initialization fixed (caused invalid behavior
+smtpp/pop3p/ftppr if no 'delimchar' configured after 11.10.2007)
+
+19.10.2007
+! StringsPlugin cleanup
+
+11.10.2007
++ delimchar command added
+
+10.10.2007
+! Fixed: filters are lost on configuration reload
++ Added chkconfig support to rc.d script
+
+09.10.2007
+! Fixed double addition of authentication function on WindowsAuthentication
+  plugin
+
+25.09.2007
+! Outgoing AUTH LOGIN fixed for smtpp
+! Fixed multiline banners in smtpp
++ smtpp: default server (-h) may be used without authentication
+
+11.09.2007
+! Documentation corrections, thanx to Vladimir Fesko
+
+30.08.2007
+! Fixed PCRE filter behaviour on configuration reload
+
+29.08.2007
+! Support added for in-line auth plain SMTP authentication. Default parent
+  authentication is changed to LOGIN.
+
+25.08.2007
+! Fixed -h feature (double memory free after second connect)
++ smtpp (SMTP proxy added). Supports both PLAIN and LOGIN for both client
+  and server, supports default SMTP server.
+
+23.08.2007
++ %e format specificator added for exaternal IP logging.
+
+22.08.2007
+! dighost corrected to do not change file, if no replay from the server
+  received.
+
+20.08.2007
++ authcache password added
+! authcache user and user,ip corrected and crash fixed
+
+17.08.2007
++ Documentation added for authentication cache
+
+16.08.2007
++ Authentication cache created! New command:
+  authcache authtype time
+  e.g.
+  authcache ip 600
+  and new authentication type: cache, e.g.
+  auth iponly cache strong
+  Doesn't work with NTLM, Requires proxy -n!
+
+07.08.2007
+! define _MAX__TIME64_T, because Microsoft only mentions it in configuration
+  and never actually defines it. Prevents crash on malformed/older counter
+  file.
+
+03.08.2007
++ 'nolog' command added to extend allow/deny rules (prevent logging
+  for requests mathing allow/deny rules). nolog only affects last allow
+  or deny command.
++ 'weight' command added to extend allow/deny rules. E.g. 'weight 100'.
+  weight only affects last allow/deny rule.
+
+31.07.2007
+! Error code changed to 100 on failed SOCKSv5 name resolution
++ FAQ and documentation updates
++ New command 'logdump' added, to create intermediate log records then given
+  amount of data is archieved through connection
++ New command 'filtermaxsize' to prevent filtering if expected Content-Length
+  is greater than given value.
+
+21.07.2007
+! rm changed to del in Windows makefiles
+
+07.07.2007
++ HTTP proxy code fixed to pre-buffer traffic and fix Content-Length in case of
+  short files. For longer files Content-Length is not sent to client. It's safe
+  now to change HTTP content within plugin.
+  Result: pcre_rewrite works perfectly.
+
+05.07.2007
++ Documentation improved.
+
+28.06.2007
++ FTP server authentication fixed
+
+26.06.2007
++ Request authentication for FTP server in HTTP proxy if anonymous logon fails
+
+18.06.2007
+! Documentation fixes
+
+11.06.2007
+! Fixed: \r in *nix installation scripts
+
+31.05.2007
+! PCRE: Fixed: replace on the string of different size
+! PCRE: Fixed: replace only replaces first match
+? PCRE: known problem: in HTTP if size changes after replacement it doesn't
+  match Content-Length any more. Any workaround suggestions? Remove
+  Content-Length on HTTP requests?
+
+07.05.2007
+! PCRE plugin only used first rule
+
+21.04.2007
+! Avoid usage of large stack buffer in proxy
++ PCREPlugin is now somehow usefull
+
+20.04.2007
+! Minor code cleanup
+
+18.04.2007
+! Fixed: TraffCorrect plugin doesn't NULLify pointer after free()
+
+13.04.2007
+!! Potential buffer overflow fixed on transparent request handling
+   thanks to big_gad_(at)_mail.ru
+
+12.04.2007
+! missed authentication type check in Windows Authentication plugin
+! fixed minor memory leak in tcppm
+
+11.04.2007
+! Compilation issue for structures.h introduced on 09.04 fixed
+
+09.04.2007
+! Minor code cleanup, documentation fixes, rus-win1251.3ps grammatics fixed.
+! *nix plugins compilation issue fixed
+
+08.04.2007
+! Bug fixed on socket mapping (introduced 06.04)
+! Some internal code review without functional changes
+! "parent type IP 0" is now used to specify external IP
+  (like -eIP, but only for connections matching "allow")
+
+06.04.2007
++ PCREPlugin added. Still in development, not all functionality is implemented.
+
+05.04.2007
++ StringsPlugin by Kirill Lopuchov is imported
+
+21.03.07
+! Fixed: FTP listing is not shown on long FTP server greeting in HTTP proxy
+! Fixed: FTP listing may noy be shown on specific server timing in HTTP proxy
+
+19.03.07
+! TraffCorrect plugin NULL pointer fixed
+
+16.03.07
++ It's now possible to use hostnames and patterns in destination ACL. Hostname
+  is checked against requested hostname. Hostnames and networks may be mixed.
+  Example:
+  deny * * *sex*,*porn*,localhost,192.168.0.0/16
+  '*' can not be uses in the middle of the hostname. www*com is invalid
+  pattern.
+! BINDIR changed to BUILDDIR in Makefiles to avoid collision with install
+  on Linux.
+
+15.03.07
+! Documentation update
+
+13.03.07
++ It's possible to use hostnames in ACL, but it should not be dynamic or
+  multihomed host because hotname is translated to IP immediately.
+
+01.03.07
+! fixed: unnecessary mutex_unlock on trafcounter mutex
+! Cosmetic changes
+
+28.02.07
++ FTP put support added for HTTP proxy
+! Code cleanups (few warnings fixed)
+! Makefile.Linux changed (by request of Jari Aalto)
+
+22.02.07
+! fixed: ftppr may delay on file uploading
+
+20.02.07
++ Minor improvements in schedule-handling code
+
+14.02.07
+! Previous FTP (24.12.06) fix was ineffective (operation after break)
+
+01.02.07
+! Documentation typo with portnumber in fordummies.html fixed
+
+25.01.07
+! Typo fixed in gethostbyname_r
+
+23.01.07
+! Plugins are added to main code tree
+
+20.01.07
+! Use gethostbyname_r on Linux and Solaris
+
+18.01.07
+! Set reload flag on Web interface reload, but do not call reload() function.
+  to process reloads in uniform way.
+
+08.01.07
+! Rotate counters with '0' number
++ Scheduling interface added
+
+29.12.06
+! udppm code cleanup
+
+24.12.06
+! Point ident for openlog to saved copy of string to prevent garbage in syslog
+! Fixed: FTP though parent proxy
+! Fixed: problem fixed for final FTP server response received before data
+  (slow connection).
+
+22.12.06
+! socks4 parent redirection fixed
+! Makefile.Solaris and Makefile.Solaris-gcc are corrected against -o problem
+  in Solaris.
+
+21.12.06
++ FAQ additions
+
+19.12.06
+! Fixed: POST request problem with NTLM authentication
++ Access to reload / exit status and proxy stringtable from plugin API
+
+05.12.06
+! Fixed: imcomlete pages through HTTP proxy (Internet Explorer hangs)
+! Minor changes in trafcount/bandlimit for better plugin compatibility
+
+30.12.06
+! Fixed: two 3xx replies on USER command in ftppr.
+
+27.11.06
+! Changed to SAFESQL because actually only Microsoft and Oracle
+  seems to follow ODBC standards.
+
+19.11.06
++ SITE command support in addition to OPEN for ftppr
+
+18.11.06
++ -I added to standalone services to be executed from inetd.
+
+14.11.06
+! Fixed behaviour on failed ODBC log attempt
++ Filtering HTTP request API now works
+
+10.11.06
++ Try to fallback to stdlog if odbclog fails
+
+07.11.06
++ Filtering API is partially implemented
+
+01.11.06
++ -h option added to use as default hostname:port for ftppr/pop3pr.
+
+15.10.06
+! WindowsAuthentication.dll version updated to match current internal
+  structures and changes in plugins API.
+
+13.10.06
+! Exit service on non-recoverable service error
+
+11.10.06
+! Fixed: hostname:xx causes name resolution problem (introduced on 09.10).
+! Fixed: wrong target ports for tcppm/udppm (introduced on 09.10).
+
+09.10.06
+! %Q and %q added to track requested IP/port. Hopefully also problems with
+  ACL checks on redirected applications are finally fixed.
+
+06.10.06
+! WindowsAuthentication.dll replaced with static version in distro
+
+04.10.06
+! Some compilation warnings cleaned
+! Back to static linking
+! Errors introduced with filters corrected
+
+03.10.06
+! Add .manifest files to distribution
+
+28.09.06
+! Compile 3proxy with msvcr80.dll
++ include msvcr80.dll into distribution
+
+27.09.06
++ FAQ updated.
++ Filtering functionality added (incomplete yet).
+! SOCKS BIND/UDPASSOC problems fixed (based on Artem Rebrov's patch)
+
+25.09.06
+! Traffic report name is now generated based on 'last traffic in report'
+  date/time and is not overwritten on service startup. Today traffic report
+  will only be seen tomorrow, but counters may be checked with 'countersutil'
+  or web interface.
+
+13.09.06
++ Examples of compatible log formats added to 3proxy.cfg.sample
+
+11.09.06
+! Name hash length changed from 64 to 128 bits.
+
+06.09.06
+! Documentation regarding to Unix compilation corrected
+
+
+05.09.06
+! Fixed: buffered input may double some data on empty reads
++ FTP diagnostics improved for FTP login problems
++ Add ".." to directory listing
+
+25.08.06
+! Fixed: endless loop on configuration parsing if ACL weekdays are given as
+  a comma delimited list (reported Andrey S. Alexeenko).
+
+23.08.06
+! Fixed: compilation under Solaris
++ Solaris/gcc Makefile added
+
+17.08.06
+! Fixed: NTLM authentication doesn't work for NT-encoded passwords
+! Fixed: offer NTLM authentication before basic
+
+15.08.06
+! Reset client address after hostname parsing
+! Warn on counterfile time_t incompatibility
+
+10.08.06
+! Fixed: \r's in few Makefiles
+
+09.08.06
+! Documentation corrections.
+
+04.08.06
+! Documentation corrections.
+
+28.07.06
+! Fixed: invalid traffic prediction for large downloads on traffic limits over
+  4GB.
+
+26.07.06
+! nbname auth rejects, if no NetBIOS name determined. Use
+  auth nbname,iponly
+  to emulate old behaviour
+! It's now possible to use "-" in ACLs to match empty username.
+! No need to specify L/G for filename template in "log" (local time is
+  always used).
+
+25.07.06
++ "log" command now supports same format specifications for filename template
+  as "logformat" (if filename contains '%' sign it's believed to be template).
+  As with "logformat" filename must begin with "L" or "G".
+
+08.07.06
+! nreads/nwrites/nconnects fields added to internal client paramters structure
+  for plugin developments
+
+07.07.06
+! FTP_DATA operation added for FTP data connection ACLs.
+
+04.07.06
+! Scripts/Makefiles corrections
+
+03.07.06
+! Fixed: dnspr 822 error on Windows (seems like a bug with multithreading on
+  latest Visual C compiler, ioctlsocket() resets parameters of setsockopt().
+! Fixed: wrong limit and traffic on counters on the web
+
+30.06.06
+! Fixed: wrong traffic displayed on web for traffic > 4GB
+
+28.06.06
+! Fixed path to binary in scripts/rc.d/proxy.sh
+
+27.06.06
+! Fixed: limitations for traffic over 1GB work incorrectly
++ Start/stop script example added to distribution
+
+22.06.06
++ -u parameter added to services to avoid username authentication request/usage
+
+16.06.06
++ Windows authentication plugin added to binary Windows distribution
+
+14.06.06
+! Added workaround for broken HTTP client (e.g. SUM - SUN update manager) with
+  incomplete URI in HTTP request.
+
+11.06.06
+! bind FTP data connection socket to external interface
++ FTPPR fully supports parent proxy (SOCKS 4/5, HTTPS/CONNECT)
++ FTPPR supports FTP_GET/FTP_PUT/FTP_LIST ACL actions limitations
+
+09.06.06
++ 'auth' can be used with few authentication types now. It makes it possible
+   to request password only on demand with
+   auth ipony strong
+
+08.06.06
+! 'admin' redirect type added for redirection to local web administration
+  service (works like admin -s).
+
+31.05.06
+! Log '-' instead of username if username exists but is empty
+
+29.05.06
+!!!! Warning: counters file format changed on Windows since 0.5.2
+     because of different sizeof(time_t) on Visual C++ 2005 compiler.
++ countersutil utility added to manage counters. To convert 3proxy.exe
+  0.5.2 counter file to 3proxy.exe current run
+  countersutil oldexport counterfile tmpfile
+  countersutil import counterfile tmpfile
+
+
+25.05.2006
+! Fixed: dnspr command lost from command list
+
+17.05.2006
+! Fixed: nobandlimin actually works like nobandlimout
+
+16.05.2006
+!! Fixed: crash if more than one "users" command in configuration
+! Fixed: timezone display for FreeBSD and Windows
++ added %o format specification for 3-character mOnth abbriviation
+! Fixed: check EINTR on poll() (avoids "Interrupted system call" in logs
+  and broken connection on USR1 signal.
+
+12.05.2006
+! Fixed: log rotation was broken after client code rewrite
+
+11.05.2006
+! Cleaned: "mypoll" error if compiled with GCC withoout WITH_POLL
+
+10.05.2006
+! Use SO_REUSEPORT if defined
+
+06.05.06
+! Minor HTTP proxy redirections code cleanup
+
+03.05.06
++ socks error codes improved
+
+02.05.2006
+! Fixed: compilation for Unix (plugins)
+
+01.05.2006
+! Fixed: names for authentication types turned back for compatibility
+! Fixed: no warning given for unknown authentication type
+! Fixed: bandlimout doesn't work if bandlimin presents for same connection
+
+30.04.2006
+! Fixed: nobandlimin/nobandlimout commands missed
+++ plugin command added to load dynamic library
+
+25.04.06
+! Internal structures moved to diffent header file
+
+20.04.06
+! Fixed: few problems with logging after latest modification (out of memory
+  reference on hostname).
+  SQL injections now are filtered even if \' is not in filtered characters.
+
+17.04.06
+! Few bugs introduced on 13.04 (especially 'nocountin' crash) fixed
+! Significant changes to internal structures
+! Compilation problems under Linux/Unix fixed
+
+13.04.2006
+! 3proxy.c configuration reading major code rewrite
+! Fixed: memory leaks on configuration reload
+! Changed from CreateThread to _beginthreadex according to MS reccomendations
+! Changed: FTP start data transfer code from 101 to 125 in FTPPR
++ NLST support added to ftppr
+
+05.04.2006
++ Minor documentation and help screen updates
+
+30.03.2006
+!! Windows distribution compiler changed to MSVC 8.0
+++ bin64 (Windows XP/2003 64 bit edition x64) added
+	
+29.03.2006
+! Socket leak fixed on FTP data connection failure under Windows
+! minor 64 bit compatibility code cleanup
++ x64/amd64 Windows XP/2003 64 bit edition makefile added
+
+24.03.2006
+! Minor FAQ dummy compatibility updates
+
+18.03.2006
++ Parameters descriptions and XML stylesheet added to webadmin services view
+! Potential problem (wrong type dereference) fixed in webadmin services
+
+12.03.2006
+! Restore sasize after receivefrom
+
+10.03.2006
+! Fixed: CONNECT with http parent 
++ bandlimout / nobandlimout implemented
+! Copyrights and banners fixed
+
+08.03.2006
+! Minor poll() code cleanup
+
+06.03.2006
+! Socks 4a name resolution fixed
+! Name resolution function was not cleared after configuration reload
+
+03.03.06
+! Print comments in traffic report
+
+26.02.06
+! Check POLLERR / POLLHUP for revents
+
+21.02.06
++ "monitor" command added to reload 3proxy if monitored file changes
+
+13.02.06
+! Some files are renamed for autotools compatibility
+
+07.02.06
+! Fixed: insufficient timeout on buffers flushing, leads to loss
+  of data if connection to client is worse than connection to server.
+
+06.02.06
++ -b (bufsize) parameter added to every service
+! flushing improved to prevent data loss at the end of output 
+
+03.02.06
+! Documentation corrected
+
+10.01.06
++ Documentation updated
+! Buffered UDP data loss on exit is fixed for sockmap
+
+30.12.05
+! Minor interface fixes
+
+27.12.05
++ English FAQ added
+
+20.12.05
+! Fixed: crash on counters in webadmin if "NONE" counter rotation type
+  is used.
+
+09.12.05
+! Use bind port from BIND request for SOCKSv5 server
+
+30.11.05
+! Do not buffer UDP packets
+
+30.11.05
+! Do not drop connection on unknown command
+
+29.11.05
+! Do not drop connection on POP3 CAPA.
+
+28.11.05
+! Fixed: recv() may be called with small buffer on UDPPM
+
+23.11.05
+! Fixed: programming bug in $ file inclusing
+! Fixed: webadmin conter type uses stack for return value
+
+17.11.05
++ Makefile.Solaris added, thanks to 'pqr'.
+! Cleaned pointer conversion warnings
+
+15.11.05
+! define PTHREAD_STACK_MIN if not defined to compile under Solaris
+! S_NONE renamed to S_NOSERVICE to compile under Solaris
+
+14.11.05
+! Linger period is set to STRING_L (60 sec default)
+
+10.10.05
+! Add some grace period to shutdown services before exit
+
+03.10.05
+! Linger added to FTP socket to avoid data loss on socket close
+
+29.09.05
++ Added H (hour) and C (minute) routation support to countin
+
+22.08.05
+! Fixed: UDP resolver (nserver) fails to resolve name if reply contains
+  no additional records (for example dnscache from djbdns).
+
+06.08.05
+!!Workaround added for Windows XP SP2 / Windows 2003 SP1 problem with
+  2 selects on single datagram socket. udppm -s and dnspr hang on random
+  time while sending packets to client, sometimes causing client timeouts.
+
+
+05.08.05
+! Fixed problem with UDP mappings
+! Workaround for strange Windows XP bug with sendto() delay for 2 secs
+  if no select() was performed on socket
+
+30.07.05
+! Error handling on SOCKSv5 parent improved
+
+28.07.05
++ Support for parent SOCKS4b/SOCKS5b (broken implementation with shortened
+  server reply) added. I never saw such server by they say there are.
+  socks4b, socks5b options for parent proxy.
+
+22.07.05
++ Name resolution for parent CONNECT, SOCKSv5 and SOCKSv4a proxy server
+  added, should work with "fakeresolve" option (connect+, socks4+
+  socks5+ options for parent proxy).
+
+13.07.05
+! Fixed: reading behind allocated memory in myrand() entropy
+  gathering function (leads to occasional craches) intrdoduced
+  on June, 20.
+
+12.07.05
+! Use client port only for portmappers
+! Code reviewed for possible double close()
+
+10.07.05
+! Improved quote handling in config files. No any string can be quoted
+  (for example Thi"s is a test" is same as "This is a test", fixed a
+  problem with using quotes with $ macro.
+
+01.07.05
++ Added RSA copyright text to 'mycrypt' to allow binary redistribution
+  for this tool only.
+
+22.06.05
++ try to use same (unprivileged) port as client for outgoing connections
+  for portmappers
+! admin -s now only shows counters related to user
+! Fixed: impossible to set traffic limit to even number of GB
+
+20.06.05
+! -a option corrected again (had inverted action)
++ -a1 option added to report random information about client IP
++ -s option added to 'admin' to allow safe-only commands (user mode)
+
+26.05.2005
+! -a option corrected
+
+25.05.2005
++ 'Y' (annually) option added to counters, logfile rotations, etc
++ -a (anonymous) option added to proxy server
+
+21.05.2005
+! socks: only allow UDP mapping from same IP with control connection
+! socks: always log network parameters for control connection
+! check timeout to be below 2000000
+
+20.05.2005
+! invalid sendto() argument fixed (may affect UDP mapping and sometimes
+  TCP under very rare configurations)
+! set sasize before sendto
+! socks checks requested address to be non-zero
+! socks checks requested port to be non-zero
+! socks: do not change UDP client parameters before UDP packet received
+
+19.05.2005
++ 'include' command added to 3proxy (include one config file from another
+   config file)
+! handle EAGAIN on send()/recv()
+
+18.05.2005
+! More detailed problem code in mapping code
+
+17.05.2005
+! Fixed typo with dnspr logging
+
+16.05.2005
++ dnspr can now resolve records different from hostname (request is proxied to
+  first DNS server in the list, reply is not cached).
+
+14.05.2005
+! Fixed: mishandled socket error in dnspr code
+
+13.05.2005
+! Few minor fixes in HTTP proxy code (timeout in initial handshake lefts
+  some garbage in request buffer).
+! Fixed short timeout in FTP proxy code
+! Mapping code is changed to leave unsent data on buffer
+
+06.05.2005
+! Prevent race conditions with 100% CPU usage in socksmap (introduced 30.04)
+
+03.05.2005
+! Fixed: double free() in authentication (probably introduced on 04.04)
+! Changed to POLLIN/POLLOUT/POLLPRI for more compatibility
+
+30.04.2005
+! Fixed: double free() in FTP over HTTP (probably introduced on 04.04)
+! Fixed: in very rare situation may loose some data at the and of connection
+
+27.04.2005
+! stack size increased (reported problems under some OSs)
+! Fixed: -l option for service executable leads to NULL-pointer reference
+!!! Moved from select() to poll() on *nix. Please upgrade your Makefiles.
+
+25.04.2005
+! set thread stack size explicitly to prevent problems with some Linux 2.6
+  kernels.
+
+22.04.2005
+! Never fallback to gethostbyname() if nameservers are configured to prevent
+  locking on *nix platforms
+!!Fixed: name resolution is called while mutex is locked in HTTP proxy
+  leading to long lasting blocking.
+
+21.04.2005
+! Fixed: dnspr returns A record of invalid class (fails with some resolvers)
+!! Socket I/O  is now non-blocking
+
+19.04.2005
+! bandlimits changed to avoid floating point operations
+
+11.04.2005
++ Log if new connections delayed because of too many accepted connections
+
+04.04.2005
+! Fixed few minor rare memory leaks
+
+03.04.2005
+! Fixed: HTTP proxy should ignore Content-Length for 304 response
+
+14.03.2005
+! MD5 password hashin within mycrypt utility fixed
+! dnspr logging now shows DNS server IP instead of resolved IP, resolver IP
+  is shown in additional info
+
+11.02.2005
+! Configuration reload removed from signal handler
+
+31.01.2005
+! Limit for maximum log string size increased to ~4K
+! large FD_SETSIZE and FD_SETSIZE check is not required under Windows
+
+28.01.2005
+! Fixed: -s options for udppm
+
+17.01.2005
+! Fixed: invalid IP may appear in logs and bandlimits on redirection
+
+13.01.2005
++ fakeresolve option added
+
+21.12.2004
+! Fixed: traffic limits are set improperly for traffic over 1Gb
+
+11.12.2004
+! 0.6 development started
+
+11.12.2004
+Commited as 0.5b
+11/12/2004 3[APA3A]tiny proxy 0.5b
+New features marked with !.
+
+ Features:
+  1. General
+	+ HTTP/1.1 Proxy with keep-alive client and server support,
+          transparent proxy support.
+	+ FTP over HTTP support.
+	+ DNS caching with built-in resolver
+	+ HTTPS (CONNECT) proxy
+	+ SOCKSv4/4.5 Proxy
+	+ SOCKSv5 Proxy
+	! UDP and bind support for SOCKSv5 (fully compatible with
+	  SocksCAP/FreeCAP for UDP)
+	+ Transparent SOCKS->HTTP redirection
+	! Transparent SOCKS->FTP redirection
+	! Transparent SOCKS->POP3 redirection
+	+ POP3 Proxy
+	! FTP proxy
+	! DNS proxy
+	+ TCP port mapper
+	+ UDP port mapper
+	+ Threaded application (no child process).
+	! Web administration and statistics
+  2. Proxy chaining
+	+ Parent proxy support for any type of incoming connection
+	+ Username/password authentication for parent proxy(s).
+	+ HTTPS/SOCKS4/SOCKS5 and redirection parent support
+	+ Random parent selection
+	+ Chain building (multihop proxing)
+  3. Logging
+	+ turnable log format compatible with any log parser
+	+ stdout logging
+	+ file logging
+	+ syslog logging (Unix)
+	+ ODBC logging (Windows and Unix)
+	+ log file rotation (hourly, daily, weekly, monthly)
+	+ automatic log file comperssion with external archiver (for files)
+	+ automatic removal of older log files
+	! Character filtering for log files
+	! different log files for different servces are supported
+  4. Access control
+	+ ACL-driven (user/source/destination/protocol/weekday/daytime or
+	combined) bandwith limitation
+	+ ACL-driven (user/source/destination/protocol/weekday/daytime or
+	combined) traffic limitation per day, week or month
+	+ User authorization by NetBIOS messanger name
+	+ Access control by username, source IP, destination IP, destination
+	port and destination action (POST, PUT, GET, etc), weekday and daytime.
+	+ Access control by username/password for SOCKSv5 and HTTP/HTTPS/FTP
+	+ Cleartext or encrypted (crypt/MD5 or NT) passwords.
+	+ Connection redirection
+	+ Access control by requested action (CONNECT/BIND, 
+	  HTTP GET/POST/PUT/HEAD/OTHER).
+	! NTLM authentication for HTTP proxy access
+	! All access controle entries now support weekday and daytime
+	limitations.
+  5. Configuration
+	+ support for configuration files
+	+ support for includes in configuration files
+	+ interface binding
+	+ running as daemon process
+	+ utility for automated networks list building
+     Unix
+	+ support for chroot
+	+ support for setgid
+	+ support for setuid
+	! support for signals
+     Windows NT/2K/XP/2K3
+	+ support --install as service
+	+ support --remove as service
+	+ support for service START, STOP, PAUSE and CONTINUE commands (on
+	PAUSE no new connection accepted, but active connections still in
+	progress, on CONTINUE configuration is reloaded)
+     Windows 95/98/ME
+	! support --install as service
+	! support --remove as service
+  6. Compilation
+	+ MSVC (msvcrt.dll)
+	+ Intel Windows Compiler (msvcrt.dll)
+	+ Windows/gcc (msvcrt.dll)
+	+ Cygwin/gcc (cygwin.dll)
+	+ Unix/gcc
+	+ Unix/ccc
+
+ Known bugs:
+
+	report to 3proxy@security.nnov.ru
+
+ Planned for future (0.6) release:
+   - External modules API
+   - Addon URL, antiviral, HTTP cache filters modules, authentication
+     modules for different protocols (RADIUS, PAM, integrated system, etc).
+
+$Id: Changelog,v 1.154 2006/03/08 18:44:00 vlad Exp $
+
+11.12.2004
++ man page for 3proxy.cfg added
+
+09.12.2004
+! restarting SQL on reloading configuration
+
+08.12.2004
+! Typo fixed in sockmap preventing portmappers from functioning
+
+06.12.2004
++ Network input is now buffered, decreasing CPU usage
+- Debugging printf() removed from ftppr
+
+30.11.2004
+!! Fixed: memory content may be leaked on FTP error in HTTP proxy
+! Few race conditions with double socket closing fixed in FTP proxy
++ Content-Length is checked to do not allow traffic overdraft via HTTP proxy
++ Connection now can be aborted due to traffic limit (code 90)
+
+24.11.2004
+! 333 error removed - no longer required
+
+23.11.2004
+! Deadlock in checkACL() (introduced 18.11) fixed
+
+20.11.2004
+! All mutex operation are now atomic to prvent deadlocks
+! Race conditions with bamdlimits on reload fixed
+
+18.11.2004
+! Mutex logic overwritten, should clear reload races completely
+! Fixed socket leak on some failed FTP operations
+! FD_SETSIZE increased, check for FD_SETSIZE added
+
+04.11.2004
+! Fixed: Maxconn limitation doesn't work, may lead to resource exhaustion
+  attacks
+! Fixed: reference to unallocated memory if fails to create new thread
+  (may lead to crash together with previous bug).
+
+03.11.2004
+! Fixed: Wrong type for "ace.users" in datatypes.c
+! Partially fixed: race conditions on reload in alwaysauth()
+
+02.11.2004
+! race condition in sql_init on reload fixed
+! minor code cleanup
+! typo with SQL deadlock introduced on last fix fixed
+! checked few memory allocation calls missed with debug library (myalloc)
+
+30.10.2004
+! Fixed: minor memory leak on SQL error
+
+28.10.2004
++ HTTP parent redirection for FTP requests
+
+23.10.2004
+! Fixed: access to free()'d memory in ODBC functions after few 
+  configuration reloads
+! Configuration reload is more (but not yet completely) thread safe 
+  now.
+
+17.10.2004
+! Fixed: Content-Type: missed in web interface
+
+16.10.2004
+! Fixed: log may show invalid IP/port for parent proxy connection
+
+12.10.2004
+- Debug printing to stdout in webadmin removed
+
+11.10.2004
+! Race conditions fixed, could cause 3proxy to crash on configuration reload
+
+28.09.2004
+! Limitation for maximum string length in config file removed (for included files)
+
+26.09.2004
+! Typo corrected preventing compilation under *nix
+
+18.09.2004
+! URL decoding corrected (affect HTTP over FTP clients)
++ "writable" command added to allow config modification via Web interface
++ Config file can be edited via web interface
+
+14.09.2004
+! Crash on HTTP redirections introduced on 08.09 fixed.
+
+11.09.2004
++ Weekday based access control is now possible
++ Time based access control added
+! Speed improved in ACL checks
+
+08.09.2004
++ * can be used as external username with a meaning of username should be
+  requested from user.
++ %n1-n2T is now available in logformat to log only few field of service
+  specific text
++ -t (silent start) option added
+
+20.08.2004
+! Yesterday fix was broken, corrected.
+
+19.08.2004
+! Fixed: target address is logged instead of proxy address in a case
+  of redirection
+
+09.08.2004
+! Fixed: under *nix if service fails to bind() port for few hours it falls
+  into endless loop with logging and high CPU usage.
+
+03.08.2004
+! Fixed: select() changes tv value on some Linux kernels (100% CPU usage)
+
+02.08.2004
+! Fixed: wrong initialization for counter descriptor (causes some stdout
+  noise).
+! Fixed: no HTTP proxy diagnostic message if host name doesn't resolve
+! Fixed: NULL pointer crash if no format specified
+
+30.07.2004
+! Few bugs with counters and bandlimits introduced yesterday fixed
+
+29.07.2004
+! Fixed few memory leaks on restart
+! Some code cleanup for configuration information storing
++ Statistics extended
++ Added "Zombie" threads support (service thread waiting for child shutdown
+  to exit).
++ Every service can now have different log format and character filtering
++ It's now possible to set logformat for service from command line
+
+28.07.2004
+! Fixed: ACLs are not cleared on reload
+! Fixed: bind() warnings on reload under *nix
+!! Fixed potential race conditions DoS on some Unix systems with thread
+   exit on aborted connection (accept(): Software caused connection abort)
+
+24.07.2004
++ Web interface shows information about all currently running services and
+  clients (plain format just for debugging, will be rewrtitten later)
+
+23.07.2004
+! Fixed: wrong external ip/port in logs sometimes on internal redirection
++ HowTo and FAQ (Russian) added to documentation, documentation corrected
+
+22.07.2004
++ Added logging options for request duration and average send/recieve
+  speed per request
+
+20.07.2004
+! Changed default password for anonymous FTP
+! Improved diagnostic messages for FTP over HTTP errors
+
+19.07.2004
+! Changed FTP behaviour for some RFC ignorant sites
+
+17.07.2004
++ services and clients are now registered for future extensions
+! counters show wrong result problem introduced yesterday fixed
+! fixed descriptor leak on configuration reload
+! fixed theoretical problem with client number limitations
+! few theoretical mutex leaks fixed
+
+16.07.2004
++ 3proxy can now read configuration from stdin under *nix,
+  3proxy.cfg can be executable 
++ 'config' command added to allow 3proxy reload configuration in chroot'ed
+  environment or if configured from stdin.
++ 'end' command added
++ Man pages in HTML added
+
+14.07.2004
+! Minor casting issues, Unix compilation issues fixed
++ counters sample added
+
+13.07.2004
++ Configuration improved and repacked
+
+08.07.2004
+! Problem introduced yesteday (after rotation logs do not print to
+  logfile) fixed.
+
+07.07.2004
+! Fixed FTP behaviour on RFC ignoring FTP sites (ftp.drweb.ru).
+! Config file example updated with FTP proxy service configuration
++ Logging changed to allow personal log files for every service (without
+  rotation) and to work on older FreeBSD systems.
+
+05.07.2004
+! Fixed call to free'ed memory (could cause crash on reloading 3proxy
+  configuration in 0.5b-devel after 28.06.2004)
+
+30.06.2004
+! Fixed redirection crash if parent username/password is not specified
+! Fixed documentation buf (%h instead of %n for hostname in logformat)
+
+28.06.2004
+! Minor changes in error messages generation
+
+25.06.2004
+! distributive repacked, some Russian documentation by Kirill Lopuchov
+  added
+
+24.06.2004
+! realm sometimes is not shown in proxy-authentication
+
+23.06.2004
+! fixed maxconn parameter was not set to default value on proxy reload.
+! fixed typo in pop3p causing it to fail
+
+22.06.2004
+! ftppr.c typo corrected, preventing compilation under unix.
+
+19.06.2004
++ FTP proxy (compatible with both USER and OPEN mode). Redirection to
+  FTP proxy from SOCKS
+
+18.06.2004
++ Local redirection to POP3 proxy is now awailable.
+! Fixed race conditions with double socket closing in POP3 proxy
+
+17.06.2004
+!! Threading problem causing minor memory leak and preventing 3proxy
+   from functioning under few OS versions (including Linux) after
+   some number of requests fixed.
+
+16.06.2004
+! Authentication problem introduced on 05.06 fixed
+
+15.06.2004
+! FTP over HTTP proxy supports spaces, quotes and 0x255 in filenames.
+!! Potential security risk fixed: FTP password may appear in log if
+   URL ftp://user:password@server is used.
+
+09.06.2004
+! NTLM is enabled by default. Use proxy -n to disable NTLM for proxy service
+  (for example, if crypt passwords are used).
+
+05.06.2004
+!! Potential security leak fixed: POP3 proxy password can appear in log if
+   proxy username is configured as proxyuser:proxypassword:pop3user@pop3server
+   in POP3 client program
+! Child invocation code rewritten to avoid code dupclication.
+
+27.05.2004
+! Reloading is now fast (new thread starts before old one dies)
+! Milliseconds are printed as .3 (not .4) in logs
+
+22.05.2004
++ Reload command added to Web interface and SIGUSR1 handling
+! Problem fixed: no mode is given to open() with O_CREAT for counter files,
+  counter file can be created as read only under Windows or with invalid mask
+  under Unix.
+! Do not fail if bind() fails
+! Setsockopt for integer options corrected
+! REUSEADDR added to avoid "Address already in use" problem if restarted
+  under Unix
+
+18.05.2004
++ Installation/removal as a service under Windows 95/98/ME now supported.
+
+17.05.2004
+! Fixed: 3proxy hangs on socket error during config reading
+
+14.05.2004
+! For HTTP proxy NTLM authentication both ntlm and basic are now advertized
+  to client for compatibility
+! Optimization parameters are changed and stack protection is turned on for
+  MSVC (Windows default) compilation.
+! Fixed: exiting thread shows last client IP in log
+  
+
+27.04.2004
+! Fixed: Microsoft domain authentication to web server may fail via
+  transparent HTTP proxy with some IE versions.
+! HTTP HEAD now recognized
+
+23.04.2004
+! Fixed compilation issues under Unix
+
+22.04.2004
++ Configuration now can be dynamically reloaded with
+  net pause 3proxy / net continue 3proxy or by sending SIGPAUSE twice
+  without breaking connections
+! 3proxy is now distributed compiled with Microsoft Visual C++, thanx
+  to MS for releasing "Microsoft Visual C++ Toolkit 2003" for free.
+! Few bugs introduced in latest versions (username/password for parent proxy,
+  dnspr and single packet UDP are fixed)
+
+13.04.2004
++ NTLM authentication for proxy server (yes, it works under *nix). It will
+  not work with crypt password, only CL or NT. Use proxy -n to allow NTLM.
+! potential DoS (NULL pointer) condition fixed in configuration with crypted
+  passwords
+
+08.04.2004
++ %n (hostname) added to logformat
+
+05.04.04
+! compilation problem under Unix fixed
+
+01.04.04
+! problem with portmappers fixed (introduced on last modification)
+
+20.03.04
++ FTP messages are shown now
+! FTP problem with links with absolute paths fixed
+! No more authentication requested for user if ACL denies access to resource
+  in HTTP proxy.
+! ACLs are now stored in predefined container. It's required for future
+  improvement (Cisco-like ACL configuration and configuration reload without
+  restarting proxy). As a backside, number of ACLs is now limited to 256.
+! Function for configuration reading implemented for future improvements.
+
+12.03.2004
+! error text generation changed for pthread_create (use return code
+  instead of errno). Memory leak on failed pthread_create fixed.
+
+02.03.2004
+! Transparent proxy fixed to work with ports different from 80.
+! Workarond for Internet Explorer invalid Host: header bug
+
+28.02.2004
++ -+ options added to logformat for character filtering
+! ' character now filtered only if logged via ODBC
+! few bugs fixed in ODBC logging reliability code. Now 3proxy should better
+  handle broken database connections.
+
+26.02.2004
+! user32 added to library list for MSVC
+
+24.02.2004
+! Ask installation confirmation before installation
+
+23.02.2004
+! ttl now is real for DNS proxy proxy reply
+
+21.02.2004
++ dnspr - DNS caching proxy added to 3proxy module. Listens on UDP/53
+  and answers hostname requests. Requires nserver/nscache to be configured.
+! 3proxy wanrs user if installed as Windows service
+! 3proxy child threads are now started faster
+
+22.01.2004
+! mutex deadlock fixed if gethostbyname() is used under Unix
+
+19.01.2004
+! compilation issue fixed for MSVC (definition inside code)
+
+15.01.2004
+! bug fixed in configuration reading getip() called befor WSAStartup
+  (thanks to Kerd)
+! bug fixed with parent CONNECT proxy (thanks to Kerd)
+
+11.01.2003
++ Few man pages added
+
+06.01.2003
++ now it's possible to use "" inside quotation for double quote sign (for
+  example "say ""hello world"""
+
+04.01.2004
++ maxconn configuration option added
+
+19.12.2003
++ New "safe" memory allocation library implemented. It may slow down
+  performance but is thread safe and never cause memory fragmentation.
+! Memory leak in redirection SOCKS->HTTP fixed
+
+11.12.2003
+! Memory leak in UDPPM fixed
+
+29.11.2003
++ Copyrights added to banners
+!! Few signed/unsigned mismatches fixed (including potentially dangerous)
+
+27.11.2003
+! 'redirect' now can be used with hostname instead of ip address
+
+21.11.2003
+! POP3 proxy bug fixed
+
+04.11.2003
+! '@' situation in username for POP3 proxy corrected 
+  (pop3name@pop3realm@pop3server)
+
+03.11.2003
+! One more bug with 'archiver' causing 3proxy to crash on log archieving
+  fixed
+
+29.10.2003
+! Some threading safety is added for logging (inet_ntoa and ODBC
+  re-initialisation)
+
+28.10.2003
+! Bug causing daily log filename to work as weekly fixed
+! 'daemon' example moved to beginning of configuration file
+
+16.10.2003
++ pidfile configuration option added
++ processing for SIGCONT (pause/resume) and SIGTERM (termination) added
+  under Unix
+
+01.10.2003
+! Weekly log filename now is generated by the date of last Sunday.
+! Do not strip executable for Unix (must be stripped during installation).
+
+21.09.2003
+! Bug fixed in "log" command processing (wrong buffer was used
+  for filename generation)
+
+16.09.2003
+! socksmapping algorythm changed to handle incomlete send() (for *BSD).
+
+15.09.2003
+! mutex added to gethostbyname() to avoid thread unsafety. It slows
+  down proxy if no nserver configured (it MUST be for *nix!) but prevents
+  crashing on active usage.
+! signal() handling is added for SIGPIPE. It seems to be some race conditions
+  on FreeBSD between send() and gethostbyname() somewhere causing SIGPIPE on
+  gethostbyname().
+
+13.09.2003
+! NULL reference corrected if rotate is given without archiver
+
+11.09.2003
+! Few additional checks added for open()/fopen() to do not crash on invalid
+  files in config
+! Buffer moved from stack to heap in socks.c to eliminate crash on FreeBSD
+
+10.09.2003
+! Bug in SOCKSv5 UDP mapping corrected. Now it works fine (checked with
+  Unreal Tournament) with both SocksCAP and FreeCAP.
+
+06.08.2003
+! Algorithm for SOCKS5 bind/udp assoc port selection is now intellegent
+  enough to allow server applications to use same port number on socks
+  server if available and not denied by access list
+! SOCKS5 bind/udp assoc now matches incoming connections/packet
+  with IP address from request in accordance to RFC 1928 to improve
+  security
+
+04.08.2003
+!!! Bug fixed sometimes causing 3proxy to crash if parent proxy is used
+!!! UDP associate finaly completed and is fully functional
+    (tested with SocksCAP on Unreal Tournament). 
+!!! TCP bind code re-checked, and is probably working (doesn't work
+    on SocksCAP because of SocksCAP bug
+!!! Socket leak on nbname auth fixed
+
+21.07.03
++ Web administration module created
++ Dynamic enable/disable for counters now available via web interface
+
+19/07/2003 3[APA3A]tiny proxy 0.4
+New features marked with !.
+
+ Features:
+  1. General
+	+ HTTP/1.1 Proxy with keep-alive client and server support,
+          transparent proxy support.
+	! FTP over HTTP support.
+	! DNS caching
+	+ HTTPS (CONNECT) proxy
+	+ SOCKSv4 Proxy
+	+ SOCKSv5 Proxy (TCP only)
+	+ Transparent SOCKS->HTTP redirection
+	+ POP3 Proxy
+	+ TCP port mapper
+	+ UDP port mapper
+	+ Threaded application (no child process).
+  2. Proxy chaining
+	+ Parent proxy support for any type of incoming connection
+	+ Username/password authentication for parent proxy(s).
+	+ HTTPS/SOCKS4/SOCKS5 and redirection parent support
+	+ Random parent selecttion
+	+ Chain building (multihop proxing)
+  3. Logging
+	+ turnable log format
+	+ stdout logging
+	+ file logging
+	+ syslog logging (Unix)
+	+ ODBC logging (Windows and Unix)
+	+ log file rotation (hourly, daily, weekly, monthly)
+	+ automatic log file comperssion with external archiver (for files)
+	+ automatic removal of older log files
+  4. Access control
+	! ACL-driven (user/source/destination/protocol or combined) bandwith
+	limitation
+	! ACL-driven (user/source/destination/protocol or combined) traffic
+	limitation per day, week or month
+	+ User authorization by NetBIOS messanger name
+	+ Access control by username, source IP, destination IP, destination
+	port and destination action (POST, PUT, GET, etc).
+	+ Access control by username/password for SOCKSv5 and HTTP/HTTPS/FTP
+	+ Cleartext or encrypted (crypt/MD5 or NT) passwords.
+	+ Connection redirection
+	+ Access control by requested action (CONNECT/BIND, 
+	  HTTP GET/POST/PUT/HEAD/OTHER).
+  5. Configuration
+	+ support for configuration files
+	+ support for includes in configuration files
+	+ interface binding
+	+ running as daemon process
+	+ utility for automated networks list building
+     Unix
+	+ support for chroot
+	+ support for setgid
+	+ support for setuid
+     NT
+	+ support --install as service
+	+ support --remove as service
+	+ support for service START, STOP, PAUSE and CONTINUE commands (on
+	PAUSE no new connection accepted, but active connections still in
+	progress)
+  6. Compilation
+	+ MSVC (msvcrt.dll)
+	+ Intel Windows Compiler (msvcrt.dll)
+	+ Windows/gcc (msvcrt.dll)
+	+ Cygwin/gcc (cygwin.dll)
+	+ Unix/gcc
+	+ Unix/ccc
+
+ Known bugs:
+
+	- udppm doesn't work if compiled with cygwin. 
+
+	  Cygwin doesn't support recvfrom()/sendto() on connected socket, so
+	  recv/send is used instead... Not a big deal anyway.
+
+
+ Planned for future release:
+   - Web interface for configuration
+   - Signal handling on Unix (for stop/pause/resume/configuration change)
+   - External filter API
+   - Addon URL, antiviral, HTTP cache filters
+
+17.07.03
++ ODBC changed to re-establish broken connection
+
+11.06.03
+! #ifndef NOSQL changed to NOODBC
+
+22.05.03
++ strong auth now supported for POP3 proxy. Now, username can be in format
+  proxy_username:proxy_password:POP3_username@pop3server
+
+30.04.03
+! redirect function now do not change code of traffic limit error
+
+24.04.2003
+! -M changed to -D for *nix makefiles
+
+18.04.2003
+! HTTPS behaviour breaked by latest patches restored
+
+15.04.2003
+! fixed handling of special characters and non-existing files in
+  FTP over HTTP proxy.
+
+12.04.2003
+! fixed behaviour of HTTP proxy on RFC-incompatible web servers (banners
+  exchanges, price.ru, etc) - they terminate string with \n instead of
+  \r\n.
+
+10.04.2003
++ nsrecord and dialer commands added
+! Name resolution now occures right before authorization to prevent
+  unauthenticated users from performing NS lookups and demand dial.
+
+05.04.2003
++ N (Never) option value added for counters refreshing
+
+29.03.2003
++ !!! FTP support for HTTP proxy added. 
+
+25.03.2003
+! Socks 4 bug fixed (was visible in Netscape)
++ Socks 4.5 support added (not tested)
+! !! UDP portmapper code fixed
+
+24.03.2003
+! Timeout, close on closed socket and FD bugs fixed in UDPPM
+
+21.03.2003
++ Proxy-Authorization now works for CONNECT (HTTPS proxy).
+
+07.03.2003
+! counter command extended to allow traffic reports
+
+02.03.2003
+! Bandwidth/Traffic limiting problems fixed
+! gethostbyname() argument limited to 256 characters. It may be significant
+  for Windows
+
+27.02.2003
++ !!! Traffic limitting feature added (counter/countin/nocountin)
+
+26.02.2003
+! nobandlim processing changed
+! bandlim/nobamdlim commands renamed to bandlimin/nobandlimin
+
+22.02.2003
++ !!! Bandwidth limiting features added (bandlim and nobandlim commands)
+
+18.02.2003
++ Mutext support added for inter-thread data access. Should improve stability.
+- debugging printf() removed from proxy, typo fixed in auth.c
+
+10.02.2003
+! Changed to use WSASocket()/WSAAccept() instead of socket()/accept() under
+  Windows
+
+30.01.2003 
+! Version of gcc changed (3.2).
++ nscache option added to 3proxy configuration for DNS cache. For a while
+  caching is primitive (with no expiration).
+
+27.01.2003
+- \n removed from perror() calls
+
+27/01/2003 3[APA3A]tiny proxy 0.3b.
+New features are marked with !.
+
+ Features:
+  1. General
+	+ HTTP/1.1 Proxy with keep-alive client and server support,
+          transparent proxy support.
+	! HTTPS (CONNECT) proxy
+	+ SOCKSv4 Proxy
+	+ SOCKSv5 Proxy (TCP only)
+	! Transparent SOCKS->HTTP redirection
+	+ POP3 Proxy
+	+ TCP port mapper
+	+ UDP port mapper
+	+ Threaded application (no child process).
+  2. Proxy chaining
+	! Parent proxy support for any type of incoming connection
+	! Username/password authentication for parent proxy(s).
+	! HTTPS/SOCKS4/SOCKS5 and redirection parent support
+	! Random parent select
+	! Chain building (multihop proxing)
+  3. Logging
+	! turnable log format
+	+ stdout logging
+	+ file logging
+	+ syslog logging (Unix)
+	! ODBC logging (Windows)
+	+ log file rotation (hourly, daily, weekly, monthly)
+	+ automatic log file comperssion with external archiver (for files)
+	+ automatic removal of older log files
+  4. Access control
+	+ User authorization by NetBIOS messanger name
+	+ Access control by username, source IP, destination IP and destination
+	port
+	+ Access control by username/password for SOCKSv5 and HTTP
+	+ Cleartext or encrypted (crypt/MD5 or NT) passwords.
+	+ Connection redirection
+	! Access control by requested action (CONNECT/BIND, 
+	  HTTP GET/POST/PUT/HEAD/OTHER).
+  5. Configuration
+	+ support for configuration files
+	+ support for includes in configuration files
+	+ interface binding
+	+ running as daemon process
+	! utility for networks list building
+     Unix
+	+ support for chroot
+	+ support for setgid
+	+ support for setuid
+     NT
+	+ support --install as service
+	+ support --remove as service
+	+ support for service START, STOP, PAUSE and CONTINUE commands (on
+	PAUSE no new connection accepted, but active connections still in
+	progress)
+  6. Compilation
+	+ MSVC (msvcrt.dll)
+	! Intel Windows Compiler (msvcrt.dll)
+	+ Windows/gcc (msvcrt.dll)
+	+ Cygwin/gcc (cygwin.dll)
+	+ Unix/gcc
+	! Unix/ccc
+
+ Known bugs:
+
+	- udppm doesn't work if compiled with cygwin. 
+
+	  Cygwin doesn't support recvfrom()/sendto() on connected socket, so
+	  recv/send is used instead... Not a big deal anyway.
+
+
+ Planned for future release:
+   - FTP proxy support
+   - Web interface for configuration
+   - Signal handling on Unix (for stop/pause/resume/configuration change)
+   - External filter API
+   - Addon trafficshape, URL, antiviral, HTTP cache filters
+
+
+27.01.2003
+!!!!!!!!!!!!!!!!!!!
+! Tagging as 0.3b !
+!!!!!!!!!!!!!!!!!!!
+
+24.01.2003
+- Fixed to use INVALID_SOCKET instead of -1 (for Windows compatibility)
+- Fixed problem with threading support under gcc. Now ODBC logging seems
+  to work always.
+! strncasecmp removed. Changed to use strnicmp for Windows.
+
+21.01.2003
+! 0.3 development frozen to only bugfixes
+- bug fixed causing 3proxy to crash with NULL pointer reference on
+  transparent web redirection
+- SQL support removed from default (gcc) compilation
+
+20.01.2003
++ ODBC logging (yeah!). For a while it works stable only if compiled with
+  MSVC or Intel compiler.
+
+17.01.2003
+- bug introduced yesterday into CONNECT code cleaned
+
+16.01.2003
++ timeouts command added
+
+13.01.2003
+- daemonizing code changed to work correctly on buggy libc (FreeBSD)
+  (pthread_* doesn't work after daemon())
+- logging code changed to work correctly on buggy libc (FreeBSD 4.4)
+  (freopen "a" mode doesn't work as expected on stdout)
+
+12.01.2003
+! License is changed to prohibit modification and commercial use
+
+11.01.2003
+! All makefiles are made uniform
++ Makefiles for Compaq C complier (Makefile.ccc) and Intel C Compiler for
+  Windows (Makefile.intl) added
++ Makefile.msvc added for Microsoft Visual C Compiler
+! proxy.dsp removed
+
+10.01.2003
++ Now checked to compile with Compaq C Compiler under linux on alpha platform
++ logformat configuration command added for custom log entry format
+! Unix version changed to use gettimeofday instead of ftime to avoid -lcompat
+  issue.
+
+09.01.2003
+! Randomizer changed for proxy chaining
+! Code cleaned: Makefile, signed/unsigned conversions, etc.
+! Typo fixed preventing from compilation under *nix
+
+08.01.2003
++ dateformat command added
+! Log format changed!!!
++ Control for different operations (CONNECT,BIND,HTTP_*, etc) added to ACL,
+  see 3proxy.cfg.sample
+
+25.12.2002
++ Proxy chaining now is fully operational!!!!!
++ SOCKSv4 and SOCKSv5 client code added for chaining
++ HTTP connect authentication added for chaining
++ Parent authentication for HTTP proxy added
+- Problem with "Connection: close" resolved (if HTTP server time outs or closes
+  connection).
+
+24.12.2002
++ Proxy chaining works!!! (for a while only HTTP CONNECT proxies
+  are supported and no parent authentication). Logging is updated to
+  include number of redirections (parent proxies) in square brackets.
+  See config.sample for example of "parent" command.
+
+23.12.2002
+! Transparent proxy operations improved, logging corrected
++ Added base code for proxy chaining
+! Redirection code rewritten
+
+23.12.2002
++ UDP ASSOCIATE added (but not tested) to SOCKS.
+! Additional logging added to socks proxy
++ Local HTTP proxy redirection added (for SOCKS).
+
+01.12.2002
+! closesock() problem _finally_ patched...
+
+30.11.2002
+! Makefile.unix corrected
+! Do not process $ in included files for 3proxy.cfg
+! Common error codes are unified
+
+29.11.2002
++ nserver example added to 3proxy.cfg.sample
+
+28.11.2002
+- fixed closesock() instead of close() call on 3proxy.cfg included files
+  for native Windows.
+
+27.11.2002
+! Minor changes in docummentation
++ dighosts utility added
+
+22.11.2002
+- Few problems corrected in logfiles rotation
+
+20.11.2002
+- SOCKSv5 bind() reply corrected.
+
+19.11.2002
++ internal resolver added to avoid usage of thread unsafe gethostbyname().
+  nserver configuration option added to config file.
+! HTTP proxy behaviour slightly changed to be more compatible.
+
+06/11/2002 3[APA3A]tiny proxy 0.2b Initial release.
+
+ Features:
+  1. General
+	+ HTTP/1.1 Proxy with keep-alive client and server support,
+          transparent proxy support.
+	+ SOCKSv4 Proxy
+	+ SOCKSv5 Proxy (TCP only)
+	+ POP3 Proxy
+	+ TCP port mapper
+	+ UDP port mapper
+	+ Threaded application (no child process).
+  2. Logging
+	+ stdout logging
+	+ file logging
+	+ syslog logging (Unix)
+	+ log file rotation (hourly, daily, weekly, monthly)
+	+ automatic log file comperssion with external archiver (for files)
+	+ automatic removal of older log files
+  3. Access control
+	+ User authorization by NetBIOS messanger name
+	+ Access control by username, source IP, destination IP and destination
+	port
+	+ Access control by username/password for SOCKSv5 and HTTP
+	+ Cleartext or encrypted (crypt/MD5 or NT) passwords.
+  4. Configuration
+	+ support for configuration files
+	+ support for includes in configuration files
+	+ interface binding
+	+ running as daemon process
+     Unix
+	+ support for chroot
+	+ support for setgid
+	+ support for setuid
+     NT
+	+ support --install as service
+	+ support --remove as service
+	+ support for service START, STOP, PAUSE and CONTINUE commands (on
+	PAUSE no new connection accepted, but active connections still in
+	progress)
+  5. Compilation
+	+ Microsoft VC++ (msvcrt.dll)
+	+ Windows/gcc (msvcrt.dll)
+	+ Cygwin/gcc (cygwin.dll)
+	+ Unix/gcc
+
+ Known bugs:
+
+	- udppm doesn't work if compiled with cygwin. 
+
+	  Cygwin doesn't support recvfrom()/sendto() on connected socket, so
+	  recv/send is used instead... Not a big deal anyway.
+
+	- socks5 doesn't work with UDP
+
+	  Not implemented yet
+
+ Planned for future release:
+   - UDP implementation in SOCKSv5
+   - Signal handling on Unix (for pause/resume)
+   - External filter API
+   - Addon trafficshape, URL, antiviral, HTTP cache filters
+
+06.11.2002
+!!MARK IT 0.2beta
+! Using UPX to compress 3proxy.exe
+
+
+02.11.2002
++ HTTP proxy now supports kepp-alive connections to HTTP server or proxy.
+  It dramatically decreases number of outgoing connections and amount of DNS
+  traffic.
+
+01.11.2002
++ Now proxy can catch Web server style requests. It means proxy
+  may be used as a transparent proxy. Yes. It means you can redirect
+  SOCKS requests with target 80 to HTTP proxy.
+! Port check in ACL fixed
+! Now proxy catches redirection by changed destination IP or port. If
+  you redirect request to web server make sure it supports proxy style
+  requests (IIS and Apache do).
++ HTTP proxy supports keep-alive. Now number of threads required
+  significantly reduced.
++ HTTP CONNECT fully supported (both direct and redirected to another proxy).
+  Now you can use our proxy for HTTPs. Or for spam :) Don't forget to set ACL
+  for outgoing ports, cause now ports are not limited.
+
+26.10.2002
++ mycrypt utility added for making crypted passwords in NT and crypt/MD5
+! ACL check for strong auth corrected
++ HTTP proxy support for authentication (basic). Now you can use strong
+  username/password authentication with proxy module.
++ Error messages added for HTTP proxy
+
+25.10.2002
++ NT passwords are now supported in 3proxy.cfg
+! Public License Agreement changed to be more clear
+
+24.10.2002
+! Fixed handle leak because of missed CloseHandle for threads in Windows
+
+23.10.2002
+! Fixed POP3 proxy bug
+! Strong auth changed to allow rules with * for username
++ MD5 crypt format passwords is now supported... Do we ever need DES?
+  I will not implement blowfish - it's huge and rarely used.
++ More comments added to 3proxy.cfg.sample
+
+21.10.2002
+! Fixed strongauth problem - ACL was not checked for authenticated
+  SOCKSv5 users
+
+16.10.2002
++ Added support for SOCKSv5 cleartext password authentication
++ "strong" authentication is now OK (use it only for SOCKS)
++ added "users" config file command to specify username and password. Only
+  cleartext for a while.
+
+20.09.2002
+! Minor improvements in socket operations
+
+17.09.2002
+! HTTP proxy changed to do not strip hostname from URI if target port is not
+  80. It allows to redirect requests to another proxy as well as redirect to
+  different Web server via ACL. It will work for most servers (IIS, Apache)
+  if target redirected to non-standard port of Web server, but may fail in
+  some rare cases. Redirection to proxy should always work OK except if proxy
+  is on TCP/80.
++ Added "redirect" ACL command. You can redirect request to another destination
+  if ACL entry matches (that is by target or source IP, target port, username).
+! Fixed documentation bug in 3proxy.cfg.sample ("authtype" instead of "auth")
+! Fixed bug causing server to exit in native Win32 mode if "service"
+  configuration option is not configured
+! Outgoing SOCKS connections are handled in common way now.
+
+07.09.2002
++ added binding to external interface for outgoing connections
+! Fixed bug causing username check in ACL always fail
++ Added ACL check for UDP map
++ Added "Single packet" services to UDP portmap (-s switch). Allows unlimited
+  number of clients to be handled by portmapper for single-packet services
+  (like DNS).
+
+06.09.2002 3[APA3A]tiny proxy 0.1b initial release
+
+ Features:
+  1. General
+	+ HTTP/1.0 Proxy
+	+ SOCKSv4 Proxy
+	+ SOCKSv5 Proxy (TCP only)
+	+ POP3 Proxy
+	+ TCP port mapper
+	+ UDP port mapper
+	+ Threaded application (no child process).
+  2. Logging
+	+ stdout logging
+	+ file logging
+	+ syslog logging (Unix)
+	+ log file rotation (hourly, daily, weekly, monthly)
+	+ automatic log file comperssion with external archiver (for files)
+	+ automatic removal of older log files
+  3. Access control
+	+ User authorization by NetBIOS messanger name
+	+ Access control by username, source IP, destination IP and destination
+	port
+  4. Configuration
+	+ support for configuration files
+	+ support for includes in configuration files
+	+ interface binding
+	+ running as daemon process
+     Unix
+	+ support for chroot
+	+ support for setgid
+	+ support for setuid
+     NT
+	+ support --install as service
+	+ support --remove as service
+	+ support for service START, STOP, PAUSE and CONTINUE commands (on
+	PAUSE no new connection accepted, but active connections still in
+	progress)
+  5. Compilation
+	+ Microsoft VC++ (msvcrt.dll)
+	+ Windows/gcc (msvcrt.dll)
+	+ Cygwin/gcc (cygwin.dll)
+	+ Unix/gcc
+
+ Known bugs:
+
+	- udppm doesn't work if compiled with cygwin. 
+
+	  Cygwin doesn't support recvfrom()/sendto() on connected socket, so
+	  recv/send is used instead... Not a big deal anyway.
+
+	- udppm works without authentication
+
+	  Will be patched later.
+
+	- socks5 doesn't work with UDP
+
+	  Not implemented yet
+
+ Planned for future release:
+   - Improvements to UDP portmapping
+   - UDP implementation in SOCKSv5
+   - Ident authorization
+   - SOCKSv5 password authentication
+   - Signal handling on Unix (for pause/resume)
+   - External filter API
+   - Addon trafficshape, URL, antiviral, HTTP cache filters
+   - HTTP/1.1 support
+
+
+$Id: Changelog,v 1.154 2006/03/08 18:44:00 vlad Exp $

Makefile.Linux

@@ -0,0 +1,98 @@
+#$Id: Makefile.Linux,v 1.24 2014-04-07 20:34:57 vlad Exp $
+#
+# 3 proxy Makefile for GCC/Linux/Cygwin
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# remove -DNOODBC from CFLAGS and add -lodbc to LDFLAGS to compile with ODBC
+# library support. Add -DSAFESQL for poorely written ODBC library / drivers.
+
+BUILDDIR =
+CC = gcc
+
+CFLAGS = -Wall -g -O2 -c -pthread -DGETHOSTBYNAME_R -D_THREAD_SAFE -D_REENTRANT -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -DWITH_POLL
+COUT = -o 
+LN = gcc
+DCFLAGS = -fpic
+LDFLAGS = -Wall -O2 -pthread
+DLFLAGS = -shared
+DLSUFFICS = .ld.so
+# -lpthreads may be reuqired on some platforms instead of -pthreads
+LIBS = -lcrypto -lssl -ldl 
+LNOUT = -o 
+EXESUFFICS =
+OBJSUFFICS = .o
+DEFINEOPTION = -D
+COMPFILES = *~
+REMOVECOMMAND = rm -f
+TYPECOMMAND = cat
+COMPATLIBS =
+MAKEFILE = Makefile.Linux
+PLUGINS = SSLPlugin StringsPlugin TrafficPlugin PCREPlugin TransparentPlugin
+
+include Makefile.inc
+
+allplugins:
+	@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ;	cd ../.. ; done
+
+DESTDIR		=
+prefix		= /usr/local
+exec_prefix	= $(prefix)
+man_prefix	= $(prefix)/share
+
+INSTALL		= /usr/bin/install
+INSTALL_BIN	= $(INSTALL) -m 755
+INSTALL_DATA	= $(INSTALL) -m 644
+INSTALL_OBJS	= src/3proxy \
+		  src/countersutil \
+		  src/dighosts \
+		  src/ftppr \
+		  src/mycrypt \
+		  src/pop3p \
+		  src/proxy \
+		  src/socks \
+		  src/tcppm \
+		  src/udppm
+		  
+
+INSTALL_CFG_OBJS = scripts/3proxy.cfg \
+		   scripts/add3proxyuser.sh
+INSTALL_CFG_DEST = config
+
+INSTALL_CFG_OBJS2 = passwd counters bandlimiters
+
+MANDIR1		= $(DESTDIR)$(man_prefix)/man/man1
+MANDIR3		= $(DESTDIR)$(man_prefix)/man/man3
+MANDIR8		= $(DESTDIR)$(man_prefix)/man/man8
+BINDIR		= $(DESTDIR)$(exec_prefix)/bin
+ETCDIR		= $(DESTDIR)$(prefix)/etc/3proxy
+
+install-bin:
+	$(INSTALL_BIN) -d $(BINDIR)
+	$(INSTALL_BIN) -s $(INSTALL_OBJS) $(BINDIR)
+
+install-etc-dir:
+	$(INSTALL_BIN) -d $(ETCDIR)
+
+install-etc-default-config:
+	if [ -f $(ETCDIR)/$(INSTALL_CFG_DEST) ]; then \
+	   : ; \
+	else \
+	   $(INSTALL_DATA) $(INSTALL_CFG_OBJS) $(ETCDIR)/$(INSTALL_CFG_DEST) \
+	fi
+
+install-etc: install-etc-dir
+	for file in $(INSTALL_CFG_OBJS2); \
+	do \
+	  touch $(ETCDIR)/$$file; chmod 0600 $(ETCDIR)/$$file; \
+	done;
+
+install-man:
+	$(INSTALL_BIN) -d $(MANDIR3)
+	$(INSTALL_BIN) -d $(MANDIR8)
+	$(INSTALL_DATA) man/*.3 $(MANDIR3)
+	$(INSTALL_DATA) man/*.8 $(MANDIR8)
+
+install: install-bin install-etc install-man
+

Makefile.Solaris

@@ -0,0 +1,35 @@
+#$Id: Makefile.Solaris,v 1.18 2008/09/30 13:58:44 vlad Exp $
+#
+# 3 proxy Makefile for Solaris/SunCC
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# remove -DNOODBC from CFLAGS and add -lodbc to LDFLAGS to compile with ODBC
+# library support. Add -DSAFESQL for poorely written ODBC library / drivers.
+
+BUILDDIR =
+CC = cc
+CFLAGS = -xO3 -c -D_SOLARIS -D_THREAD_SAFE -DGETHOSTBYNAME_R -D_REENTRANT -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -DWITH_POLL
+COUT = -o ./
+LN = cc
+LDFLAGS = -xO3
+DCFLAGS = -fpic
+DLFLAGS = -shared
+DLSUFFICS = .ld.so
+LIBS = -lpthread -lsocket -lnsl -lresolv -ldl
+LNOUT = -o ./
+EXESUFFICS =
+OBJSUFFICS = .o
+DEFINEOPTION = -D
+COMPFILES = *~
+REMOVECOMMAND = rm -f
+TYPECOMMAND = cat
+COMPATLIBS =
+MAKEFILE = Makefile.Solaris
+PLUGINS = StringsPlugin TrafficPlugin PCREPlugin
+
+include Makefile.inc
+
+allplugins:
+	@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ;	cd ../.. ; done

Makefile.Solaris-gcc

@@ -0,0 +1,36 @@
+#$Id: Makefile.Solaris-gcc,v 1.14 2008/09/30 13:58:44 vlad Exp $
+#
+# 3 proxy Makefile for Solaris/gcc
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# remove -DNOODBC from CFLAGS and add -lodbc to LDFLAGS to compile with ODBC
+# library support. Add -DSAFESQL for poorely written ODBC library / drivers.
+
+
+BUILDDIR =
+CC = gcc
+CFLAGS = -O3 -c -D_SOLARIS -D_THREAD_SAFE -DGETHOSTBYNAME_R -D_REENTRANT -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -DWITH_POLL
+COUT = -o ./
+LN = gcc
+LDFLAGS = -O3
+DCFLAGS = -fpic
+DLFLAGS = -shared
+DLSUFFICS = .ld.so
+LIBS = -lpthread -lsocket -lnsl -lresolv -ldl
+LNOUT = -o ./
+EXESUFFICS =
+OBJSUFFICS = .o
+DEFINEOPTION = -D
+COMPFILES = *~
+REMOVECOMMAND = rm -f
+TYPECOMMAND = cat
+COMPATLIBS =
+MAKEFILE = Makefile.Solaris-gcc
+PLUGINS = StringsPlugin TrafficPlugin PCREPlugin
+
+include Makefile.inc
+
+allplugins:
+	@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ;	cd ../.. ; done

Makefile.am

@@ -0,0 +1,2 @@
+SUBDIRS = src man
+EXTRA_DIST = doc cfg

Makefile.ccc

@@ -0,0 +1,35 @@
+#$Id: Makefile.ccc,v 1.12 2007/04/10 16:29:25 vlad Exp $
+#
+# 3 proxy Makefile for Compaq C Compiler
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# remove -DNOODBC from CFLAGS and add -lodbc to LDFLAGS to compile with ODBC
+# library support. Add -DSAFESQL for poorely written ODBC library / drivers.
+
+BUILDDIR =
+CC = ccc
+CFLAGS = -Wall -O2 -c -pthread -D_THREAD_SAFE -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -WITH_POLL
+COUT = -o 
+LN = ccc
+LDFLAGS = -Wall -O2 -pthread
+DCFLAGS = -fpic
+DLFLAGS = -shared
+DLSUFFICS = .ld.so
+LIBS =
+LNOUT = -o 
+EXESUFFICS =
+OBJSUFFICS = .o
+DEFINEOPTION = -D
+COMPFILES = *~
+REMOVECOMMAND = rm -f
+TYPECOMMAND = cat
+COMPATLIBS =
+MAKEFILE = Makefile.ccc
+PLUGINS = StringsPlugin TrafficPlugin PCREPlugin
+
+include Makefile.inc
+
+allplugins:
+	@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ;	cd ../.. ; done

Makefile.debug

@@ -0,0 +1,27 @@
+#$Id: Makefile.debug,v 1.7 2007/04/18 05:33:19 vlad Exp $
+#
+# 3 proxy Makefile for Microsoft Visual C compiler (for both make and nmake)
+#
+# You can try to add /D "WITH_STD_MALLOC" to CFLAGS to use standard malloc
+# libraries
+
+BUILDDIR = ../bin/
+CC = cl
+CFLAGS = /FD /MDd /nologo /W3 /ZI /Wp64 /GS /Gs /RTCsu /EHs- /GA /GF /DEBUG /D "WITH_STD_MALLOC" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "_WIN32"  /c
+COUT = /Fo
+LN = link
+LDFLAGS = /nologo /subsystem:console /machine:I386 /DEBUG
+LIBS = ws2_32.lib advapi32.lib odbc32.lib user32.lib
+LNOUT = /out:
+EXESUFFICS = .exe
+OBJSUFFICS = .obj
+DEFINEOPTION = /D 
+COMPFILES = *.pch *.idb
+REMOVECOMMAND = del 2>NUL >NUL
+TYPECOMMAND = type
+COMPATLIBS =
+MAKEFILE = Makefile.debug
+
+include Makefile.inc
+
+allplugins:

Makefile.inc

@@ -0,0 +1,13 @@
+#$Id: Makefile.inc,v 1.3 2007/01/23 16:00:26 vlad Exp $
+#
+# 3 proxy common Makefile
+#
+
+all:
+	$(TYPECOMMAND) $(MAKEFILE) > src/Makefile.var
+	@cd src && $(MAKE)
+
+clean:
+	@$(REMOVECOMMAND) *$(OBJSUFFICS) $(COMPFILES)
+	@cd src && $(MAKE) clean
+

Makefile.intl

@@ -0,0 +1,34 @@
+#$Id: Makefile.intl,v 1.8 2007/07/21 18:47:00 vlad Exp $
+#
+# 3 proxy Makefile for Intel C compiler for Windows (for both make and nmake)
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# Add /DSAFESQL to CFLAGS if you are using poorely written/tested ODBC driver
+
+
+BUILDDIR = ../bin/
+CC = icl
+CFLAGS = /nologo /MD /W3 /G6 /GX /O2 /D "WITH_STD_MALLOC" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "_WIN32" /Fp"proxy.pch" /YX /FD /c
+COUT = /Fo
+LN = xilink
+LDFLAGS = /nologo /subsystem:console /incremental:no /machine:I386
+LIBS = ws2_32.lib advapi32.lib odbc32.lib user32.lib
+DLFLAGS = /DLL
+DLSUFFICS = .dll
+LNOUT = /out:
+EXESUFFICS = .exe
+OBJSUFFICS = .obj
+DEFINEOPTION = /D 
+COMPFILES = *.pch *.idb
+REMOVECOMMAND = del 2>NUL
+TYPECOMMAND = type
+COMPATLIBS =
+MAKEFILE = Makefile.intl
+PLUGINS = WindowsAuthentication TrafficPlugin PCREPlugin
+
+include Makefile.inc
+
+allplugins:
+	for /D %%i in ($(PLUGINS)) do (copy Makefile Makefile.var plugins\%%i && cd plugins\%%i && nmake && del *.obj *.idb &&cd ..\..)

Makefile.msvc

@@ -0,0 +1,36 @@
+#$Id: Makefile.msvc,v 1.17 2010-11-11 14:44:11 v.dubrovin Exp $
+#
+# 3 proxy Makefile for Microsoft Visual C compiler (for both make and nmake)
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# Add /DSAFESQL to CFLAGS if you are using poorely written/tested ODBC driver
+
+BUILDDIR = ../bin/
+CC = cl
+CFLAGS = /nologo /MT /W3 /Ox /GS /EHs- /GA /GF /D "MSVC" /D "WITH_STD_MALLOC" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "_WIN32" /Fp"proxy.pch" /FD /c
+COUT = /Fo
+LN = link
+LDFLAGS = /nologo /subsystem:console /incremental:no /machine:I386
+DLFLAGS = /DLL
+DLSUFFICS = .dll
+LIBS = ws2_32.lib advapi32.lib odbc32.lib user32.lib kernel32.lib Gdi32.lib libeay32MT.lib ssleay32MT.lib
+LIBEXT = .lib                                                                                               
+LNOUT = /out:
+EXESUFFICS = .exe
+OBJSUFFICS = .obj
+DEFINEOPTION = /D 
+COMPFILES = *.pch *.idb
+REMOVECOMMAND = del 2>NUL >NUL
+TYPECOMMAND = type
+COMPATLIBS =
+MAKEFILE = Makefile.msvc
+PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin lastFripper FilePlugin
+
+
+include Makefile.inc
+
+allplugins:
+	for /D %%i in ($(PLUGINS)) do (copy Makefile plugins\%%i && copy Makefile.var plugins\%%i && cd plugins\%%i && nmake && del *.obj *.idb &&cd ..\..)
+	

Makefile.msvc64

@@ -0,0 +1,35 @@
+#$Id: Makefile.msvc64,v 1.14 2007/07/21 18:47:05 vlad Exp $
+#
+# 3 proxy Makefile for Microsoft Visual C compiler (for both make and nmake)
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# Add /DSAFESQL to CFLAGS if you are using poorely written/tested ODBC driver
+
+BUILDDIR = ../bin64/
+CC = cl
+CFLAGS = /nologo /MT /W3 /Ox /EHs- /GS /GA /GF /D "MSVC" /D "WITH_STD_MALLOC" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "_WIN32" /Fp"proxy.pch" /FD /c
+COUT = /Fo
+LN = link
+LDFLAGS = /nologo /subsystem:console /incremental:no /machine:x64
+DLFLAGS = /DLL
+DLSUFFICS = .dll
+LIBS = ws2_32.lib advapi32.lib odbc32.lib user32.lib kernel32.lib Gdi32.lib libeay32MT.lib ssleay32MT.lib
+LIBEXT = .lib
+LNOUT = /out:
+EXESUFFICS = .exe
+OBJSUFFICS = .obj
+DEFINEOPTION = /D 
+COMPFILES = *.pch *.idb
+REMOVECOMMAND = del 2>NUL >NUL
+TYPECOMMAND = type
+COMPATLIBS =
+MAKEFILE = Makefile.msvc64
+PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin
+
+include Makefile.inc
+
+allplugins:
+	for /D %%i in ($(PLUGINS)) do (copy Makefile plugins\%%i && copy Makefile.var plugins\%%i && cd plugins\%%i && nmake && del *.obj *.idb &&cd ..\..)
+

Makefile.msvcCE

@@ -0,0 +1,36 @@
+#$Id: Makefile.msvc,v 1.14 2007/07/21 18:47:02 vlad Exp $
+#
+# 3 proxy Makefile for Microsoft Visual C compiler (for both make and nmake)
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# Add /DSAFESQL to CFLAGS if you are using poorely written/tested ODBC driver
+
+BUILDDIR = ../bin/
+CC = cl
+CFLAGS = /DARM /D "NOODBC" /nologo /MT /W3 /Wp64 /Ox /GS /EHs- /GA /GF /D "MSVC" /D "_WINCE" /D "WITH_STD_MALLOC" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "_WIN32" /Fp"proxy.pch" /FD /c
+COUT = /Fo
+LN = link
+LDFLAGS = /nologo /subsystem:console /incremental:no
+DLFLAGS = /DLL
+DLSUFFICS = .dll
+LIBS = ws2_32.lib advapi32.lib odbc32.lib user32.lib
+LIBEXT = .lib
+LNOUT = /out:
+EXESUFFICS = .exe
+OBJSUFFICS = .obj
+DEFINEOPTION = /D 
+COMPFILES = *.pch *.idb
+REMOVECOMMAND = del 2>NUL >NUL
+TYPECOMMAND = type
+COMPATLIBS =
+MAKEFILE = Makefile.msvc
+PLUGINS = WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin
+
+
+include Makefile.inc
+
+allplugins:
+	for /D %%i in ($(PLUGINS)) do (copy Makefile plugins\%%i && copy Makefile.var plugins\%%i && cd plugins\%%i && nmake && del *.obj *.idb &&cd ..\..)
+	

Makefile.unix

@@ -0,0 +1,58 @@
+#$Id: Makefile.unix,v 1.20 2007/04/10 16:29:25 vlad Exp $
+#
+# 3 proxy Makefile for GCC/Unix
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# remove -DNOODBC from CFLAGS and add -lodbc to LDFLAGS to compile with ODBC
+# library support. Add -DSAFESQL for poorely written ODBC library / drivers.
+
+BUILDDIR =
+CC = gcc
+
+# you may need -L/usr/pkg/lib for older NetBSD versions
+CFLAGS = -Wall -g -O2 -c -pthread -D_THREAD_SAFE -D_REENTRANT -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -DWITH_POLL
+COUT = -o 
+LN = gcc
+LDFLAGS = -Wall -O2 -pthread
+# -lpthreads may be reuqired on some platforms instead of -pthreads
+# -ldl or -lld may be required for some platforms
+DCFLAGS = -fpic
+DLFLAGS = -shared
+DLSUFFICS = .ld.so
+LIBS =
+LNOUT = -o 
+EXESUFFICS =
+OBJSUFFICS = .o
+DEFINEOPTION = -D
+COMPFILES = *~
+REMOVECOMMAND = rm -f
+TYPECOMMAND = cat
+COMPATLIBS =
+MAKEFILE = Makefile.unix
+PLUGINS = StringsPlugin TrafficPlugin PCREPlugin
+
+include Makefile.inc
+
+install: all
+	if [ ! -d /usr/local/etc/3proxy/bin ]; then mkdir -p /usr/local/etc/3proxy/bin/; fi
+	install src/3proxy /usr/local/etc/3proxy/bin/3proxy
+	install src/mycrypt /usr/local/etc/3proxy/bin/mycrypt
+	install scripts/rc.d/proxy.sh /usr/local/etc/rc.d/proxy.sh
+	install scripts/add3proxyuser.sh /usr/local/etc/3proxy/bin/
+	if [ -s /usr/local/etc/3proxy/3proxy.cfg ]; then
+	echo /usr/local/etc/3proxy/3proxy.cfg already exists
+	else
+	install scripts/3proxy.cfg /usr/local/etc/3proxy/
+	if [ ! -d /var/log/3proxy/ ]; then
+	mkdir /var/log/3proxy/
+	fi
+	touch /usr/local/etc/3proxy/passwd
+	touch /usr/local/etc/3proxy/counters
+	touch /usr/local/etc/3proxy/bandlimiters
+	echo Run /usr/local/etc/3proxy/bin/add3proxyuser.sh to add \'admin\' user
+	fi
+
+allplugins:
+	@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ;	cd ../.. ; done

Makefile.unix-install

@@ -0,0 +1,61 @@
+DESTDIR		=
+prefix		= /usr/local
+exec_prefix	= $(prefix)
+man_prefix	= $(prefix)/share
+
+INSTALL		= /usr/bin/install
+INSTALL_BIN	= $(INSTALL) -m 755
+INSTALL_DATA	= $(INSTALL) -m 644
+INSTALL_OBJS	= src/3proxy \
+		  src/countersutil \
+		  src/dighosts \
+		  src/ftppr \
+		  src/mycrypt \
+		  src/pop3p \
+		  src/proxy \
+		  src/socks \
+		  src/tcppm \
+		  src/udppm \
+		  scripts/add3proxyuser.sh
+
+INSTALL_CFG_OBJS = scripts/3proxy.cfg
+INSTALL_CFG_DEST = config
+
+INSTALL_CFG_OBJS2 = passwd counters bandlimiters
+
+MANDIR1		= $(DESTDIR)$(man_prefix)/man/man1
+MANDIR3		= $(DESTDIR)$(man_prefix)/man/man3
+MANDIR8		= $(DESTDIR)$(man_prefix)/man/man8
+BINDIR		= $(DESTDIR)$(exec_prefix)/bin
+ETCDIR		= $(DESTDIR)$(prefix)/etc/3proxy
+
+install-bin:
+	$(INSTALL_BIN) -d $(BINDIR)
+	$(INSTALL_BIN) -s $(INSTALL_OBJS) $(BINDIR)
+
+install-etc-dir:
+	$(INSTALL_BIN) -d $(ETCDIR)
+
+install-etc-default-config:
+	if [ -f $(ETCDIR)/$(INSTALL_CFG_DEST) ]; then \
+	   : ; \
+	else \
+	   $(INSTALL_DATA) $(INSTALL_CFG_OBJS) $(ETCDIR)/$(INSTALL_CFG_DEST) \
+	fi
+
+install-etc: install-etc-dir
+	for file in $(INSTALL_CFG_OBJS2); \
+	do \
+	  touch $(ETCDIR)/$$file; chmod 0600 $(ETCDIR)/$$file; \
+	done;
+
+install-man:
+	$(INSTALL_BIN) -d $(MANDIR1)
+	$(INSTALL_BIN) -d $(MANDIR3)
+	$(INSTALL_BIN) -d $(MANDIR8)
+	$(INSTALL_DATA) man/*.1 $(MANDIR1)
+	$(INSTALL_DATA) man/*.3 $(MANDIR3)
+	$(INSTALL_DATA) man/*.8 $(MANDIR8)
+
+install: install-bin install-etc install-man
+

Makefile.win

@@ -0,0 +1,35 @@
+#$Id: Makefile.win,v 1.9 2007/08/20 15:26:27 vlad Exp $
+#
+# 3 proxy Makefile for GCC/windows
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# remove -DNOODBC from CFLAGS and add -lodbc to LDFLAGS to compile with ODBC
+# library support
+
+
+BUILDDIR = ../bin/
+CC = gcc
+CFLAGS = -O2 -s -c -mthreads -DWITH_STD_MALLOC
+COUT = -o 
+LN = gcc
+LDFLAGS = -O2 -s  -mthreads
+DLFLAGS = -shared
+DLSUFFICS = .dll
+LIBS = -lws2_32 -lodbc32 -ladvapi32
+LNOUT = -o 
+EXESUFFICS = .exe
+OBJSUFFICS = .o
+DEFINEOPTION = -D
+COMPFILES = *.tmp
+REMOVECOMMAND = rm -f
+TYPECOMMAND = cat
+COMPATLIBS =
+MAKEFILE = Makefile.win
+PLUGINS = utf8tocp1251 WindowsAuthentication TrafficPlugin StringsPlugin PCREPlugin
+
+include Makefile.inc
+
+allplugins:
+	@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ;  rm *.o ; cd ../.. ; done

Makefile.winCE

@@ -0,0 +1,35 @@
+#$Id: Makefile.win,v 1.9 2007/08/20 15:26:27 vlad Exp $
+#
+# 3 proxy Makefile for GCC/windows
+#
+# You can try to remove -DWITH_STD_MALLOC to CFLAGS to use optimized malloc
+# libraries
+#
+# remove -DNOODBC from CFLAGS and add -lodbc to LDFLAGS to compile with ODBC
+# library support
+
+
+BUILDDIR = ../bin/
+CC = /opt/cegcc/arm-wince-cegcc/bin/gcc
+CFLAGS = -Wall -O2 -s -c -mthreads -DWITH_STD_MALLOC -DNOODBC -D_WINCE -D_WIN32 -D__USE_W32_SOCKETS
+COUT = -o 
+LN = /opt/cegcc/arm-wince-cegcc/bin/gcc
+LDFLAGS = -Wall -O2 -s -mthreads
+DLFLAGS = -shared
+DLSUFFICS = .dll
+LIBS = -lws2
+LNOUT = -o 
+EXESUFFICS = .exe
+OBJSUFFICS = .o
+DEFINEOPTION = -D
+COMPFILES = *.tmp
+REMOVECOMMAND = rm -f
+TYPECOMMAND = more
+COMPATLIBS =
+MAKEFILE = Makefile.winCE
+PLUGINS = TrafficPlugin StringsPlugin PCREPlugin
+
+include Makefile.inc
+
+allplugins:
+	@list='$(PLUGINS)'; for p in $$list; do cp Makefile Makefile.var plugins/$$p; cd plugins/$$p ; make ;  rm *.o ; cd ../.. ; done

Readme

@@ -0,0 +1,67 @@
+/*
+   3APA3A 3proxy tiny proxy server
+   (c) 2002-2009 by ZARAZA <3APA3A@security.nnov.ru>,
+		 Vladimir Dubrovin <vlad@sandy.ru>
+
+   please read License Agreement
+
+   $Id: Readme,v 1.8 2009/03/18 17:46:22 vlad Exp $
+*/
+
+Please read doc/html/index.html and man pages.
+
+3proxy    	Combined proxy server may be used as
+		Windows 95/98/NT/2000/XP/2003/Vista
+		executable or service (supports installation and removal).
+		It uses config file to read it's configuration (see
+		3proxy.cfg.sample for details).
+		--install installs and starts proxy as NT/2000/XP service
+		(config file should be located in the same directory)
+		--remove removes the service (should be stopped before via
+		net stop 3proxy).
+		3proxy.exe is all-in-one, it doesn't require all others .exe
+		to work.
+		See 3proxy.cfg.sample for examples, see man 3proxy.cfg
+proxy    	HTTP proxy server, binds to port 3128
+ftppr    	FTP proxy server, binds to port 21
+socks    	SOCKS 4/5 proxy server, binds to port 1080
+ftppr		FTP proxy server, please do not mess it with FTP over HTTP
+		proxy used in browsers
+pop3p    	POP3 proxy server, binds to port 110. You must specify
+		POP3 username as username@target.host.ip[:port]
+		port is 110 by default.
+		Exmple: in Username configuration for you e-mail reader
+		set someuser@pop.somehost.ru, to obtains mail for someuser
+		from pop.somehost.ru via proxy.
+smtpp    	SMTP proxy server, binds to port 25. You must specify
+		SMTP username as username@target.host.ip[:port]
+		port is 25 by default.
+		Exmple: in Username configuration for you e-mail reader
+		set someuser@mail.somehost.ru, to send mail as someuser
+		via mail.somehost.ru via proxy.
+icqpr    	ICQ/AIM proxy. Maps some TCP port to TCP port of ICQ
+		server and performs packets translation. Example:
+		icqpr 5190 login.icq.com 5190
+msnpr		MSN proxy (beta)
+tcppm    	TCP port mapping. Maps some TCP port on local machine to
+		TCP port on remote host.
+udppm    	UDP port mapping. Maps some UDP port on local machine to
+		UDP port on remote machine. Only one user simulationeously
+		can use UDP mapping, so it cann't be used for public service
+		in large networks. It's OK to use it to map to DNS server
+		in small network or to map Counter-Strike server for single
+		client (you can use few mappings on different ports for
+		different clients in last case).
+mycrypt    	Program to obtain crypted password fro cleartext. Supports
+		both MD5/crypt and NT password.
+			mycrypt password
+		produces NT password
+			mycrypt salt password
+		produces MD5/crypt password with salt "salt".
+dighosts    	Utility for building networks list from web page.
+countersutil	Utility to manage counters file
+
+
+Run utility with --help option for command line reference.
+
+Latest version is available from http://3proxy.ru/

authors

@@ -0,0 +1 @@
+(c) 2002-2007 by ZARAZA <3APA3A@security.nnov.ru>, Vladimir Dubrovin <vlad@sandy.ru>

cfg/0.scenario.txt

@@ -0,0 +1,18 @@
+Please read doc/config.txt before using 3proxy.
+
+In all examples next scenario is used:
+
+3proxy is installed on multihomed host. IP address of internal interface
+is 192.168.1.1. IP address of external interface is 10.1.1.1.
+Internal network has few subnetworks for 192.168.0.0/16.
+Users are named user1, user2, etc.
+
+You use external DNS server 10.1.2.1 and 10.1.2.2
+
+Provider has networks with free access. A list of networks is published
+on the provider's Web server.
+
+Provider has proxy server 10.1.2.5. Traffic from proxy server is not free, but
+is cheaper than traffic from non-free networks.
+
+$Id: 0.scenario.txt,v 1.2 2004/07/23 13:33:39 vlad Exp $

cfg/3proxy.cfg.sample

@@ -0,0 +1,202 @@
+#!/usr/local/bin/3proxy
+# Yes, 3proxy.cfg can be executable, in this case you should place
+# something like
+#config /usr/local/3proxy/3proxy.cfg
+# to show which configuration 3proxy should re-read on realod.
+
+#system "echo Hello world!"
+# you may use system to execute some external command if proxy starts
+
+# We can configure nservers to avoid unsafe gethostbyname() usage
+nserver 10.1.2.1
+nserver 10.2.2.2
+# nscache is good to save speed, traffic and bandwidth
+nscache 65536
+
+#nsrecord porno.security.nnov.ru 0.0.0.0
+# nobody will be able to access porno.security.nnov.ru by the name.
+#nsrecord wpad.security.nnov.ru www.security.nnov.ru
+# wpad.security.nnov.ru will resolve to www.security.nnov.ru for
+# clients
+
+
+timeouts 1 5 30 60 180 1800 15 60
+# Here we can change timeout values
+
+users 3APA3A:CL:3apa3a "test:CR:$1$qwer$CHFTUFGqkjue9HyhcMHEe1"
+# note that "" required, overvise $... is treated as include file name.
+# $1$qwer$CHFTUFGqkjue9HyhcMHEe1 is 'test' in MD5 crypt format.
+#users $/usr/local/etc/3proxy/passwd
+# this example shows you how to include passwd file. For included files
+# <CR> and <LF> are treated as field separators.
+
+#daemon
+# now we will not depend on any console (daemonize). daemon must be given
+# before any significant command on *nix.
+
+service
+# service is required under NT if you want 3proxy to start as service
+
+#log /usr/local/etc/3proxy/logs/3proxy.log D
+log c:\3proxy\logs\3proxy.log D
+# log allows to specify log file location and rotation, D means logfile
+# is created daily
+
+#logformat "L%d-%m-%Y %H:%M:%S %z %N.%p %E %U %C:%c %R:%r %O %I %h %T"
+#logformat "Linsert into log (l_date, l_user, l_service, l_in, l_out, l_descr) values ('%d-%m-%Y %H:%M:%S', '%U', '%N', %I, %O, '%T')"
+#Compatible with Squid access.log:
+#
+#"- +_G%t.%. %D %C TCP_MISS/200 %I %1-1T %2-2T %U DIRECT/%R application/unknown"
+#or, more compatible format without %D
+#"- +_G%t.%.      1 %C TCP_MISS/200 %I %1-1T %2-2T %U DIRECT/%R application/unknown"
+#
+#Compatible with ISA 2000 proxy WEBEXTD.LOG (fields are TAB-delimited):
+#
+#"-	+ L%C	%U	Unknown	Y	%Y-%m-%d	%H:%M:%S	w3proxy	3PROXY	-	%n	%R	%r	%D	%O	%I	http	TCP	%1-1T	%2-2T	-	-	%E	-	-	-"
+#
+#Compatible with ISA 2004 proxy WEB.w3c
+#
+#"-	+ L%C	%U	Unknown	%Y-%m-%d	%H:%M:%S	3PROXY	-	%n	%R	%r	%D	%O	%I	http	%1-1T	%2-2T	-	%E	-	-	Internal	External	0x0	Allowed"
+#
+#Compatible with ISA 2000/2004 firewall FWSEXTD.log (fields are TAB-delimited):
+#
+#"-	+ L%C	%U	unnknown:0:0.0	N	%Y-%m-%d	%H:%M:%S	fwsrv	3PROXY	-	%n	%R	%r	%D	%O	%I	%r	TCP	Connect	-	-	-	%E	-	-	-	-	-"
+#
+#Compatible with HTTPD standard log (Apache and others)
+#
+#"-""+_L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" %E %I"
+#or more compatible without error code
+#"-""+_L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" 200 %I"
+
+# in log file we want to have underscores instead of spaces
+logformat "- +_L%t.%.  %N.%p %E %U %C:%c %R:%r %O %I %h %T"
+
+
+#archiver gz /bin/gzip %F
+#archiver zip zip -m -qq %A %F
+#archiver zip pkzipc -add -silent -move %A %F
+archiver rar rar a -df -inul %A %F
+# if archiver specified log file will be compressed after closing.
+# you should specify extension, path to archiver and command line, %A will be
+# substituted with archive file name, %f - with original file name.
+# Original file will not be removed, so archiver should care about it.
+
+rotate 30
+# We will keep last 30 log files
+
+auth iponly
+#auth nbname
+#auth strong
+# auth specifies type of user authentication. If you specify none proxy
+# will not do anything to check name of the user. If you specify
+# nbname proxy will send NetBIOS name request packet to UDP/137 of
+# client and parse request for NetBIOS name of messanger service.
+# Strong means that proxy will check password. For strong authentication
+# unknown user will not be allowed to use proxy regardless of ACL.
+# If you do not want username to be checked but wanna ACL to work you should
+# specify auth iponly.
+
+
+#allow ADMINISTRATOR,root
+#allow * 127.0.0.1,192.168.1.1 * *
+#parent 1000 http 192.168.1.2 80 * * * 80
+#allow * 192.168.1.0/24 * 25,53,110,20-21,1024-65535
+# we will allow everything if username matches ADMINISTRATOR or root or
+# client ip is 127.0.0.1 or 192.168.1.1. Overwise we will redirect any request
+# to port 80 to our Web-server 192.168.0.2.
+# We will allow any outgoing connections from network 192.168.1.0/24 to
+# SMTP, POP3, FTP, DNS and unprivileged ports.
+# Note, that redirect may also be used with proxy or portmapper. It will
+# allow you to redirect requests to different ports or different server
+# for different clients.
+
+#  sharing access to internet
+
+external 10.1.1.1
+# external is address 3proxy uses for outgoing connections. 0.0.0.0 means any
+# interface. Using 0.0.0.0 is not good because it allows to connect to 127.0.0.1
+
+internal 192.168.1.1
+# internal is address of interface proxy will listen for incoming requests
+# 127.0.0.1 means only localhost will be able to use this proxy. This is
+# address you should specify for clients as proxy IP.
+# You MAY use 0.0.0.0 but you shouldn't, because it's a chance for you to
+# have open proxy in your network in this case.
+
+auth none
+# no authentication is requires
+
+dnspr
+
+# dnsproxy listens on UDP/53 to answer client's DNS requests. It requires
+# nserver/nscache configuration.
+
+
+#external $./external.ip
+#internal $./internal.ip
+# this is just an alternative form fo giving external and internal address
+# allows you to read this addresses from files
+
+auth strong
+# We want to protect internal interface
+deny * * 127.0.0.1,192.168.1.1
+# and llow HTTP and HTTPS traffic.
+allow * * * 80-88,8080-8088 HTTP
+allow * * * 443,8443 HTTPS
+proxy -n
+
+auth none
+# pop3p will be used without any authentication. It's bad choice
+# because it's possible to use pop3p to access any port
+pop3p
+
+tcppm 25 mail.my.provider 25
+#udppm -s 53 ns.my.provider 53
+# we can portmap port TCP/25 to provider's SMTP server and UDP/53
+# to provider's DNS.
+# Now we can use our proxy as SMTP and DNS server.
+# -s switch for UDP means "single packet" service - instead of setting
+# association for period of time association will only be set for 1 packet.
+# It's very userfull for services like DNS but not for some massive services
+# like multimedia streams or online games.
+
+auth strong
+flush
+allow 3APA3A,test
+maxconn 20
+socks
+# for socks we will use password authentication and different access control -
+# we flush previously configured ACL list and create new one to allow users
+# test and 3APA3A to connect from any location
+
+
+auth strong
+flush
+internal 127.0.0.1
+allow 3APA3A 127.0.0.1
+maxconn 3
+admin
+#only allow acces to admin interface for user 3APA3A from 127.0.0.1 address
+#via 127.0.0.1 address.
+
+# map external 80 and 443 ports to internal Web server
+# examples below show how to use 3proxy to publish Web server in internal
+# network to Internet. We must switch internal and external addresses and
+# flush any ACLs
+
+#auth none
+#flush
+#external $./internal.ip
+#internal $./external.ip
+#maxconn 300
+#tcppm 80 websrv 80
+#tcppm 443 websrv 443
+
+
+#chroot /usr/local/jail
+#setgid 65535
+#setuid 65535
+# now we needn't any root rights. We can chroot and setgid/setuid.
+
+
+###$Id: 3proxy.cfg.sample,v 1.7 2006/11/18 14:37:06 vlad Exp $#######

cfg/counters.sample

@@ -0,0 +1,53 @@
+# Scenario:
+# You're billed for traffic except internal networks 
+# 192.168.0.0 mask 255.255.0.0 and 10.0.0.0 mask 255.0.0.0.
+# If you exceed 2Gb limit you will have very high penalty
+#
+# You want to have daily report about common amount of external traffic.
+# You also need to know amount of Web traffic for every user
+# You want to limit Web traffic to 100Mb/day to whole campus and
+# to 20MB/day to every user
+
+# see explanations in 3proxy.cfg.sample
+internal 192.168.1.1
+external 10.1.1.1
+nserver 10.1.2.1
+nserver 10.2.2.2
+nscache 65536
+dnspr
+
+# no logging will be used, only traffic reports
+
+# use  d:\3proxy\3profy.3cf to store counters data
+# generate daily traffic reports in d:\3proxy\traf\
+counter "d:\3proxy\3profy.3cf" D "d:\3proxy\traf\traf"
+
+# define users
+users "user1:CL:password1" "user2:CL:password2" "user3:CL:password3"
+users "user4:CL:password4" "user5:CL:password5" "user6:CL:password6"
+# ...
+
+# do not count traffic for 192.168.0.0/16,10.0.0.0/8
+nocountin * * 192.168.0.0/16,10.0.0.0/8
+# Count external traffic summary for all clients with limit to 100MB/day
+countin "1/Test 1" D 100 *
+# Count external Web traffic summary for all clients to 1Gb/month
+countin "2/Test 2" M 1024 vlad,3APA3A,test 127.0.0.1 * 80,81,8080-8088
+# For every user count and limit daily Web traffic to 20 Mb
+# There is no way to configure it in a single line, we need a line
+# for every user we have
+countin "3/User 1" D 20 user1 * * 80,81,8080-8088
+countin "4/User 2" D 20 user2 * * 80,81,8080-8088
+# ...
+countin "202/User 200" D 20 user200 * * 80,81,8080-8088
+
+# enable proxy
+auth strong
+proxy
+
+# enable administration to user1 from localhost
+internal 127.0.0.1
+allow user1
+admin
+
+#$Id: counters.sample,v 1.2 2004/07/23 13:33:39 vlad Exp $

contrib/www3proxy/isqlodbc/Makefile.inc

@@ -0,0 +1,6 @@
+all:	  isqlodbc$(EXESUFFICS) 
+clean:
+	@$(REMOVECOMMAND) *$(OBJSUFFICS) $(COMPFILES)
+
+isqlodbc$(EXESUFFICS): isqlodbc$(OBJSUFFICS) 
+	$(LN) $(LNOUT)isqlodbc$(EXESUFFICS) $(LDFLAGS) $(VERFILE) isqlodbc$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)

contrib/www3proxy/isqlodbc/Makefile.unix

@@ -0,0 +1,15 @@
+CC = gcc
+CFLAGS = -I /usr/local/include  -DUNIX
+COUT = -o 
+LN = gcc
+LDFLAGS =  
+LIBS =-L /usr/local/lib -lodbc
+LNOUT = -o 
+EXESUFFICS =
+OBJSUFFICS = .o
+DEFINEOPTION = -D
+COMPFILES = *~
+REMOVECOMMAND = rm -f
+COMPATLIBS =
+
+include Makefile.inc

contrib/www3proxy/isqlodbc/Makefile.win

@@ -0,0 +1,15 @@
+CC = gcc
+CFLAGS = -DWIN32
+COUT = -o 
+LN = gcc
+LDFLAGS =  
+LIBS = -lodbc32
+LNOUT = -o 
+EXESUFFICS =
+OBJSUFFICS = .o
+DEFINEOPTION = -D
+COMPFILES = *~
+REMOVECOMMAND = rm -f
+COMPATLIBS =
+
+include Makefile.inc

contrib/www3proxy/isqlodbc/isqlodbc.c

@@ -0,0 +1,191 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WIN32
+#include <io.h>
+#include <windows.h>
+#endif
+#ifdef UNIX
+#include <sqltypes.h>
+#endif
+#include <sql.h>
+#include <sqlext.h>
+
+
+
+#define  BUF_LENGTH 65000
+
+/* environment variable */
+SQLHENV    env=NULL;
+SQLHDBC    dbc=NULL;
+SQLHSTMT   stmt=NULL;
+SQLHSTMT   cstmt=NULL;
+unsigned  char *dsn;
+unsigned  char *user;
+unsigned  char *pass;
+
+RETCODE    retcod;
+
+/*description a columns of result of request */
+SQLSMALLINT      ColumnCount;
+unsigned int     ColNumber;
+unsigned char    ColName[SQL_MAX_COLUMN_NAME_LEN];
+unsigned int     Length;
+unsigned int     Type;
+unsigned int     Size;
+unsigned int     Digits;
+unsigned int     Nullable;
+
+
+unsigned char    data_buf[BUF_LENGTH];
+unsigned long    OutData;
+
+/* function print error message*/
+void PrintError(HENV env,HDBC dbc,HSTMT stmt,RETCODE retcod)
+{
+ SQLINTEGER nError;
+ SQLSMALLINT  TextLength;
+ unsigned char    BufErrMsg[SQL_MAX_MESSAGE_LENGTH+1];
+ unsigned char    SqlState[128];
+
+ SQLError(env,dbc,stmt,SqlState,&nError,BufErrMsg,512, &TextLength);
+ printf("%s\n" ,BufErrMsg);
+}
+
+void sqlquery(SQLHDBC dbc,SQLHSTMT stmt, unsigned char *strquery)
+{
+ retcod=SQLAllocStmt(dbc, &stmt);
+
+ retcod=SQLExecDirect(stmt,strquery,SQL_NTS);
+ if(retcod!=SQL_SUCCESS)
+   { PrintError(env,dbc,stmt,retcod);}
+
+    SQLNumResultCols(stmt,&ColumnCount);
+
+    while(SQLFetch(stmt)==SQL_SUCCESS)
+     {
+      for(ColNumber=1; ColNumber<=ColumnCount ; ColNumber++)
+       {
+        SQLGetData(stmt,ColNumber,SQL_CHAR,data_buf,BUF_LENGTH,&OutData);
+        printf("%s|",data_buf);
+       }
+       printf("\n",data_buf);
+       strcpy(data_buf,"");
+     }
+ SQLFreeStmt( stmt, SQL_DROP );
+}
+
+/* isqlodbc dsn[[,user][,pass]] ["SQLCMD"] */
+int main(int argc, char *argv[])
+{
+ unsigned char qbuf[64000];
+ unsigned char *ptr=NULL;
+
+ /* Allocate environment and database connection  handles */
+ retcod=SQLAllocEnv( &env );
+ if(retcod!=SQL_SUCCESS)
+  {
+   PrintError(env,dbc,stmt,retcod);
+   SQLFreeEnv(env);
+   return (-1);
+  }
+ retcod = SQLAllocConnect( env, &dbc );
+ if(retcod!=SQL_SUCCESS)
+  {
+   PrintError(env,dbc,stmt,retcod);
+   SQLFreeConnect( dbc );
+   return (-1);
+  }
+ 
+ 
+ if(argc > 1 )
+ {
+  /* parsing command line and get parametrs */
+  dsn = strtok(argv[1],",");
+  user = strtok(NULL, ",");
+  pass = strtok(NULL, ",");
+
+  /* Connect from DSN */
+  retcod=SQLConnect(dbc,dsn,SQL_NTS,user,SQL_NTS,pass,SQL_NTS);
+
+  if(retcod!=SQL_SUCCESS)
+     { PrintError(env,dbc,stmt,retcod); }
+    else
+     {
+      if (argc > 2)
+       {
+        /*sql cmd from command line*/
+        sqlquery(dbc,stmt,argv[2]);
+       }
+      else
+       {
+         /*sql cmd from stdin */
+         if( isatty(0) ){ printf(".tables - list table\n.q - exit\nsql>"); }
+         while(fgets(qbuf,63000,stdin) != NULL )
+         {
+          ptr=strrchr(qbuf,';');
+          if (ptr!=NULL)
+           {
+            sqlquery(dbc,stmt,qbuf);
+           }
+          else
+           {
+            /*cmd exit*/
+            if (strstr(qbuf,".q")){ break; };
+
+            /*cmd table list*/
+            if (strstr(qbuf,".tables")) 
+             {
+              retcod=SQLAllocStmt(dbc, &stmt);
+              if(retcod!=SQL_SUCCESS){ PrintError(env,dbc,stmt,retcod); }
+              else
+               {
+                retcod=SQLTables(stmt,NULL,0,NULL,0,NULL,0,NULL,0);
+                if(retcod !=SQL_SUCCESS) { PrintError(env,dbc,stmt,retcod);}
+                while(SQLFetch(stmt)==SQL_SUCCESS)
+                 {
+                   SQLGetData(stmt,3,SQL_CHAR,data_buf,BUF_LENGTH,&OutData);
+                   printf("%s|",data_buf);
+
+                   /*list columns */
+                   retcod=SQLAllocStmt(dbc, &cstmt);
+                   retcod=SQLColumns(cstmt,NULL,0,NULL,0,data_buf,strlen(data_buf),NULL,0);
+
+                   if(retcod !=SQL_SUCCESS) { PrintError(env,dbc,stmt,retcod);}
+                   else
+                   {
+                     printf("create table %s (",data_buf);
+                     while(SQLFetch(cstmt)==SQL_SUCCESS)
+                      {
+                       SQLGetData(cstmt,4,SQL_CHAR,data_buf,BUF_LENGTH,&OutData);
+                       printf("%s ",data_buf);
+                       SQLGetData(cstmt,6,SQL_CHAR,data_buf,BUF_LENGTH,&OutData);
+                       printf("%s, ",data_buf);
+                      }
+                     printf(");\n");
+                     SQLFreeStmt( cstmt, SQL_DROP );
+                   }/*end list columns*/
+               
+                 }/*end while SQLFetch */
+                SQLFreeStmt( stmt, SQL_DROP );
+               }
+
+             }/*end if (strstr(qbuf,".tables")) */
+
+
+           } /*end else cmd*/
+          if( isatty(0) ){ printf("sql>"); }
+         } /*end while*/
+       }
+     }
+  SQLDisconnect(dbc);
+ } /* if (argc > 2) */
+ else
+ {
+  printf("isqlodbc dsn[[,user][,pass]] [\"SQLCMD\"]\n");
+ }
+
+ SQLFreeConnect( dbc );
+ SQLFreeEnv( env );
+ return 0;
+}

contrib/www3proxy/log.sql

@@ -0,0 +1,22 @@
+
+create table log (ldate date,ltime time,username char (30),userip char (16),bytein integer (10),byteout integer (10),service char (8), host char(255), hostport integer (10), url char (255) );
+
+create index idate on log (ldate);
+create index iusername on log (username);
+create index iuserip on log (userip);
+create index ihost on log (host);
+
+create table services (port integer(10),service char(100),description char (100)); 
+
+INSERT INTO services values (80,'PROXY', 'Access to Web Server');
+INSERT INTO services values (21,'PROXY', 'Access to Ftp Server via HTTP proxy');
+INSERT INTO services values (5190,'PROXY', 'Access to ICQ via HTTP proxy');
+INSERT INTO services values (0, 'POP3P', 'Received Mail via POP3');
+INSERT INTO services values (0,'FTPPR', 'Access to Ftp server via FTP proxy');
+INSERT INTO services values (0,'SOCKS4', 'Access to external server via Socks v4');
+INSERT INTO services values (0,'SOCKS5', 'Access to external server via Socks v5');
+INSERT INTO services values (0,'TCPPM', 'Access to external server via TCP mapping');
+INSERT INTO services values (0,'UDPPM', 'Access to external server via UDP mapping');
+INSERT INTO services values (0, 0, NULL, 'Unknown');
+
+

contrib/www3proxy/readme.ru

@@ -0,0 +1,63 @@
+------------------------------ KOI8-R ------------------------------------
+  Этот архив содержит набор CGI cкриптов и программ для получения 
+статистики работы пользователей прокси сервера "3proxy", посредством анализа
+лога расположенного в ODBC источнике(базе), через Web интерфейс.                      
+
+stat.awk - основной CGI скрипт (Для его испольнения под Win9X/2000 необходима 
+           программа awk.exe ,в linux/freebsd она как правило входит в сиситему
+           по умолчанию).    
+isqlodbc - программа для выполнения SQL запросов к базам ODBC 
+           (вызывается из stat.awk). компилируется gcc и работает как в 
+           win9X/2000 так и в linux/freebsd. (Так же может 
+           использоваться независимо от stat.awk как отдельная 
+           программа..)
+log.sql  - SQL скрипт создания базы для лога сервера.           
+awk.exe  - awk интерпретатор  под Win9X/2000.  
+
+                        Настройка скриптов статистики .
+
+Для работы вам потребуется:
+1) любой http сервер подерживающий CGI
+2) odbc менеджер (под win32 ) или iodbc менеджер (под unix)
+   любая база данных например : sqlite, mysql, postgress или любые другие 
+   имеющие ODBC драйвера.(Как настраивать iODBC под linux/freebsd смотрите в
+   файле iodbc.txt в  каталоге /doc/ru архива 3proxy.)
+
+ Шаг настройки N1:
+Создаем базу данных и DSN для хранения лога. ( в нашем случае DSN будет 
+называться "sqlite".) далее выполняя скрипт log.sql создаем необходимые 
+таблицы и индексы:
+
+isqlodbc sqlite < log.sql
+
+ Шаг настройки N2:
+Устанавливаем DSN и формат таблицы с логом в файле 3proxy.cfg следующего вида:
+-----------
+# create table log (
+#    ldate date,
+#    ltime time,
+#    username char (30),
+#    userip char (16),
+#    bytein integer (10),
+#    byteout integer (10),
+#    service char (8),
+#    host char(255),
+#    hostport integer (10),
+#    url char (255)
+#   );
+
+log &sqlite
+logformat "Linsert into log values ('%Y-%m-%d','%H:%M:%S','%U','%C','%I','%O','%N','%n','%r','%T');"
+-----------
+
+ Шаг настройки N3:
+Копируем файлы isqlodbc и stat.awk в каталог с CGI скриптами http сервера 
+и меняем в stat.awk путь вызова и DSN на свои значения , например:
+isql="./isqlodbc.exe sqlite " 
+
+ Шаг настройки N4:
+Пробуем вызвать скрипт из web браузера , например 
+
+http://localhost/cgi/stat.awk?
+
+------------------------------ KOI8-R ------------------------------------

contrib/www3proxy/stat.awk

@@ -0,0 +1,129 @@
+#!/usr/bin/awk -f 
+BEGIN { 
+  scriptname = ENVIRON["SCRIPT_NAME"]
+  #for win32
+  isql=".\\isqlodbc.exe sqlite " 
+
+  #for unix
+  #isql="./isqlodbc sqlite " 
+
+
+  print "Content-Type: text/html; charset=koi8-r \n\n"
+  print "<HTML>\n<BODY>\n";
+
+  # query parse
+  query_str = ENVIRON["QUERY_STRING"]
+  n = split(query_str, querys, "&")
+  for (i=1; i<=n; i++) 
+   {
+    split(querys[i], data, "=")
+    qr[data[1]] = data[2]
+   }
+
+  printf "<FORM METHOD=PUT action=\"" scriptname "?rep=1\">"
+  printf "datefrom:<INPUT name=\"datefrom\" value=\"2004-06-01\"> "
+  printf "dateto:<INPUT name=\"dateto\" value=\"2004-07-30\"> <br>"
+  printf "<INPUT type=\"radio\" name=\"userid\" value=\"username\" checked> LOGIN user <br>"
+  printf "<INPUT type=\"radio\" name=\"userid\" value=\"userip\"> IP user  <br>"
+  printf "<INPUT type=\"hidden\" name=\"rep\" value=\"user\">"  
+  printf "<INPUT type=\"submit\" value=\"Report\">"
+  printf "</FORM>"
+ 
+   
+  #printf "query_str=%s\n<br>",query_str
+  #print  qr["rep"]
+
+  if(qr["rep"]=="user")
+   {
+    cmd = isql " \"select " qr["userid"] ",sum(bytein),sum(byteout),sum(bytein+byteout) from log \
+        where ldate > '" qr["datefrom"] "'  AND ldate < '" qr["dateto"] \
+        "' group by " qr["userid"] " order by sum(bytein+byteout) desc;\""
+    printf " <table WIDTH=100%%  BORDER=1><tr><td><b>user</b></td> <td><b>bytein</b></td> <td><b>byteout</b> </td> <td> <b>bytesum</b></td></tr>"
+    while( (cmd|getline result)>0)
+     { 
+      split(result, rt, "|")
+      printf "<tr> <td><a href=\"%s?rep=host&datefrom=%s&dateto=%s&userid=%s&selectid=%s\"> %s <\/a></td><td>%d</td><td>%d</td><td>%d</td></tr>",
+      scriptname,qr["datefrom"],qr["dateto"],qr["userid"],rt[1],rt[1],rt[2],rt[3],rt[4]
+      totalbytein=totalbytein+rt[2];
+      totalbyteout=totalbyteout+rt[3];
+      totalbytesum=totalbytesum+rt[4];
+     } 
+    printf "<tr> <td><br>Total users</td> <td><br>%d</td> <td><br>%d</td> \
+    <td><br>%d</td></tr> </table> ",totalbytein,totalbyteout, totalbytesum
+    close(cmd)
+   }
+
+
+  if(qr["rep"]=="host")
+   {
+    cmd = isql "\"select sum(bytein+byteout), sum(bytein), sum(byteout),host from log \
+        where ldate > '" qr["datefrom"] "' AND ldate < '"qr["dateto"] \
+        "' AND " qr["userid"] " = '" qr["selectid"] \
+        "' group by host order by sum(bytein+byteout) desc;\"" 
+
+    printf "<center><b>Detail statistic for user: %s</b></center>",qr["selectid"]
+    printf " <table WIDTH=100%%  BORDER=1> <tr><td><b>sum byte</b></td> <td><b>bytein</b></td> <td><b>byteout</b></td><td><b>host</b></td></tr>"
+    while( (cmd|getline result)>0)
+     { 
+      split(result, rt, "|")
+      printf "<tr><td>%d</td><td>%d</td><td>%d</td><td>%s</td></tr>",rt[1],rt[2],rt[3],rt[4] 
+      totalbytein=totalbytein+rt[1];
+      totalbyteout=totalbyteout+rt[2];
+      totalbytesum=totalbytesum+rt[3];
+
+     }
+    printf "<tr> <td><br>%d</td> <td><br>%d</td> \
+    <td><br>%d</td><td><br>Total host</td></tr> </table> ",totalbytein,totalbyteout, totalbytesum
+    printf " </table> "
+    close(cmd)
+    
+   }
+
+  printf " </BODY> </HTML>";
+} # end BEGIN 
+
+
+# decode urlencoded string
+function decode(text,   hex, i, hextab, decoded, len, c, c1, c2, code) {
+    
+    split("0 1 2 3 4 5 6 7 8 9 a b c d e f", hex, " ")
+    for (i=0; i<16; i++) hextab[hex[i+1]] = i
+
+    # urldecode function from Heiner Steven
+    # http://www.shelldorado.com/scripts/cmds/urldecode
+
+    # decode %xx to ASCII char 
+    decoded = ""
+    i = 1
+    len = length(text)
+    
+    while ( i <= len ) {
+        c = substr (text, i, 1)
+        if ( c == "%" ) 
+             {
+           if ( i+2 <= len ) 
+                {
+              c1 = tolower(substr(text, i+1, 1))
+          c2 = tolower(substr(text, i+2, 1))
+          if ( hextab [c1] != "" || hextab [c2] != "" ) {
+          if ( (c1 >= 2 && (c1 != 7 && c2 != "F")) || (c1 == 0 && c2 ~ "[9acd]") )
+                   {
+             code = 0 + hextab [c1] * 16 + hextab [c2] + 0
+             c = sprintf ("%c", code)
+           } 
+                  else { c = " " }
+          i = i + 2
+        }
+         }
+        } else if ( c == "+" ) {    # special handling: "+" means " "
+            c = " "
+        }
+        decoded = decoded c
+        ++i
+    }
+    # change linebreaks to \n
+    gsub(/\r\n/, "\n", decoded)
+    # remove last linebreak
+    sub(/[\n\r]*$/,"",decoded)
+    return decoded
+}

contrib/www3proxy/stat.pl

@@ -0,0 +1,185 @@
+#!/usr/bin/perl
+eval 'exec /usr/bin/perl -S $0 ${1+"$@"}'
+    if $running_under_some_shell;
+			# this emulates #! processing on NIH machines.
+			# (remove #! line above if indigestible)
+
+eval '$'.$1.'$2;' while $ARGV[0] =~ /^([A-Za-z_0-9]+=)(.*)/ && shift;
+			# process any FOO=bar switches
+
+$[ = 1;			# set array base to 1
+$, = ' ';		# set output field separator
+$\ = "\n";		# set output record separator
+
+$scriptname = $ENVIRON{'SCRIPT_NAME'};
+#for win32
+$isql = ".\\isqlodbc.exe sqlite ";
+
+#for unix
+#isql="./isqlodbc sqlite " 
+
+print "Content-Type: text/html; charset=koi8-r \n\n";
+print "<HTML>\n<BODY>\n";
+
+# query parse
+$query_str = $ENVIRON{'QUERY_STRING'};
+$n = (@querys = split(/&/, $query_str, 9999));
+for ($i = 1; $i <= $n; $i++) {
+    @data = split(/=/, $querys[$i], 9999);
+    $qr{$data[1]} = $data[2];
+}
+
+printf "<FORM METHOD=PUT action=\"" . $scriptname . "?rep=1\">";
+printf "datefrom:<INPUT name=\"datefrom\" value=\"2004-06-01\"> ";
+printf "dateto:<INPUT name=\"dateto\" value=\"2004-07-30\"> <br>";
+printf
+
+  "<INPUT type=\"radio\" name=\"userid\" value=\"username\" checked> LOGIN user <br>";
+printf
+
+  "<INPUT type=\"radio\" name=\"userid\" value=\"userip\"> IP user  <br>";
+printf "<INPUT type=\"hidden\" name=\"rep\" value=\"user\">";
+printf "<INPUT type=\"submit\" value=\"Report\">";
+printf '</FORM>';
+
+#printf "query_str=%s\n<br>",query_str
+#print  qr["rep"]
+
+if ($qr{'rep'} eq 'user') {
+    $cmd = $isql . " \"select " . $qr{'userid'} .
+
+      ",sum(bytein),sum(byteout),sum(bytein+byteout) from log         where ldate > '"
+
+      . $qr{'datefrom'} . "'  AND ldate < '" . $qr{'dateto'} . "' group by " .
+
+      $qr{'userid'} . " order by sum(bytein+byteout) desc;\"";
+    printf
+
+      ' <table WIDTH=100%%  BORDER=1><tr><td><b>user</b></td> <td><b>bytein</b></td> <td><b>byteout</b> </td> <td> <b>bytesum</b></td></tr>';
+    while ((($result = &Getline3($cmd, '|'),$getline_ok)) > 0) {
+	@rt = split(/\|/, $result, 9999);
+	printf
+
+	  "<tr> <td><a href=\"%s?rep=host&datefrom=%s&dateto=%s&userid=%s&selectid=%s\"> %s <\\/a></td><td>%d</td><td>%d</td><td>%d</td></tr>",
+
+	  
+	$scriptname, $qr{'datefrom'}, $qr{'dateto'}, $qr{'userid'}, $rt[1],
+
+	  $rt[1], $rt[2], $rt[3], $rt[4];
+	$totalbytein = $totalbytein + $rt[2];
+	$totalbyteout = $totalbyteout + $rt[3];
+	$totalbytesum = $totalbytesum + $rt[4];
+    }
+    printf
+
+      '<tr> <td><br>Total users</td> <td><br>%d</td> <td><br>%d</td>     <td><br>%d</td></tr> </table> ',
+
+      $totalbytein, $totalbyteout, $totalbytesum;
+    delete $opened{$cmd} && close($cmd);
+}
+
+if ($qr{'rep'} eq 'host') {
+    $cmd = $isql .
+
+      "\"select sum(bytein+byteout), sum(bytein), sum(byteout),host from log         where ldate > '"
+
+      . $qr{'datefrom'} . "' AND ldate < '" . $qr{'dateto'} . "' AND " .
+
+      $qr{'userid'} . " = '" . $qr{'selectid'} .
+
+      "' group by host order by sum(bytein+byteout) desc;\"";
+
+    printf '<center><b>Detail statistic for user: %s</b></center>',
+
+      $qr{'selectid'};
+    printf
+
+      ' <table WIDTH=100%%  BORDER=1> <tr><td><b>sum byte</b></td> <td><b>bytein</b></td> <td><b>byteout</b></td><td><b>host</b></td></tr>';
+    while ((($result = &Getline3($cmd, '|'),$getline_ok)) > 0) {
+	@rt = split(/\|/, $result, 9999);
+	printf '<tr><td>%d</td><td>%d</td><td>%d</td><td>%s</td></tr>',
+
+	  $rt[1], $rt[2], $rt[3], $rt[4];
+	$totalbytein = $totalbytein + $rt[1];
+	$totalbyteout = $totalbyteout + $rt[2];
+	$totalbytesum = $totalbytesum + $rt[3];
+    }
+    printf
+
+      '<tr> <td><br>%d</td> <td><br>%d</td>     <td><br>%d</td><td><br>Total host</td></tr> </table> ',
+
+      $totalbytein, $totalbyteout, $totalbytesum;
+    printf ' </table> ';
+    delete $opened{$cmd} && close($cmd);
+}
+
+printf ' </BODY> </HTML>';
+
+# end BEGIN 
+
+# decode urlencoded string
+
+sub decode {
+    local($text, *Hex, $i, *hextab, $decoded, $len, $c, $c1, $c2, $code) = @_;
+    @Hex = split(' ', '0 1 2 3 4 5 6 7 8 9 a b c d e f', 9999);
+    for ($i = 0; $i < 16; $i++) {
+	$hextab{$Hex[$i + 1]} = $i;
+
+	# urldecode function from Heiner Steven
+	# http://www.shelldorado.com/scripts/cmds/urldecode
+
+	# decode %xx to ASCII char 
+	;
+    }
+    $decoded = '';
+    $i = 1;
+    $len = length($text);
+
+    while ($i <= $len) {	#???
+	$c = substr($text, $i, 1);
+	if ($c eq '%') {
+	    if ($i + 2 <= $len) {
+		$c1 = &tolower(substr($text, $i + 1, 1));
+		$c2 = &tolower(substr($text, $i + 2, 1));
+		if ($hextab{$c1} ne '' || $hextab{$c2} ne '') {
+		    if (($c1 >= 2 && ($c1 != 7 && $c2 ne 'F')) ||
+
+		      ($c1 == 0 && $c2 =~ '[9acd]')) {
+			$code = 0 + $hextab{$c1} * 16 + $hextab{$c2} + 0;
+			$c = sprintf('%c', $code);
+		    }
+		    else {
+			$c = ' ';
+		    }
+		    $i = $i + 2;
+		}
+	    }
+	}
+	elsif ($c eq '+') {
+	    # special handling: "+" means " "
+	    $c = ' ';
+	}
+	$decoded = $decoded . $c;
+	++$i;
+    }
+    # change linebreaks to \n
+    $decoded =~ s/\r\n/\n/g;
+    # remove last linebreak
+    $decoded =~ s/[\n\r]*$//;
+    $decoded;
+}
+
+sub Getline3 {
+    &Pick('',@_);
+    local($_);
+    if ($getline_ok = (($_ = <$fh>) ne '')) {
+	;
+    }
+    $_;
+}
+
+sub Pick {
+    local($mode,$name,$pipe) = @_;
+    $fh = $name;
+    open($name,$mode.$name.$pipe) unless $opened{$name}++;
+}

copying

@@ -0,0 +1,62 @@
+3proxy 0.7 Public License Agreement
+
+(c) 2000-2014 by 3APA3A (3APA3A@security.nnov.ru)
+(c) 2000-2014 by SecurityVulns.com (http://3proxy.ru/)
+(c) 2000-2014 by Vladimir Dubrovin (vlad@sandy.ru)
+
+This software uses:
+  RSA Data Security, Inc. MD4 Message-Digest Algorithm
+  RSA Data Security, Inc. MD5 Message-Digest Algorithm
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+This software is FREEWARE. 
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that following conditions
+are met (BSD style license):
+
+    * Redistributions of source code must retain the above copyright notice,
+    this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+    this list of conditions and the following disclaimer in the documentation
+    and/or other materials provided with the distribution.
+    * Neither the name of the SecurityVulns.COM nor the names of its
+    contributors may be used to endorse or promote products derived from this
+    software without specific prior written permission.
+
+
+Instead of this license, you can also use and redistribute this software under
+terms of compatible license, including:
+
+1. Apache License, Version 2.0
+   You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+2. GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   You may obtain a copy of the License at
+
+	http://www.gnu.org/licenses/gpl.txt
+
+3. GNU Lesser General Public License as published by the
+   Free Software Foundation; either version 2.1 of the License, or
+   (at your option) any later version.
+   You may obtain a copy of the License at
+
+	http://www.gnu.org/licenses/lgpl.txt
+
+
+$Id: License,v 1.3 2007/04/05 11:59:47 vlad Exp $

doc/html/faqe.html

@@ -0,0 +1,158 @@
+<h3>Why ... doesn't work?</h3>
+
+<p><i>Q: Why does nothing work?</i></p>
+A: Valid configuration file is required.
+
+<p><i>Q: Why restrictions (redirections, limits, etc) do not work?</i></p>
+A: Most probable reasons: 'auth none' or no auth is used. For any ACL based feature one of 'iponly', 'nbname' or 'strong' auths required. Sequence of commands may be invalid. Commands are executed one-by-one and 'proxy', 'tcppm', 'socks' or another service commands must follow valid configuration. Invalid sequence of ACLs. First matching ACL is used (except of internal redirections, see below). If ACL contains at least one records last record is assumed to be 'deny *'.
+
+<p><i>Q: Why doesn't 3proxy work as service under Windows?</i></p>
+Possible reasons:
+<ul>
+<li>'service' command absents in configuration file. Command is required for
+3proxy.exe to behave as system service in 3proxy 0.5.2 and prior.
+<li>there are relative paths in configuration file for included files,
+log files, etc. Always use absolute paths. For example
+$"c:\3proxy\networks.local" instead of  $networks.local. For debugging remove
+'service' and 'daemon', log to stdout an try to execute 3proxy from command
+line from some different directory (for example from disk root).
+<li>SYSTEM account doesn't have access to executable file, configuration files,
+log files, etc.
+<li>configuration files is not located in default path (3proxy.cfg in same
+location with 3proxy.exe). For alternative configuration file location use
+<pre>
+3proxy --install full_path_to_configuration_file
+</pre>
+<li>user has no rights to install or start service
+<li>service is already installed and/or started
+
+</ul>
+
+<p><A NAME="INTEXT"><i>Q: Why doesn't internal and external commands work as expected</i></A></li></p>
+A: Check your expectations first.
+Both internal and external IPs are IPs of the host running 3proxy itself.
+This configuration option is usefull in situation 3proxy is running on the
+border host with 2 (or more) connections: e.g. LAN and WAN with different IPs
+<pre>
+     LAN connection +-------------+ Internet connection
+LAN <-------------->| 3proxy host |<-------------------> INTERNET
+                   ^+-------------+^
+	           |               |
+              Internal IP       External IP
+</pre>
+If 3proxy is used on the host with single connection, both internal and
+external are usually same IP.
+<br>Internal should exist and be UP on the moment 3proxy is started and
+should never be disconnected/DOWN. If this interface is periodically
+disconnected (e.g. direct link between 2 hosts), do not specify internal
+address or use 0.0.0.0 instead. In this case, if you have 2 or more
+interfaces you must use firewall (preferably) or 3proxy ACLs to avoid open
+proxy situation. 
+<br>
+External IP (if specified) must exist in the momet 3proxy
+serves client request. If external interface is no specified (or 0.0.0.0),
+system select external IP. It may be possible to access resources of internal
+network, to prevent this use ACLs. In addition, SOCKSv5 will not support BIND
+operation, required for incoming connections (this operation is quite rarely
+implemented in SOCKSv5 clients and usually is not required). In case of
+dynamic address, do not specify external or use external 0.0.0.0 or, if
+external address is required, create a script to determine current external
+IP and save it to file, and use external "$path_to_file" with "monitor" command
+to automatically reload configuration on address change.
+
+<p><i>Q: Why doesn't ODBC loggind work?</i></p>
+A: Check you use system DSN. 
+Check SQL request is valid. 
+The best way to check is to make file or stdout logging, get SQL request from log file or console and execute this request manually.
+
+<p><i>Q: Why doesn't APOP/CRAM-MD5 authentication work with POP3 proxy?</i></p>
+A: Any Challenge-response authentication require challenge to be transmitted from server. Pop3p doesn't know which server to use before authentication, it makes it impossible to obtain challenge. You can encrypt your POP3 communications with TLS (i.e. stunnel) or IPSec.
+
+<h3>Redirection to local proxy</h3>
+
+<p><i>Q: What is it for?</i></p>
+A: To have control based on request and to have URLs and another protocol specific parameters to be logged.
+
+<p><i>Q: What are restrictions?</i></p>
+A: It's hard to redirect services for non-default ports; Internet Explorer supports only SOCKSv4 with no password authentication (Internet Explorer sends username, but not password), for SOCKSv5 only cleartext password authentication is supported.
+
+<p><i>Q: What are advantages?</i></p>
+A: You need only to setup SOCKS proxy in browser settings. You can use socksifier, i.e. FreeCAP or SocksCAP with application which is not proxy aware.
+
+<p><i>Q: How to setup?</i></p>
+A: You should specify parent proxy with IP of 0.0.0.0 and port 0. Examples:
+<pre>
+auth iponly
+allow * * * 80,8080-8088
+parent 1000 http 0.0.0.0 0
+allow * * * 80,8080-8088
+#redirect ports 80 and 8080-8088 to local HTTP proxy
+#Second allow is required, because ACLs are checked
+#twice: first time by socks and second by http proxy.
+
+allow * * * 21,2121
+parent 1000 ftp 0.0.0.0 0
+allow * * * 21,2121
+#redirect ports 21 and 2121 to local 
+#ftp proxy
+
+
+allow *
+#allow rest of connections directly
+
+socks
+#now let socks server to start
+</pre>
+
+<p><i>Q: How it affects different ACL rules?</i></p>
+A: After local redirections rules are applied again to protocol-level request. Redirection rule itself is skipped. It makes it possible to redirect request again on the external proxy depending on request itself.
+<pre>
+allow * * * 80,8080-8088
+parent 1000 http 0.0.0.0 0
+#redirect http traffic to internal proxy
+
+allow * * $c:\3proxy\local.nets 80,8080-8088
+#allow direct access to local.nets networks
+allow * * * 80,8080-8088
+parent 1000 http proxy.sandy.ru 3128
+#use parent caching proxy for rest of the networks
+
+allow *
+#allow direct connections for rest of socks
+#requests
+</pre>
+
+<h3>Can I ...?</h3>
+
+<p><i>Q: Is it possible to resolve names through parent proxy?</i></p>
+A: Yes, use 'proxy', 'connect+', 'socks4+' or 'socks5+' as parent proxy type.
+3proxy itself requires name resolutions for ACL checks, so, if it's impossible
+to resolve names from 3proxy host, use
+<pre>
+fakeresolve
+</pre>
+command. Fakeresolve resolves any name to 127.0.0.2.
+
+
+<p><i>Q: Can I use 3proxy as FTP proxy?</i></p>
+A: There are two kinds of FTP proxy supported: FTP over HTTP support (known as FTP proxy inside Internet Explorer, Mozilla and another browsers) and real FTP proxy (usable in Far and different FTP clients). Both are supported in 3proxy: first one as a part of HTTP 'proxy' and second one as 'ftppr'.
+
+<p><i>Q: Can I bind any 3proxy service to non-default port?</i></p>
+A: proxy -p8080
+
+<h3>Why so ...?</h3>
+
+<p><i>Q: Why traffic accounting is incomplete? It differs for what my provider (or another accounting application) shows to me?</i></p>
+A: 3proxy accounts protocol level traffic. Provider counts channel or IP-level traffic with network and transport headers. In additions, 3proxy doesn't counts DNS resolutions, pings, floods, scans, etc. It makes approx. 10% of difference. That's why you should have 15% reserve if you use 3proxy to limit your traffic. If difference with your provider is significantly above 10% you should look for traffic avoiding proxy server, for example connections through NAT, traffic originated from the host with proxy installed, traffic from server applications, etc.
+
+<p><i>Q: Why configuration is so difficult and non-intuitive?</i></p>
+A: Configuration format is created in a way it's easy to parse and matches to internal 3proxy structures. In addition, there are some older things left for compatibility to be cleaned in 3proxy release. And last, I think it's easy and intuitive.
+
+<p><i>Q: Why the code is so difficult and non-intuitive?</i></p>
+A: First, I'm not programmer. Second, 3proxy was 'proof of concept' in reply for some conference post. Request was to write proxy server in 100 lines of code. First version of 3proxy had less, with HTTP and SOCKS support and portmappers. Third, there are peoples who want to use 3proxy code in trojans. I don't want to help them.  Fourth, the aim is to support different platforms. It's well known - the worse code is, the better it compiles.
+
+<p><i>Q: Why do you use insecure strcpy, sprintf, etc?</i></p>
+A: Why not? I try to use insecure function in secure manner. You're welcome to look for vulnerabilities.
+<pre>
+$Id: faqe.html,v 1.10 2007/07/31 08:42:38 vlad Exp $
+</pre>

doc/html/faqr.html

@@ -0,0 +1,283 @@
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+3APA3A 3proxy tiny proxy server Frequently Asked Questions (FAQ)
+<ul>
+  <li><a href="#TROUBLE">Почему не работает...</a></li>
+  <ul>
+    <li><a href="#NOTHING">Q: Почему ничего не работает?</a></li>
+    <li><a href="#LIMITS">Q: Почему не работают ограничения доступа (перенаправления, ограничения по скорости, трафику и т.д.)?</a></li>
+    <li><a href="#SERVICE">Q: Почему 3proxy не запускается как служба?</a></li>
+    <li><a href="#INTEXT">Q: Почему не получается указать internal и external?</a></li>
+    <li><a href="#ODBC">Q: Почему не работает ведение журналов в ODBC?</a></li>
+    <li><a href="#CHAP">Q: Почему не поддерживаются APOP и CRAM-MD5 в POP3 прокси?</a></li>
+  </ul>
+  <li><a href="#SOCKSREDIR">Перенаправление socks соединений в локальный прокси</a></li>
+  <ul>
+    <li><a href="#REDIR">Q: Для чего это надо?</a></li>
+    <li><a href="#REDIRLIMIT">Q: Какие недостатки?</a></li>
+    <li><a href="#REDIRADV">Q: Какие преимущества?</a></li>
+    <li><a href="#REDIRHOW">Q: Как настраивается?</a></li>
+    <li><a href="#REDIINTER">Q: Как взаимодействует с другими правилами в ACL?</a></li>
+  </ul>
+  <li><a href="#ISIT">А есть ли...</a></li>
+  <ul>
+    <li><a href="#NAMES">Можно ли разрешать имена на родительском прокси?</a></li>
+    <li><a href="#ISFTP">Существует ли сейчас поддержка FTP прокси в продукте?</a></li>
+    <li><a href="#PORT">Каким образом можно прибиндить сервисы на свой порт, к примеру, HTTP прокси к 8080, а не 3128 как по-умолчанию?</a></li>
+    <li><a href="#BANDLIM">Как ограничить ширину канала?</a></li>
+  </ul>
+  <li><a href="#BRRR">Почему так криво...</a></li>
+  <ul>
+    <li><a href="#TRAF">Почему так криво считается трафик? Не совпадает с ...</a></li>
+    <li><a href="#CONFIG">Почему такая кривая конфигурация и ничерта не понятно?</a></li>
+    <li><a href="#CODE">Почему так криво написан код?</a>
+    <li><a href="#UNSAFE">Почему так много strcpy, sprintf и т.д., это ж дыры!</a>
+  </ul>
+</ul>
+<hr>
+<li><b><a name="TROUBLE">Почему не работает...<a></b></li>
+<ul>
+  <li><a name="NOTHING"><i>Q: Почему ничего не работает?</i></a></li>
+  <p>
+  <i>A:</i> Потому что для работы нужен правильный файл конфигурации.
+  </p>
+  <li><a name="LIMITS"><i>Q: Почему не работают ограничения доступа (перенаправления, ограничения по скорости,
+  трафику и т.д.)?</i></a></li>
+  <p>
+  <i>A:</i> Обычные ошибки - использование auth none (для работы любых
+  функций, основанных на ACL, требуется auth iponly, nbname или strong),
+  нарушение порядка ввода команд (команды выполняются последовательно,
+  запуск сервиса proxy, socks, tcppm и т.д. должен осуществляться после
+  того, как указана его конфигурация), неправильный порядок записей в ACL
+  (записи просматриваются последовательно до первой, удовлетворяющей
+  критериям). Если в ACL имеется хотя бы одна запись, то считается, что
+  последняя запись в ACL - это неявная deny *.
+  </p>
+  <li><a name="SERVICE"><i>Q: Почему 3proxy не запускается как служба?</i></a></li>
+  <p>
+  <i>A:</i> Наиболее вероятные причины:
+  <ul>
+    <li>Отсутствие команды service в файле конфигурации - команда необходима в 3proxy 0.5.2 и более ранних, чтобы 3proxy вел себя как системная служба Windows
+    <li>Использование относительных (неполных) путей файлов в файле конфигурации
+    При использовании файлов журналов, файлов вставок ($filename) используйте
+    полные пути, например, $"c:\3proxy\include files\networks.local". Тоже самое
+    относится к файлам журналов и любым другим.
+    Для отладки лучше запускать 3proxy с ведением журнала на стандартный вывод.
+    Не забудьте в таком случае отключить daemon и service в файле конфигурации.
+    Для чистоты эксперимента запускать 3proxy из коммандной строки в таком случае
+    следует, находясь в другой папке.
+    <li>Отсутствие у системной записи прав на доступ к исполняемому файлу, каким-либо файлам конфигурации, журнала и т.п.
+    <li>Отсутствие файла конфигурации по стандартному расположению -
+    3proxy.cfg в одном каталоге с исполняемым файлом. Если файл расположен по
+    другому пути, необходимо использовать команду
+    <pre>
+    3proxy --install path_to_configuration_file</pre>
+    <li>Отсутствие у пользователя прав на установку или запуск службы
+    <li>Служба уже установлена или запущена
+  </ul>
+  </p>
+  <li><a name="INTEXT"><i>Q: Почему не получается указать internal и external?</i></a></li></li>
+  <p>
+  <i>A:</i> Убедитесь, что выправильно понимаете что такое internal и external адреса.
+  Оба адреса - это адреса, принадлежищие хосту, на котором установлен 3proxy.
+  Эта опция конфигурации необходима в классической ситуации, когда 3proxy
+  установлен на граничном компьютере с двумя (или более) подключениями:
+  <pre>
+       LAN connection +-------------+ Internet connection
+  LAN <-------------->| 3proxy host |<-------------------> INTERNET
+                     ^+-------------+^
+                     |               |
+               Internal IP      External IP</pre>
+  Если 3proxy работает на хосте с одним интерфейсом, то его адрес будет и
+  internal и external.
+  <br>Интерфейс с адресом internal должен существовать и быть рабочим на момент
+  запуска 3proxy, и не должен отключаться. Если internal интерфейс
+  периодически отключается, то не следует его указывать, или можно указать адрес
+  0.0.0.0. При этом прокси будет принимать запросы на всех интерфейсах, поэтому
+  при наличии нескольких интерфейсов для ограничения доступа следует использовать
+  фаервол или хотя бы ACL.
+  </p>
+  <p>
+  Интерфейс с адресом external, если он указан, должен быть рабочим на момент
+  получения запроса клиента. При отсутствии external или адресе 0.0.0.0 внешний
+  адрес будет выбираться системой при установке соединения. При этом, может быть
+  возможность доступа через прокси к ресурсам локальной сети, поэтому для
+  предотвращения несанкционированного доступа следует использовать ACL. Кроме
+  того, могут быть проблемы с приемом входящих соединений через SOCKSv5
+  (SOCKSv5 используется в клиентах исключительно редко).
+  В случае, если адрес динамический, можно либо не
+  указывать external, либо использовать адрес 0.0.0.0, либо, если необходима
+  поддержка входящих соединений в SOCKSv5, использовать скрипт,
+  который будет получать текущий адрес и сохранять его в файл, который будет
+  отслуживаться через команду monitor.
+  </p>
+  <li><a name="ODBC"><i>Q: Почему не работает ведение журналов в ODBC?</i></a></li>
+  <p>
+  <i>A:</i> Убедитесь, что используется системный, а не
+  пользовательский DSN. Убедитесь, что выполняется правильный SQL запрос. Наиболее
+  распространенная проблема связана с отсутствием кавычек или неправильным
+  форматом данных. Самый простой способ - сделать ведение журнала в файл или
+  на стандартный вывод, просмотреть выдаваемые SQL запросы и попробовать
+  дать такой запрос вручную.
+  </p> 
+  <li><a name="CHAP"><i>Q: Почему не поддерживаются APOP и CRAM-MD5 в POP3 прокси?</i></a></li>
+  <p>
+  <i>A:</i> Любая challenge-response аутентификация, к которым относятся APOP
+  и CRAM-MD5, требует, чтобы со стороны сервера был передан уникальный challenge.
+  До начала аутентификации POP3 прокси не знает, к какому серверу следует
+  подключаться для получения Challenge, поэтому challenge-response в принципе
+  невозможен. Защитить соединение можно с помощью TLS (например, stunnel) или
+  IPSec.
+  </p>
+</ul>
+<hr>
+<li><b><a name="SOCKSREDIR">Перенаправление socks соединений в локальный прокси</a></b></li>
+<ul>
+  <li><a name="REDIR"><i>Q: Для чего это надо?</i></a></li>
+  <p>
+  <i>A:</i> Чтобы иметь в логах URL запросов, если пользователь SOCKS пользуется
+  Web, FTP или POP3.
+  </p>
+  <li><a name="REDIRLIMIT"><i>Q: Какие недостатки?</i></a></li>
+  <p>
+  <i>A:</i> Перенапраление невозможно для web-серверов или FTP, висящих на
+  нестандартных портах, для SOCKSv4 не поддрживается авторизация с
+  паролем (IE поддерживает только SOCKSv4), но при этом IE передает
+  имя пользователя по SOCKSv4 (имя, с которым пользователь вошел в систему).
+  Для SOCKSv5 не поддерживается NTLM авторизация, пароли передаются в открытом
+  тексте.
+  </p>
+  <li><a name="REDIRADV"><i>Q: Какие преимущества?</i></a></li>
+  <p>
+  <i>A:</i> Достаточно в настройках IE только указать адрес SOCKS прокси. В
+  больших сетях можно для этого использовать WPAD (автоматическое
+  обнаружение прокси). В 3proxy достаточно запускать только одну службу
+  (socks). Если используется только Internet Explorer, то можно
+  автоматически получать имя пользователя в логах, не запрашивая
+  логин/пароль.
+  </p>
+  <li><a name="REDIRHOW"><i>Q: Как настраивается?</i></a></li>
+  <p>
+  <i>A:</i> Указывается parent http proxy со специальным адресом 0.0.0.0 и портом
+  0. Пример:
+  <pre>
+  allow * * * 80,8080-8088
+  parent 1000 http 0.0.0.0 0
+  allow * * * 80,8080-8088
+  #перенаправить соединения по портам 80 и 8080-8088 в локальный
+  #http прокси. Вторая команда allow необходима, т.к. контроль доступа
+  #осуществляется 2 раза - на уровне socks и на уровне HTTP прокси
+  allow * * * 21,2121
+  parent 1000 ftp 0.0.0.0 0
+  allow * * * 21,2121
+  #перенаправить соединения по портам 21 и 2121 в локальный
+  #ftp прокси
+  allow *
+  #пустить все соединения напрямую
+  socks</pre>
+  </p>
+  <li><a name="REDIINTER"><i>Q: Как взаимодействует с другими правилами в ACL?</i></a></li>
+  <p>
+  <i>A:</i> После внутреннего перенаправления правила рассматриваются еще раз за
+  исключением самого правила с перенаправлением (т.е. обработка правил не
+  прекращается). Это позволяет сделать дальнейшие перенаправления на
+  внешний прокси. По этой же причине локальное перенаправление не должно
+  быть последним правилом (т.е. должно быть еще хотя бы правило allow,
+  чтобы разрешить внешние соединения через HTTP прокси).
+  Например,
+  <pre>
+  allow * * * 80,8080-8088
+  parent 1000 http 0.0.0.0 0
+  #перенаправить во внутренний прокси
+  allow * * $c:\3proxy\local.nets 80,8080-8088
+  #разрешить прямой web-доступ к сетям из local.nets
+  allow * * * 80,8080-8088
+  parent 1000 http proxy.sandy.ru 3128
+  #все остальные веб-запросы перенаправить на внешний прокси-сервер
+  allow *
+  #разрешить socks-запросы по другим портам</pre>
+  </p>
+</ul>
+<hr>
+<li><b><a name="ISIT">А есть ли...</a></b></li>
+<ul>
+  <li><a name="NAMES"><i>Q: Можно ли разрешать имена на родительском прокси?</i></a></li>
+  <p>
+  <i>A:</i> Можно. Для этого надо использовать тип родительского прокси http,
+  connect+, socks4+ и socks5+. Однако, при это надо помнить, что самому 3proxy
+  требуется разрешение имени для управления ACL. Поэтому, если с прокси-хоста
+  не работают разрешения имени, необходимо в конфигурации дать команду
+  <pre>
+  fakeresolve</pre>
+  которая разрешает любое имя в адрес 127.0.0.2.
+  </p>
+  <li><a name="ISFTP"><i>Q: Существует ли сейчас поддержка FTP прокси в продукте?</i></a></li>
+  <p>
+  Есть поддержка как FTP через HTTP (то, что называется FTP прокси в Internet
+  Explorer, Netscape, Opera) так и настоящего FTP прокси (то, что называется
+  FTP proxy в FAR и FTP клиентах).
+  </p>
+  <li><a name="PORT"><i>Q: Каким образом можно прибиндить сервисы на свой порт, к примеру, HTTP прокси к 8080, а не 3128 как по-умолчанию?</i></a></li>
+  <p>
+  А:
+  <pre>
+  proxy -p8080</pre>
+  </p>
+  <li><a name="BANDLIM"><i>Q: Как ограничить ширину канала?</i></a></li>
+  <p>
+  <i>A:</i> Читайте HowTo <a href="http://3proxy.ru/howtor.asp#BANDLIM">http://3proxy.ru/howtor.asp#BANDLIM</a>
+  </p>
+</ul>
+<hr>
+<li><b><a name="BRRR">Почему так криво...</a></b></li>
+<ul>
+  <li><a name="TRAF"><i>Q: Почему так криво считается трафик? Не совпадает с ...</i></a></li>
+  <p>
+  <i>A:</i> Следует учитывать, что 3proxy считает трафик только на прикладном уровне и
+  только проходящий через прокси-сервер. Провайдеры и другие средства учета
+  трафика считают трафик на сетевом уровне, что уже дает расхождение порядка 10%
+  за счет информации из заголовков пакетов. Кроме того, часть трафика, как
+  минимум DNS-разрешения, различный флудовый трафик и т.д. идут мимо прокси.
+  Уровень "шумового" трафика в Internet сейчас составляет порядка 50KB/день на
+  каждый реальный IP адрес, но может сильно варьироваться в зависимости от сети,
+  наличия открытых портов, реакции на ping-запросы и текущего уровня вирусной
+  активности. По этим причинам, если 3proxy используется чтобы не "выжрать"
+  трафик, выделенный провайдером, всегда следует делать некий запас порядка
+  15%.
+  </p>
+  <p>
+  Если на одной с 3proxy машине имеются какие-либо сервисы или
+  работает пользователь, то их трафик не проходит через proxy-сервер и так же
+  не будет учтен. Если где-то есть NAT, то клиенты, выходящие через NAT мимо
+  прокси, так же останутся неучтенными. Если расхождение с провайдером превышает
+  10% - нужно искать причину именно в этом.
+  </p>
+  <li><a name="CONFIG"><i>Q: Почему такая кривая конфигурация и ничерта не понятно?</i></a></li>
+  <p>
+  <i>A:</i> Есть несколько причин. Во-первых, до выхода релиза (т.е. версии 1.0) я буду изо
+  всех сил добиваться совместимости конфигурации между версиями. Во-вторых,
+  конфигурация сделана так, чтобы ее можно было легко разбирать программно.
+  В-третьих, все там понятно. При желании. Если знать как все работает.
+  </p>
+  <li><a name="CODE"><i>Q: Почему так криво написан код?</i></a></li>
+  <p>
+  <i>A:</i> Есть несколько причин. Во-первых, я не программист. Во-вторых, 3proxy изначально
+  писался на коленке (в отет на &quot;слабо&quot; в одной из конференций). Никто
+  не мог предположить, что им кто-то реально будет пользоваться. В-третьих, у многих
+  возникает желание разобраться в коде 3proxy чтобы внедрить его в какой-нибудь
+  троян. Очень не хочется облегчать эту задачу. В-четвертых, мне надо добиться
+  компиляции кода в как можно большем числе систем. Замечено, что чем кривее код в
+  C, тем он лучше переносится.
+  </p>
+  <li><a name="UNSAFE"><i>Q: Почему так много strcpy, sprintf и т.д., это ж дыры!</i></a><li>
+  <p>
+  <i>A:</i> Есть несколько причин. Во-первых, несмотря на дурной тон использования этих
+  функций, они наиболее совместимы между разными системами и компиляторами.
+  Во-вторых, само по себе их использование не означает присутствие дыры, если их
+  параметры должным образом контролируются. Найдете дыру - обязательно сообщите.
+  В третьих, может быть я уберу их перед конечным релизом, чтобы никого не
+  пугать.
+  </p>
+</ul>
+<pre>
+$Id: faqr.html,v 1.28 2007/09/25 09:47:13 vlad Exp $
+</pre>

doc/html/howtoe.html

@@ -0,0 +1,835 @@
+<ul>
+ <li>3APA3A 3proxy tiny proxy server HowTo
+ <br>Under construction, very incomplete
+ <ul>
+	<li><A HREF="#COMPILE">Compilation</A>
+	<ul>
+		<li><A HREF="#MSVC">How to compile 3proxy with Visual C++</A>
+		<li><A HREF="#INTL">How to compile 3proxy with Intel C Compiler under Windows</A>
+		<li><A HREF="#GCCWIN">How to compile 3proxy with GCC under Windows</A>
+		<li><A HREF="#GCCUNIX">How to compile 3proxy with GCC under Unix/Linux</A>
+		<li><A HREF="#CCCUNIX">How to compile 3proxy with Compaq C Compiler under Unix/Linux</A>
+	</ul>
+	<li><A HREF="#INSTALL">Proxy server installation and removal</A>
+	<ul>
+		<li><A HREF="#INSTNT">How to install/remove 3proxy under Windows NT/2000/XP</A>
+		<li><A HREF="#INST95">How to install/remove 3proxy under Windows 95/98/ME</A>
+		<li><A HREF="#INSTUNIX">How to install/remove 3proxy under Unix/Linux</A>
+	</ul>
+	<li><A HREF="#SERVER">Server configuration</A>
+	<ul>
+		<li><A HREF="#SAMPLE">Where to find configuration example</A>
+		<li><A HREF="#LOGGING">How to set up logging</A>
+		<li><A HREF="#LOGFORMAT">How to setup logging format</A>
+		<li><A HREF="#LOGANALIZERS">How to use log analizers with 3proxy</A>
+		<li><A HREF="#LAUNCH">How to start any of proxy services (HTTP, SOCKS etc)</A>
+		<li><A HREF="#BIND">How to bind service to specific interface and port?</A>
+		<li><A HREF="#AUTH">How to limit service access</A>
+		<li><A HREF="#USERS">How to create user list</A>
+		<li><A HREF="#ACL">How to limit user access to resources</A>
+		<li><A HREF="#REDIR">How to manage redirections</A>
+		<li><A HREF="#ROUNDROBIN">How to balance traffic between few external channgels?</A>
+		<li><A HREF="#CHAIN">How to manage proxy chains</A>
+		<li><A HREF="#BANDLIM">How to limit bandwidth</A>
+		<li><A HREF="#TRAFLIM">How to limit traffic amount</A>
+		<li><A HREF="#NETLIST">How to build network lists</A>
+	</ul>
+	<li><A HREF="#CLIENT">Client configuration</A>
+	<li><A HREF="#ADMIN">Administering and information analisys</A>
+	<ul>
+		<li><A HREF="#NEWVERSION">How to obtain latest 3proxy version</A>
+		<li><A HREF="#NTSERVICE">How to control 3proxy service under Windows NT/2000/XP</A>
+		<li><A HREF="#ERRORS">Log error codes reference</A>
+	</ul>
+	<li><A HREF="#QUEST">How To ask quiestion not in How To?</A>
+ </ul>
+<br>
+ <ul>
+<hr>
+	<li><A NAME="COMPILE">Compilation</A>
+<p>
+	<ul>
+		<li><A NAME="MSVC">How to compile 3proxy with Visual C++</A>
+<p>
+Extract source code files from 3proxy.tgz (with WinZip or another utility).
+Use nmake /f Makefile.msvc command
+</p>
+		<li><A NAME="INTL">How to compile 3proxy with Intel C Compiler under Windows</A>
+<p>
+See <A HREF="#MSVC">How to compile 3proxy with Visual C++</A>
+Use Makefile.intl instead of Makefile.msvc
+</p>
+		<li><A NAME="GCCWIN">How to compile 3proxy with GCC under Windows</A></li>
+<p>
+Extract source files from 3proxy.tgz (for example with tar -xzf 3proxy.tgz command if you have tar installed)
+Use make -f Makefile.win command. 
+If you want to use POSIX emulation Cygwin library (normally you shouldn't) - use make -f Makefile.unix instead.
+Windows specific things (like installing as service) will not be available if compiled with Cygwin emulation.
+</p>
+		<li><A NAME="GCCUNIX">How to compile 3proxy with GCC under Unix/Linux</A></li>
+<p>
+Use
+<pre>
+make -f Makefile.Linux
+</pre>
+for Linux or Cygwin, Makefile.Solaris* (depending on compiler version) for Solaris
+and Makefile.unix for different Unix-like OS. On BSD derivered systems make
+sure to use GNU make, sometimes it's called gmake instead of make.
+<br>Compilation is tested under FreeBSD/i386, NetBSD/i386, OpenBSD/i386, 
+RH Linux/Alpha, Debian/i386, Gentoo/i386, Gentoo/PPC, Solaris/x86 but you
+shouldn't have problems under different Solaris, BSD or linux compatible systems.
+For different systems you may be required to patch Makefile or even source codes.
+If you want to use ODBC support, make sure to install ODBC for unix, remove -DNOODBC
+option from makefile compiler options and add ODBC library to linker variable.
+</p>
+	</ul>
+<hr>
+		<li><A NAME="CCCUNIX">How to compile 3proxy with Compaq C Compiler under Unix/Linux</A></li>
+<p>
+See <A HREF="#GCCUNIX">How to compile 3proxy with GCC under Unix/Linux</A>, use Makefile.ccc instead of Makefile.unix.
+</p>
+	</ul>
+<hr>
+	<li><A NAME="INSTALL">Proxy server installation and removal</A>
+<p>
+	<ul>
+		<li><A NAME="INSTNT">How to install/remove 3proxy under Windows NT/2000/XP</A>
+<p>
+Unpack 3proxy.zip to any directory, for example
+c:\Program Files\3proxy. If needed, create directory for storing log files,
+ODBC sources, etc. Create 3proxy.cfg in the 3proxy installation directory (See <A HREF="#SERVER">Server configuration</A>).
+If you use 3proxy before 0.6 Add
+<pre>
+service
+</pre>
+string into 3proxy.cfg. Now, start command prompt (cmd.exe).
+Change directory to 3proxy installation and run 3proxy.exe --install:
+<pre>
+D:\>C:
+C:\>cd C:\Program Files\3proxy
+C:\Program Files\3proxy>3proxy.exe --install
+</pre>
+Now, you should have 3proxy service installed and running. If service is not
+started, remove "service" string from 3proxy.cfg, run 3proxy.exe manually
+and correct all errors.
+</p><p>
+To remove 3proxy run 3proxy --remove:
+<pre>
+D:\>C:
+C:\>cd C:\Program Files\3proxy
+C:\Program Files\3proxy>net stop 3proxy
+C:\Program Files\3proxy>3proxy.exe --remove
+</pre>
+Now you can simply remove 3proxy installation directory.
+</p>
+		<li><A NAME="INST95">How to install/remove 3proxy under Windows 95/98/ME</A>
+<p>
+Unpack 3proxy.zip to any directory, for example
+c:\Program Files\3proxy. If needed, create directory for storing log files,
+ODBC sources, etc. Create 3proxy.cfg in the 3proxy installation directory (See <A HREF="#SERVER">Server configuration</A>).
+Remove string
+<pre>
+service
+</pre>
+from 3proxy.cfg and add
+<pre>
+daemon
+</pre>
+if you want 3proxy to run in background.
+Create shortcut for 3proxy.exe and place it in autostart or add
+to registry with regedit.exe:
+<br>HKLM\Software\Microsoft\Windows\CurrentVersion\Run</br>
+Type: String
+<br>3proxy = "c:\Program Files\3proxy.exe" "C:\Program Files\3proxy.cfg"<br>
+You must use quotes if path contains space. If neccessary, restart Windows.
+If service is not started, check log. Remove "daemon" command from 3proxy.cfg,
+start 3proxy.exe manually and correct all errors.
+</p>
+		<li><A NAME="INSTUNIX">How to install/remove 3proxy under Unix/Linux</A>
+<p>
+Complie 3proxy (see <A HREF="#COMPILE">Compilation</A>). Copy
+executables to any appropriate location (for example /usr/local/3proxy/sbin
+for servers and /usr/local/3proxy/bin for utilities).
+Create /usr/local/etc/3proxy.cfg. 
+(see <A HREF="#SERVER">Server configuration</A>).
+You can change default configuration file location by specifing configuration file
+in 3proxy command line.
+Add 3proxy to system startup scripts.
+</p>
+	</ul>
+<hr>
+	<li><A NAME="SERVER">Server configuration</A>
+<p>
+	<ul>
+		<li><A NAME="SAMPLE">Where to find configuration example</A>
+<p>
+Server configuration example 3proxy.cfg.sample is in any 3proxy distribution.
+</p>
+		<li><A NAME="LOGGING">How to set up logging</A>
+<p>
+3proxy can log to stdout, file, ODBC datasource and
+syslog (Unix/Linux/Cygwin only). For using ODBC under Unix/Linux you must
+compile 3proxy with Unix ODBC libraries, see <A HREF="#COMPILE">Compilation</A>.
+You can control logging from 3proxy.cfg for all services or you can control
+logging of individual service, for example 
+/usr/local/sbin/socks -l/var/log/socks.log starts SOCKS proxy with logging to file.
+For universal proxy (3proxy) log file rotation and archiving is supported.
+Log type is defined with "log" configuration file command or with
+-l switch on individual service invokation. log or -l is stdout logging.
+<pre>
+	log filename
+</pre>
+and
+<pre>
+	-lfilename
+</pre>
+specify filename for logging
+<pre>
+	log @ident
+</pre>
+and
+<pre>
+	-l@ident
+</pre>
+specify ident for syslog logging. If filename within "log" command contains
+'%' characters, it's processes as format specificator (see "logformat"). E.g.
+log c:\3proxy\logs\%y%m%d.log D creates file like c:\3proxy\logs\060729.log,
+date is generated based on local time.
+<pre>
+	log &connstring
+</pre>
+
+specifies ODBC connection string, connstring is in format
+datasource,username,password (2 last are optional of
+datasource does not require or already has authentication information). 
+Also, you must specify logformat to build SQL query, to insert recod into
+log, see <A HREF="#LOGFORMAT">How to setup logging format</A>
+</p>
+<p>
+Rotation and archiving may be set up with log, rotate ¨ archiver commands
+<pre>
+	log filename LOGTYPE
+</pre>
+sets rotation type. LOGTYPE may be:
+<ul>
+	<li>M, monthely
+	<li>W, weekly
+	<li>D, daily
+	<li>H, hourly
+	<li>‘, minutely
+</ul>
+<pre>
+	rotate NUMBER
+</pre>
+	specifies number of files in rotation (that is how many files to keep).
+<pre>
+	archiver EXT COMMAND PARAMETERS
+</pre>
+	Sets external archiver. EXT is extention of archived files
+	(for example zip, gz, Z, rar etc) COMMAND and PARAMETERS are command
+	to execute and command line PARAMETERS. Originale file is not deleted by
+	3proxy, this work is left for archiver.
+	You can pass original filename to archiver with %F macro and archive filename with %A.
+	Examples are located in
+	3proxy.cfg.sample
+</p>
+		<li><A NAME="LOGFORMAT">How to setup logging format</A>
+<p>
+	Since 0.3 version log format may be set with "logformat" command.
+	First symbol of log format specifies format of date and time and
+	should be L (LOCAL) or G (GMT - Grinwitch Meridian Time). Format
+	string may contains some macro substitutions:
+	<ul>
+<li>	 %y - Year (2 digits)
+<li>	 %Y - Year (4 digits)
+<li>	 %m - Month (2 digits)
+<li>	 %o - mOnth (3 letter abbriviation)
+<li>	 %d - Day (2 digits)
+<li>	 %H - Hour (2 digits)
+<li>	 %M - Minute (2 digits)
+<li>	 %S - Second (2 digits)
+<li>	 %t - Timestamp (seconds since January, 1 1970 00:00:00 GMT)
+<li>	 %. - Milliseconds
+<li>	 %z - Timezone in mail format (from GMT, '+' east, '-' west HHMM), For example Moscow winter time is +0300.
+<li>	 %U - Username ('-' if unknown).
+<li>	 %N - Service name (PROXY, SOCKS, POP3P, etc)
+<li>	 %p - Service port
+<li>	 %E - Error code (see. <A HREF="#ERRORS">Log error codes reference</A>)
+<li>	 %C - client IP
+<li>	 %c - client port
+<li>	 %R - target IP
+<li>	 %r - target port
+<li>	 %e - external IP address used to establish connection
+<li>	 %Q - requested IP
+<li>	 %q - requested port
+<li>	 %I - bytes received from target
+<li>	 %O - bytes sent to target
+<li>	 %n - host name from request
+<li>	 %h - hops  before target (if redirection or chaning is used).
+	 see <A HREF="#CHAIN">How to use chains and parent proxies</A>)
+<li>	 %T - service specific text (for example URL requested). %X-YT
+	 where X and Y are positive numbers, only displays fields
+ 	 (space delimited) X to Y of the text. An example is %1-2T.
+	</ul>
+	Example:
+<pre>
+logformat "L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
+</pre>
+	generates something like
+<p><font face="courier">
+1042454727.0296 SOCK4.1080 000 3APA3A 127.0.0.1:4739 195.122.226.28:4739 505 18735 1 GET http://3proxy.ru/ HTTP/1.1
+</font>
+<br>(no line breaks)
+</p>
+<p>
+	If ODBC used, logformat should specify SQL command,
+	to insert record into log, for example
+<p><font face="courier">
+logformat "GINSERT INTO proxystat  VALUES (%t, '%c', '%U', %I)"
+</font>
+<br>(no line breaks)
+</p>
+		<li><A NAME="LOGANALIZERS">How to use log analizers with 3proxy</A>
+<p>
+Just make format of 3proxy logs compatible with format supported by your
+favourite log analizer. Examples of compatible logformats are:
+<br>
+For Squid access.log:
+<p><font face="courier">
+&quot;- +_G%t.%. %D %C TCP_MISS/200 %I %1-1T %2-2T %U DIRECT/%R application/unknown&quot;
+</p>
+or, more compatible format without %D
+<pre>
+&quot;- +_G%t.%.      1 %C TCP_MISS/200 %I %1-1T %2-2T %U
+ DIRECT/%R application/unknown&quot;
+</pre>
+ISA 2000 proxy WEBEXTD.LOG (fields are TAB-delimited):
+<pre>
+&quot;-	+ L%C	%U	Unknown	Y	%Y-%m-%d	%H:%M:%S
+	w3proxy	3PROXY	-	%n	%R	%r	%D
+	%O	%I	http	TCP	%1-1T	%2-2T	-	-
+	%E	-	-	-&quot;
+</pre>
+ISA 2004 proxy WEB.w3c (fields are TAB-delimited):
+<pre>
+&quot;-	+ L%C	%U	Unknown	%Y-%m-%d	%H:%M:%S
+	3PROXY	-	%n	%R	%r	%D	%O
+	%I	http	%1-1T	%2-2T	-	%E	-
+	-	Internal	External	0x0	Allowed&quot;
+</pre>
+ISA 2000/2004 firewall FWSEXTD.log (fields are TAB-delimited):
+<pre>
+&quot;-	+ L%C	%U	unnknown:0:0.0	N	%Y-%m-%d
+	%H:%M:%S	fwsrv	3PROXY	-	%n	%R	%r
+	%D	%O	%I	%r	TCP	Connect	-	-
+	-	%E	-	-	-	-	-&quot;
+</pre>
+HTTPD standard log (Apache and others):
+<p><font face="courier">
+&quot;-&quot;&quot;+_L%C - %U [%d/%o/%Y:%H:%M:%S %z] &quot;&quot;%T&quot;&quot; %E %I&quot;
+</p>
+or more compatible without error code
+<p><font face="courier">
+&quot;-&quot;&quot;+_L%C - %U [%d/%o/%Y:%H:%M:%S %z] &quot;&quot;%T&quot;&quot; 200 %I&quot;
+</p>
+		<li><A NAME="LAUNCH">How to start any of proxy services (HTTP, SOCKS etc)</A>
+<p>
+3proxy is distributed in 2 variants: as a set of standalone modules (proxy,
+socks, pop3p, tcppm, udppm) and as universal proxy server. These services are
+absolutely independant, and if you use 3proxy you needn't any of standalone
+modules.
+<br>Standalone modules are only configurable via command line interface while
+3proxy uses configuration file. Many functions, such as ODBC logging, log
+rotation, access control, etc are only available in 3proxy, not in standalone
+proxies.
+Standalone module may be started from command line, for example:
+<pre>
+$/sbin/socks -l/var/log/socks.log -i127.0.0.1
+</pre>
+Starts SOCKS server binded to localhost ip, port 1080 with logging to
+/var/log/socks.log.
+You can get help for any standalone service with -? command line option.
+</p><p>
+If 3proxy is used you should start all services in 3proxy.cfg file. 3proxy.cfg
+is executed by 3proxy as a batch file. Example of 3proxy.cfg and command syntaxys
+can be found in
+3proxy.cfg.sample.
+<pre>
+log /var/log/3proxy.log D
+rotate 30
+internal 127.0.0.1
+external 192.168.1.1
+proxy
+socks -p3129
+pop3p 
+</pre>
+Starts 3 services: HTTP PROXY, SOCKS and POP3 PROXY. Each listens localhost
+interface with default port (3128 for HTTP, 1080 for SOCKS and 110 for POP3P)
+except socks started with port 3129.
+All logs are in file /var/log/3proxy.log (with daily date modification and
+rotation). 30 last files are stored.
+</p>
+		<li><A NAME="BIND">How to bind service to specific interface and port?</A>
+<p>
+-i options specifies internal interface, -p - listening port. No space are
+allowed. To bind 'proxy' service to port 8080 on interfaces 192.168.1.1
+and 192.168.2.1 use
+<pre>
+proxy -p8080 -i192.168.1.1
+proxy -p8080 -i192.168.2.1
+</pre>
+</p>
+		<li><A NAME="AUTH">How to limit service access</A>
+<p>
+First, always specify internal interface to accept incoming connection with
+'internal' configuration command or '-i' service command. (See
+<A HREF="#LAUNCH">How to start any of proxy services (HTTP, SOCKS etc)</A>). If
+no internal interface is specified your proxy will act as open one.
+<p>It's also important to specify external interface to prevent access to
+internal network with 'external' or -e.
+<p>3proxy with configuration files allows to use authentication and
+authorization for user's access. Authentication is possible by
+username/password or user's NetBIOS name. Authentication type is specified by
+'auth' command.  
+<pre>
+auth none
+</pre>
+Disables both authentication and authorization. You can not use ACLs.
+<pre>
+auth iponly
+</pre>
+Specifies no authentication, ACLs authorization is used.
+<pre>
+auth nbname
+</pre>
+Authentication by NetBIOS name + ACLs. NetBIOS name of 'messenger' service
+is obrained before ACL validation. If no name is obtained it's assumed to be
+empty. Messenger is started by default in Windows NT/2000/XP. For Win9x
+WinPopUP need to be launched. This type of authentication may be spoofed
+by privileged local user.
+<pre>
+auth strong
+</pre>
+Authentication by username/password. If user is not registered his
+access is denied regardless of ACLs.
+<p>
+Different services can have different authentication levels.
+<pre>
+auth none
+pop3p
+auth iponly
+proxy
+auth strong
+socks
+</pre>
+
+It's possible to authorize access by client IP address, IP address or requested resource,
+target port, time, etc after authentication.
+(See <A HREF="#ACL">How to limit resource access</A>).
+</p><p>Since 0.6 version double authentication is possible, e.g.
+<pre>
+auth iponly strong
+allow * * 192.168.0.0/16
+allow user1,user2
+proxy
+</pre>
+strong authentication will only be used if ACL requires username to deside if
+access must be granted. That is, in example, strong username authentication
+is not required to access 192.168.0.0/16
+</p><p>0.6 version introduces authentication (username) caching to increase
+productivity. It's recommended to use authentication caching with resource
+or time consuming authentication types, such as nbname or external plugins
+(WindowsAuthentication).
+Caching can be set with 'authcache' command with 2 parameters: caching type
+and caching time (in seconds). Caching type defines the type of cached access:
+'ip' - after successful authentication all connections during caching time
+from same IP are assigned to the same user, username is not requested.
+"ip,user" - username is requested and all connections from the same IP are
+assigned to the same user without actual authentication. "user" - same as above,
+but IP is not checked. "user,password" - username and password are checked
+against cached ones. For authentication special authentication type 'cache'
+must be used.
+ Example:
+<pre>
+authcache ip 60
+auth cache strong windows
+proxy -n
+</pre>
+</p>
+Please note, that caching affects security. Never use caching for access to
+critical resources, such as web administration.
+
+		<li><A NAME="USERS">How to create user list</A>
+<p>
+Userslist is created with 'users' command.
+<pre>
+users USERDESC ...
+</pre>
+With a single command it's possible to define few users, or you
+can use few 'users' commands. USERDESC is user description. Description
+consists of three semicolon delimited parts - login, password type and
+<pre>
+users admin:CL:bigsecret test:CL:password test1:CL:password1
+users "test2:CR:$1$lFDGlder$pLRb4cU2D7GAT58YQvY49."
+users test3:NT:BD7DFBF29A93F93C63CB84790DA00E63
+</pre>
+Please note the usage of quotation sign: it's required to comment out $ sign
+overwise used as a file inclusion macro.
+Next password types are available:
+<ul>
+	<li>No password type: use system authentication.
+	<li>CL - cleartext password
+	<li>CR - crypt password, only MD5 crypt passwords are supported
+	<li>NT - NT-hashed (MD4) passwords in hex, as used in pwdump or SAMBA
+</ul>
+NT and crypt passwords can be used to import accounts from Windows/SAMBA or
+Unix. For Windows you can use pwdump family of utilities.
+It's convenient to store accounts apart and include account file with $ macro.
+Because for included files newlines are treated as a space, it's possible to
+use atandard passwd file format:
+<pre>
+users $/etc/.3proxypasswd
+</pre>
+or
+<pre>
+users $"c:\Program Files\3proxy\passwords"
+</pre>
+It's possible to create NT and crypt passwords with mycrypt utility included
+in distribution.
+<br>Userlist is system-wide. To manage user access to specific service use ACLs.
+</p>
+		<li><A NAME="ACL">How to limit user access to resources</A>
+<p>
+Commands allow, deny and flush are used to manage ACLs:
+<p><font face="courier">
+allow &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt; &lt;weekdaylist&gt; &lt;timeperiodlist&gt;
+<br>deny &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt;  &lt;weekdaylist&gt; &lt;timeperiodlist&gt;
+<br>flush
+</font>
+</p>
+'flush' command is used to finish with existing ACL and to start new one.
+It's required to have different ACLs for different services.
+'allow' is used to allow connection and 'deny' to deny connection. 'allow'
+command can be extended by 'parent' command to manage redirections (see <A NAME="REDIR">How to manage redirections</A>)). If ACL
+is empty it allow everything. If ACL is not empty, first matching ACL entry
+is searched for user request and ACL action (allow or deny) performed. If
+no matching record found, connection is denied and user will be asked to
+re-authenticate (requested for username/password). To prevent this request
+add 'deny *' to the end of list.
+<ul>
+	<li>&lt;userlist&gt; - comma delimited list of users
+	<li>&lt;sourcelist&gt; - comma delimited list of source (client) networks. 
+		Networks can be defined as single IP address or in CIDR form
+		xxx.yyy.zzz.mmm/l, where l - is the length of network mask
+		(a number of non-zero bits). 192.168.1.0/24
+		means network with 255.255.255.0 mask.
+	<li>&lt;targetlist&gt; - comma delimited list of target (server) networks.
+		In 3proxy 0.6 and above it's allowed to use hostnames with wildmasks
+		in targetlist. Wildmask may only present in the begginning or at the
+		end of the hostname, e.g. 
+		192.168.0.0/16,www.example.com,*wrongsite.com,*wrongcontent*.
+	<li>&lt;targetportlist&gt; - comma delimited list of ports. I
+		It's possible to define port ranges with -, e.g. 80,1024-65535
+		means port 80 and all unprivileged ports.
+	<li>&lt;commandlist&gt; - the list of allowed actions
+<br>		CONNECT	- establish outgoing TCP connection. e.g. POP3 or SOCKSv5
+<br>		BIND - allow incoming TCP connection (SOCKSv5)
+<br>		UDPASSOC - create UDP association (SOCKSv5)
+<br>		ICMPASSOC - create ICMP association (not implemented)
+<br>		HTTP_GET - HTTP GET request (HTTP proxy)
+<br>		HTTP_PUT - HTTP PUT request (HTTP proxy)
+<br>		HTTP_POST - HTTP POST request (HTTP proxy)
+<br>		HTTP_HEAD - HTTP HEAD request (HTTP proxy)
+<br>		HTTP_CONNECT - HTTP CONNECT, aka HTTPS request (HTTP proxy)
+<br>		HTTP_OTHER - another HTTP request (HTTP proxy)
+<br>		HTTP - any HTTP request except HTTP_CONNECT (HTTP proxy)
+<br>		HTTPS - alias to HTTP_CONNECT (HTTP proxy)
+<br>		FTP_GET - FTP get request (http, ftp proxy)
+<br>		FTP_PUT - FTP put request (ftp proxy)
+<br>		FTP_LIST - FTP list request (http, ftp proxy)
+<br>		FTP - any FTP request
+<br>		ADMIN - administration interface access
+<p>
+	<li>&lt;weeksdays&gt; - week days numbers or periods (0 or 7 means Sunday, 1 is Monday, 1-5 means Monday through Friday).
+	<li>&lt;timeperiodlists&gt; - a list of time periods in HH:MM:SS-HH:MM:SS format. For example,
+		00:00:00-08:00:00,17:00:00-24:00:00 lists non-working hours.
+		
+</ul>
+* in ACL means &quot;any&quot;.
+Usage examples could be found in 3proxy.cfg.sample.
+</p>
+		<li><A NAME="REDIR">How to manage redirections</A>
+<p>
+Redirections are usefull to e.g. forward requests from specific clients
+to different servers or proxy server. Additionally, redirections are usefull
+to convert proxy interface from ont format to another, e.g. requests from
+SOCKS proxy can be redirected to parent HTTP proxy, or SOCKSv5 client can be
+redirected to SOCKSv4 proxy.
+<br>Because 3proxy understand "transparent" web request, it can be used as an
+intermediate software between HTTP proxy and NAT server for transparent HTTP
+forwarding, because it can convert "Web server" request issued by client to
+"proxy request" required by proxy server. A simplest redirection is:
+<pre>
+auth iponly
+allow *
+parent 1000 http 192.168.1.1 3128
+proxy
+</pre>
+All trafiic of HTTP proxy is redirected to parent proxy 192.168.1.1 port 3128.
+<br>If port number is '0', IP address from 'parent' is used as external address
+for this connection (that is like -eIP, but only for connections matching
+'allow').
+<br>Special case of redirection are local redirections. In this case both IP is
+0.0.0.0 and port is 0. It's only usseful with SOCKS service. In this case no
+new connection is established, but request is parsed by corresponding local
+service. E.g.:
+<pre>
+auth iponly
+allow * * * 80
+parent 1000 http 0.0.0.0 0
+allow * * * 21
+parent 1000 ftp 0.0.0.0 0
+allow * * * 110
+parent 1000 pop3 0.0.0.0 0
+socks
+</pre>
+In this case all SOCKS traffic with destination port 80 is forwarded to local
+'proxy' service, destination port 21 to 'ftppr' and 110 to 'pop3pr'. There is
+no need to run these services expicitly. Local redirections are usefull if
+you want to see and control via ACLs protocol specific parameters, e.g.
+filenames requests thorugh FTP while clients are using SOCKS.
+</p>
+		<li><A NAME="ROUNDROBIN">How to balance traffic between few external channgels?</A>
+<p>
+Proxy itself doesn't manage network level routing. The only way to control
+outgoing channel is to select external interface. It's possible to make
+external interface (what is usually selected with 'external' command or
+'-e' option) random by using local redirection with external port 0.
+<pre>
+auth iponly
+allow *
+parent 500 http 10.1.1.101 0
+parent 500 http 10.2.1.102 0
+</pre>
+Now external interface is randomly selected with 0.5 probability between
+10.1.1.101 and 10.2.1.102. To work as expected, different default routes
+must between 2 interfaces.
+used
+<p>
+If both interface addresses are in same network, e.g. 10.1.1.101 and 10.1.1.102
+and you want to select random gateway between 10.1.1.1 and 10.1.1.2, you must
+control it by using routing table, in case there is no default gateway route
+for Windows:
+<pre>
+ route add -p 10.1.1.1 10.1.1.101
+ route add -p 10.1.1.2 10.1.1.102
+ route add -p 0.0.0.0 mask 0.0.0.0 192.168.1.1
+ route add -p 0.0.0.0 mask 0.0.0.0 192.168.1.2
+</pre>
+If you have no second address yet, just add it. Under Linux/Unix it's better
+to use source routing.
+</p>
+		<li><A NAME="CHAIN">How to manage proxy chains</A>
+<p>
+parent command may also be used to build a proxy chains. In this case
+few 'parent' commands are used for single 'allow' rule with different
+weights (first argument of parent command). Chain may contain any number
+of proxy servers, but it should be noted that every hope significantly
+reduces productivity. It's possible to mix different types of proxy within
+single chain: HTTPS (HTTP connect), SOCKS4, SOCKS5. Weight different from
+1000 is used to build random chains. if weight W is below 1000, this proxy
+will be used as a next chain hop with probability of W/1000. That is, if
+the weight is 250 probability this proxy will be used for the next hope is
+25%. 'parent' records with common weight of 1000 establish a group, one of
+these record will be used for the hop with probability according to weight.
+Warning: each group must have a weight even of 1000. As follows, common
+weight of all 'parent' records must also be even of 1000. If common weight
+of 'parent' records in te chain is 3000, chain has 3 hops and must be formed
+of 3 groups. Example:
+<pre>
+allow *
+parent 500 socks5 192.168.1.1 1080
+parent 500 connect 192.168.10.1 3128
+</pre>
+In this case we have 1 parent proxy (1 hop) which is randomely choosen between
+2 hosts: 192.168.1.1 and 192.168.10.1. 2 records form a single group.
+<pre>
+allow * * * 80
+parent 1000 socks5 192.168.10.1 1080
+parent 1000 connect 192.168.20.1 3128
+parent 300 socks4 192.168.30.1 1080
+parent 700 socks5 192.168.40.1 1080
+</pre>
+In this case we have 3 groups (3 hops in the chain). First hop is 192.168.10.1,
+second hop is 192.168.20.1 and 3rd one is either 192.168.30.1 with probability
+of 30% or 192.168.40.1 with probability of 70%.
+</p>
+
+		<li><A NAME="BANDLIM">How to limit bandwidth</A>
+<p>
+3proxy supports bandwidth filters. To manage filters bandlimin/bandlimout and
+nobandlimin/nobandlimout. 'in' means incoming and 'out' - outgoing traffic.
+<p><font face="courier">
+bandlimin &lt;bitrate&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;
+<br>nobandlimin &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;
+</font>
+</p>
+Commands are applied to all services. Imagine bandwidth filters as a series of
+pipes.  Bitrate is a pipe's width and ACLs controls the flow thorugh this pipe.
+<pre>
+  bandlimin 57600 * 192.168.10.16
+  bandlimin 57600 * 192.168.10.17
+  bandlimin 57600 * 192.168.10.18
+  bandlimin 57600 * 192.168.10.19
+</pre>
+Create 4 separete pipes for 4 client with emulation of modem connection.
+<pre>
+  bandlimin 57600 * 192.168.10.16/30
+</pre>
+Create single pipe for all 4 clients. That is 4 clients share modem connection.
+In this example:
+<pre>
+  nobandlimin * * * 110
+  bandlimin 57600 * 192.168.10.16/32
+</pre>
+mail traffic from POP3 servers bypasses the pipe and has no bandwidth
+limitation.
+</p>
+		<li><A NAME="TRAFLIM">How to limit traffic amount</A>
+<p>
+<p><font face="courier">
+counter &lt;filename&gt; &lt;type&gt; &lt;reportpath&gt;  
+<br>countin &lt;number&gt; &lt;type&gt; &lt;amount&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;
+<br>nocountin &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;
+<br>countout &lt;number&gt; &lt;type&gt; &lt;amount&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;
+<br>nocountout &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;
+</font>
+</p>
+<p>
+You can set traffic limit per day (D), week (W), month (M), year (Y) or
+absolute ('N'), as specified by 'type' argument of counterin command.
+Traffic information is stored in binary file specified by 'filename' argument.
+countersutil utility can be used to manage this file.
+reportpath specifies location of text reports, type parameter of 'counter'
+command controls how often text reports are created. amount is amount of
+allowed traffic in Megabytes (MB). nocountin allows you to set exclusions.
+</p>
+		<li><A NAME="NETLIST">How to build network lists</A>
+<p>Networks or users lists are often very huge. 3proxy doesn't currently
+supports user groups, but ones can be created by the means of include files.
+You can store comma-delimited lists of networks or users in the separate
+file and use $ macro to insert this list into 3proxy.cfg.
+3proxy comes with 'dighosts'
+utility. This utility helps to grab the list of the network from HTTP page.
+It may be usefull to e.g. obtain a regullary updated list of local networks
+from ISP's server. A network list can be either in form of NETWORK MASK,
+e.g. 192.168.1.0 255.255.255.0 or NETWORK/LENGTH, e.g. 192.168.1.0/24. You can
+launch dighosts from 3proxy.cfg to be executed on every 3proxy startup or
+configuration reload:
+<pre>
+system "dighosts http://provider/network.html local.networks"
+allow * * $local.networks
+allow *
+parent 1000 proxy.provider 3128 *
+proxy
+flush
+</pre>
+In this example we obtain list of local networks from provider's page to
+local.networks file, allow direct access to these networks and redirect all
+connection to external networks to provider's proxy.
+</p>
+	</ul>
+
+<hr>
+	<li><A NAME="CLIENT">Client configuration</A>
+<p>
+<hr>
+	<li><A NAME="ADMIN">Administering and information analisys</A>
+<p>
+	<ul>
+		<li><A NAME="NEWVERSION">How to obtain latest 3proxy version</A>
+<p>
+Latest version of 3proxy may be obtained
+<A HREF="http://3proxy.ru/">here</A>.
+New version may have changes and incompatibilities with previous one in files
+format or commands. Please, read CHANGELOG file and another documentation
+before installing new version.
+</p>
+		<li><A NAME="NTSERVICE">How to control 3proxy service under Windows NT/2000/XP</A>
+<p>
+If installed as system service, 3proxy understands Windows service commands
+for START, STOP, PAUSE and RESUME. If service is PAUSEd, no new connections
+are accepted while older connections are processed. Currently there is no
+support for dynamic configuration change, so, you have to restart service
+completely if you have changed any configuration.
+
+You can control 3proxy service via "Services" administration ot via "net" command:
+<pre>
+	net start 3proxy
+	net stop 3proxy
+	net pause 3proxy
+	net continue 3proxy
+</pre>
+</p>
+		<li><A NAME="ERRORS">Log error codes reference</A>
+<p>
+	<ul>
+		<li>0 - Operation successfully complited (connection
+			was closed by one of peers)
+		<li>1-9 - AUTHENTICATION ERRORS
+		<li>1 - Access denied by ACL (deny)
+		<li>2 - Redirection (should not appear)
+		<li>3 - No ACL found, denied by default
+		<li>4 - auth=strong and no username in request
+		<li>5 - auth=strong and no matching username in configuration
+		<li>6 - User found, wrong password (cleartext)
+		<li>7 - User found, wrong password (crypt)
+		<li>8 - User found, wrong password (NT)
+		<li>9 - Redirection data not found (should not appear)
+		<li>10 - Traffic limit exceeded
+		<li>11-19 - CONNECTION ERRORS
+		<li>11 - failed to create socket()
+		<li>12 - failed to bind()
+		<li>13 - failed to connect()
+		<li>14 - failed to getpeername()
+		<li>20-29 - COMMON ERRORS
+		<li>21 - memory allocation failed
+		<li>30-39 - CONNECT PROXY REDIRECTION ERRORS
+		<li>31 - failed to request HTTP CONNECT proxy
+		<li>32 - CONNECT proxy connection timed out or wrong reply
+		<li>33 - CONNECT proxy fails to establish connection
+		<li>34 - CONNECT proxy timed out or closed connection
+		<li>40-49 - SOCKS4 PROXY REDIRECTION ERRORS
+		<li>50-69 - SOCKS5 PROXY REDIRECTION ERRORS
+		<li>70-79 PARENT PROXY CONNECTION ERRORS (identical to 1x)
+		<li>90-99 - established connection errors
+		<li>90 - socket error or connection broken
+		<li>91 - TCP/IP common failure
+		<li>92 - connection timed out
+		<li>93 - error on reading data from server
+		<li>94 - error on reading data from client
+		<li>95 - timeout from bandlimin/bandlimout limitations
+		<li>96 - error on sending data to client
+		<li>97 - error on sending data to server
+		<li>98 - server data limit (should not appear)
+		<li>99 - client data limit (should not appear)
+		<li>100 - HOST NOT FOUND
+		<li>200-299 - UDP portmapper specific bugs
+		<li>300-399 - TCP portmapper specific bugs
+		<li>400-499 - SOCKS proxy specific bugs
+		<li>500-599 - HTTP proxy specific bugs
+		<li>600-699 - POP3 proxy specific bugs
+		<li>999 - NOT IMPLEMENTED
+	</ul>
+</p>
+	</ul>
+<hr>
+	<li><A NAME="QUEST">How To ask quiestion not in How To?</A>
+<p>
+	Ask it in <A HREF="http://3proxy.ru/board4.html">3proxy forum</A>.
+	Don't try to ask something before reading this document.
+ </ul>
+
+</ul>
+
+<pre>$Id: howtoe.html,v 1.41 2009/02/02 10:04:49 vlad Exp $</pre>

doc/html/howtor.html

@@ -0,0 +1,1031 @@
+3APA3A 3proxy tiny proxy server HowTo
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+<br>В стадии разработки
+<ul>
+  <li><a href="#COMPILE">Компиляция</a>
+  <ul>
+    <li><a href="#MSVC">Как скомпилировать 3proxy Visual C++</a>
+    <li><a href="#INTL">Как скомпилировать 3proxy Intel C Compiler под Windows</a>
+    <li><a href="#GCCWIN">Как скомпилировать 3proxy GCC под Windows</a>
+    <li><a href="#GCCUNIX">Как скомпилировать 3proxy GCC под Unix/Linux</a>
+    <li><a href="#CCCUNIX">Как скомпилировать 3proxy Compaq C Compiler под Unix/Linux</a>
+  </ul>
+  <li><a href="#INSTALL">Установка и удаление 3proxy</a>
+  <ul>
+    <li><a href="#INSTNT">Как установить/удалить 3proxy под Windows 95/98/ME/NT/2000/XP как службу</a>
+    <li><a href="#INST95">Как установить/удалить 3proxy под Windows 95/98/ME</a>
+    <li><a href="#INSTUNIX">Как установить/удалить 3proxy под Unix/Linux</a>
+  </ul>
+  <li><a href="#SERVER">Конфигурация сервера</a>
+  <ul>
+    <li><a href="#SAMPLE">Как посмотреть пример файла конфигурации</a>
+    <li><a href="#LOGGING">Как настроить ведение журнала</a>
+    <li><a href="#LOGFORMAT">Как настроить формат журнала</a>
+    <li><a href="#LOGANALIZERS">Как использовать лог-анализаторы с 3proxy</a>
+    <li><a href="#LAUNCH">Как запустить конкретную службу (HTTP, SOCKS и т.д)</a>
+    <li><a href="#BIND">Как повесить службу на определенный интерфейс или порт</a>
+    <li><a href="#AUTH">Как ограничить доступ к службе</a>
+    <li><a href="#USERS">Как создать список пользователей</a>
+    <li><a href="#ACL">Как ограничить доступ пользователей к ресурсам</a>
+    <li><a href="#REDIR">Как управлять перенаправлениями</a>
+    <li><a href="#ROUNDROBIN">Как организовать балансировку между несколькими каналами</a>
+    <li><a href="#CHAIN">Как составлять цепочки прокси</a>
+    <li><a href="#BANDLIM">Как ограничивать скорости приема</a>
+    <li><a href="#TRAFLIM">Как ограничивать объем принимаемого трафика</a>
+    <li><a href="#NETLIST">Как строить списки сетей</a>
+    <li><a href="#NSCACHING">Как управлять разрешением имен и кэшированием DNS</a>
+    <li><a href="#DEMANDDIAL">Как устанавливать соединение по требованию</a>
+  </ul>
+  <li><a href="#CLIENT">Конфигурация и настройка клиентов</a>
+  <ul>
+    <li><a href="#IE">Как использовать 3proxy с Internet Explorer или другим браузером</a>
+    <li><a href="#FTP">Как настраивать FTP клиент</a>
+    <li><a href="#SMTP">Как использовать SMTP через 3proxy</a>
+    <li><a href="#POP3">Как использовать службу POP3 Proxy</a>
+    <li><a href="#CAP">Как использовать 3proxy с программой, не поддерживающей работу с прокси-сервером</a>
+    <li><a href="#GAMES">Как использовать 3proxy с играми</a>
+  </ul>
+  <li><a href="#ADMIN">Администрирование и анализ информации</a>
+  <ul>
+    <li><a href="#NEWVERSION">Где взять свежую версию</a>
+    <li><a href="#NTSERVICE">Как управлять службой 3proxy в Windows NT/2000/XP</a>
+    <li><a href="#ERRORS">Коды ошибок в журнале</a>
+  </ul>
+  <li><a href="#QUEST">Как задать вопрос, которого нет в HowTo</a>
+</ul>
+<br>
+<hr>
+  <li><a name="COMPILE"><b>Компиляция</b></a>
+  <p>
+  <ul>
+    <li><a name="MSVC"><i>Как скомпилировать 3proxy Visual C++</i></a>
+    <p>
+    Извлеките файлы из архива 3proxy.tgz (например, с помощью WinZip).
+    Используйте команду nmake /f Makefile.msvc.
+    </p>
+    <li><a name="INTL"><i>Как скомпилировать 3proxy Intel C Compiler под Windows</i></a>
+    <p>
+    См. <a href="#MSVC">Как скомпилировать 3proxy Visual C++</a>. 
+    Используйте Makefile.intl вместо Makefile.msvc
+    </p>
+    <li><a name="GCCWIN"><i>Как скомпилировать 3proxy GCC под Windows</i></a></li>
+    <p>
+    Извлеките файлы из архива 3proxy.tgz (например, с помощью WinZip или, при наличии
+    Cygwin, tar -xzf 3proxy.tgz).
+    Используйте команду make -f Makefile.win. Если по каким-то причинам вы хотите использовать
+    библиотеку POSIX-эмуляции CygWin - используйте make -f Makefile.unix.
+    При использовании CygWin, функции, специфичные для Windows (такие, как запуск в
+    качестве службы) будут недоступны.
+    </p>
+    <li><a name="GCCUNIX"><i>Как скомпилировать 3proxy GCC под Unix/Linux</i></a></li>
+    <p>
+    Используйте make -f Makefile.unix. Должен использоваться GNU make, на
+    некоторых системах необходимо использовать gmake вместо make. Под Linux
+    необходимо использовать Makefile.Linux, под Solaris - Makefile.Solaris-* (в
+    зависимости от используемого компилятора). Компиляция проверена в FreeBSD/i386,
+    OpenBSD/i386, NetBSD/i386, RH Linux/Alpha, Debian/i386, Gentoo/i386, Gentoo/PPC,
+    Solaris 10, но должно собираться в любых версиях *BSD/Linux/Solaris.
+    В других системах может потребоваться модификация make-файла и/или исходных текстов.
+    Для компиляции с поддержкой ODBC необходимо убрать -DNOODBC из флагов
+    компиляции и добавить -lodbc (или другую ODBC-библиотеку) к флагам линковщика.
+    </p>
+	<li><a name="CCCUNIX"><i>Как скомпилировать 3proxy Compaq C Compiler под Unix/Linux</i></a></li>
+	<p>
+	Используйте make -f Makefile.ccc. Компиляция проверена в RH Linux 7.1/Alpha.
+    В других системах может потребоваться модификация файла и/или исходных текстов.
+    </p>
+  </ul>
+<hr>
+<li><a name="INSTALL"><b>Установка и удаление 3proxy</b></a>
+<p>
+<ul>
+  <li><a name="INSTNT"><i>Как установить/удалить 3proxy под Windows 95/98/ME/NT/2000/XP/2003 как службу</i></a>
+  <p>
+  Извлеките файлы из архива 3proxy.zip в любой каталог 
+  (например, c:\Program Files\3proxy). Если необходимо, создайте каталог для
+  хранения файлов журналов. Создайте файл конфигурации 3proxy.cfg в
+  каталоге 3proxy (см. раздел <a href="#SERVER">Конфигурация сервера</a>).
+  Если используется версия более ранняя, чем 0.6, добавьте строку
+  <pre>
+  service</pre>
+  в файл 3proxy.cfg. Откройте командную строку (cmd.exe).
+  Перейдите в каталог с 3proxy и дайте команду 3proxy.exe --install:
+  <pre>
+  D:\>C:
+  C:\>cd C:\Program Files\3proxy
+  C:\Program Files\3proxy>3proxy.exe --install</pre>
+  Сервис должен быть установлен и запущен. Если сервис не запускается,
+  проверьте содержимое файла журнала,
+  попробуйте удалить строку service из 3proxy.cfg, запустить 3proxy.exe вручную
+  и проанализировать сообщения об ошибках.
+  </p><p>
+  Для удаления 3proxy необходимо остановить сервис и дать
+  команду 3proxy.exe --remove:
+  <pre>
+  D:\>C:
+  C:\>cd C:\Program Files\3proxy
+  C:\Program Files\3proxy>net stop 3proxy
+  C:\Program Files\3proxy>3proxy.exe --remove</pre>
+  после чего каталог 3proxy можно удалить.
+  <p>
+  Установка в качестве системной службы под Windows 9x поддерживается с версии 0.5
+  </p>
+  <li><a name="INST95"><i>Как установить/удалить 3proxy под Windows 95/98/ME</i></a>
+  <p>
+  Извлеките файлы из архива 3proxy.zip в любой каталог 
+  (например, c:\Program Files\3proxy). Если необходимо, создайте каталог для
+  хранения файлов журналов. Создайте файл конфигурации 3proxy.cfg в
+  каталоге 3proxy (См. раздел <a href="#SERVER">Конфигурация сервера</a>).
+  В файле конфигурации удалите строку
+  <pre>
+  service</pre>
+  и добавьте строку
+  <pre>
+  daemon</pre>
+  Создайте ярлык для 3proxy.exe и поместите его в автозагрузку либо с помощью
+  редактора реестра regedit.exe добавьте в разделе
+  <br>HKLM\Software\Microsoft\Windows\CurrentVersion\Run</br>
+  строковый параметр 
+  <br>3proxy = "c:\Program Files\3proxy.exe" "C:\Program Files\3proxy.cfg"<br>
+  Использование кавычек при наличии в пути пробела обязательно.
+  Перезагрузитесь.
+  Если сервер не запускается,
+  проверьте содержимое файла журнала,
+  попробуйте удалить строку daemon из 3proxy.cfg, запустить 3proxy.exe вручную
+  и проанализировать сообщения об ошибках.
+  </p>
+  <li><a name="INSTUNIX"><i>Как установить/удалить 3proxy под Unix/Linux</i></a>
+  <p>
+  Скомпилируйте 3proxy (см. раздел <a href="#COMPILE">Компиляция</a>). Скопируйте
+  исполняемые файлы в подходящий каталог (например, /usr/local/3proxy/sbin для
+  серверных приложений или /usr/local/3proxy/bin для клиентских утилит).
+  Создайте файл /usr/local/etc/3proxy.cfg. 
+  (См. раздел <a href="#SERVER">Конфигурация сервера</a>).
+  Изменить расположение файла конфигурации можно, задав параметр при вызове
+  3proxy или изменив путь в файле 3proxy.c до компиляции.
+  Добавьте вызов 3proxy в скрипты начальной инициализации.
+  </p>
+</ul>
+<hr>
+<li><a name="SERVER"><b>Конфигурация сервера</b></a>
+<p>
+<ul>
+  <li><a name="SAMPLE"><i>Как посмотреть пример файла конфигурации</i></a>
+  <p>
+  Пример файла конфигурации 3proxy.cfg.sample поставляется с любым дистрибутивом
+  программы.
+  </p>
+  <li><a name="LOGGING"><i>Как настроить ведение журнала</i></a>
+  <p>
+  3proxy поддерживает ведение журнала на экран (stdout), в файл, через ODBC и через службу
+  syslog (только для Unix/Linux/CygWin). Можно управлять либо общим файлом
+  журнала, задаваемым в файле конфигурации 3proxy.cfg и единым для всех служб,
+  либо индивидуальными файлами для отдельных служб (например, команда 
+  socks -l/var/log/socks.log запускает SOCKS прокси
+  и задает для него индивидуальный журнал). Для общего файла журнала
+  поддерживается ротация (т.е. периодическое создание новых файлов журнала
+  с предопределенными именами и удаление файлов старше определенного срока)
+  и архивация файлов журнала.
+  Тип журнала определяется параметром log в файле конфигурации либо ключом
+  -l при вызове конкретной службы (например, socks прокси). log или -l без
+  параметров соответствуют ведению журнала на экран (stdout).
+  <pre>
+  log filename</pre>
+  и
+  <pre>
+  -lfilename</pre>
+  соответствуют записи журнала в файл filename. Если при указании имени файла
+  в log в нем содержится символ %, то имя рассматривается как форматный
+  спецификатор (см. logformat). Например,
+  log c:\3proxy\logs\%y%m%d.log D создаст файл типа c:\3proxy\logs\060725.log,
+  для образования даты будет использовано местное время.
+  <pre>
+  log @ident</pre>
+  и
+  <pre>
+  -l@ident</pre>
+  соответствуют ведению журнала через syslog с идентификатором ident.
+  <pre>
+  log &connstring</pre>
+  соответствует ведению журнала через ODBC, connstring задается в формате
+  datasource,username,password (последние два параметра опциональны, если
+  datasource не требует или уже содержит сведения для авторизации). При этом
+  команда logformat должна задавать SQL запрос, который необходимо выполнить
+  для добавления записи в журнал, см <a href="#LOGFORMAT">Как настроить формат журнала</a>.
+  </p><p>
+  Управление ротацией общего файла журнала происходит с помощью команд файла
+  конфигурации log, rotate и archiver.
+  <pre>
+  log filename LOGTYPE</pre>
+  задает тип ротации. LOGTYPE может принимать значения:
+  <ul>
+    <li>M, ежемесячная ротация
+    <li>W, еженедельная ротация
+    <li>D, ежедневная ротация
+    <li>H, ежечасная ротация
+    <li>С, ежеминутная ротация
+  </ul>
+  <pre>
+  rotate NUMBER</pre>
+  указывает на число файлов, участвующих в ротации (т.е. сколько последних
+  журналов хранить).
+  <pre>
+  archiver EXT COMMAND PARAMETERS</pre>
+  задает параметры архивации журнала. EXT указывает на расширение
+  архива (например, zip, gz, Z, rar и т.д.) COMMAND указывает на
+  программу и PARAMETERS - на параметры командной строки. Архиватор
+  должен сам удалять исходный файл, также ему можно передать имя файла
+  с помощью макроса %F и ожидаемое имя архива с помощью макроса %A.
+  В качестве архиватора вполне можно задать пакетный файл, который,
+  например, будет загружать данные из журнала в базу данных.
+  Примеры команды archiver для популярных архиваторов можно найти в
+  3proxy.cfg.sample
+  <pre>
+  logdump OFFSET_BYTES_FROM_SERVER OFFSET_BYTES_FROM_CLIENT</pre>
+  Задает смещение в байтах на входящий и исходящий трафик, при достижении
+  которого необходимо создавать запись в журнале даже в том случае, если
+  соединение еще не завершено. Если logdump не указан или значения
+  OFFSET_BYTES_FROM_SERVER OFFSET_BYTES_FROM_CLIENT нулевые - в журнале
+  будет создана единственная запись по окончании обработки запроса клиента
+  (при разрыве соединения). Пример:
+  <pre>
+  logdump 1048576 1048576</pre>
+  создает в журнале запись на каждый мегабайт входящего или исходящего
+  трафика.
+  </p>
+  <li><a name="LOGFORMAT"><i>Как настроить формат журнала</i></a>
+  <p>
+  Начиная с версии 0.3, формат журнала может быть настроен с помощью
+  команды logformat со строкой формата. Первый символ строки должен
+  быть L или G, что указывает на формат, в котором будет указываться
+  время и даты, L - текущее локальное время, G - абсолютное время по
+  Гринвичу. Строка формата может содержать следующие модификаторы:
+  <ul>
+    <li>	 %y - Год (последние две цифры)
+    <li>	 %Y - Год (четырехзначный)
+    <li>	 %m - Номер месяца (01-12)
+    <li>	 %o - Трехбуквенная аббревиатура месяца
+    <li>	 %d - День (01-31)
+    <li>	 %H - Час (00-23)
+    <li>	 %M - Минута (00-59)
+    <li>	 %S - Секунда (00-59)
+    <li>	 %t - Временная метка (число секунд с 00:00:00 1 января 1970 г. по Гринвичу)
+    <li>	 %. - Миллисекунды
+    <li>	 %z - Временная зона в почтовом формате (от Гринвича, '+' восток, '-' запад ЧЧММ), например, Московское зимнее время +0300.
+    <li>	 %U - Имя пользователя ('-', если отсутствует).
+    <li>	 %N - Название прокси сервиса (PROXY, SOCKS, POP3P, и т.д.)
+    <li>	 %p - Порт прокси сервиса
+    <li>	 %E - Код ошибки (см. <a href="#ERRORS">Коды ошибок в журнале</a>)
+    <li>	 %C - IP клиента
+    <li>	 %c - Порт клиента
+    <li>	 %R - IP сервера (исходящего соединения по запросу клиента)
+    <li>	 %r - Порт сервера (исходящего соединения по запросу клиента)
+    <li>	 %Q – IP, запрошенный клиентом
+    <li>	 %q – Порт, запрошенный клиентом
+    <li>	 %I - Принято байт от сервера
+    <li>	 %O - Отправлено байт на сервер
+    <li>	 %n - Имя хоста из запроса
+    <li>	 %h - Число звеньев до конечного сервера (при использовании перенаправлений или чейнинга
+    см. <a href="#CHAIN">Как составлять цепочки прокси</a>)
+    <li>	 %T – Текст, специфичный для прокси сервиса (например, запрошенный URL).
+    Можно использовать %X-YT, где X и Y положительные числа, тогда
+    отображаются только поля с X по Y текста. Поля считаются разделенными
+    пробельным символом.
+  </ul>
+  Пример:
+  <pre>
+  logformat "L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"</pre>
+  будет генерировать в журнале записи типа
+  <pre>
+  1042454727.0296 SOCK4.1080 000 3APA3A 127.0.0.1:4739 195.122.226.28:4739 505 18735 1 GET http://3proxy.ru/ HTTP/1.1</pre>
+  (без переноса строк)
+  При использовании ODBC, logformat должен задавать формат SQL команды,
+  которую необходимо дать для внесения записи в журнал, например:
+  <pre>
+  logformat "GINSERT INTO proxystat VALUES (%t, '%c', '%U', %I)"</pre>
+  </p>
+  <li><a name="LOGANALIZERS"><i>Как использовать лог-анализаторы с 3proxy</i></a>
+  <p>
+  Просто сделайте формат ведения журнала совместимым с одним из форматов,
+  поддерживаемых анализатором. Это позволяет использовать практически любые
+  анализаторы. Примеры совместимых форматов:
+  <br>
+  Формат Squid access.log:
+  <pre>
+  &quot;- +_G%t.%. %D %C TCP_MISS/200 %I %1-1T %2-2T %U DIRECT/%R application/unknown&quot;</pre>
+  Более совместимый формат, но без %D
+  <pre>
+  &quot;- +_G%t.%. 1 %C TCP_MISS/200 %I %1-1T %2-2T %U
+  DIRECT/%R application/unknown&quot;</pre>
+  Формат ISA 2000 proxy WEBEXTD.LOG (поля разделены табуляцией):
+  <pre>
+  &quot;-	+ L%C	%U	Unknown	Y	%Y-%m-%d	%H:%M:%S
+  w3proxy	3PROXY	-	%n	%R	%r	%D
+  %O	%I	http	TCP	%1-1T	%2-2T	-	-
+  %E	-	-	-&quot;</pre>
+  Формат ISA 2004 proxy WEB.w3c (поля разделены табуляцией):
+  <pre>
+  &quot;-	+ L%C	%U	Unknown	%Y-%m-%d	%H:%M:%S
+  3PROXY	-	%n	%R	%r	%D	%O
+  %I	http	%1-1T	%2-2T	-	%E	-
+  -	Internal	External	0x0	Allowed&quot;</pre>
+  Формат ISA 2000/2004 firewall FWSEXTD.log (поля разделены табуляцией):
+  <pre>
+  &quot;-	+ L%C	%U	unnknown:0:0.0	N	%Y-%m-%d
+  %H:%M:%S	fwsrv	3PROXY	-	%n	%R	%r
+  %D	%O	%I	%r	TCP	Connect	-	-
+  -	%E	-	-	-	-	-&quot;</pre>
+  Стандартный лог HTTPD (Apache и другие):
+  <pre>
+  &quot;-&quot;&quot;+_L%C - %U [%d/%o/%Y:%H:%M:%S %z] &quot;&quot;%T&quot;&quot; %E %I&quot;</pre>
+  Более совместимый, но без кода ошибки:
+  <pre>
+  &quot;-&quot;&quot;+_L%C - %U [%d/%o/%Y:%H:%M:%S %z] &quot;&quot;%T&quot;&quot; 200 %I&quot;</pre>
+  <li><a name="LAUNCH"><i>Как запустить конкретную службу (HTTP, SOCKS и т.д)</i></a>
+  <p>
+  3proxy поставляется в двух вариантах: как набор отдельных модулей (proxy,
+  socks, pop3p, tcppm, udppm) и как универсальный прокси-сервер (3proxy).
+  Универсальный прокси сервер - это законченная программа, которой не требуются
+  отдельные модули.
+  <br>Отдельный модуль управляется только из командной строки. Поэтому для
+  отдельного модуля не поддерживаются многие функции, такие как управление
+  доступом и ротация журнала. Запуск модуля осуществляется из командной строки.
+  Например,
+  <pre>
+  $/sbin/socks -l/var/log/socks.log -i127.0.0.1</pre>
+  запускает SOCKS на порту 127.0.0.1:1080 с ведением журнала /var/log/socks.log
+  Справку по опциям командной строки можно получить запустив модуль с ключом -?.
+  </p><p>
+  Если используется 3proxy, то запускаемые службы указываются в файле 3proxy.cfg.
+  Файл 3proxy.cfg просматривается 3proxy построчно, каждая строка рассматривается
+  как управляющая команда. Синтаксис команд описан в 3proxy.cfg.sample. Например,
+  <pre>
+  log /var/log/3proxy.log D
+  rotate 30
+  internal 127.0.0.1
+  external 192.168.1.1
+  proxy
+  socks
+  pop3p -l/var/log/pop3proxy</pre>
+  запускает 3 службы - PROXY, SOCKS и POP3 Proxy. Каждая слушает на интерфейсе
+  127.0.0.1 порт по-умолчанию (3128 для proxy, 1080 для socks и 110 для
+  pop3p). Журналы всех служб кроме pop3p ведутся в файле /var/log/3proxy.log,
+  который ежедневно меняется. Хранятся 30 последних файлов. Для pop3p ведется
+  отдельный журнал /var/log/pop3proxy (см. <a href="#LOGGING">Как настроить ведение журнала</a>).
+  </p>
+  <li><a name="BIND"><i>Как повесить службу на определенный интерфейс или порт</i></a>
+  <p>
+  Опция -i позволяет указать внутренний интерфейс, -p - порт (пробелы в
+  опциях не допускаются). Например, чтобы служба proxy висела на порту
+  8080 интерфейсов 192.168.1.1 и 192.168.2.1 необходимо дать команды
+  </p>
+  <pre>
+  proxy -p8080 -i192.168.1.1
+  proxy -p8080 -i192.168.2.1</pre>
+  <li><a name="AUTH"><i>Как ограничить доступ к службе</i></a>
+  <p>
+  Во-первых, для ограничения доступа необходимо указать внутренний интерфейс,
+  на котором прокси-сервер будет принимать соединения. Внутренний интерфейс
+  указывается с помощью команды internal в файле конфигурации или с помощью
+  ключа -i конкретного модуля.
+  (см. <a href="#LAUNCH">Как запустить конкретную службу (HTTP, SOCKS и т.д)</a>).
+  Отсутствие указания внутреннего интерфейса может привести к тому, что ваш
+  прокси будет открытым.
+  <p> Указание внешнего интерфейса (т.е. IP, с которого сервер будет устанавливать
+  внешние соединения) так же является полезным. Для этого служит команда external
+  и ключ -e соответственно.
+  Для универсального прокси возможна дополнительная авторизация доступа с помощью
+  имени/пароля, NetBIOS имени пользователя и по спискам доступа (по IP клиента,
+  IP и порту назначения, см. <a href="#ACL">Как ограничить доступ пользователей к ресурсам</a>).
+  Тип авторизации устанавливается командой auth в файле конфигурации.
+  <pre>
+  auth none</pre>
+  Отсутствие какой-либо авторизации. Списки доступа не проверяются.
+  <pre>
+  auth iponly</pre>
+  Будет идти проверка по списку доступа с использованием IP клиента, IP и номера
+  порта назначения.
+  <pre>
+  auth nbname</pre>
+  Перед проверкой по списком доступа будет произведена попытка получить NetBIOS
+  имя клиента. Для этого используется NetBIOS код службы messager (0x03). Если
+  имя определить не удалось (служба messager для Windows NT/2000/XP или WinPopUP
+  для 95/98/ME не запущена), то имя будет считаться пустым. Далее следует
+  проверка по спискам доступа. Данный тип авторизации не зависит от платформы
+  сервера (т.е. прокси сервер, запущенный под Unix, сможет определять NetBIOS
+  имена). Его рекомендуется использовать в однородных сетях, где у всех клиентов
+  установлена Windows NT/2000/XP и пользователи не имеют доступа к
+  привелегированным учетным записям. Этот вид авторизации не является надежным.
+  <pre>
+  auth strong</pre>
+  Проверяется имя и пароль, переданные пользователем при подключении к прокси.
+  Данный вид авторизации работает только с proxy и socks. Необходимо задание
+  списка пользователей (см <a href="#USERS">Как создать список пользователей</a>).
+  Соединения от неизвестных пользователей не принимаются. После проверки имени
+  пользвоателя и пароля происходит проверка списков доступа.
+  </p><p>
+  Для разных служб можно установить различные типы авторизации, например,
+  <pre>
+  auth none
+  pop3p
+  auth iponly
+  proxy
+  auth strong
+  socks</pre>
+  не накладывает ограничений на использование POP3 Proxy, производит проверку
+  по спискам доступа для пользователей HTTP Proxy и требует авторизации с именем
+  и паролем для SOCKS.
+  </p><p>С версии 0.6 возможно использвоать двойную авторизацию, например,
+  <pre>
+  auth iponly strong
+  allow * * 192.168.0.0/16
+  allow user1,user2
+  proxy</pre>
+  будет использовать авторизацию только в том случае, если не удалось пропустить
+  пользователя с авторизаций iponly, т.е. для доступа к ресурсам 192.168.0.0/16
+  авторизация не требуется.
+  </p><p>С версии 0.6 так же можно использвоать кэширование авторизации (имени
+  пользователя) с целью повышения производительности. Использовать кэширование
+  для strong практически не имеет смысла, она полезно для nbname и авторизации
+  через внешние плагины, типа WindowsAuthentication. Кэширование настраивается
+  командой authcache с двумя параметрами - типом кэширования и временем, на
+  которое кэшируется пароль. Возможные типы: ip - после успешной авторизации в
+  течение времени кэширования все запросы пришедшие с того же адреса считаются
+  запросами от того же пользователя, name - после успешной авторизации от
+  пользователя с тем же именем требуют указания имени, но реально аутентификации
+  не производится, ip,name - запрос должен придти от того же IP и с тем же
+  именем. user,password - имя и пароль пользователя сверяются с кэшированными.
+  Возможны и другие сочетания. Для авторизации должен использоваться специальный
+  метод авторизации - cache. Пример:
+  <pre>
+  authcache ip 60
+  auth cache strong windows
+  proxy -n</pre>
+  Кэширование влияет на безопасность доступа. Ни в коем случае не следует
+  использовать кэширование для доступа к критичным ресурсам, в частности к
+  интерфейсу администрирования.
+  </p>
+  <li><a name="USERS"><i>Как создать список пользователей</i></a>
+  <p>
+  Список пользователей задается с помощью команды users. 
+  <pre>
+  users USERDESC ...</pre>
+  С помощью одной команды можно задать несколько пользователей, можно
+  давать несколько команд users. USERDESC - описание пользователя. Описание
+  пользователя состоит из трех полей разделенных : (двоеточием) - имени (login)
+  типа пароля и пароля. Например:
+  <pre>
+  users admin:CL:bigsecret test:CL:password test1:CL:password1
+  users "test2:CR:$1$lFDGlder$pLRb4cU2D7GAT58YQvY49."
+  users test3:NT:BD7DFBF29A93F93C63CB84790DA00E63</pre>
+  Обратите внимание на двойные кавычки - они необходимы для второго пользователя,
+  т.к. в его пароле встречается знак $, который для файла 3proxy.cfg означает
+  включение другого файла. Поддеживается следующие типы паролей:
+  <ul>
+    <li>тип не указан - использовать системную авторизацию для
+    данного пользователя (пока не реализовано).
+    <li>CL - пароль в открытом тексте
+    <li>CR - пароль в формате crypt() (только MD5)
+    <li>NT - пароль в формате NT в шестнадцатеричной кодировке
+  </ul>
+  NT и crypt пароли могут быть использованы для импорта учетных записей из
+  Windows/Samba и Unix соответственно (для Windows можно использовать утилиты
+  семейства pwdump).
+  Учетные записи удобно хранить в отдельном файле (в таком случае можно хранить
+  их построчно в формате, типичном для файлов паролей). Включить файл можно с
+  помощью макроса $:
+  <pre>
+  users $/etc/.3proxypasswd</pre>
+  или
+  <pre>
+  users $"c:\Program Files\3proxy\passwords"</pre>
+  Шифрованные NT и crypt пароли можно создавать с помощью утилиты mycrypt.
+  <br>Список пользователей един для всех служб. Разграничение доступа по службам
+  необходимо производить с помощью списков доступа.
+  </p>
+  <li><a name="ACL"><i>Как ограничить доступ пользователей к ресурсам</i></a>
+  <p>
+  Для построения списков доступа используются команды allow, deny и
+  flush. Команды имеют следующую структуру:
+  <pre>
+  allow &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt; &lt;weekdays&gt; &lt;timeperiodslist&gt;
+  deny &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt; &lt;weekdays&gt; &lt;timeperiodslist&gt;
+  flush</pre>
+  Команда flush используется для сброса существующего списка доступа (это
+  необходимо для того, чтобы можно было задать различные списки доступа для
+  различных служб). allow служит для разрешения соединения, deny - для запрета
+  соединения. Команда parent используется в качестве расширения команды
+  allow для управления перенаправлениями соединений (о перенаправлении см. <a href="#REDIR">Как управлять перенаправлениями</a>).
+  В момент установки исходящего соединения просматривается список доступа и
+  находится первая запись, соответствующая запрошенному клиентом соединению.
+  Если запись соттветствует allow - соединение разрешается, deny - запрещается.
+  Если список пуст, то соединение разрешается. Если список не пуст, но подходящей
+  записи нет, то соединение запрещается. При этом:
+  <ul>
+    <li>&lt;userlist&gt; - список логинов пользователей через запятую
+    <li>&lt;sourcelist&gt; - список сетей клиентов через запятую. Сеть
+    задается в формате xxx.yyy.zzz.mmm/l, где l - длина маски
+    сети (количество ненулевых байт). Например, 192.168.1.0/24
+    соответствует сети с маской 255.255.255.0.
+    <li>&lt;targetlist&gt; - список сетей назначения через запятую
+    <li>&lt;targetportlist&gt; - список портов назначения через запятую.
+    можно задать диапазон портов через -, например, 80,1024-65535
+    <li>&lt;commandlist&gt; - список команд, через запятую, для которых применяется правило:
+    <br>		CONNECT	- установить исходящее TCP соединение (например, SOCKSv4/5, POP3 proxy, и т.д.)
+    <br>		BIND - разрешить входящее TCP соединение (SOCKSv5)
+    <br>		UDPASSOC - создать UDP-ассоциацию (SOCKSv5)
+    <br>		ICMPASSOC - создать ICMP-ассоциацию (не реализовано)
+    <br>		HTTP_GET - HTTP GET запрос (HTTP proxy)
+    <br>		HTTP_PUT - HTTP PUT запрос (HTTP proxy)
+    <br>		HTTP_POST - HTTP POST запрос (HTTP proxy)
+    <br>		HTTP_HEAD - HTTP HEAD запрос (HTTP proxy)
+    <br>		HTTP_CONNECT - HTTP CONNECT запрос (HTTP proxy)
+    <br>		HTTP_OTHER - другой HTTP запрос (HTTP proxy)
+    <br>		HTTP - соответствует любому HTTP запросу кроме HTTP_CONNECT (HTTP proxy)
+    <br>		HTTPS - тоже, что HTTP_CONNECT (HTTP proxy)
+    <br>		FTP_GET - FTP get запрос
+    <br>		FTP_PUT - FTP put запрос
+    <br>		FTP_LIST - FTP list запрос
+    <br>		FTP - соответствует любому FTP запросу
+    <br>		ADMIN - доступ к интерфейсу администрирования
+    <li>&lt;weekdays&gt; задает список дней недели, 1 соответствует
+    понедельнику, 0 или 7 - воскресенье. 1-5 означает с понедельника
+    по пятницу (включительно). 1,3,5 задает нечетные дни недели.
+    <li>&lt;timeperiodslist&gt; список интервалов дня в формате 
+    ЧЧ:ММ:СС-ЧЧ:ММ:СС, например, 00:00:00-08:00:00,17:00:00-24:00:00
+    задает нерабочее время.
+  </ul>
+  Примеры использования листов доступа можно найти в файле 3proxy.cfg.sample.
+  </p>
+  <li><a name="REDIR"><i>Как управлять перенаправлениями</i></a>
+  <p>
+  Перенаправления имеет смысл использовать, например, чтобы перенаправить
+  обращения определенных клиентов или на определнные сервера на другой сервер
+  (например, при попытке доступа на Web сервер с недозволенным материалом
+  перенаправить на собственный Web сервер, или для того, чтобы в зависимости
+  от IP клиента перенаправлять его соединения на разные сервера (особенно при
+  отображении портов через tcppm). Кроме того, перенаправление может быть
+  использовано, например, для перенаправления все исходящих HTTP запросов,
+  посланных через SOCKS, на HTTP прокси. Поскольку формат запроса к Web серверу
+  и Proxy различается, не любой Proxy сервер способен корректно обработать
+  перенаправленный запрос (HTTP proxy в комплекте 3proxy нормально обрабатывает
+  перенаправленные запросы, что делает возможным его использования в качестве
+  "прозрачного" прокси. Кроме того, HTTP прокси обнаруживает перенаправления
+  на родительский прокси и генерирует нормальные заголовки. Пример простейшего
+  перенаправления:
+  <pre>
+  auth iponly
+  allow *
+  parent 1000 http 192.168.1.1 3128
+  proxy</pre>
+  перенаправляет весь трафик службы proxy на родительский HTTP-прокси сервер
+  192.168.1.1 порт 3128.
+  <br>
+  Если в качестве номера порта указан порт 0, то указанный IP адрес используется
+  в качестве внешнего адреса для установки соединения (аналог -eIP, но только
+  для запросов попадающих под allow).
+  <br>
+  Специальным случаем перенаправлений являются локальные перенаправления,
+  которые, как правило, используются совместно со службой socks. В локальных
+  перенаправлениях IP адрес 0.0.0.0 порт 0. Например,
+  <pre>
+  auth iponly
+  allow * * * 80
+  parent 1000 http 0.0.0.0 0
+  allow * * * 21
+  parent 1000 ftp 0.0.0.0 0
+  allow * * * 110
+  parent 1000 pop3 0.0.0.0 0
+  socks</pre>
+  перенаправляет все содеинения, проходящие через SOCKS-сервер по 80 порту, в
+  локальный HTTP прокси, 21-му - в FTP, и 110 - в POP3 прокси. При этом службы
+  proxy, ftppr или pop3pr запускать не требуется. Это может быть полезно для
+  того, чтобы видеть в логах записи о посещаемых пользвоателем ресурсах и
+  загружаемых файлах даже в том случае, если он подключается через SOCKS.
+  </p>
+  <li><a name="ROUNDROBIN"><i>Как организовать балансировку между несоклькими каналами</i></a>
+  <p>
+  Сам по себе прокси не может управлять маршрутизацией пакетов сетевого уровня.
+  Единственная возможность для управления внешними соединениями - это выбор
+  внешнего интерфейса. Сделать выбор внешнего интерфейса случайным начиная
+  с версии 0.6 можно с использованием локальных перенаправлений (с номером
+  порта равным нулю):
+  <pre>
+  auth iponly
+  allow *
+  parent 500 http 10.1.1.101 0
+  parent 500 http 10.2.1.102 0</pre>
+  будет использовать внешний интерфейс 10.1.1.1 или 10.2.1.1 с вероятностью 0.5.
+  Внешний интерфейс это то же, что задается командой external или опцией -e.
+  Чтобы это работало как ожидается, необходимо, чтобы локальным интерфейсам
+  10.1.1.1 и 10.2.1.1 соответствовали разные маршруты по-умолчанию.
+  <p>
+  Если оба адреса принадлежат одной сети, например, 10.1.1.101 и 10.1.1.102 и
+  нужно случайным образом выбирать один из шлюзов 10.1.1.1 и 10.1.1.2, то нужно
+  управлять роутингом примерно так (при условии что маршрут по-умолчанию не
+  задан):
+  <pre>
+  route add -p 10.1.1.1 10.1.1.101
+  route add -p 10.1.1.2 10.1.1.102
+  route add -p 0.0.0.0 mask 0.0.0.0 192.168.1.1
+  route add -p 0.0.0.0 mask 0.0.0.0 192.168.1.2</pre>
+  Если второго адреса на прокси сервере нет - его надо добавить. Под Linux/Unix
+  лучше использовать source routing.
+  </p>
+  <li><a name="CHAIN"><i>Как составлять цепочки прокси</i></a>
+  <p>
+  Для составления цепочек прокси так же можно использовать команду parent, которая
+  является расширением команды allow (т.е. команде parent должна предшествовать
+  команда allow). С помощью этой команды можно строить цепочки из HTTPS
+  (HTTP CONNECT), SOCKS4 и SOCKS5 прокси (т.е. последовательно подключаться
+  через несколько прокси), при этом возможна авторизация на родительском прокси,
+  звено цепочки может выбираться случайным образом из несольких значений
+  с вероятностью согласно их весу. Вес (от 1 до 1000) задается для каждого
+  прокси. Сумма весов по всем перенаправлениям должна быть кратна 1000.
+  Прокси с весами до 1000 группируются, и при построении цепочки один из них
+  выбирается случайно согласно весу. Длина цепочки определяется из суммарного
+  веса. Например, если суммарный вес цепочки 3000, в цепочке будет 3 звена (хопа).
+  Синтаксис команды:
+  <pre>
+  parent &lt;weight&gt; &lt;type&gt; &lt;ip&gt; &lt;port&gt; &lt;username&gt; &lt;password&gt;</pre>
+  weight - вес прокси, type - тип прокси (tcp - перенаправление соединения,
+  может быть только последним в цепочке, http - синоним tcp, connect - HTTP
+  CONNECT/HTTPS прокси, socks4 - SOCKSv4 прокси, socks5 - SOCKSv5 прокси),
+  ip - IP адрес прокси, port - порт прокси, username - имя для авторизации
+  на прокси (опционально), password - пароль для авторизации на прокси
+  (опционально).
+  <br>Пример:
+  <pre>
+  allow *
+  parent 500 socks5 192.168.1.1 1080
+  parent 500 connect 192.168.10.1 3128</pre>
+  Создает цепочку из одного звена (суммарный вес 1000), в котором один из двух
+  прокси выбирается случайно с равной вероятностью (веса равны). В цепочку
+  перенаправляются все исходящие соединения (определяется командой allow).
+  <pre>
+  allow * * * 80
+  parent 1000 socks5 192.168.10.1 1080
+  parent 1000 connect 192.168.20.1 3128
+  parent 300 socks4 192.168.30.1 1080
+  parent 700 socks5 192.168.40.1 1080</pre>
+  Создает цепочку из трех звеньев (суммарный вес 3000). Первое звено -
+  192.168.10.1, второе - 192.168.20.1, а третье - либо 192.168.30.1 с
+  вероятностью 0.3 либо 192.168.40.1 с вероятностью 0.7
+  </p>
+  <li><a name="BANDLIM"><i>Как ограничивать скорости приема</i></a>
+  <p>
+  3proxy позволяет устанавливать фильтры ширины потребляемого канала. Для этого
+  служат команды bandlimin/bandlimout и nobandlimin/nobandlimout
+  (in в команде означает, что правило применяется к входящему трафику,
+  out - к исходящему).
+  <pre>
+  bandlimin &lt;bitrate&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;
+  nobandlimin &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;</pre>
+  <p>
+  bitrate указывает ширину потока в битах в секунду (именно в битах). В остальном
+  команды аналогичны командам allow/deny с тем отличием, что команды bandlim
+  не имеют привязки к конкретному сервису, такому как HTTP прокси или SOCKS
+  и действуют на все сервисы, трафик по всем соединениям, попавшим под действие
+  правила суммируется независимо от того, через какой сервис это соединение
+  установлено.
+  <pre>
+  bandlimin 57600 * 192.168.10.16
+  bandlimin 57600 * 192.168.10.17
+  bandlimin 57600 * 192.168.10.18
+  bandlimin 57600 * 192.168.10.19</pre>
+  устанавалиет канал 57600 для каждого из четырех клиентов,
+  <pre>
+  bandlimin 57600 * 192.168.10.16/30</pre>
+  устанавалиает суммарный канал 57600 на 4-х клиентов. Если необходимо, чтобы на
+  какой-то сервис не было ограничения ширины канала, следует указать nobandlim
+  для этого сервиса, например:
+  <pre>
+  nobandlimin * * * 110
+  bandlimin 57600 * 192.168.10.16/32</pre>
+  разрешает клиентам неограниченный по скорости доступ по протоколу POP3.
+  </p>
+  <li><a name="TRAFLIM"><i>Как ограничивать объем принимаемого трафика</i></a>
+  <p>
+  <pre>
+  counter &lt;filename&gt; &lt;type&gt; &lt;reportpath&gt; 
+  countin &lt;number&gt; &lt;type&gt; &lt;amount&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;
+  nocountin &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;</pre>
+  countout &lt;number&gt; &lt;type&gt; &lt;amount&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;
+  nocountout &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;commandlist&gt;</pre>
+  <p>
+  Команды позволяют установить лимит трафика на день, неделю или месяц.
+  Сведения о трафике постоянно сохраняются в двоичном файле, указываемом
+  командой counter, что делает подсчет трафика независимым от
+  перезагрузки прокси. Можно управлять двоичным файлом, используя утилиту
+  countersutil.
+  Действие команд countin/nocountin аналогично действию bandlimin/nobandlimin,
+  number - задает последовательный номер счетчика, номер должен быть
+  уникальным положительным числом. Значение 0 указывает, что сведения
+  для данного счетчика не надо сохранять в файле.
+  <br>
+  reportpath - путь, по которому будут создаваться текстовые отчеты по
+  потребленному трафику.
+  <br>
+  type - тип ограничения или частота создания файлов отчета.
+  D (На день), W (на неделю) или M (на месяц).
+  <br>
+  amount - объем трафика на указанный период в мегабайтах.
+  </p>
+  <li><a name="NETLIST"><i>Как строить списки сетей</i></a>
+  <p>
+  Очень часто списки сетей и пользователей бывают достаточно громоздкими.
+  3proxy не поддерживает создание групп, но позволяет включение файлов. Это
+  означает, что для удобства администрирования выгодно хранить списки
+  пользователей и списки сетей в отдельных файлах и при необходимости дать
+  пользователю доступ к тому или иному ресурсу, править файл со списком
+  пользователей или сетей вместо того, чтобы править сам файл 3proxy.cfg. В файле
+  3proxy.cfg файл со списком можно включить с помощью макроса $.
+  Поскольку в 3proxy есть ограничения на максимальный размер элемента
+  конфигурации, большие списки следует разбивать на несколько файлов и
+  использовать несколько записей списка контроля доступом.
+  В комплекте с 3proxy поставляется утилита dighosts, которая позволяет построить
+  список сетей по странице Web. Утилита осуществляет поиск адресов на Web-странице
+  в формате АДРЕС МАСКА или АДРЕС/ДЛИНА. Утилиту dighosts можно вызвать во время
+  старта 3proxy, используя команду system. Например:
+  <pre>
+  system "dighosts http://provider/network.html local.networks"
+  allow * * $local.networks
+  allow *
+  parent 1000 proxy.provider 3128 *
+  proxy
+  flush</pre>
+  В данном случае в файле local.networks генерируется список локальных сетей по
+  странице networklist.html. Далее используется список контроля доступа для того,
+  чтобы разрешить локальному прокси-серверу доступ к локальным сетям напрямую,
+  а все остальные запросы перенаправить на прокси-сервер провайдера.
+  </p>
+  <li><a name="NSCACHING"><i>Как управлять разрешением имен и кэшированием DNS</i></a>
+  <p>
+  Для разрешения имен и кэширования применяются команды nserver,
+  nscache и nsrecord.
+  <pre>
+  nserver 192.168.1.2
+  nserver 192.168.1.3</pre>
+  указывает 3proxy какие машины следует использвоать в качестве серверов
+  DNS. Сервер 192.168.1.3 будет использоваться толкьо при недостижимости
+  192.168.1.2. Можно указать до 5 серверов. Если nserver не указан, будут
+  использованы системные функции разрешения имен.
+  <pre>
+  nscache 65535</pre>
+  указывает размер кэша для разрешения имен (обычно достаточно большой).
+  Кэш исопльзуется только при явном указании nserver.
+  <pre>
+  nsrecord server.mycompany.example.com 192.168.1.1
+  nsrecord www.porno.com 127.0.0.2
+  ...
+  deny * * 127.0.0.2</pre>
+  добавляет статическую запись в кэш.</p>
+  <li><a name="DEMANDDIAL"><i>Как устанавливать соединение по требованию</i></a>
+  <p>
+  Команда dialer задает программу, которая будет запускаться при
+  невозможности разрешить имя компьютера, например:
+  <pre>
+  dialer "rasdial PROVIDER"</pre>
+  (описание rasdial можно найти на сервере поддержки Microsoft).
+  Есть два аспекта: невозможность разрешения имени еще не свидетельствует
+  об отсутствии соединения (это должна учитывать вызываемая программа),
+  при использовании nscache имя может разрешиться при отсутствии
+  соединения. В таких случаях полезно запрашивать заведомо несуществующий
+  ресурс, например, http://dial.right.now/.
+  </p>	
+</ul>
+<hr>
+<li><a name="CLIENT"><b>Конфигурация клиентов</b></a>
+<p>
+<ul>
+  <li><a name="IE"><i>Как использовать 3proxy с Internet Explorer или другим браузером</i></a>
+  <p>Мы будем рассматривать Interenet Explorer, т.к. у него больше особенностей
+  настройки, с другими браузерами должно возникать меньше вопросов.
+  <p>Есть два основных способа работы с 3proxy - использовать HTTP прокси (сервис
+  proxy) или SOCKS прокси (сервис socks). Обычно используется HTTP прокси. Для
+  SOCKS прокси можно использовать встроенную поддержку браузера или
+  программу-соксификатор (см. 
+  <a href="#CAP">Как использовать 3proxy с программой, не поддерживающей работу с прокси-сервером</a>),
+  если встроенная поддержка SOCKS чем-то не устраивает или так удобнее. Не все
+  соксификаторы поддерживают входящие соединения, поэтому чтобы не было проблем с
+  протоколом FTP лучше использовать пассивный режим (в Internet Explorer 5.5SP2
+  и выше "Использовать пассивный FTP-протокол").
+  <p>Для конфигурации HTTP прокси необходимо указать внутренний адрес и порт,
+  установленые для службы proxy в конфигурации 3proxy (либо как "Один
+  прокси-сервер для всех протоколов" либо для HTTP, Secure, FTP). Поддержка
+  Gopher в 3proxy в настоящий момент не реализована, но этот устаревший протокол
+  в Internet практически не используется. Для нормальной работы FTP через HTTP
+  прокси необходимо отключить представление для папок FTP (FTP folder view),
+  он включен по-умолчанию, т.к. иначе FTP будет работать без использвания HTTP
+  прокси. HTTP прокси использует пассивный режим для протокола FTP. В настройках
+  3proxy рекомендуется разрешть метод HTTP_CONNECT только для порта назначения 443.
+  Если метод HTTP_CONNECT не разрешен, то не будет работать протокол HTTPS, если
+  он разрешен для всех портов, то можно обойти журналирование запросов для
+  протокола HTTP).
+  Для работы с HTTP прокси может использоваться авторизация по паролю (strong). 
+  <p>Для использования SOCKS необходимо настроить только SOCKS прокси (иначе для
+  протоколов, для которых указан прокси сервер, он будет использоваться как HTTP
+  прокси). Internet Explorer (включая IE 6.0SP1)
+  поддерживает только SOCKSv4. В качестве имени пользователя передается имя
+  пользователя, использованное для входа в систему. Передача пароля в SOCKSv4 не
+  поддерживается, поэтому авторизация по паролю (strong) не доступна. Можно
+  использовать имя пользователя, переданное браузером в ACL для iponly-авторизации,
+  но при этом необходимо иметь ввиду ненадежность такого способа. При работе через
+  SOCKS Internet Explorer (и большая часть других браузеров) используют пассивный
+  режим работы для FTP. При использовании SOCKS можно получить в журнале (логах)
+  URL запрашиваемых страниц, для этого необходимо создать внутреннее
+  перенаправление в HTTP прокси для порта 80 (и других портов, используемых для
+  HTTP) в локальный HTTP прокси (proxy), порт 21 (и другие порты, используемые
+  FTP) в FTP прокси. При перенаправлении соединений в FTP прокси, нужно иметь
+  ввиду, что FTP создает вторичные соединения для передачи данных. Для этого,
+  во-первых, необходимо разрешить доступ к внутреннему интерфейсу прокси сервера
+  через SOCKS (что не очень безопасно), во-вторых, принять меры, чтобы в SOCKS
+  такие соединения на внутренний интерфейс не тарифицировались (т.к. иначе они
+  будут тарифицироваться дважды - SOCKS и FTP прокси).
+  <p>Internet Explorer и другие продвинутые браузеры поддерживают автоматическую
+  конфигурацию прокси-сервера в полностью автоматическом или полуавтоматическом
+  режимах. Автоматическая конфигурация позволяет задать достаточно сложные
+  правила, позволяющие клиентам использовать (или не использвоать) разные
+  прокси-серверы для доступа к разным ресурсам. Эта возможность разбирается в
+  статьях
+  <br>Microsoft: Q296591 A Description of the Automatic Discovery Feature
+  <br><a href="http://support.microsoft.com/default.aspx?scid=kb;EN-US;296591">http://support.microsoft.com/default.aspx?scid=kb;EN-US;296591</a>
+  <br>Netscape: Navigator Proxy Auto-Config File Format
+  <br><a href="http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html">http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html</a>
+  <li><a name="FTP"><i>Как настраивать FTP клиент</i></a>
+  <p>
+  Настройка FTP клиента для работы через SOCKS прокси не отличается от настройки
+  <a href="#IE">браузера</a>.
+  <p>
+  Для работы с FTP клиентом через FTP прокси (ftppr) есть несколько возможностей.
+  Допустим, нам необходимо подключиться ко внешнему FTP серверу со следующими
+  параметрами:
+  <pre>
+  Адрес:		ftp.security.nnov.ru
+  Username:	ftpuser
+  Password:	********</pre>
+  <p>Работа с клиентом, не поддерживающим FTP прокси - в качестве адреса FTP
+  сервера указывается адрес прокси (например, proxy.security.nnov.ru), в качестве
+  имени пользователя ftpuser@ftp.security.nnov.ru. Если для доступа к службе
+  ftppr требуется авторизация по имени и паролю с именем pruser и паролем prpass,
+  то в качестве имени пользователя необходимо указать
+  pruser:prpass:ftpuser@ftp.security.nnov.ru. Если FTP клиент требует указания
+  полной URL для подключения к серверу, то она должна выглядеть как
+  <p>
+  pruser:prpass:ftpuser@ftp.security.nnov.ru:********@proxy.security.nnov.ru
+  <p>
+  Не все клиенты обработают это корректно, но в большинстве случаев этого не
+  требуется.
+  <p>Работа с клиентом, поддерживающим FTP прокси - если 3proxy
+  не требует авторизации по паролю, то настройки стандартны для клиента. Если
+  требуется доступ по паролю, то в качестве имени пользователя указывается
+  pruser:prpass:ftpuser.
+  <li><a name="SMTP"><i>Как использовать SMTP через 3proxy</i></a>
+  <p>
+  В большинстве случаев достаточно установить отображение (tcppm) TCP порта 25 на
+  аналогичный порт SMTP сервера провайдера. В конфигурации клиента указать
+  внутренний адрес прокси в качестве адреса SMTP-сервера.
+  <li><a name="POP3"><i>Как использовать POP3 proxy</i></a>
+  <p>
+  Предположим, у вас есть следующие настройки для получения почты:
+  <pre>
+  POP3 server:	pop3.security.nnov.ru
+  Login:		user
+  Password:	********</pre>
+  В настройках почтовой программы следует указать:
+  <pre>
+  POP3 server:	(адрес прокси-сервера)
+  Login:		user@pop3.security.nnov.ru
+  Password:	********</pre>
+  <p>
+  Имя пользователя может само по себе содержать знак '@'. Если в примере выше
+  имя пользователя user@security.nnov.ru, то имя пользвоателя для доступа к
+  прокси-серверу должно быть user@security.nnov.ru@pop3.security.nnov.ru. Если
+  pop3pr требует авторизации по имени/паролю (например, pruser и prpass), то их
+  необходимо указать в начале имени пользователя, отделив знаком ':', т.е для
+  самого тяжелого случая pruser:prpass:user@security.nnov.ru@pop3.security.nnov.ru
+  </p>
+  <li><a name="CAP"><i>Как использовать 3proxy с программой, не поддерживающей работу с прокси-сервером</i></a>
+  <p>
+  Можно использовать любую программу-редиректор, например,
+  <a href="http://www.socks.permeo.com">SocksCAP</a> или
+  <a href="http://www.freecap.ru">FreeCAP</a>. 3proxy поддерживает исходящие
+  и обратные TCP и UDP соединения, но редиректоры могут иметь свои ограничения,
+  кроме того, некоторые плохо написаные приложения не поддаются "соксификации".
+  Если программе требуется обращаться к небольшому набору серверов 
+  (например, игровых), то проблему можно решить с помощью портмаппинга.
+  <li><a name="GAMES"><i>Как использовать 3proxy с играми</i></a>
+  <p>
+  Оптимальный варинт - использовать соксификатор (<a href="#CAP">Как использовать
+  3proxy с программой, не поддерживающей работу с прокси-сервером</a>). 
+  <a href="http://www.freecap.ru/">FreeCap 3.13 </a> проверен с играми на движке
+  Unreal (включая Unreal Tournament), Half-Life (включая Counter-Strike) и
+  другими. Если по каким-то причинам соксификатор не работает или недоступен,
+  то необходимо использовать отображения портов (обычно игры, 
+  кроме mood-подобных, работают по протоколу UDP, надо использовать udppm).
+  Нужно иметь ввиду, что для udppm требуется отдельный маппинг для каждого
+  серверного порта и каждого клиента. Например, если есть один сервер с портами
+  2115 и 2116 и три клиента, то нужно создать 6 разных маппингов, например
+  <pre>
+	udppm 12115 server 2115
+	udppm 12115 server 2115
+	udppm 22115 server 2115
+	udppm 32115 server 2115
+	udppm 12116 server 2116
+	udppm 22116 server 2116
+	udppm 32116 server 2116</pre>
+  В игровом клиенте адрес и порт с маппингом следует указывать вместо адреса
+  и порта сервера.
+  </p>
+</ul>
+<hr>
+<li><a name="ADMIN"><b>Администрирование и анализ информации</b></a>
+<p>
+<ul>
+  <li><a name="NEWVERSION"><i>Где взять свежую версию</i></a>
+  <p>
+  Свежую версию всегда можно взять
+  <a href="http://3proxy.ru/">здесь</a>. Обратите внимание,
+  что в новой версии может измениться порядок лицензирования или команды
+  конфигурации, поэтому прежде чем устанавливать новую версии программы
+  обязательно ознакомьтесь с документацией.
+  </p>
+  <li><a name="NTSERVICE"><i>Как управлять службой 3proxy в Windows NT/2000/XP</i></a>
+  <p>
+  При установке 3proxy в качестве системной службы сервером поддерживаются
+  команды запуска, остановки, временной приостановки и продолжения.
+  При временной приостановке сервер перестает принимать новые запросы от 
+  клиентов, но обработка ранее поступивших запросов продолжается. Сервер не
+  подерживает динамическое изменение конфигурации, т.е. после изменения
+  конфигурации 3proxy необходимо перезапустить.
+  Управлять запуском, остановкой, приостановкой и продолжением можно либо
+  через служебную программу "Службы" (Services) либо через команду net:
+  <pre>
+  net start 3proxy
+  net stop 3proxy
+  net pause 3proxy
+  net continue 3proxy</pre>
+  </p>
+  <li><a name="ERRORS"><i>Коды ошибок в журнале</i></a>
+  <p>
+  <ul>
+    <li>0 - операция завершена успешно (в случае установленного
+    соединения - соединение закрыто корректно одной из
+    сторон).
+    <li>1-9 - ошибки авторизации
+    <li>1 - доступ закрыт ACL (deny)
+    <li>2 - перенаправление (не должно быть в журнале)
+    <li>3 - нет записи ACL для данного соединения
+    <li>4 - не определено имя пользователя для auth strong
+    <li>5 - не найдено имя пользователя для auth strong
+    <li>6 - неверный пароль (открытый текст)
+    <li>7 - неверный пароль (crypt)
+    <li>8 - неверный пароль (NT)
+    <li>9 - недостаточно данных для перенаправления (не должно быть в журнале)
+    <li>10 - превышен лимит трафика
+    <li>11-19 - ошибки соединения
+    <li>11 - невозможно создать сокет socket()
+    <li>12 - невозможно выбрать интерфейс bind()
+    <li>13 - сбой подключения connect()
+    <li>14 - сбой getpeername()
+    <li>20-29 - общие ошибки
+    <li>21 - ошибка выделения памяти
+    <li>30-39 - ошибки перенаправления CONNECT
+    <li>31 - невозможно послать запрос к CONNECT прокси
+    <li>32 - превышено ожидание или некорректный ответ CONNECT прокси
+    <li>33 - CONNECT прокси не может установить соединение
+    <li>34 - превышено ожидание или обрыв соединения при согласовании CONNECT соединения
+    <li>40-49 - ошибки перенаправления SOCKS4
+    <li>50-69 - ошибки перенаправления SOCKS5
+    <li>70-79 ошибки установки родительского соединения, аналогичны 1x
+    <li>90-99 - ошибки разрыва соединения
+    <li>90 - ошибка сокета или соединение неожиданно прервано
+    <li>91 - общий сбой стека TCP/IP
+    <li>92 - соединение прервано по таймауту
+    <li>93 - ошибка получения данных от сервера
+    <li>94 - ошибка получения данных от клиента
+    <li>95 - таймаут из-за ограничения bandlimin/bandlimout
+    <li>96 - ошибка отправки данных клиенту
+    <li>97 - ошибка отправки данных серверу
+    <li>98 - исчерпан лимит данных сервера (не должно быть в журнале)
+    <li>99 - исчерпан лимит данных клиента (не должно быть в журнале)
+    <li>100 - не найден IP адрес по запросу клиента
+    <li>200-299 - ошибки UDP portmapper
+    <li>300-399 - ошибки TCP portmapper
+    <li>400-499 - ошибки SOCKS proxy
+    <li>500-599 - ошибки HTTP proxy
+    <li>600-699 - ошибки POP3 proxy
+    <li>999 - функция не реализована
+  </ul>
+  </p>
+</ul>
+<hr>
+<li><a name="QUEST"><b>Как задать вопрос, которого нет в HowTo</b></a>
+<p>
+Задайте его на <a href="http://3proxy.ru/board3.html">форуме</a>.
+Только не пытайтесь задавать какие-либо вопросы, если вы просто не поняли этот
+HowTo.
+</ul> 
+<pre>
+$Id: howtor.html,v 1.40 2010/01/21 13:34:20 v.dubrovin Exp $
+</pre>

doc/html/index.html

@@ -0,0 +1,18 @@
+<html><title>3proxy documentation</title><body><h2>3proxy documentation</h2>
+<a href="securityen.html">Security recommendations</a><br>
+<a href="howtoe.html">How To (English, very incomplete)</a><br>
+<a href="howtor.html">How To (Russian, Windows1251)</a><br>
+<a href="faqe.html">FAQ (English)</a><br>
+<a href="faqr.html">FAQ (Russian, Windows1251)</a>
+<h3>Man pages:</h>
+<br><A HREF="man8/3proxy.8.html">3proxy.8</A>
+<br><A HREF="man8/ftppr.8.html">ftppr.8</A>
+<br><A HREF="man8/icqpr.8.html">icqpr.8</A>
+<br><A HREF="man8/pop3p.8.html">pop3p.8</A>
+<br><A HREF="man8/proxy.8.html">proxy.8</A>
+<br><A HREF="man8/smtpp.8.html">smtpp.8</A>
+<br><A HREF="man8/socks.8.html">socks.8</A>
+<br><A HREF="man8/tcppm.8.html">tcppm.8</A>
+<br><A HREF="man8/udppm.8.html">udppm.8</A>
+<br><A HREF="man3/3proxy.cfg.3.html">3proxy.cfg.3</A>
+</body></html>

doc/html/man3/3proxy.cfg.3.html

@@ -0,0 +1,1300 @@
+
+<HTML><HEAD><TITLE>Manpage of 3proxy.cfg</TITLE>
+</HEAD><BODY>
+<H1>3proxy.cfg</H1>
+Section: Universal proxy server
 (3)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>3proxy.cfg</B>
+
+- 3proxy configuration file
+<A NAME="lbAC">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<BR>&nbsp;Common&nbsp;structure:
+<BR>
+
+Configuration file is a text file 3proxy reads configuration from. Each line
+of the file is a command executed immediately, as it was given from
+console. Sequence of commands is important. Configuration file as actually a
+script for 3proxy executable.
+Each line of the file is treated as a blank (space or tab) separated
+command line. Additional space characters are ignored. 
+Think about 3proxy as &quot;application level router&quot; with console interface.
+<BR>
+
+<BR>&nbsp;Comments:
+<BR>
+
+Any string beginning with space character or '#' character is comment. It's
+ignored. &lt;LF&gt;s are ignored. &lt;CR&gt; is end of command.
+
+<BR>
+
+<BR>&nbsp;Quotation:
+<BR>
+
+Quotation character is &quot; (double quote). Quotation must be used to quote
+spaces or another special characters. To use quotation character inside
+quotation character must be dubbed (BASIC convention). For example to use
+HELLO &quot;WORLD&quot; as an argument you should use it as &quot;HELLO &quot;&quot;WORLD&quot;&quot;&quot;.
+Good practice is to quote any argument you use.
+<BR>
+
+<BR>&nbsp;File&nbsp;inclusion:
+<BR>
+
+You can include file by using $FILENAME macro (replace FILENAME with a path
+to file, for example $/usr/local/etc/3proxy/conf.incl or 
+<BR>&nbsp;$&quot;c:\Program&nbsp;Files\3proxy\include.cfg&quot;&nbsp;Quotation&nbsp;is
+required in last example because path contains space character. 
+For included file &lt;CR&gt; (end of line characters) is treated as space character
+(arguments delimiter instead of end of command delimiter). 
+Thus, include files are only useful to store long signle-line commands
+(like userlist, network lists, etc).
+To use dollar sign somewhere in argument it must be quoted. 
+Recursion is not allowed.
+<BR>
+
+<BR>&nbsp;Next&nbsp;commands&nbsp;start&nbsp;gateway&nbsp;services:
+<BR>
+
+<B>proxy</B>
+
+[options]
+<BR>
+
+<B>socks</B>
+
+[options]
+<BR>
+
+<B>pop3p</B>
+
+[options]
+<BR>
+
+<B>ftppr</B>
+
+[options]
+<BR>
+
+<B>admin</B>
+
+[options]
+<BR>
+
+<B>dnspr</B>
+
+[options]
+<BR>
+
+<B>tcppm</B>
+
+[options]
+&lt;SRCPORT&gt; &lt;DSTADDR&gt; &lt;DSTPORT&gt;
+<BR>
+
+<B>udppm</B>
+
+[options]
+&lt;SRCPORT&gt; &lt;DSTADDR&gt; &lt;DSTPORT&gt;
+<BR>
+
+<BR>&nbsp;Descriptions:
+<BR>
+
+<B>proxy</B>
+
+- HTTP/HTTPS proxy (default port 3128)
+<BR>
+
+<B>socks</B>
+
+- SOCKS 4/4.5/5 proxy (default port 1080)
+<BR>
+
+<B>pop3p</B>
+
+- POP3 proxy (default port 110)
+<BR>
+
+<B>ftppr</B>
+
+- FTP proxy (default port 21)
+<BR>
+
+<B>admin</B>
+
+- Web interface (default port 80)
+<BR>
+
+<B>dnspr</B>
+
+- caching DNS proxy (default port 53)
+<BR>
+
+<B>tcppm</B>
+
+- TCP portmapper
+<BR>
+
+<B>udppm</B>
+
+- UDP portmapper
+<BR>
+
+
+<BR>&nbsp;Options:
+<BR>
+
+<B>-pNUMBER</B>
+
+change default server port to NUMBER
+<BR>
+
+<B>-n</B>
+
+disable NTLM authentication (required if passwords are stored in Unix crypt format.
+<BR>
+
+<B>-s</B>
+
+(for admin) - allow only secure operations (currently only traffic counters
+view without ability to reset).
+<BR>
+
+<B>-a</B>
+
+(for proxy) - anonymous proxy (no information about client reported)
+<BR>
+
+<B>-a1</B>
+
+(for proxy) - anonymous proxy (random client information reported)
+<BR>
+
+<BR>&nbsp;Also,&nbsp;all&nbsp;options&nbsp;mentioned&nbsp;for&nbsp;
+<B><A HREF="../man8/proxy.8.html">proxy</A></B>(8)
+
+<B><A HREF="../man8/socks.8.html">socks</A></B>(8)
+
+<B><A HREF="../man8/pop3p.8.html">pop3p</A></B>(8)
+
+<B><A HREF="../man8/tcppm.8.html">tcppm</A></B>(8)
+
+<B><A HREF="../man8/udppm.8.html">udppm</A></B>(8)
+
+<B><A HREF="../man8/ftppr.8.html">ftppr</A></B>(8)
+
+<BR>&nbsp;are&nbsp;also&nbsp;supported.
+<BR>
+
+<BR>&nbsp;Portmapping&nbsp;services&nbsp;listen&nbsp;at&nbsp;SRCPORT&nbsp;and&nbsp;connect&nbsp;to&nbsp;DSTADDR:DSTPORT
+HTTP and SOCKS proxies are standard. 
+<BR>
+
+<BR>&nbsp;POP3&nbsp;proxy&nbsp;must&nbsp;be&nbsp;configured&nbsp;as&nbsp;POP3&nbsp;server&nbsp;and&nbsp;requires&nbsp;username&nbsp;in&nbsp;the&nbsp;form&nbsp;of:
+<A HREF="mailto:pop3username@pop3server">pop3username@pop3server</A>. If POP3 proxy access must be authenticated, you can
+specify username as proxy_username:proxy_password:<A HREF="mailto:POP3_username@pop3server">POP3_username@pop3server</A>
+<BR>
+
+<BR>&nbsp;DNS&nbsp;proxy&nbsp;resolves&nbsp;any&nbsp;types&nbsp;of&nbsp;records&nbsp;but&nbsp;only&nbsp;hostnames&nbsp;are&nbsp;cached.&nbsp;It
+requires nserver/nscache to be configured.
+<BR>
+
+<BR>&nbsp;FTP&nbsp;proxy&nbsp;can&nbsp;be&nbsp;used&nbsp;as&nbsp;FTP&nbsp;server&nbsp;in&nbsp;any&nbsp;FTP&nbsp;client&nbsp;or&nbsp;configured&nbsp;as&nbsp;FTP
+proxy on a client with FTP proxy support. Username format is one of
+<BR>
+
+<BR>&nbsp;<A HREF="mailto:FTPuser@FTPServer">FTPuser@FTPServer</A>
+<BR>
+
+<BR>&nbsp;FTPuser:<A HREF="mailto:FTPpassword@FTPserver">FTPpassword@FTPserver</A>
+<BR>
+
+<BR>&nbsp;proxyuser:proxypassword:FTPuser:<A HREF="mailto:FTPpassword@FTPserver">FTPpassword@FTPserver</A>
+<BR>
+
+<BR>&nbsp;Please&nbsp;note,&nbsp;if&nbsp;you&nbsp;use&nbsp;FTP&nbsp;client&nbsp;interface&nbsp;for&nbsp;FTP&nbsp;proxy
+do not add FTPpassword and FTPServer to username, because
+FTP client does it for you. That is, if you use 3proxy with
+authentication use
+proxyuser:proxypassword:FTPuser
+as FTP username, otherwise do not change original FTP user name<TT>&nbsp;</TT><BR>
+
+<B>include</B>
+
+&lt;path&gt;
+<BR>
+
+Include config file
+
+<BR>
+
+<B>config</B>
+
+&lt;path&gt;
+<BR>
+
+Path to configuration file to use on 3proxy restart or to save configuration.
+
+<BR>
+
+<B>writable</B>
+
+<BR>
+
+ReOpens configuration file for write access via Web interface,
+and re-reads it. Usually should be first command on config file
+but in combination with &quot;config&quot; it can be used anywhere to open
+alternate config file. Think twice before using it.
+
+<BR>
+
+<B>end</B>
+
+<BR>
+
+End of configuration
+
+<BR>
+
+<B>log</B>
+
+[[@|&amp;]logfile] [&lt;LOGTYPE&gt;]
+<BR>
+
+sets logfile for all gateways
+<BR>
+
+<BR>&nbsp;@&nbsp;-&nbsp;(for&nbsp;Unix)&nbsp;use&nbsp;syslog,&nbsp;filename&nbsp;is&nbsp;used&nbsp;as&nbsp;ident&nbsp;name
+<BR>
+
+<BR>&nbsp;&amp;&nbsp;-&nbsp;use&nbsp;ODBC,&nbsp;filename&nbsp;consists&nbsp;of&nbsp;comma-delimited&nbsp;datasource,username,password&nbsp;(username&nbsp;and&nbsp;password&nbsp;are&nbsp;optional)
+<BR>
+
+<BR>&nbsp;LOGTYPE&nbsp;is&nbsp;one&nbsp;of:
+<BR>
+
+<BR>&nbsp;&nbsp;M&nbsp;-&nbsp;Monthly
+<BR>
+
+<BR>&nbsp;&nbsp;W&nbsp;-&nbsp;Weekly&nbsp;(starting&nbsp;from&nbsp;Sunday)
+<BR>
+
+<BR>&nbsp;&nbsp;D&nbsp;-&nbsp;Daily
+<BR>
+
+<BR>&nbsp;&nbsp;H&nbsp;-&nbsp;Hourly
+<BR>
+
+if logfile is not specified logging goes to stdout. You can specify individual logging options for gateway by using
+-l option in gateway configuration.
+<BR>
+
+&quot;log&quot; command supports same format specifications for filename template
+as &quot;logformat&quot; (if filename contains '%' sign it's believed to be template).
+As with &quot;logformat&quot; filename must begin with 'L' or 'G' to specify Local or
+Grinwitch time zone for all time-based format specificators.
+
+<BR>
+
+<B>rotate</B>
+
+&lt;n&gt;
+how many archived log files to keep
+
+<BR>
+
+<B>logformat</B>
+
+&lt;format&gt;
+
+Format for log record. First symbol in format must be L (local time)
+or G (absolute Grinwitch time). 
+It can be preceeded with -XXX+Y where XXX is list of characters to be
+filtered in user input (any non-printable characters are filtered too
+in this case) and Y is replacement character. For example, &quot;-,%+ L&quot; in
+the beginning of logformat means comma and percent are replaced
+with space and all time based elemnts are in local time zone.
+<BR>
+
+You can use:
+
+<BR>
+
+<BR>&nbsp;%y&nbsp;-&nbsp;Year&nbsp;in&nbsp;2&nbsp;digit&nbsp;format
+<BR>
+
+<BR>&nbsp;%Y&nbsp;-&nbsp;Year&nbsp;in&nbsp;4&nbsp;digit&nbsp;format
+<BR>
+
+<BR>&nbsp;%m&nbsp;-&nbsp;Month&nbsp;number
+<BR>
+
+<BR>&nbsp;%o&nbsp;-&nbsp;Month&nbsp;abbriviature
+<BR>
+
+<BR>&nbsp;%d&nbsp;-&nbsp;Day
+<BR>
+
+<BR>&nbsp;%H&nbsp;-&nbsp;Hour
+<BR>
+
+<BR>&nbsp;%M&nbsp;-&nbsp;Minute
+<BR>
+
+<BR>&nbsp;%S&nbsp;-&nbsp;Second
+<BR>
+
+<BR>&nbsp;%t&nbsp;-&nbsp;Timstamp&nbsp;(in&nbsp;seconds&nbsp;since&nbsp;01-Jan-1970)
+<BR>
+
+<BR>&nbsp;%.&nbsp;-&nbsp;milliseconds
+<BR>
+
+<BR>&nbsp;%z&nbsp;-&nbsp;timeZone&nbsp;(from&nbsp;Grinvitch)
+<BR>
+
+<BR>&nbsp;%D&nbsp;-&nbsp;request&nbsp;duration&nbsp;(in&nbsp;milliseconds)
+<BR>
+
+<BR>&nbsp;%b&nbsp;-&nbsp;average&nbsp;send&nbsp;rate&nbsp;per&nbsp;request&nbsp;(in&nbsp;Bytes&nbsp;per&nbsp;second)&nbsp;this&nbsp;speed&nbsp;is&nbsp;typically&nbsp;below&nbsp;connection&nbsp;speed&nbsp;shown&nbsp;by&nbsp;download&nbsp;manager.
+<BR>
+
+<BR>&nbsp;%B&nbsp;-&nbsp;average&nbsp;receive&nbsp;rate&nbsp;per&nbsp;request&nbsp;(in&nbsp;Bytes&nbsp;per&nbsp;second)&nbsp;this&nbsp;speed&nbsp;is&nbsp;typically&nbsp;below&nbsp;connection&nbsp;speed&nbsp;shown&nbsp;by&nbsp;download&nbsp;manager.
+<BR>
+
+<BR>&nbsp;%U&nbsp;-&nbsp;Username
+<BR>
+
+<BR>&nbsp;%N&nbsp;-&nbsp;service&nbsp;Name
+<BR>
+
+<BR>&nbsp;%p&nbsp;-&nbsp;service&nbsp;Port
+<BR>
+
+<BR>&nbsp;%E&nbsp;-&nbsp;Error&nbsp;code
+<BR>
+
+<BR>&nbsp;%C&nbsp;-&nbsp;Client&nbsp;IP
+<BR>
+
+<BR>&nbsp;%c&nbsp;-&nbsp;Client&nbsp;port
+<BR>
+
+<BR>&nbsp;%R&nbsp;-&nbsp;Remote&nbsp;IP
+<BR>
+
+<BR>&nbsp;%r&nbsp;-&nbsp;Remote&nbsp;port
+<BR>
+
+<BR>&nbsp;%e&nbsp;-&nbsp;External&nbsp;IP&nbsp;used&nbsp;to&nbsp;establish&nbsp;connection
+<BR>
+
+<BR>&nbsp;%Q&nbsp;-&nbsp;Requested&nbsp;IP
+<BR>
+
+<BR>&nbsp;%q&nbsp;-&nbsp;Requested&nbsp;port
+<BR>
+
+<BR>&nbsp;%n&nbsp;-&nbsp;requested&nbsp;hostname
+<BR>
+
+<BR>&nbsp;%I&nbsp;-&nbsp;bytes&nbsp;In
+<BR>
+
+<BR>&nbsp;%O&nbsp;-&nbsp;bytes&nbsp;Out
+<BR>
+
+<BR>&nbsp;%h&nbsp;-&nbsp;Hops&nbsp;(redirections)&nbsp;count
+<BR>
+
+<BR>&nbsp;%T&nbsp;-&nbsp;service&nbsp;specific&nbsp;Text
+<BR>
+
+<BR>&nbsp;%N1-N2T&nbsp;-&nbsp;(N1&nbsp;and&nbsp;N2&nbsp;are&nbsp;positive&nbsp;numbers)&nbsp;-&nbsp;log&nbsp;only&nbsp;fields&nbsp;from&nbsp;N1&nbsp;thorugh&nbsp;N2&nbsp;of&nbsp;service&nbsp;specific&nbsp;text
+<BR>
+
+in case of ODBC logging logformat specifies SQL statement, for exmample:
+<BR>
+
+<BR>&nbsp;&nbsp;&nbsp;logformat&nbsp;&quot;-'+_Linsert&nbsp;into&nbsp;log&nbsp;(l_date,&nbsp;l_user,&nbsp;l_service,&nbsp;l_in,&nbsp;l_out,&nbsp;l_descr)&nbsp;values&nbsp;('%d-%m-%Y&nbsp;%H:%M:%S',&nbsp;'%U',&nbsp;'%N',&nbsp;%I,&nbsp;%O,&nbsp;'%T')&quot;
+
+<BR>
+
+<B>logdump</B>
+
+&lt;in_traffic_limit&gt; &lt;out_traffic_limit&gt;
+<BR>
+
+Immediately creates additional log records if given amount of incoming/outgoing
+traffic is achieved for connection, without waiting for connection to finish.
+It may be useful to prevent information about long-lasting downloads on server
+shutdown.
+
+<BR>
+
+<B>archiver</B>
+
+&lt;ext&gt; &lt;commandline&gt;
+<BR>
+
+Archiver to use for log files. &lt;ext&gt; is file extension produced by
+archiver. Filename will be last argument to archiver, optionally you
+can use %A as produced archive name and %F as filename.
+
+<BR>
+
+<B>timeouts</B>
+
+&lt;BYTE_SHORT&gt; &lt;BYTE_LONG&gt; &lt;STRING_SHORT&gt; &lt;STRING_LONG&gt; &lt;CONNECTION_SHORT&gt; &lt;CONNECTION_LONG&gt; &lt;DNS&gt; &lt;CHAIN&gt;
+<BR>
+
+Sets timeout values
+<BR>
+
+<BR>&nbsp;BYTE_SHORT&nbsp;-&nbsp;short&nbsp;timeout&nbsp;for&nbsp;single&nbsp;byte,&nbsp;is&nbsp;usually&nbsp;used&nbsp;for&nbsp;receiving&nbsp;single&nbsp;byte&nbsp;from&nbsp;stream.
+<BR>
+
+<BR>&nbsp;BYTE_LONG&nbsp;-&nbsp;long&nbsp;timeout&nbsp;for&nbsp;single&nbsp;byte,&nbsp;is&nbsp;usually&nbsp;used&nbsp;for&nbsp;receiving&nbsp;first&nbsp;byte&nbsp;in&nbsp;frame&nbsp;(for&nbsp;example&nbsp;first&nbsp;byte&nbsp;in&nbsp;socks&nbsp;request).
+<BR>
+
+<BR>&nbsp;STRING_SHORT&nbsp;-&nbsp;short&nbsp;timeout,&nbsp;for&nbsp;character&nbsp;string&nbsp;within&nbsp;stream&nbsp;(for&nbsp;example&nbsp;to&nbsp;wait&nbsp;between&nbsp;2&nbsp;HTTP&nbsp;headers)
+<BR>
+
+<BR>&nbsp;STRING_LONG&nbsp;-&nbsp;long&nbsp;timeout,&nbsp;for&nbsp;first&nbsp;string&nbsp;in&nbsp;stream&nbsp;(for&nbsp;example&nbsp;to&nbsp;wait&nbsp;for&nbsp;HTTP&nbsp;request).
+<BR>
+
+<BR>&nbsp;CONNECTION_SHORT&nbsp;-&nbsp;inactivity&nbsp;timeout&nbsp;for&nbsp;short&nbsp;connections&nbsp;(HTTP,&nbsp;POP3,&nbsp;etc).
+<BR>
+
+<BR>&nbsp;CONNECTION_LONG&nbsp;-&nbsp;inactivity&nbsp;timeout&nbsp;for&nbsp;long&nbsp;connection&nbsp;(SOCKS,&nbsp;portmappers,&nbsp;etc).
+<BR>
+
+<BR>&nbsp;DNS&nbsp;-&nbsp;timeout&nbsp;for&nbsp;DNS&nbsp;request&nbsp;before&nbsp;requesting&nbsp;next&nbsp;server
+<BR>
+
+<BR>&nbsp;CHAIN&nbsp;-&nbsp;timeout&nbsp;for&nbsp;reading&nbsp;data&nbsp;from&nbsp;chained&nbsp;connection
+<BR>
+
+
+<BR>
+
+<B>nserver</B>
+
+<BR>&nbsp;&lt;ipaddr&gt;
+<BR>
+
+Nameserver to use for name resolutions. If none spcified system
+or name server fails system routines for name resolution will be
+used. It's better to specify nserver because gethostbyname() may
+be thread unsafe.
+
+<BR>
+
+<B>nscache</B>
+
+&lt;cachesize&gt;
+<BR>
+
+
+Cache &lt;cachesize&gt; records for name resolution. Cachesize usually
+should be large enougth (for example 65536).
+
+<BR>
+
+<B>nsrecord</B>
+
+&lt;hostname&gt; &lt;hostaddr&gt;
+<B></B>
+
+Adds static record to nscache. nscache must be enabled. If 0.0.0.0
+is used as a hostaddr host will never resolve, it can be used to
+blacklist something or together with 
+<B>dialer</B>
+
+command to set up UDL for dialing.
+
+<BR>
+
+<B>fakeresolve</B>
+
+<B></B>
+
+All names are resolved to 127.0.0.2 address. Usefull if all requests are
+redirected to parent proxy with http, socks4+, connect+ or socks5+.
+
+<BR>
+
+<B>dialer</B>
+
+&lt;progname&gt;
+<BR>
+
+Execute progname if external name can't be resolved.
+Hint: if you use nscache, dialer may not work, because names will
+be resolved through cache. In this case you can use something like
+<A HREF="http://dial.right.now/">http://dial.right.now/</A> from browser to set up connection.
+
+
+<BR>
+
+<B>internal</B>
+
+&lt;ipaddr&gt;
+<BR>
+
+sets ip address of internal interface. This IP address will be used
+to bind gateways. Alternatively you can use -i option for individual
+gateways
+
+<BR>
+
+<B>external</B>
+
+&lt;ipaddr&gt;
+<BR>
+
+sets ip address of external interface. This IP address will be source
+address for all connections made by proxy. Alternatively you can use
+-e option to specify individual address for gateway.
+<BR>&nbsp;&nbsp;&nbsp;
+<BR>
+
+<B>maxconn</B>
+
+&lt;number&gt;
+<BR>
+
+sets maximum number of simulationeous connections to each services
+started after this command. Default is 100.
+
+<BR>
+
+<B>service</B>
+
+<BR>
+
+(depricated). Indicates 3proxy to behave as Windows 95/98/NT/2000/XP
+service, no effect for Unix. Not required for 3proxy 0.6 and above. If
+you upgraded from previous version of 3proxy use --remove and --install
+to reinstall service.
+
+<BR>
+
+<B>daemon</B>
+
+<BR>
+
+Should be specified to close console. Do not use 'daemon' with 'service'.
+At least under FreeBSD 'daemon' should preceed any proxy service
+and log commands to avoid sockets problem. Always place it in the beginning
+of the configuration file.
+
+<BR>
+
+<B>auth</B>
+
+&lt;authtype&gt; [...]
+<BR>
+
+Type of user authorization. Currently supported:
+<BR>
+
+<BR>&nbsp;none&nbsp;-&nbsp;no&nbsp;authentication&nbsp;or&nbsp;authorization&nbsp;required.
+<BR>&nbsp;Note:&nbsp;is&nbsp;auth&nbsp;is&nbsp;none&nbsp;any&nbsp;ip&nbsp;based&nbsp;limitation,&nbsp;redirection,&nbsp;etc&nbsp;will&nbsp;not&nbsp;work.&nbsp;
+<BR>&nbsp;This&nbsp;is&nbsp;default&nbsp;authentication&nbsp;type
+<BR>
+
+<BR>&nbsp;iponly&nbsp;-&nbsp;authentication&nbsp;by&nbsp;access&nbsp;control&nbsp;list&nbsp;with&nbsp;username&nbsp;ignored.
+<BR>&nbsp;Appropriate&nbsp;for&nbsp;most&nbsp;cases
+<BR>
+
+<BR>&nbsp;useronly&nbsp;-&nbsp;authentication&nbsp;by&nbsp;username&nbsp;without&nbsp;checking&nbsp;for&nbsp;any&nbsp;password&nbsp;with
+authorization by ACLs. Useful for e.g. SOCKSv4 proxy and icqpr (icqpr set UIN /
+AOL screen name as a username)
+<BR>
+
+<BR>&nbsp;dnsname&nbsp;-&nbsp;authentication&nbsp;by&nbsp;DNS&nbsp;hostnname&nbsp;with&nbsp;authorization&nbsp;by&nbsp;ACLs.
+DNS hostname is resolved via PTR (reverse) record and validated (resolved
+name must resolve to same IP address). It's recommended to use authcache by
+ip for this authentication.
+NB: there is no any password check, name may be spoofed.
+<BR>
+
+<BR>&nbsp;nbname&nbsp;-&nbsp;authentication&nbsp;by&nbsp;NetBIOS&nbsp;name&nbsp;with&nbsp;authorization&nbsp;by&nbsp;ACLs.
+Messanger service should be started on user's machine. Note, that
+Windows 95/98 hosts do not have messanger service by default,
+WinPopup program need to be started. It's recommended to use authcache by
+ip for this authentication.
+NB: there is no any password check, name may be spoofed.
+<BR>
+
+<BR>&nbsp;strong&nbsp;-&nbsp;username/password&nbsp;authentication&nbsp;required.&nbsp;It&nbsp;will&nbsp;work&nbsp;with
+SOCKSv5, FTP, POP3 and HTTP proxy. 
+<BR>
+
+<BR>&nbsp;cache&nbsp;-&nbsp;cached&nbsp;authentication,&nbsp;may&nbsp;be&nbsp;used&nbsp;with&nbsp;'authcache'.
+<BR>
+
+Plugins may add additional authentication types.
+<BR>
+
+
+<BR>&nbsp;It's&nbsp;possible&nbsp;to&nbsp;use&nbsp;few&nbsp;authentication&nbsp;types&nbsp;in&nbsp;the&nbsp;same&nbsp;commands.&nbsp;E.g.
+<BR>
+
+auth iponly strong
+<BR>
+
+In this case 'strong' authentication will be used only in case resource
+access can not be performed with 'iponly' authentication, that is username is
+required in ACL. It's usefull to protect access to some resources with
+password allowing passwordless access to another resources, or to use
+IP-based authentication for dedicated laptops and request username/password for
+shared ones.
+<BR>
+
+<B>authcache</B>
+
+&lt;cachtype&gt; &lt;cachtime&gt;
+<BR>
+
+Cache authentication information to given amount of time (cachetime) in seconds.
+Cahtype is one of:
+<BR>
+
+<BR>&nbsp;ip&nbsp;-&nbsp;after&nbsp;successful&nbsp;authentication&nbsp;all&nbsp;connections&nbsp;during&nbsp;caching&nbsp;time
+from same IP are assigned to the same user, username is not requested.
+<BR>
+
+<BR>&nbsp;ip,user&nbsp;username&nbsp;is&nbsp;requested&nbsp;and&nbsp;all&nbsp;connections&nbsp;from&nbsp;the&nbsp;same&nbsp;IP&nbsp;are
+assigned to the same user without actual authentication.
+<BR>
+
+<BR>&nbsp;user&nbsp;-&nbsp;same&nbsp;as&nbsp;above,&nbsp;but&nbsp;IP&nbsp;is&nbsp;not&nbsp;checked.&nbsp;
+<BR>
+
+<BR>&nbsp;user,password&nbsp;-&nbsp;both&nbsp;username&nbsp;and&nbsp;password&nbsp;are&nbsp;checked&nbsp;against&nbsp;cached&nbsp;ones.
+<BR>
+
+Use auth type 'cache' for cached authentication
+<BR>
+
+<B>allow</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+&lt;weekdayslist&gt; &lt;timeperiodslist&gt;
+<BR>
+
+<B>deny</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+&lt;weekdayslist&gt; &lt;timeperiodslist&gt;
+<BR>
+
+Access control entries. All lists are comma-separated, no spaces are
+allowed. Usernames are case sensitive (if used with authtype nbname
+username must be in uppercase). Source and target lists may contain
+IP addresses (W.X.Y.Z) or CIDRs (W.X.Y.Z/L). Since 0.6, targetlist may also
+contain host names, instead of addresses. It's possible to use wildmask in
+the begginning and in the the end of hostname, e.g. *badsite.com or
+*badcontent*. Hostname is only checked if hostname presents in request.
+Targetportlist may contain ports (X) or port ranges lists (X-Y). For any field
+* sign means &quot;ANY&quot; If access list is empty it's assumed to be
+<BR>
+
+<BR>&nbsp;allow&nbsp;*
+<BR>
+
+<BR>&nbsp;If&nbsp;access&nbsp;list&nbsp;is&nbsp;not&nbsp;empty&nbsp;last&nbsp;item&nbsp;in&nbsp;access&nbsp;list&nbsp;is&nbsp;assumed&nbsp;to&nbsp;be
+<BR>
+
+<BR>&nbsp;deny&nbsp;*
+<BR>
+
+<BR>&nbsp;You&nbsp;may&nbsp;want&nbsp;explicitly&nbsp;add&nbsp;&quot;deny&nbsp;*&quot;&nbsp;to&nbsp;the&nbsp;end&nbsp;of&nbsp;access&nbsp;list&nbsp;to&nbsp;prevent
+HTTP proxy from requesting user's password.
+Access lists are checked after user have requested any resource.
+If you want 3proxy to reject connections from specific addresses
+immediately without any conditions you should either bind proxy
+to appropriate interface only or to use ip filters.
+<BR>
+
+
+Operation is one of:
+<BR>
+
+<BR>&nbsp;CONNECT&nbsp;-&nbsp;establish&nbsp;outgoing&nbsp;TCP&nbsp;connection
+<BR>
+
+<BR>&nbsp;BIND&nbsp;-&nbsp;bind&nbsp;TCP&nbsp;port&nbsp;for&nbsp;listening
+<BR>
+
+<BR>&nbsp;UDPASSOC&nbsp;-&nbsp;make&nbsp;UDP&nbsp;association
+<BR>
+
+<BR>&nbsp;ICMPASSOC&nbsp;-&nbsp;make&nbsp;ICMP&nbsp;association&nbsp;(for&nbsp;future&nbsp;use)
+<BR>
+
+<BR>&nbsp;HTTP_GET&nbsp;-&nbsp;HTTP&nbsp;GET&nbsp;request
+<BR>
+
+<BR>&nbsp;HTTP_PUT&nbsp;-&nbsp;HTTP&nbsp;PUT&nbsp;request
+<BR>
+
+<BR>&nbsp;HTTP_POST&nbsp;-&nbsp;HTTP&nbsp;POST&nbsp;request
+<BR>
+
+<BR>&nbsp;HTTP_HEAD&nbsp;-&nbsp;HTTP&nbsp;HEAD&nbsp;request
+<BR>
+
+<BR>&nbsp;HTTP_CONNECT&nbsp;-&nbsp;HTTP&nbsp;CONNECT&nbsp;request
+<BR>
+
+<BR>&nbsp;HTTP_OTHER&nbsp;-&nbsp;over&nbsp;HTTP&nbsp;request
+<BR>
+
+<BR>&nbsp;HTTP&nbsp;-&nbsp;matches&nbsp;any&nbsp;HTTP&nbsp;request&nbsp;except&nbsp;HTTP_CONNECT
+<BR>
+
+<BR>&nbsp;HTTPS&nbsp;-&nbsp;same&nbsp;as&nbsp;HTTP_CONNECT
+<BR>
+
+<BR>&nbsp;FTP_GET&nbsp;-&nbsp;FTP&nbsp;get&nbsp;request
+<BR>
+
+<BR>&nbsp;FTP_PUT&nbsp;-&nbsp;FTP&nbsp;put&nbsp;request
+<BR>
+
+<BR>&nbsp;FTP_LIST&nbsp;-&nbsp;FTP&nbsp;list&nbsp;request
+<BR>
+
+<BR>&nbsp;FTP_DATA&nbsp;-&nbsp;FTP&nbsp;data&nbsp;connection.&nbsp;Note:&nbsp;FTP_DATA&nbsp;requires&nbsp;access&nbsp;to&nbsp;dynamic
+<BR>&nbsp;non-ptivileged&nbsp;(1024-65535)&nbsp;ports&nbsp;on&nbsp;remote&nbsp;side.
+<BR>
+
+<BR>&nbsp;FTP&nbsp;-&nbsp;matches&nbsp;any&nbsp;FTP/FTP&nbsp;Data&nbsp;request
+<BR>
+
+<BR>&nbsp;ADMIN&nbsp;-&nbsp;access&nbsp;to&nbsp;administration&nbsp;interface
+<BR>
+
+
+Weeksdays are week days numbers or periods (0 or 7 means Sunday, 1 is Monday,
+1-5 means Monday through Friday). Timeperiodlists is a list of time
+periods in HH:MM:SS-HH:MM:SS format. For example, 
+<BR>&nbsp;00:00:00-08:00:00,17:00:00-24:00:00
+lists non-working hours.
+<TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TT><BR>
+<BR>
+
+<B>parent</B>
+
+&lt;weight&gt; &lt;type&gt; &lt;ip&gt; &lt;port&gt; &lt;username&gt; &lt;password&gt;
+<BR>
+
+this command must follow &quot;allow&quot; rule. It extends last allow rule to
+build proxy chain. Proxies may be grouped. Proxy inside the
+group is selected randomly. If few groups are specified one proxy
+is randomly picked from each group and chain of proxies is created
+(that is second proxy connected through first one and so on).
+Weight is used to group proxies. Weigt is a number between 1 and 1000.
+Weights are summed and proxies are grouped together untill weight of
+group is 1000. That is:
+<BR>
+
+<BR>&nbsp;allow&nbsp;*
+<BR>
+
+<BR>&nbsp;parent&nbsp;500&nbsp;socks5&nbsp;192.168.10.1&nbsp;1080
+<BR>
+
+<BR>&nbsp;parent&nbsp;500&nbsp;connect&nbsp;192.168.10.1&nbsp;3128
+<BR>
+
+<BR>&nbsp;makes&nbsp;3proxy&nbsp;to&nbsp;randomly&nbsp;choose&nbsp;between&nbsp;2&nbsp;proxies&nbsp;for&nbsp;all&nbsp;outgoing
+connections. These 2 proxies form 1 group (summarized weight is 1000).
+<BR>
+
+<BR>&nbsp;allow&nbsp;*&nbsp;*&nbsp;*&nbsp;80
+<BR>
+
+<BR>&nbsp;parent&nbsp;1000&nbsp;socks5&nbsp;192.168.10.1&nbsp;1080
+<BR>
+
+<BR>&nbsp;parent&nbsp;1000&nbsp;connect&nbsp;192.168.20.1&nbsp;3128
+<BR>
+
+<BR>&nbsp;parent&nbsp;300&nbsp;socks4&nbsp;192.168.30.1&nbsp;1080
+<BR>
+
+<BR>&nbsp;parent&nbsp;700&nbsp;socks5&nbsp;192.168.40.1&nbsp;1080
+<BR>
+
+<BR>&nbsp;creates&nbsp;chain&nbsp;of&nbsp;3&nbsp;proxies:&nbsp;192.168.10.1,&nbsp;192.168.20.1&nbsp;and&nbsp;third
+is (192.168.30.1 with probability of 0.3 or 192.168.40.1
+with probability of 0.7) for outgoing web connections.
+
+<BR>
+
+<BR>&nbsp;type&nbsp;is&nbsp;one&nbsp;of:
+<BR>
+
+<BR>&nbsp;tcp&nbsp;-&nbsp;simply&nbsp;redirect&nbsp;connection.&nbsp;TCP&nbsp;is&nbsp;always&nbsp;last&nbsp;in&nbsp;chain.
+<BR>
+
+<BR>&nbsp;http&nbsp;-&nbsp;redirect&nbsp;to&nbsp;HTTP&nbsp;proxy.&nbsp;HTTP&nbsp;is&nbsp;always&nbsp;last&nbsp;chain.
+<BR>
+
+<BR>&nbsp;pop3&nbsp;-&nbsp;redirect&nbsp;to&nbsp;POP3&nbsp;proxy&nbsp;(only&nbsp;local&nbsp;redirection&nbsp;is&nbsp;supported,&nbsp;can&nbsp;not&nbsp;be
+used for chaining)
+<BR>
+
+<BR>&nbsp;ftp&nbsp;-&nbsp;redirect&nbsp;to&nbsp;FTP&nbsp;proxy&nbsp;(only&nbsp;local&nbsp;redirection&nbsp;is&nbsp;supported,&nbsp;can&nbsp;not&nbsp;be
+used for chaining)
+<BR>
+
+<BR>&nbsp;connect&nbsp;-&nbsp;parent&nbsp;is&nbsp;HTTP&nbsp;CONNECT&nbsp;method&nbsp;proxy
+<BR>
+
+<BR>&nbsp;connect+&nbsp;-&nbsp;parent&nbsp;is&nbsp;HTTP&nbsp;CONNECT&nbsp;proxy&nbsp;with&nbsp;name&nbsp;resolution
+<BR>
+
+<BR>&nbsp;socks4&nbsp;-&nbsp;parent&nbsp;is&nbsp;SOCKSv4&nbsp;proxy
+<BR>
+
+<BR>&nbsp;socks4+&nbsp;-&nbsp;parent&nbsp;is&nbsp;SOCKSv4&nbsp;proxy&nbsp;with&nbsp;name&nbsp;resolution&nbsp;(SOCKSv4a)
+<BR>
+
+<BR>&nbsp;socks5&nbsp;-&nbsp;parent&nbsp;is&nbsp;SOCKSv5&nbsp;proxy
+<BR>
+
+<BR>&nbsp;socks5+&nbsp;-&nbsp;parent&nbsp;is&nbsp;SOCKSv5&nbsp;proxy&nbsp;with&nbsp;name&nbsp;resolution
+<BR>
+
+<BR>&nbsp;socks4b&nbsp;-&nbsp;parent&nbsp;is&nbsp;SOCKS4b&nbsp;(broken&nbsp;SOCKSv4&nbsp;implementation&nbsp;with&nbsp;shortened
+server reply. I never saw this kind ofservers byt they say there are).
+Normally you should not use this option. Do not mess this option with
+SOCKSv4a (socks4+).
+<BR>
+
+<BR>&nbsp;socks5b&nbsp;-&nbsp;parent&nbsp;is&nbsp;SOCKS5b&nbsp;(broken&nbsp;SOCKSv5&nbsp;implementation&nbsp;with&nbsp;shortened
+server reply. I think you will never find it useful). Never use this option
+unless you know exactly you need it.
+<BR>
+
+<BR>&nbsp;admin&nbsp;-&nbsp;redirect&nbsp;request&nbsp;to&nbsp;local&nbsp;'admin'&nbsp;service&nbsp;(with&nbsp;-s&nbsp;parameter).
+<BR>
+
+<BR>&nbsp;Use&nbsp;&quot;+&quot;&nbsp;proxy&nbsp;only&nbsp;with&nbsp;&quot;fakeresolve&quot;&nbsp;option
+<BR>
+
+
+<BR>&nbsp;IP&nbsp;and&nbsp;port&nbsp;are&nbsp;ip&nbsp;addres&nbsp;and&nbsp;port&nbsp;of&nbsp;parent&nbsp;proxy&nbsp;server.
+If IP is zero, ip is taken from original request, only port is changed.
+If port is zero, it's taken from original request, only IP is changed.
+If both IP and port are zero - it's a special case of local redirection,
+it works only with
+<B>socks</B>
+
+proxy. In case of local redirection request is redirected to different service, 
+<B>ftp</B>
+
+locally redirects to
+<B>ftppr</B>
+
+<B>pop3</B>
+
+locally redirects to
+<B>pop3p</B>
+
+<B>http</B>
+
+locally redurects to
+<B>proxy</B>
+
+<B>admin</B>
+
+locally redirects to admin -s service.
+<BR>
+
+
+<BR>&nbsp;Main&nbsp;purpose&nbsp;of&nbsp;local&nbsp;redirections&nbsp;is&nbsp;to&nbsp;have&nbsp;requested&nbsp;resource
+(URL or POP3 username) logged and protocol-specific filters to be applied.
+In case of local redirection ACLs are revied twice: first, by SOCKS proxy up to
+
+redirected (HTTP, FTP or POP3) after 'parent' command. It means,
+additional 'allow' command is required for redirected requests, for
+example:
+<BR>
+
+<BR>&nbsp;allow&nbsp;*&nbsp;*&nbsp;*&nbsp;80
+<BR>
+
+<BR>&nbsp;parent&nbsp;1000&nbsp;http&nbsp;0.0.0.0&nbsp;0
+<BR>
+
+<BR>&nbsp;allow&nbsp;*&nbsp;*&nbsp;*&nbsp;80&nbsp;HTTP_GET,HTTP_POST
+<BR>
+
+<BR>&nbsp;socks
+<BR>
+
+redirects all SOCKS requests with target port 80 to local HTTP proxy,
+local HTTP proxy parses requests and allows only GET and POST requests.
+<BR>
+
+<BR>&nbsp;parent&nbsp;1000&nbsp;http&nbsp;1.2.3.4&nbsp;0
+<BR>
+
+Changes external address for given connection to 1.2.3.4
+(an equivalent to -e1.2.3.4)
+
+<BR>&nbsp;Optional&nbsp;username&nbsp;and&nbsp;password&nbsp;are&nbsp;used&nbsp;to&nbsp;authenticate&nbsp;on&nbsp;parent
+proxy. Username of '*' means username must be supplied by user.
+
+
+<BR>
+
+<B>nolog</B>
+
+&lt;n&gt;
+extends last allow or deny command to prevent logging, e.g.
+<BR>
+
+allow * * 192.168.1.1
+<BR>
+
+nolog
+
+
+<BR>
+
+<B>weight</B>
+
+&lt;n&gt;
+extends last allow or deny command to set weight for this request
+<BR>
+
+allow * * 192.168.1.1
+<BR>
+
+weight 100
+<BR>
+
+Weight may be used for different purposes.
+
+<BR>
+
+<B>bandlimin</B>
+
+&lt;rate&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+<B>nobandlimin</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<B>bandlimout</B>
+
+&lt;rate&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+<B>nobandlimout</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+<BR>&nbsp;bandlim&nbsp;sets&nbsp;bandwith&nbsp;limitation&nbsp;filter&nbsp;to&nbsp;&lt;rate&gt;&nbsp;bps&nbsp;(bits&nbsp;per&nbsp;second)
+(if you want to specife bytes per second - multiply your value to 8).
+bandlim rules act in a same manner as allow/deny rules except
+one thing: bandwidth limiting is applied to all services, not to some
+specific service. 
+bandlimin and nobandlimin applies to incoming traffic
+bandlimout and nobandlimout applies to outgoing traffic
+If tou want to ratelimit your clients with ip's 192.168.10.16/30 (4
+addresses) to 57600 bps you have to specify 4 rules like
+<BR>
+
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.16
+<BR>
+
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.17
+<BR>
+
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.18
+<BR>
+
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.19
+<BR>
+
+<BR>&nbsp;and&nbsp;every&nbsp;of&nbsp;you&nbsp;clients&nbsp;will&nbsp;have&nbsp;56K&nbsp;channel.<TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TT>if&nbsp;you&nbsp;specify<BR>
+<BR>
+
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.16/30
+<BR>
+
+<BR>&nbsp;you&nbsp;will&nbsp;have&nbsp;56K&nbsp;channel&nbsp;shared&nbsp;between&nbsp;all&nbsp;clients.
+if you want, for example, to limit all speed ecept access to POP3 you can use
+<BR>
+
+<BR>&nbsp;nobandlimin&nbsp;*&nbsp;*&nbsp;*&nbsp;110
+<BR>
+
+<BR>&nbsp;before&nbsp;the&nbsp;rest&nbsp;of&nbsp;bandlim&nbsp;rules.
+
+<BR>
+
+<B>counter</B>
+
+&lt;filename&gt; &lt;reporttype&gt; &lt;repotname&gt;
+<BR>
+
+<B>countin</B>
+
+&lt;number&gt; &lt;type&gt; &lt;limit&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+<B>nocountin</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+<B>countout</B>
+
+&lt;number&gt; &lt;type&gt; &lt;limit&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+<B>nocountout</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+
+<BR>&nbsp;counter,&nbsp;countin,&nbsp;nocountin,&nbsp;countout,&nbsp;noucountout&nbsp;&nbsp;commands&nbsp;are&nbsp;
+used to set traffic limit
+in MB for period of time (day, week or month). Filename is a path
+to a special file where traffic information is permanently stored.
+number is sequential number of record in this file. If number is 0
+no traffic information  on this counter is saved in file (that is
+if proxy restarted all information is loosed) overwise it should be
+unique sequential number.
+Type specifies a type of counter. Type is one of:
+<BR>
+
+<BR>&nbsp;D&nbsp;-&nbsp;counter&nbsp;is&nbsp;resetted&nbsp;daily
+<BR>
+
+<BR>&nbsp;W&nbsp;-&nbsp;counter&nbsp;is&nbsp;resetted&nbsp;weekly
+<BR>
+
+<BR>&nbsp;M&nbsp;-&nbsp;counter&nbsp;is&nbsp;resetted&nbsp;monthely
+<BR>
+
+<BR>&nbsp;reporttype/repotname&nbsp;may&nbsp;be&nbsp;used&nbsp;to&nbsp;generate&nbsp;traffic&nbsp;reports.
+Reporttype is one of D,W,M,H(hourly) and repotname specifies filename
+template for reports. Report is text file with counter values in
+format:
+<BR>
+
+<BR>&nbsp;&lt;COUNTERNUMBER&gt;&nbsp;&lt;TRAF*4GB&gt;&nbsp;&lt;TRAF&gt;
+<BR>
+
+<BR>&nbsp;The&nbsp;rest&nbsp;of&nbsp;parameters&nbsp;is&nbsp;identical&nbsp;to&nbsp;bandlim/nobandlim.
+
+<BR>
+
+<B>users</B>
+
+username[:pwtype:password] ...
+<BR>
+
+pwtype is one of:
+<BR>
+
+<BR>&nbsp;none&nbsp;(empty)&nbsp;-&nbsp;use&nbsp;system&nbsp;authentication
+<BR>
+
+<BR>&nbsp;CL&nbsp;-&nbsp;password&nbsp;is&nbsp;cleartext
+<BR>
+
+<BR>&nbsp;CR&nbsp;-&nbsp;password&nbsp;is&nbsp;crypt-style&nbsp;password
+<BR>
+
+<BR>&nbsp;NT&nbsp;-&nbsp;password&nbsp;is&nbsp;NT&nbsp;password&nbsp;(in&nbsp;hex)
+<BR>
+
+example:
+<BR>
+
+<BR>&nbsp;users&nbsp;test1:CL:password1&nbsp;&quot;test2:CR:$1$lFDGlder$pLRb4cU2D7GAT58YQvY49.&quot;
+<BR>
+
+<BR>&nbsp;users&nbsp;test3:NT:BD7DFBF29A93F93C63CB84790DA00E63
+<BR>
+
+(note: double quotes are requiered because password contains $ sign).<TT>&nbsp;&nbsp;</TT><BR>
+
+<BR>
+
+<B>flush</B>
+
+<BR>
+
+empty active access list. Access list must be flushed avery time you creating
+new access list for new service. For example:
+<BR>
+
+<BR>&nbsp;allow&nbsp;*
+<BR>
+
+<BR>&nbsp;pop3p
+<BR>
+
+<BR>&nbsp;flush
+<BR>
+
+<BR>&nbsp;allow&nbsp;*&nbsp;192.168.1.0/24
+<BR>
+
+<BR>&nbsp;socks
+<BR>
+
+sets different ACLs for
+<B>pop3p</B>
+
+and
+<B>socks</B>
+
+
+<BR>
+
+<B>system</B>
+
+<BR>
+
+execute system command
+
+<BR>
+
+<B>pidfile</B>
+
+&lt;filename&gt;
+<BR>
+
+write pid of current process to file. It can be used to manipulate
+3proxy with signals under Unix. Currently next signals are available:
+
+<BR>
+
+<B>monitor</B>
+
+&lt;filename&gt;
+<BR>
+
+If file monitored changes in modification time or size, 3proxy reloads
+configuration within one minute. Any number of files may be monitored.
+
+<BR>
+
+<B>setuid</B>
+
+&lt;uid&gt;
+<BR>
+
+calls setuid(uid), uid must be numeric. Unix only. Warning: under some Linux
+kernels setuid() works onle for current thread. It makes it impossible to suid
+for all threads.
+
+<BR>
+
+<B>setgid</B>
+
+&lt;gid&gt;
+<BR>
+
+calls setgid(gid), gid must be numeric. Unix only.
+
+<BR>
+
+<B>chroot</B>
+
+&lt;path&gt;
+<BR>
+
+calls chroot(path). Unix only.
+<A NAME="lbAD">&nbsp;</A>
+<H2>PLUGINS</H2>
+
+
+<BR>
+
+<B>plugin</B>
+
+&lt;path_to_shared_library&gt; &lt;function_to_call&gt; [&lt;arg1&gt; ...]
+<BR>
+
+Loads specified library and calls given export function with given arguments,
+as 
+<BR>
+
+int functions_to_call(struct pluginlink * pl, int argc, char * argv[]);
+<BR>
+
+function_to_call must return 0 in case of success, value &gt; 0 to indicate error.
+
+<BR>
+
+<B>filtermaxsize</B>
+
+&lt;max_size_of_data_to_filter&gt;
+<BR>
+
+If Content-length (or another data length) is greater than given value, no
+data filtering will be performed thorugh filtering plugins to avoid data
+corruption and/or Content-Length chaging. Default is 1MB (1048576).
+
+
+<A NAME="lbAE">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/pop3p.8.html">pop3p</A>(8), <A HREF="../man8/tcppm.8.html">tcppm</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAF">&nbsp;</A>
+<H2>TRIVIA</H2>
+
+3APA3A is pronounced as ``zaraza''.
+<A NAME="lbAG">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAD">PLUGINS</A><DD>
+<DT><A HREF="#lbAE">SEE ALSO</A><DD>
+<DT><A HREF="#lbAF">TRIVIA</A><DD>
+<DT><A HREF="#lbAG">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:57 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/man8/3proxy.8.html

@@ -0,0 +1,268 @@
+
+<HTML><HEAD><TITLE>Manpage of 3proxy</TITLE>
+</HEAD><BODY>
+<H1>3proxy</H1>
+Section: Universal proxy server (8)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>3proxy</B>
+
+- 3[APA3A] tiny proxy server, or trivial proxy server, or free proxy
+server
+<A NAME="lbAC">&nbsp;</A>
+<H2>SYNOPSIS</H2>
+
+<B>3proxy</B>
+
+[<I>config_file</I>]
+
+<BR>
+
+<B>3proxy</B>
+
+[<I>--install</I>]
+
+<BR>
+
+<B>3proxy</B>
+
+[<I>--remove</I>]
+
+<A NAME="lbAD">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<B>3proxy</B>
+
+is universal proxy server. It can be used to provide internal users wuth
+fully controllable access to external resources or to provide external
+users with access to internal resources. 3proxy is not developed to replace
+<B><A HREF="../man8/squid.8.html">squid</A></B>(8),
+
+but it can extend functionality of existing cashing proxy.
+It can be used to route requests between different types of clients and proxy
+servers. Think about it as application level
+gateway with configuration like hardware router has for network layer.
+It can establish multiple
+gateways with HTTP and HTTPS proxy with FTP over HTTP support, SOCKS v4,
+v4.5 and v5, POP3 proxy, UDP and TCP portmappers. Each gateway is started
+from configuration file like independant service 
+<B><A HREF="../man8/proxy.8.html">proxy</A></B>(8)
+
+<B><A HREF="../man8/socks.8.html">socks</A></B>(8)
+
+<B><A HREF="../man8/pop3p.8.html">pop3p</A></B>(8)
+
+<B><A HREF="../man8/tcppm.8.html">tcppm</A></B>(8)
+
+<B><A HREF="../man8/udppm.8.html">udppm</A></B>(8)
+
+<B><A HREF="../man8/ftppr.8.html">ftppr</A></B>(8)
+
+<B>dnspr</B>
+
+but
+<B>3proxy</B>
+
+is not a kind of wrapper or superserver for this daemons. It just has same
+code compiled in, but provides much more functionality. SOCKSv5
+implementatation allows to use 3proxy with any UDP or TCP based client
+applications designed without
+proxy support (with
+<I>SocksCAP</I>,
+
+<I>FreeCAP</I>
+
+or another client-side redirector under Windows of with socksification library
+under Unix). So you can play your favourite games, listen music, exchange
+files and messages and even accept incoming connections behind proxy server.
+<P>
+
+<I>dnspr</I>
+
+does not exist as independant service. It' DNS caching proxy (it requires
+<I>nscache</I>
+
+and
+<I>nserver</I>
+
+to be set in configuration. Only A-records are cached. Please note, the
+this caching is mostly a 'hack' and has nothing to do with real
+DNS server, but it works perfectly for SOHO networks.
+<P>
+<P>
+
+3proxy supports access control lists (ACL) like network router. Source
+and destination networks and destination port can be specified. In addition,
+usernames and gateway action (for example GET or POST) can be used in ACLs.
+In order to filter request on username basis user must be authenticated somehow. There are few
+authentication types including password authentication and authentication by
+NetBIOS name for Windows clients (it's very like ident authentication).
+Depending on ACL action request can be allowed, denied or redirected to another
+host or to another proxy server or even to a chain of proxy servers.
+<P>
+
+It supports different types of logging: to logfiles, 
+<B><A HREF="../man3/syslog.3.html">syslog</A></B>(3)
+
+(only under Unix) or to ODBC database. Logging format is turnable to provide
+compatibility with existing log file parsers. It makes it possible to use
+3proxy with IIS, ISA, Apache or Squid log parsers.
+<A NAME="lbAE">&nbsp;</A>
+<H2>OPTIONS</H2>
+
+<DL COMPACT>
+<DT><B>config_file</B>
+
+<DD>
+Name of config file. See
+<B><A HREF="../man3/3proxy.cfg.3.html">3proxy.cfg</A></B>(3)
+
+for configuration file format. Under Windows, if config_file is not specified,
+<B>3proxy</B>
+
+looks for file named
+<I>3proxy.cfg</I>
+
+in the default location (in same directory with executable file and in current
+directory). Under Unix, if no config file is specified, 3proxy reads
+configuration from stdin. It makes it possible to use 3proxy.cfg file as
+executable script just by setting +x mode and adding
+<BR>
+
+#!/usr/local/3proxy/3proxy
+<BR>
+
+as a first line in 3proxy.cfg
+<DT><B>--install</B>
+
+<DD>
+(Windows NT family only) install 
+<B>3proxy</B>
+
+as a system service
+<DT><B>--remove</B>
+
+<DD>
+(Windows NT family only) remove
+<B>3proxy</B>
+
+from system services
+</DL>
+<A NAME="lbAF">&nbsp;</A>
+<H2>SIGNALS</H2>
+
+Under Unix there are few signals
+<B>3proxy</B>
+
+catches. See
+<B><A HREF="../man1/kill.1.html">kill</A></B>(1).
+
+<DL COMPACT>
+<DT><B>SIGTERM</B>
+
+<DD>
+cleanup connections and exit
+<DT><B>SIGPAUSE</B>
+
+<DD>
+stop to accept new connections, on second signal - start and re-read
+configuration
+<DT><B>SIGCONT</B>
+
+<DD>
+start to accept new conenctions
+<DT><B>SIGUSR1</B>
+
+<DD>
+reload configuration
+</DL>
+<P>
+
+Under Windows, if
+<B>3proxy</B>
+
+is installed as service you can standard service management to start, stop,
+pause and continue 3proxy service, for example:
+<BR>
+
+<B>net start 3proxy</B>
+
+<BR>
+
+<B>net stop 3proxy</B>
+
+<BR>
+
+<B>net pause 3proxy</B>
+
+<BR>
+
+<B>net continue 3proxy</B>
+
+<P>
+
+Web admin service can also be used to reload configuration. Use
+wget to automate this task.
+<A NAME="lbAG">&nbsp;</A>
+<H2>FILES</H2>
+
+<DL COMPACT>
+<DT><I>/usr/local/3proxy/3proxy.cfg (3proxy.cfg)</I>
+
+<DD>
+<B>3proxy</B>
+
+configuration file
+</DL>
+<A NAME="lbAH">&nbsp;</A>
+<H2>BUGS</H2>
+
+Report all bugs to
+<B><A HREF="mailto:3proxy@security.nnov.ru">3proxy@security.nnov.ru</A></B>
+
+<A NAME="lbAI">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man3/3proxy.cfg.3.html">3proxy.cfg</A>(3), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/pop3p.8.html">pop3p</A>(8), <A HREF="../man8/tcppm.8.html">tcppm</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8),
+<A HREF="../man1/kill.1.html">kill</A>(1), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAJ">&nbsp;</A>
+<H2>TRIVIA</H2>
+
+3APA3A is pronounced as ``zaraza''.
+<A NAME="lbAK">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">OPTIONS</A><DD>
+<DT><A HREF="#lbAF">SIGNALS</A><DD>
+<DT><A HREF="#lbAG">FILES</A><DD>
+<DT><A HREF="#lbAH">BUGS</A><DD>
+<DT><A HREF="#lbAI">SEE ALSO</A><DD>
+<DT><A HREF="#lbAJ">TRIVIA</A><DD>
+<DT><A HREF="#lbAK">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:55 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/man8/3proxy.conf.3.html

@@ -0,0 +1,693 @@
+
+<HTML><HEAD><TITLE>Manpage of 3proxy.conf</TITLE>
+</HEAD><BODY>
+<H1>3proxy.conf</H1>
+Section: Universal proxy server
 (5)<BR>Updated: December 2004<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>3proxy.conf</B>
+
+- 3proxy configuration file
+<A NAME="lbAC">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+
+
+Common structure:
+
+Configuration file is a text file 3proxy reads configuration from. Each line
+of the file is command and is executed immediately, as it was given from
+console. Each line of the file is treated as a blank (space or tab) separated
+command line. Additional space characters are ignored. 
+Think about 3proxy as &quot;application level router&quot; with console interface.
+
+Comments:
+
+Any string beginning with space character or '#' character is comment. It's
+ignored. &lt;LF&gt;s are ignored. &lt;CR&gt; is end of command.
+
+
+Quotation:
+
+Quotation character is spaces or another special characters. To use quotation character inside
+quotation character must be dubbed (BASIC convention). For example to use
+HELLO Good practice is to quote any argument you use.
+
+File inclusion:
+
+You can include file by using $FILENAME macro (replace FILENAME with a path
+to file, for example $/usr/local/etc/3proxy/conf.incl or 
+<BR>&nbsp;$&quot;c:\Program&nbsp;Files\3proxy\include.cfg&quot;&nbsp;Quotation&nbsp;is
+required in last example because path contains space character. 
+For included file &lt;CR&gt; (end of line characters) is treated as space character
+(arguments delimiter instead of end of command delimiter). 
+Thus, include files are only useful to store long signle-line commands
+(like userlist, network lists, etc).
+To use dollar sign somewhere in argument it must be quoted. 
+Recursion is not allowed.
+
+Commands:
+
+<B>proxy</B>
+
+[options]
+<BR>
+
+<B>socks</B>
+
+[options]
+<BR>
+
+<B>pop3p</B>
+
+[options]
+<BR>
+
+<B>ftppr</B>
+
+[options]
+<BR>
+
+<B>admin</B>
+
+[options]
+<BR>
+
+<B>dnspr</B>
+
+[options]
+<BR>
+
+<B>tcppm</B>
+
+[options]
+&lt;SRCPORT&gt; &lt;DSTADDR&gt; &lt;DSTPORT&gt;
+<BR>
+
+<B>udppm</B>
+
+[options]
+&lt;SRCPORT&gt; &lt;DSTADDR&gt; &lt;DSTPORT&gt;
+
+starts gateway services
+
+<B>proxy</B>
+
+- HTTP/HTTPS proxy (default port 3128)
+<BR>
+
+<B>socks</B>
+
+- SOCKS 4/4.5/5 proxy (default port 1080)
+<BR>
+
+<B>pop3p</B>
+
+- POP3 proxy (default port 110)
+<BR>
+
+<B>ftppr</B>
+
+- FTP proxy (default port 21)
+<BR>
+
+<B>admin</B>
+
+- Web interface (default port 80)
+<BR>
+
+<B>dnspr</B>
+
+- caching DNS proxy (default port 53)
+<BR>
+
+<B>tcppm</B>
+
+- TCP portmapper
+<BR>
+
+<B>udppm</B>
+
+- UDP portmapper
+
+Options:
+<BR>
+
+<B>-pNUMBER</B>
+
+change default server port to NUMBER
+<BR>
+
+<B>-n</B>
+
+disable NTLM authentication (required if passwords are stored in Unix crypt format.
+<BR>
+
+Also, all options mentioned for 
+<B><A HREF="../man8/proxy.8.html">proxy</A></B>(8)
+
+<B><A HREF="../man8/socks.8.html">socks</A></B>(8)
+
+<B><A HREF="../man8/pop3p.8.html">pop3p</A></B>(8)
+
+<B><A HREF="../man8/tcppm.8.html">tcppm</A></B>(8)
+
+<B><A HREF="../man8/udppm.8.html">udppm</A></B>(8)
+
+<B><A HREF="../man8/ftppr.8.html">ftppr</A></B>(8)
+
+are also supported.
+
+Portmapping services listen at SRCPORT and connect to DSTADDR:DSTPORT
+HTTP and SOCKS proxies are standard. 
+
+POP3 proxy must be configured as POP3 server and requires username in the form of:
+<A HREF="mailto:pop3username@pop3server">pop3username@pop3server</A>. If POP3 proxy access must be authenticated, you can
+specify username as proxy_username:proxy_password:<A HREF="mailto:POP3_username@pop3server">POP3_username@pop3server</A>
+
+DNS proxy is only capable to resolve hostnames (no MX, PTR, SRV, etc) and
+requires nserver/nscache to be configured.
+
+FTP proxy can be used as FTP server in any FTP client or configured as FTP
+proxy on a client with FTP proxy support. Username format is one of
+<BR>&nbsp;<A HREF="mailto:FTPuser@FTPServer">FTPuser@FTPServer</A>
+<BR>&nbsp;FTPuser:<A HREF="mailto:FTPpassword@FTPserver">FTPpassword@FTPserver</A>
+<BR>&nbsp;proxyuser:proxypassword:FTPuser:<A HREF="mailto:FTPpassword@FTPserver">FTPpassword@FTPserver</A>
+<BR>
+
+Please note, if you use FTP client interface for FTP proxy
+do not add FTPpassword and FTPServer to username, because
+FTP client does it for you. That is, if you use 3proxy with
+authentication use
+proxyuser:proxypassword:FTPuser
+as FTP username, otherwise do not change original FTP user name<TT>&nbsp;</TT><BR>
+
+<B>config</B>
+
+&lt;path&gt;
+<BR>
+
+Path to configuration file to use on 3proxy restart or to save configuration.
+
+<B>writable</B>
+
+<BR>
+
+ReOpens configuration file for write access via Web interface,
+and re-reads it. Usually should be first command on config file
+but in combination with &quot;config&quot; it can be used anywhere to open
+alternate config file. Think twice before using it.
+
+<B>end</B>
+
+<BR>
+
+End of configuration
+
+<B>log</B>
+
+[[@|&amp;]logfile] [&lt;LOGTYPE&gt;]
+<BR>
+
+sets logfile for all gateways
+<BR>&nbsp;@&nbsp;-&nbsp;(for&nbsp;Unix)&nbsp;use&nbsp;syslog,&nbsp;filename&nbsp;is&nbsp;used&nbsp;as&nbsp;ident&nbsp;name
+<BR>&nbsp;&amp;&nbsp;-&nbsp;use&nbsp;ODBC,&nbsp;filename&nbsp;consists&nbsp;of&nbsp;comma-delimited&nbsp;datasource,username,password&nbsp;(username&nbsp;and&nbsp;password&nbsp;are&nbsp;optional)
+<BR>&nbsp;LOGTYPE&nbsp;is&nbsp;one&nbsp;of:
+<BR>&nbsp;&nbsp;M&nbsp;-&nbsp;Monthly
+<BR>&nbsp;&nbsp;W&nbsp;-&nbsp;Weekly&nbsp;(starting&nbsp;from&nbsp;Sunday)
+<BR>&nbsp;&nbsp;D&nbsp;-&nbsp;Daily
+<BR>&nbsp;&nbsp;H&nbsp;-&nbsp;Hourly
+if logfile is not specified logging goes to stdout. You can specify individual logging options for gateway by using
+-l option in gateway configuration.
+
+<B>rotate</B>
+
+&lt;n&gt;
+how many archived log files to keep
+
+<B>logformat</B>
+
+&lt;format&gt;
+
+Format for log record. First symbol in format must be L (local time)
+or G (absolute Grinwitch time). 
+It can be preceeded with -XXX+Y where XXX is list of characters to be
+filtered in user input (any non-printable characters are filtered too
+in this case) and Y is replacement character. For example, &quot;-,%+ L&quot; in
+the beginning of logformat means comma and percent are replaced
+with space and all time based elemnts are in local time zone.
+You can use:
+
+<BR>&nbsp;%y&nbsp;-&nbsp;Year&nbsp;in&nbsp;2&nbsp;digit&nbsp;format
+<BR>&nbsp;%Y&nbsp;-&nbsp;Year&nbsp;in&nbsp;4&nbsp;digit&nbsp;format
+<BR>&nbsp;%m&nbsp;-&nbsp;Month&nbsp;number
+<BR>&nbsp;%o&nbsp;-&nbsp;Month&nbsp;abbriviature
+<BR>&nbsp;%d&nbsp;-&nbsp;Day
+<BR>&nbsp;%H&nbsp;-&nbsp;Hour
+<BR>&nbsp;%M&nbsp;-&nbsp;Minute
+<BR>&nbsp;%S&nbsp;-&nbsp;Second
+<BR>&nbsp;%t&nbsp;-&nbsp;Timstamp&nbsp;(in&nbsp;seconds&nbsp;since&nbsp;01-Jan-1970)
+<BR>&nbsp;%.&nbsp;-&nbsp;milliseconds
+<BR>&nbsp;%z&nbsp;-&nbsp;timeZone&nbsp;(from&nbsp;Grinvitch)
+<BR>&nbsp;%D&nbsp;-&nbsp;request&nbsp;duration&nbsp;(in&nbsp;milliseconds)
+<BR>&nbsp;%b&nbsp;-&nbsp;average&nbsp;send&nbsp;rate&nbsp;per&nbsp;request&nbsp;(in&nbsp;Bytes&nbsp;per&nbsp;second)&nbsp;this&nbsp;speed&nbsp;is&nbsp;typically&nbsp;below&nbsp;connection&nbsp;speed&nbsp;shown&nbsp;by&nbsp;download&nbsp;manager.
+<BR>&nbsp;%B&nbsp;-&nbsp;average&nbsp;receive&nbsp;rate&nbsp;per&nbsp;request&nbsp;(in&nbsp;Bytes&nbsp;per&nbsp;second)&nbsp;this&nbsp;speed&nbsp;is&nbsp;typically&nbsp;below&nbsp;connection&nbsp;speed&nbsp;shown&nbsp;by&nbsp;download&nbsp;manager.
+<BR>&nbsp;%U&nbsp;-&nbsp;Username
+<BR>&nbsp;%N&nbsp;-&nbsp;service&nbsp;Name
+<BR>&nbsp;%p&nbsp;-&nbsp;service&nbsp;Port
+<BR>&nbsp;%E&nbsp;-&nbsp;Error&nbsp;code
+<BR>&nbsp;%C&nbsp;-&nbsp;Client&nbsp;IP
+<BR>&nbsp;%c&nbsp;-&nbsp;Client&nbsp;port
+<BR>&nbsp;%R&nbsp;-&nbsp;Remote&nbsp;IP
+<BR>&nbsp;%r&nbsp;-&nbsp;Remote&nbsp;port
+<BR>&nbsp;%n&nbsp;-&nbsp;requested&nbsp;hostname
+<BR>&nbsp;%I&nbsp;-&nbsp;bytes&nbsp;In
+<BR>&nbsp;%O&nbsp;-&nbsp;bytes&nbsp;Out
+<BR>&nbsp;%h&nbsp;-&nbsp;Hops&nbsp;(redirections)&nbsp;count
+<BR>&nbsp;%T&nbsp;-&nbsp;service&nbsp;specific&nbsp;Text
+<BR>&nbsp;%N1-N2T&nbsp;-&nbsp;(N1&nbsp;and&nbsp;N2&nbsp;are&nbsp;positive&nbsp;numbers)&nbsp;-&nbsp;log&nbsp;only&nbsp;fields&nbsp;from&nbsp;N1&nbsp;thorugh&nbsp;N2&nbsp;of&nbsp;service&nbsp;specific&nbsp;text
+in case of ODBC logging logformat specifies SQL statement, for exmample:
+<BR>&nbsp;&nbsp;&nbsp;logformat&nbsp;&quot;-'+_Linsert&nbsp;into&nbsp;log&nbsp;(l_date,&nbsp;l_user,&nbsp;l_service,&nbsp;l_in,&nbsp;l_out,&nbsp;l_descr)&nbsp;values&nbsp;('%d-%m-%Y&nbsp;%H:%M:%S',&nbsp;'%U',&nbsp;'%N',&nbsp;%I,&nbsp;%O,&nbsp;'%T')&quot;
+
+<B>archiver</B>
+
+&lt;ext&gt; &lt;commandline&gt;
+<BR>
+
+Archiver to use for log files. &lt;ext&gt; is file extension produced by
+archiver. Filename will be last argument to archiver, optionally you
+can use %A as produced archive name and %F as filename.
+
+<B>timeouts</B>
+
+&lt;BYTE_SHORT&gt; &lt;BYTE_LONG&gt; &lt;STRING_SHORT&gt; &lt;STRING_LONG&gt; &lt;CONNECTION_SHORT&gt; &lt;CONNECTION_LONG&gt; &lt;DNS&gt; &lt;CHAIN&gt;
+Sets timeout values
+<BR>&nbsp;BYTE_SHORT&nbsp;-&nbsp;short&nbsp;timeout&nbsp;for&nbsp;single&nbsp;byte,&nbsp;is&nbsp;usually&nbsp;used&nbsp;for&nbsp;receiving&nbsp;single&nbsp;byte&nbsp;from&nbsp;stream.
+<BR>&nbsp;BYTE_LONG&nbsp;-&nbsp;long&nbsp;timeout&nbsp;for&nbsp;single&nbsp;byte,&nbsp;is&nbsp;usually&nbsp;used&nbsp;for&nbsp;receiving&nbsp;first&nbsp;byte&nbsp;in&nbsp;frame&nbsp;(for&nbsp;example&nbsp;first&nbsp;byte&nbsp;in&nbsp;socks&nbsp;request).
+<BR>&nbsp;STRING_SHORT&nbsp;-&nbsp;short&nbsp;timeout,&nbsp;for&nbsp;character&nbsp;string&nbsp;within&nbsp;stream&nbsp;(for&nbsp;example&nbsp;to&nbsp;wait&nbsp;between&nbsp;2&nbsp;HTTP&nbsp;headers)
+<BR>&nbsp;STRING_LONG&nbsp;-&nbsp;long&nbsp;timeout,&nbsp;for&nbsp;first&nbsp;string&nbsp;in&nbsp;stream&nbsp;(for&nbsp;example&nbsp;to&nbsp;wait&nbsp;for&nbsp;HTTP&nbsp;request).
+<BR>&nbsp;CONNECTION_SHORT&nbsp;-&nbsp;inactivity&nbsp;timeout&nbsp;for&nbsp;short&nbsp;connections&nbsp;(HTTP,&nbsp;POP3,&nbsp;etc).
+<BR>&nbsp;CONNECTION_LONG&nbsp;-&nbsp;inactivity&nbsp;timeout&nbsp;for&nbsp;long&nbsp;connection&nbsp;(SOCKS,&nbsp;portmappers,&nbsp;etc).
+<BR>&nbsp;DNS&nbsp;-&nbsp;timeout&nbsp;for&nbsp;DNS&nbsp;request&nbsp;before&nbsp;requesting&nbsp;next&nbsp;server
+<BR>&nbsp;CHAIN&nbsp;-&nbsp;timeout&nbsp;for&nbsp;reading&nbsp;data&nbsp;from&nbsp;chained&nbsp;connection
+
+<B>nserver</B>
+
+<BR>&nbsp;&lt;ipaddr&gt;
+<BR>
+
+Nameserver to use for name resolutions. If none spcified system
+or name server fails system routines for name resolution will be
+used. It's better to specify nserver because gethostbyname() may
+be thread unsafe.
+
+<B>nscache</B>
+
+&lt;cachesize&gt;
+<BR>
+
+
+Cache &lt;cachesize&gt; records for name resolution. Cachesize usually
+should be large enougth (for example 65536).
+
+<B>nsrecord</B>
+
+&lt;hostname&gt; &lt;hostaddr&gt;
+<B></B>
+
+Adds static record to nscache. nscache must be enabled. If 0.0.0.0
+is used as a hostaddr host will never resolve, it can be used to
+blacklist something or together with 
+<B>dialer</B>
+
+command to set up UDL for dialing.
+
+<B>dialer</B>
+
+&lt;progname&gt;
+<BR>
+
+Execute progname if external name can't be resolved.
+Hint: if you use nscache, dialer may not work, because names will
+be resolved through cache. In this case you can use something like
+<A HREF="http://dial.right.now/">http://dial.right.now/</A> from browser to set up connection.
+
+
+<B>internal</B>
+
+&lt;ipaddr&gt;
+<BR>
+
+sets ip address of internal interface. This IP address will be used
+to bind gateways. Alternatively you can use -i option for individual
+gateways
+
+<B>external</B>
+
+&lt;ipaddr&gt;
+<BR>
+
+sets ip address of external interface. This IP address will be source
+address for all connections made by proxy. Alternatively you can use
+-e option to specify individual address for gateway.
+<BR>&nbsp;&nbsp;&nbsp;
+<B>maxconn</B>
+
+&lt;number&gt;
+<BR>
+
+sets maximum number of simulationeous connections to each services
+started after this command. Default is 100.
+
+<B>service</B>
+
+<BR>
+
+(depricated) Should be specified to launch as Windows 95/98/NT/2000/XP service,
+no effect for Unix. Is not reqired since 0.6, but you must re-install 3proxy
+service with --remove and --install.
+
+<B>daemon</B>
+
+<BR>
+
+Should be specified to close console (not required for 'service').
+At least under FreeBSD 'daemon' should preceed any proxy service
+and log commands to avoid sockets problem. Always place it in the beginning
+of the configuration file.
+
+<B>auth</B>
+
+<BR>
+
+Type of user authorization. Currently supported:
+<BR>&nbsp;none&nbsp;-&nbsp;no&nbsp;authorization&nbsp;required.&nbsp;Note:&nbsp;is&nbsp;auth&nbsp;is&nbsp;none&nbsp;any&nbsp;ip&nbsp;based&nbsp;limitation,&nbsp;redirection,&nbsp;etc&nbsp;will&nbsp;not&nbsp;work.&nbsp;
+<BR>&nbsp;iponly&nbsp;-&nbsp;authorization&nbsp;by&nbsp;source/destination&nbsp;IP&nbsp;and&nbsp;ports.&nbsp;Appropriate&nbsp;for&nbsp;most&nbsp;cases
+<BR>&nbsp;nbname&nbsp;-&nbsp;iponly&nbsp;+&nbsp;authorization&nbsp;by&nbsp;NetBIOS&nbsp;name.&nbsp;Messanger
+service should be started on user's machine. Note, that
+Windows 95/98 hosts do not have messanger service by default,
+WinPopup program need to be started.
+NB: there is no any password check, name may be spoofed.
+Think about it as about ident for Windows.
+<BR>&nbsp;Q:&nbsp;Will&nbsp;ident&nbsp;authorization&nbsp;be&nbsp;implemented?
+<BR>&nbsp;A:&nbsp;Yes,&nbsp;as&nbsp;soon&nbsp;as&nbsp;it&nbsp;will&nbsp;be&nbsp;required&nbsp;by&nbsp;someone.
+<BR>&nbsp;strong&nbsp;-&nbsp;username/password&nbsp;authentication&nbsp;required.&nbsp;It&nbsp;will&nbsp;work&nbsp;with&nbsp;SOCKSv5,&nbsp;FTP,&nbsp;POP3&nbsp;and&nbsp;HTTP&nbsp;proxy.
+
+<B>allow</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+&lt;weekdayslist&gt; &lt;timeperiodslist&gt;
+<BR>
+
+<B>deny</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+&lt;weekdayslist&gt; &lt;timeperiodslist&gt;
+<BR>
+
+Access control entries. All lists are comma-separated, no spaces are
+allowed. Usernames are case sensitive (if used with authtype nbname
+username must be in uppercase). Source and target lists may contain
+IP addresses (W.X.Y.Z) or CIDRs (W.X.Y.Z/L). Targetportlist may
+contain ports (X) or port lists (X-Y).<TT>&nbsp;&nbsp;</TT>For any field * sign means &quot;ANY&quot;<BR>
+If access list is empty it's assumed to be
+<BR>&nbsp;allow&nbsp;*
+If access list is not empty last item in access list is assumed to be
+<BR>&nbsp;deny&nbsp;*
+You may want explicitly add &quot;deny *&quot; into the end of access list to prevent
+HTTP proxy from requesting user's password.
+Access lists are checked after user have requested any resource.
+If you want 3proxy to reject connections from specific addresses
+immediately without any conditions you should either bind proxy
+to appropriate interface only or to use ip filters.
+
+Operation is one of:
+<BR>&nbsp;CONNECT<TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TT>-&nbsp;establish&nbsp;outgoing&nbsp;TCP&nbsp;connection<BR>
+<BR>&nbsp;BIND&nbsp;-&nbsp;bind&nbsp;TCP&nbsp;port&nbsp;for&nbsp;listening
+<BR>&nbsp;UDPASSOC&nbsp;-&nbsp;make&nbsp;UDP&nbsp;association
+<BR>&nbsp;ICMPASSOC&nbsp;-&nbsp;make&nbsp;ICMP&nbsp;association&nbsp;(for&nbsp;future&nbsp;use)
+<BR>&nbsp;HTTP_GET&nbsp;-&nbsp;HTTP&nbsp;GET&nbsp;request
+<BR>&nbsp;HTTP_PUT&nbsp;-&nbsp;HTTP&nbsp;PUT&nbsp;request
+<BR>&nbsp;HTTP_POST&nbsp;-&nbsp;HTTP&nbsp;POST&nbsp;request
+<BR>&nbsp;HTTP_HEAD&nbsp;-&nbsp;HTTP&nbsp;HEAD&nbsp;request
+<BR>&nbsp;HTTP_CONNECT&nbsp;-&nbsp;HTTP&nbsp;CONNECT&nbsp;request
+<BR>&nbsp;HTTP_OTHER&nbsp;-&nbsp;over&nbsp;HTTP&nbsp;request
+<BR>&nbsp;HTTP&nbsp;-&nbsp;matches&nbsp;any&nbsp;HTTP&nbsp;request&nbsp;except&nbsp;HTTP_CONNECT
+<BR>&nbsp;HTTPS&nbsp;-&nbsp;same&nbsp;as&nbsp;HTTP_CONNECT
+<BR>&nbsp;FTP_GET&nbsp;-&nbsp;FTP&nbsp;get&nbsp;request
+<BR>&nbsp;FTP_PUT&nbsp;-&nbsp;FTP&nbsp;put&nbsp;request
+<BR>&nbsp;FTP_LIST&nbsp;-&nbsp;FTP&nbsp;list&nbsp;request
+<BR>&nbsp;FTP&nbsp;-&nbsp;matches&nbsp;any&nbsp;FTP&nbsp;request
+
+Weeksdays are week days numbers or periods (0 or 7 means Sunday, 1 is Monday,
+1-5 means Monday through Friday). Timeperiodlists is a list of time
+periods in HH:MM:SS-HH:MM:SS format. For example, 
+<BR>&nbsp;00:00:00-08:00:00,17:00:00-24:00:00
+lists non-working hours.
+<TT>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</TT><BR>
+<B>parent</B>
+
+&lt;weight&gt; &lt;type&gt; &lt;ip&gt; &lt;port&gt; &lt;username&gt; &lt;password&gt;
+<BR>
+
+this command may follow &quot;allow&quot; rule. It extends last allow rule to
+build proxy chain. Proxy may be grouped. Proxy inside the
+group is selected randomely. If few groups are specified one proxy
+is randomely picked from each group and chain of proxies is created
+(that is second proxy connected through first one and so on).
+Weight is used to group proxies. Weigt is a number between 1 and 1000.
+Weights are summed and proxies are grouped together untill weight of
+group is 1000. That is:
+<BR>&nbsp;allow&nbsp;*
+<BR>&nbsp;parent&nbsp;500&nbsp;socks5&nbsp;192.168.10.1&nbsp;1080
+<BR>&nbsp;parent&nbsp;500&nbsp;connect&nbsp;192.168.10.1&nbsp;3128
+makes 3proxy to randomely choose between 2 proxies for all outgoing
+connections
+<BR>&nbsp;allow&nbsp;*&nbsp;*&nbsp;*&nbsp;80
+<BR>&nbsp;parent&nbsp;1000&nbsp;socks5&nbsp;192.168.10.1&nbsp;1080
+<BR>&nbsp;parent&nbsp;1000&nbsp;connect&nbsp;192.168.20.1&nbsp;3128
+<BR>&nbsp;parent&nbsp;300&nbsp;socks4&nbsp;192.168.30.1&nbsp;1080
+<BR>&nbsp;parent&nbsp;700&nbsp;socks5&nbsp;192.168.40.1&nbsp;1080
+creates chain of 3 proxies: 192.168.10.1, 192.168.20.1 and third
+is (192.168.30.1 with probability of 0.3 or 192.168.40.1
+with probability of 0.7) for outgoing web connections.
+
+type is one of:
+<BR>&nbsp;tcp&nbsp;-&nbsp;simply&nbsp;redirect&nbsp;connection.&nbsp;TCP&nbsp;is&nbsp;always&nbsp;last&nbsp;in&nbsp;chain.
+<BR>&nbsp;http&nbsp;-&nbsp;redirect&nbsp;to&nbsp;HTTP&nbsp;proxy.&nbsp;HTTP&nbsp;is&nbsp;always&nbsp;last&nbsp;chain.
+<BR>&nbsp;pop3&nbsp;-&nbsp;redirect&nbsp;to&nbsp;POP3&nbsp;proxy&nbsp;(only&nbsp;local&nbsp;redirection&nbsp;is&nbsp;supported,&nbsp;can&nbsp;not&nbsp;be
+used for chaining)
+<BR>&nbsp;ftp&nbsp;-&nbsp;redirect&nbsp;to&nbsp;FTP&nbsp;proxy&nbsp;(only&nbsp;local&nbsp;redirection&nbsp;is&nbsp;supported,&nbsp;can&nbsp;not&nbsp;be
+used for chaining)
+<BR>&nbsp;connect&nbsp;-&nbsp;parent&nbsp;is&nbsp;HTTP&nbsp;CONNECT&nbsp;method&nbsp;proxy
+<BR>&nbsp;socks4&nbsp;-&nbsp;parent&nbsp;is&nbsp;SOCKSv4&nbsp;proxy
+<BR>&nbsp;socks5&nbsp;-&nbsp;parent&nbsp;is&nbsp;SOCKSv5&nbsp;proxy
+
+IP and port are ip addres and port of parent proxy server.
+If IP is zero, ip is taken from original request, only port is changed.
+If port is zero, it's taken from original request, only IP is changed.
+If both IP and port are zero - it's a special case of local redirection,
+it works only with
+
+socks
+proxy. In case of local redirection request is redirected to different service,
+
+<B>ftppr</B>
+
+
+<B>pop3p</B>
+
+
+<B>proxy .</B>
+
+
+Main purpose of local redirections is to have requested resource
+(URL or POP3 username) logged and protocol-specific filters to be applied.
+In case of local redirection ACLs are revied twice: first, by SOCKS proxy up to
+
+redirected (HTTP, FTP or POP3) after 'parent' command. It means,
+additional 'allow' command is required for redirected requests, for
+example:
+<BR>&nbsp;allow&nbsp;*&nbsp;*&nbsp;*&nbsp;80
+<BR>&nbsp;parent&nbsp;1000&nbsp;http&nbsp;0.0.0.0&nbsp;0
+<BR>&nbsp;allow&nbsp;*&nbsp;*&nbsp;*&nbsp;80&nbsp;HTTP_GET,HTTP_POST
+<BR>&nbsp;socks
+redirects all SOCKS requests with target port 80 to local HTTP proxy,
+local HTTP proxy parses requests and allows only GET and POST requests.
+
+Optional username and password are used to authenticate on parent
+proxy. Username of '*' means username must be supplied by user.
+
+<B>bandlimin</B>
+
+&lt;rate&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+<B>nobandlimin</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+bandlim sets bandwith limitation filter to &lt;rate&gt; bps (bits per second)
+(if you want to specife bytes per second - multiply your value to 8).
+bandlim rules act in a same manner as allow/deny rules except
+one thing: bandwidth limiting is applied to all services, not to some
+specific service. 
+bandlimin and nobandlimin applies to incoming traffic
+bandlimout and nobandlimout applies to outgoing traffic
+If tou want to ratelimit your clients with ip's 192.168.10.16/30 (4
+addresses) to 57600 bps you have to specify 4 rules like
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.16
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.17
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.18
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.19
+and every of you clients will have 56K channel.<TT>&nbsp;</TT>if you specify<BR>
+<BR>&nbsp;bandlimin&nbsp;57600&nbsp;*&nbsp;192.168.10.16/30
+you will have 56K channel shared between all clients.
+if you want, for example, to limit all speed ecept access to POP3 you can use
+<BR>&nbsp;nobandlimin&nbsp;*&nbsp;*&nbsp;*&nbsp;110
+before the rest of bandlim rules.
+
+<B>counter</B>
+
+&lt;filename&gt; &lt;reporttype&gt; &lt;repotname&gt;
+<BR>
+
+<B>countin</B>
+
+&lt;number&gt; &lt;type&gt; &lt;limit&gt; &lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+<B>nocountin</B>
+
+&lt;userlist&gt; &lt;sourcelist&gt; &lt;targetlist&gt; &lt;targetportlist&gt; &lt;operationlist&gt;
+<BR>
+
+
+counter, countin, nocountin commands are used to set traffic limit
+in MB for period of time (day, week or month). Filename is a path
+to a special file where traffic information is permanently stored.
+number is sequential number of record in this file. If number is 0
+no traffic information  on this counter is saved in file (that is
+if proxy restarted all information is loosed) overwise it should be
+unique sequential number.
+Type specifies a type of counter. Type is one of:
+<BR>&nbsp;D&nbsp;-&nbsp;counter&nbsp;is&nbsp;resetted&nbsp;daily
+<BR>&nbsp;W&nbsp;-&nbsp;counter&nbsp;is&nbsp;resetted&nbsp;weekly
+<BR>&nbsp;M&nbsp;-&nbsp;counter&nbsp;is&nbsp;resetted&nbsp;monthely
+reporttype/repotname may be used to generate traffic reports.
+Reporttype is one of D,W,M,H(hourly) and repotname specifies filename
+template for reports. Report is text file with counter values in
+format:
+<BR>&nbsp;&lt;COUNTERNUMBER&gt;&nbsp;&lt;TRAF*4GB&gt;&nbsp;&lt;TRAF&gt;
+The rest of parameters is identical to bandlim/nobandlim.
+
+<B>users</B>
+
+username[:pwtype:password] ...
+<BR>
+
+pwtype is one of:
+<BR>&nbsp;none&nbsp;(empty)&nbsp;-&nbsp;use&nbsp;system&nbsp;authentication
+<BR>&nbsp;CL&nbsp;-&nbsp;password&nbsp;is&nbsp;cleartext
+<BR>&nbsp;CR&nbsp;-&nbsp;password&nbsp;is&nbsp;crypt-style&nbsp;password
+<BR>&nbsp;NT&nbsp;-&nbsp;password&nbsp;is&nbsp;NT&nbsp;password&nbsp;(in&nbsp;hex)
+example:
+<BR>&nbsp;users&nbsp;test1:CL:password1&nbsp;&quot;test2:CR:$1$lFDGlder$pLRb4cU2D7GAT58YQvY49.&quot;
+<BR>&nbsp;users&nbsp;test3:NT:BD7DFBF29A93F93C63CB84790DA00E63
+<BR>
+
+(note: double quotes are requiered because password contains $ sign).<TT>&nbsp;&nbsp;</TT><BR>
+
+<B>flush</B>
+
+<BR>
+
+empty active access list. Access list must be flushed avery time you creating
+new access list for new service. For example:
+<BR>&nbsp;allow&nbsp;*
+<BR>&nbsp;pop3p
+<BR>&nbsp;flush
+<BR>&nbsp;allow&nbsp;*&nbsp;192.168.1.0/24
+<BR>&nbsp;socks
+sets different ACLs for
+<B>pop3p</B>
+
+and
+<B>socks</B>
+
+
+<B>system</B>
+
+<BR>
+
+execute system command
+
+<B>pidfile</B>
+
+&lt;filename&gt;
+<BR>
+
+write pid of current process to file. It can be used to manipulate
+3proxy with signals under Unix. Currently next signals are available:
+
+<B>setuid</B>
+
+&lt;uid&gt;
+<BR>
+
+calls setuid(uid), uid must be numeric. Unix only.
+
+<B>setgid</B>
+
+&lt;gid&gt;
+<BR>
+
+calls setgid(gid), gid must be numeric. Unix only.
+
+<B>chroot</B>
+
+&lt;path&gt;
+<BR>
+
+calls chroot(path). Unix only.
+<A NAME="lbAD">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/pop3p.8.html">pop3p</A>(8), <A HREF="../man8/tcppm.8.html">tcppm</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAE">&nbsp;</A>
+<H2>TRIVIA</H2>
+
+3APA3A is pronounced as ``zaraza''.
+<A NAME="lbAF">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAD">SEE ALSO</A><DD>
+<DT><A HREF="#lbAE">TRIVIA</A><DD>
+<DT><A HREF="#lbAF">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time:  GMT, December 11, 2004
+</BODY>
+</HTML>

doc/html/man8/ftppr.8.html

@@ -0,0 +1,160 @@
+
+<HTML><HEAD><TITLE>Manpage of ftppr</TITLE>
+</HEAD><BODY>
+<H1>ftppr</H1>
+Section: Universal proxy server (8)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>ftppr</B>
+
+- FTP proxy gateway service
+<A NAME="lbAC">&nbsp;</A>
+<H2>SYNOPSIS</H2>
+
+<B>ftppr </B>[<B>-d</B>]
+
+<I></I>[<B>-l</B><I></I>[<B></B>[<I>@</I><B></B>]<I>logfile</I><B></B>]]
+
+<I></I>[<B>-p</B><I>port</I>]
+
+<I></I>[<B>-i</B><I>internal_ip</I>]
+
+<I></I>[<B>-e</B><I>external_ip</I>]
+
+<I></I>[<B>-h</B><I>default_ip[:port]</I>]
+
+<A NAME="lbAD">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<B>ftppr</B>
+
+is FTP gateway service to allow internal users to access external FTP
+servers.
+<A NAME="lbAE">&nbsp;</A>
+<H2>OPTIONS</H2>
+
+<DL COMPACT>
+<DT><B>-I</B>
+
+<DD>
+Inetd mode. Standalone service only.
+<DT><B>-d</B>
+
+<DD>
+Daemonise. Detach service from console and run in the background.
+<DT><B>-t</B>
+
+<DD>
+Be silenT. Do not log start/stop/accept error records.
+<DT><B>-u</B>
+
+<DD>
+Never look for username authentication.
+<DT><B>-e</B>
+
+<DD>
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+<DT><B>-i</B>
+
+<DD>
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It's usually unsafe.
+<DT><B>-h</B>
+
+<DD>
+Default destination. It's used if targed address is not specified by user.
+<DT><B>-p</B>
+
+<DD>
+Port. Port proxy listens for incoming connections. Default is 21.
+<DT><B>-l</B>
+
+<DD>
+Log. By default logging is to stdout. If
+<I>logfile</I>
+
+is specified logging is to file. Under Unix, if
+'<I>@</I>'
+
+preceeds
+<I>logfile</I>,
+
+syslog is used for logging.
+</DL>
+<A NAME="lbAF">&nbsp;</A>
+<H2>CLIENTS</H2>
+
+You can use any FTP client, regardless of FTP proxy support. For client with
+FTP proxy support configure
+<I>internal_ip</I>
+
+and
+<I>port</I>
+
+in FTP proxy parameters.
+For clients without FTP proxy support use
+<I>internal_ip</I>
+
+and
+<I>port</I>
+
+as FTP server. Address of real FTP server must be configured as a part of
+FTP username. Format for username is
+<I>username</I><B>@</B><I>server</I>,
+
+where
+<I>server</I>
+
+is address of FTP server and
+<I>username</I>
+
+is user's login on this FTP server. Login itself may contain '@' sign.
+Only cleartext authentication is currently supported.
+<A NAME="lbAG">&nbsp;</A>
+<H2>BUGS</H2>
+
+Report all bugs to
+<B><A HREF="mailto:3proxy@security.nnov.ru">3proxy@security.nnov.ru</A></B>
+
+<A NAME="lbAH">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/pop3p.8.html">pop3p</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/tcppm.8.html">tcppm</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAI">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">OPTIONS</A><DD>
+<DT><A HREF="#lbAF">CLIENTS</A><DD>
+<DT><A HREF="#lbAG">BUGS</A><DD>
+<DT><A HREF="#lbAH">SEE ALSO</A><DD>
+<DT><A HREF="#lbAI">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:56 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/man8/icqpr.8.html

@@ -0,0 +1,155 @@
+
+<HTML><HEAD><TITLE>Manpage of icqpr</TITLE>
+</HEAD><BODY>
+<H1>icqpr</H1>
+Section: Universal proxy server (8)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>icqpr</B>
+
+- ICQ (AOL OSCAR) proxy
+<A NAME="lbAC">&nbsp;</A>
+<H2>SYNOPSIS</H2>
+
+<B>icqpr </B>[<B>-d</B>]
+
+<I></I>[<B>-l</B><I></I>[<B></B>[<I>@</I><B></B>]<I>logfile</I><B></B>]]
+
+<I></I>[<B>-i</B><I>internal_ip</I>]
+
+<I></I>[<B>-e</B><I>external_ip</I>]
+
+<I>local_port remote_host remote_port</I>
+
+<A NAME="lbAD">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<B>icqpr</B>
+
+forwards ICQ connections from local to remote ICQ host. Most usual is
+<B>icqpr 5190 login.icq.com 5190</B>
+
+Also, icqpr adds UIN / AOL screen name as a username. It makes it possible
+to control user's access to ICQ/AOL by UIN/screen name (use
+<B>auth useronly</B>
+
+in 3proxy).
+<A NAME="lbAE">&nbsp;</A>
+<H2>OPTIONS</H2>
+
+<DL COMPACT>
+<DT><B>-I</B>
+
+<DD>
+Inetd mode. Standalone service only.
+<DT><B>-d</B>
+
+<DD>
+Daemonise. Detach service from console and run in the background.
+<DT><B>-t</B>
+
+<DD>
+Be silenT. Do not log start/stop/accept error records.
+<DT><B>-e</B>
+
+<DD>
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+<DT><B>-i</B>
+
+<DD>
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It's usually unsafe.
+<DT><B>-l</B>
+
+<DD>
+Log. By default logging is to stdout. If
+<I>logfile</I>
+
+is specified logging is to file. Under Unix, if
+'<I>@</I>'
+
+preceeds
+<I>logfile</I>,
+
+syslog is used for logging.
+</DL>
+<A NAME="lbAF">&nbsp;</A>
+<H2>ARGUMENTS</H2>
+
+<DL COMPACT>
+<DT><I>local_port</I>
+
+<DD>
+- port icqpr accepts connection
+<DT><I>remote_host</I>
+
+<DD>
+- IP address of the host connection is forwarded to
+<DT><I>remote_port</I>
+
+<DD>
+- remote port connection is forwarded to
+</DL>
+<A NAME="lbAG">&nbsp;</A>
+<H2>CLIENTS</H2>
+
+You can use any ICQ/AOL client where server address configuration is supported
+or spoof login server name (e.g. login.icq.com) with IP address of proxy server
+via DNS record or hosts file. Transparent redirection is also possible. Use
+<I>internal_ip</I>
+
+and
+<I>local_port</I>
+
+as a destination in client application. Connection is forwarded to
+<I>remote_host</I>:<I>remote_port</I>
+
+<A NAME="lbAH">&nbsp;</A>
+<H2>BUGS</H2>
+
+Report all bugs to
+<B><A HREF="mailto:3proxy@security.nnov.ru">3proxy@security.nnov.ru</A></B>
+
+<A NAME="lbAI">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/pop3p.8.html">pop3p</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAJ">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">OPTIONS</A><DD>
+<DT><A HREF="#lbAF">ARGUMENTS</A><DD>
+<DT><A HREF="#lbAG">CLIENTS</A><DD>
+<DT><A HREF="#lbAH">BUGS</A><DD>
+<DT><A HREF="#lbAI">SEE ALSO</A><DD>
+<DT><A HREF="#lbAJ">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:56 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/man8/pop3p.8.html

@@ -0,0 +1,154 @@
+
+<HTML><HEAD><TITLE>Manpage of pop3p</TITLE>
+</HEAD><BODY>
+<H1>pop3p</H1>
+Section: Universal proxy server (8)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>pop3p</B>
+
+- POP3 proxy gateway service
+<A NAME="lbAC">&nbsp;</A>
+<H2>SYNOPSIS</H2>
+
+<B>pop3p </B>[<B>-d</B>]
+
+<I></I>[<B>-l</B><I></I>[<B></B>[<I>@</I><B></B>]<I>logfile</I><B></B>]]
+
+<I></I>[<B>-p</B><I>port</I>]
+
+<I></I>[<B>-i</B><I>internal_ip</I>]
+
+<I></I>[<B>-e</B><I>external_ip</I>]
+
+<I></I>[<B>-h</B><I>default_ip[:port]</I>]
+
+<A NAME="lbAD">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<B>pop3p</B>
+
+is POP3 gateway service to allow internal users to access external POP3
+servers.
+<A NAME="lbAE">&nbsp;</A>
+<H2>OPTIONS</H2>
+
+<DL COMPACT>
+<DT><B>-I</B>
+
+<DD>
+Inetd mode. Standalone service only.
+<DT><B>-d</B>
+
+<DD>
+Daemonise. Detach service from console and run in the background.
+<DT><B>-t</B>
+
+<DD>
+Be silenT. Do not log start/stop/accept error records.
+<DT><B>-u</B>
+
+<DD>
+Never look for username authentication.
+<DT><B>-e</B>
+
+<DD>
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+<DT><B>-i</B>
+
+<DD>
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It's usually unsafe.
+<DT><B>-p</B>
+
+<DD>
+Port. Port proxy listens for incoming connections. Default is 110.
+<DT><B>-h</B>
+
+<DD>
+Default destination. It's used if targed address is not specified by user.
+<DT><B>-l</B>
+
+<DD>
+Log. By default logging is to stdout. If
+<I>logfile</I>
+
+is specified logging is to file. Under Unix, if
+'<I>@</I>'
+
+preceeds
+<I>logfile</I>,
+
+syslog is used for logging.
+</DL>
+<A NAME="lbAF">&nbsp;</A>
+<H2>CLIENTS</H2>
+
+You can use any MUA (Mail User Agent) with POP3 support. Set client to use
+<I>internal_ip</I>
+
+and
+<I>port</I>
+
+as a POP3 server. Address of real POP3 server must be configured as a part of
+POP3 username. Format for username is
+<I>username</I><B>@</B><I>server</I>,
+
+where
+<I>server</I>
+
+is address of POP3 server and
+<I>username</I>
+
+is user's login on this POP3 server. Login itself may contain '@' sign.
+Only cleartext authentication is supported, because challenge-response
+authentication (APOP, CRAM-MD5, etc) requires challenge from server before
+we know which server to connect.
+<A NAME="lbAG">&nbsp;</A>
+<H2>BUGS</H2>
+
+Report all bugs to
+<B><A HREF="mailto:3proxy@security.nnov.ru">3proxy@security.nnov.ru</A></B>
+
+<A NAME="lbAH">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/tcppm.8.html">tcppm</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAI">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">OPTIONS</A><DD>
+<DT><A HREF="#lbAF">CLIENTS</A><DD>
+<DT><A HREF="#lbAG">BUGS</A><DD>
+<DT><A HREF="#lbAH">SEE ALSO</A><DD>
+<DT><A HREF="#lbAI">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:56 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/man8/proxy.8.html

@@ -0,0 +1,147 @@
+
+<HTML><HEAD><TITLE>Manpage of proxy</TITLE>
+</HEAD><BODY>
+<H1>proxy</H1>
+Section: Universal proxy server (8)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>proxy</B>
+
+- HTTP proxy gateway service
+<A NAME="lbAC">&nbsp;</A>
+<H2>SYNOPSIS</H2>
+
+<B>proxy </B>[<B>-d</B>][<B>-a</B>]
+
+<I></I>[<B>-l</B><I></I>[<B></B>[<I>@</I><B></B>]<I>logfile</I><B></B>]]
+
+<I></I>[<B>-p</B><I>port</I>]
+
+<I></I>[<B>-i</B><I>internal_ip</I>]
+
+<I></I>[<B>-e</B><I>external_ip</I>]
+
+<A NAME="lbAD">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<B>proxy</B>
+
+is HTTP gateway service with HTTPS and FTP over HTTPS support.
+<A NAME="lbAE">&nbsp;</A>
+<H2>OPTIONS</H2>
+
+<DL COMPACT>
+<DT><B>-I</B>
+
+<DD>
+Inetd mode. Standalone service only.
+<DT><B>-d</B>
+
+<DD>
+Daemonise. Detach service from console and run in the background.
+<DT><B>-t</B>
+
+<DD>
+Be silenT. Do not log start/stop/accept error records.
+<DT><B>-u</B>
+
+<DD>
+Never ask for username authentication
+<DT><B>-e</B>
+
+<DD>
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+<DT><B>-i</B>
+
+<DD>
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It's usually unsafe.
+<DT><B>-a</B>
+
+<DD>
+Anonymous. Hide information about client.
+<DT><B>-a1</B>
+
+<DD>
+Anonymous. Show fake information about client.
+<DT><B>-p</B>
+
+<DD>
+Port. Port proxy listens for incoming connections. Default is 3128.
+<DT><B>-l</B>
+
+<DD>
+Log. By default logging is to stdout. If
+<I>logfile</I>
+
+is specified logging is to file. Under Unix, if
+'<I>@</I>'
+
+preceeds
+<I>logfile</I>,
+
+syslog is used for logging.
+</DL>
+<A NAME="lbAF">&nbsp;</A>
+<H2>CLIENTS</H2>
+
+You should use client with HTTP proxy support or configure router to redirect
+HTTP traffic to proxy (transparent proxy). Configure client to connect to
+<I>internal_ip</I>
+
+and
+<I>port</I>.
+
+HTTPS support allows to use almost any TCP based protocol. If you need to
+limit clients, use 
+<B><A HREF="../man8/3proxy.8.html">3proxy</A></B>(8)
+
+instead.
+<A NAME="lbAG">&nbsp;</A>
+<H2>BUGS</H2>
+
+Report all bugs to
+<B><A HREF="mailto:3proxy@security.nnov.ru">3proxy@security.nnov.ru</A></B>
+
+<A NAME="lbAH">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/pop3p.8.html">pop3p</A>(8), <A HREF="../man8/tcppm.8.html">tcppm</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAI">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">OPTIONS</A><DD>
+<DT><A HREF="#lbAF">CLIENTS</A><DD>
+<DT><A HREF="#lbAG">BUGS</A><DD>
+<DT><A HREF="#lbAH">SEE ALSO</A><DD>
+<DT><A HREF="#lbAI">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:56 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/man8/smtpp.8.html

@@ -0,0 +1,155 @@
+
+<HTML><HEAD><TITLE>Manpage of smtpp</TITLE>
+</HEAD><BODY>
+<H1>smtpp</H1>
+Section: Universal proxy server (8)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>smtpp</B>
+
+- SMTP proxy gateway service
+<A NAME="lbAC">&nbsp;</A>
+<H2>SYNOPSIS</H2>
+
+<B>smtpp </B>[<B>-d</B>]
+
+<I></I>[<B>-l</B><I></I>[<B></B>[<I>@</I><B></B>]<I>logfile</I><B></B>]]
+
+<I></I>[<B>-p</B><I>port</I>]
+
+<I></I>[<B>-i</B><I>internal_ip</I>]
+
+<I></I>[<B>-e</B><I>external_ip</I>]
+
+<I></I>[<B>-h</B><I>default_ip[:port]</I>]
+
+<A NAME="lbAD">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<B>smtpp</B>
+
+is SMTP gateway service to allow internal users to access external SMTP
+servers.
+<A NAME="lbAE">&nbsp;</A>
+<H2>OPTIONS</H2>
+
+<DL COMPACT>
+<DT><B>-I</B>
+
+<DD>
+Inetd mode. Standalone service only.
+<DT><B>-d</B>
+
+<DD>
+Daemonise. Detach service from console and run in the background.
+<DT><B>-t</B>
+
+<DD>
+Be silenT. Do not log start/stop/accept error records.
+<DT><B>-u</B>
+
+<DD>
+Never look for username authentication.
+<DT><B>-e</B>
+
+<DD>
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+<DT><B>-i</B>
+
+<DD>
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It's usually unsafe.
+<DT><B>-p</B>
+
+<DD>
+Port. Port proxy listens for incoming connections. Default is 25.
+<DT><B>-h</B>
+
+<DD>
+Default destination. It's used if targed address is not specified by user.
+<DT><B>-l</B>
+
+<DD>
+Log. By default logging is to stdout. If
+<I>logfile</I>
+
+is specified logging is to file. Under Unix, if
+'<I>@</I>'
+
+preceeds
+<I>logfile</I>,
+
+syslog is used for logging.
+</DL>
+<A NAME="lbAF">&nbsp;</A>
+<H2>CLIENTS</H2>
+
+You can use any MUA (Mail User Agent) with SMTP authentication support.
+Set client to use
+<I>internal_ip</I>
+
+and
+<I>port</I>
+
+as a SMTP server. Address of real SMTP server must be configured as a part of
+SMTP username. Format for username is
+<I>username</I><B>@</B><I>server</I>,
+
+where
+<I>server</I>
+
+is address of SMTP server and
+<I>username</I>
+
+is user's login on this SMTP server. Login itself may contain '@' sign.
+Only cleartext authentication is supported, because challenge-response
+authentication (CRAM-MD5, SPA, etc) requires challenge from server before
+we know which server to connect.
+<A NAME="lbAG">&nbsp;</A>
+<H2>BUGS</H2>
+
+Report all bugs to
+<B><A HREF="mailto:3proxy@security.nnov.ru">3proxy@security.nnov.ru</A></B>
+
+<A NAME="lbAH">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/tcppm.8.html">tcppm</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAI">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">OPTIONS</A><DD>
+<DT><A HREF="#lbAF">CLIENTS</A><DD>
+<DT><A HREF="#lbAG">BUGS</A><DD>
+<DT><A HREF="#lbAH">SEE ALSO</A><DD>
+<DT><A HREF="#lbAI">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:56 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/man8/socks.8.html

@@ -0,0 +1,148 @@
+
+<HTML><HEAD><TITLE>Manpage of socks</TITLE>
+</HEAD><BODY>
+<H1>socks</H1>
+Section: Universal proxy server (8)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>socks</B>
+
+- SOCKS 4/4.5/5 gateway service
+<A NAME="lbAC">&nbsp;</A>
+<H2>SYNOPSIS</H2>
+
+<B>socks </B>[<B>-d</B>]
+
+<I></I>[<B>-l</B><I></I>[<B></B>[<I>@</I><B></B>]<I>logfile</I><B></B>]]
+
+<I></I>[<B>-p</B><I>port</I>]
+
+<I></I>[<B>-i</B><I>internal_ip</I>]
+
+<I></I>[<B>-e</B><I>external_ip</I>]
+
+<A NAME="lbAD">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<B>socks</B>
+
+is SOCKS server. It supports SOCKSv4, SOCKSv4.5 (extension to v4 for
+server side name resolution) and SOCKSv5. SOCKSv5 specification allows both
+outgoing and reverse TCP connections and UDP portmapping.
+<A NAME="lbAE">&nbsp;</A>
+<H2>OPTIONS</H2>
+
+<DL COMPACT>
+<DT><B>-I</B>
+
+<DD>
+Inetd mode. Standalone service only.
+<DT><B>-d</B>
+
+<DD>
+Daemonise. Detach service from console and run in the background.
+<DT><B>-t</B>
+
+<DD>
+Be silenT. Do not log start/stop/accept error records.
+<DT><B>-u</B>
+
+<DD>
+Never ask for username authentication
+<DT><B>-e</B>
+
+<DD>
+External address. IP address of interface proxy should initiate connections
+from. External IP must be specified if you need incoming connections.
+By default system will deside which address to use in accordance
+with routing table.
+<DT><B>-i</B>
+
+<DD>
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It's usually unsafe.
+<DT><B>-p</B>
+
+<DD>
+Port. Port proxy listens for incoming connections. Default is 1080.
+<DT><B>-l</B>
+
+<DD>
+Log. By default logging is to stdout. If
+<I>logfile</I>
+
+is specified logging is to file. Under Unix, if
+'<I>@</I>'
+
+preceeds
+<I>logfile</I>,
+
+syslog is used for logging.
+</DL>
+<A NAME="lbAF">&nbsp;</A>
+<H2>CLIENTS</H2>
+
+You should use client with SOCKS support or use some socksification support
+(for example
+<I>SocksCAP</I>
+
+or
+<I>FreeCAP</I>).
+
+Configure client to use
+<I>internal_ip</I>
+
+and
+<I>port</I>.
+
+SOCKS allows to use almost any application protocol without limitation. This
+implementation also allows to open priviledged port on server (if socks has
+sufficient privileges). If you need to control access use
+<B><A HREF="../man8/3proxy.8.html">3proxy</A></B>(8)
+
+instead.
+<A NAME="lbAG">&nbsp;</A>
+<H2>BUGS</H2>
+
+Report all bugs to
+<B><A HREF="mailto:3proxy@security.nnov.ru">3proxy@security.nnov.ru</A></B>
+
+<A NAME="lbAH">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/pop3p.8.html">pop3p</A>(8), <A HREF="../man8/tcppm.8.html">tcppm</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAI">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">OPTIONS</A><DD>
+<DT><A HREF="#lbAF">CLIENTS</A><DD>
+<DT><A HREF="#lbAG">BUGS</A><DD>
+<DT><A HREF="#lbAH">SEE ALSO</A><DD>
+<DT><A HREF="#lbAI">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:56 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/man8/tcppm.8.html

@@ -0,0 +1,146 @@
+
+<HTML><HEAD><TITLE>Manpage of tcppm</TITLE>
+</HEAD><BODY>
+<H1>tcppm</H1>
+Section: Universal proxy server (8)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>tcppm</B>
+
+- TCP port mapper
+<A NAME="lbAC">&nbsp;</A>
+<H2>SYNOPSIS</H2>
+
+<B>tcppm </B>[<B>-d</B>]
+
+<I></I>[<B>-l</B><I></I>[<B></B>[<I>@</I><B></B>]<I>logfile</I><B></B>]]
+
+<I></I>[<B>-i</B><I>internal_ip</I>]
+
+<I></I>[<B>-e</B><I>external_ip</I>]
+
+<I>local_port remote_host remote_port</I>
+
+<A NAME="lbAD">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<B>tcppm</B>
+
+forwards connections from local to remote TCP port
+<A NAME="lbAE">&nbsp;</A>
+<H2>OPTIONS</H2>
+
+<DL COMPACT>
+<DT><B>-I</B>
+
+<DD>
+Inetd mode. Standalone service only.
+<DT><B>-d</B>
+
+<DD>
+Daemonise. Detach service from console and run in the background.
+<DT><B>-t</B>
+
+<DD>
+Be silenT. Do not log start/stop/accept error records.
+<DT><B>-e</B>
+
+<DD>
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+<DT><B>-i</B>
+
+<DD>
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It's usually unsafe.
+<DT><B>-l</B>
+
+<DD>
+Log. By default logging is to stdout. If
+<I>logfile</I>
+
+is specified logging is to file. Under Unix, if
+'<I>@</I>'
+
+preceeds
+<I>logfile</I>,
+
+syslog is used for logging.
+</DL>
+<A NAME="lbAF">&nbsp;</A>
+<H2>ARGUMENTS</H2>
+
+<DL COMPACT>
+<DT><I>local_port</I>
+
+<DD>
+- port tcppm accepts connection
+<DT><I>remote_host</I>
+
+<DD>
+- IP address of the host connection is forwarded to
+<DT><I>remote_port</I>
+
+<DD>
+- remote port connection is forwarded to
+</DL>
+<A NAME="lbAG">&nbsp;</A>
+<H2>CLIENTS</H2>
+
+Any TCP based application can be used as a client. Use
+<I>internal_ip</I>
+
+and
+<I>local_port</I>
+
+as a destination in client application. Connection is forwarded to
+<I>remote_host</I>:<I>remote_port</I>
+
+<A NAME="lbAH">&nbsp;</A>
+<H2>BUGS</H2>
+
+Report all bugs to
+<B><A HREF="mailto:3proxy@security.nnov.ru">3proxy@security.nnov.ru</A></B>
+
+<A NAME="lbAI">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/pop3p.8.html">pop3p</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAJ">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">OPTIONS</A><DD>
+<DT><A HREF="#lbAF">ARGUMENTS</A><DD>
+<DT><A HREF="#lbAG">CLIENTS</A><DD>
+<DT><A HREF="#lbAH">BUGS</A><DD>
+<DT><A HREF="#lbAI">SEE ALSO</A><DD>
+<DT><A HREF="#lbAJ">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:57 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/man8/udppm.8.html

@@ -0,0 +1,153 @@
+
+<HTML><HEAD><TITLE>Manpage of udppm</TITLE>
+</HEAD><BODY>
+<H1>udppm</H1>
+Section: Universal proxy server (8)<BR>Updated: July 2009<BR><A HREF="#index">Index</A>
+<A HREF="../index.html">Return to Main Contents</A><HR>
+
+<A NAME="lbAB">&nbsp;</A>
+<H2>NAME</H2>
+
+<B>udppm</B>
+
+- UDP port mapper
+<A NAME="lbAC">&nbsp;</A>
+<H2>SYNOPSIS</H2>
+
+<B>pop3p </B>[<B>-ds</B>]
+
+<I></I>[<B>-l</B><I></I>[<B></B>[<I>@</I><B></B>]<I>logfile</I><B></B>]]
+
+<I></I>[<B>-i</B><I>internal_ip</I>]
+
+<I></I>[<B>-e</B><I>external_ip</I>]
+
+<I>local_port remote_host remote_port</I>
+
+<A NAME="lbAD">&nbsp;</A>
+<H2>DESCRIPTION</H2>
+
+<B>udppm</B>
+
+forwards datagrams from local to remote UDP port
+<A NAME="lbAE">&nbsp;</A>
+<H2>OPTIONS</H2>
+
+<DL COMPACT>
+<DT><B>-I</B>
+
+<DD>
+Inetd mode. Standalone service only.
+<DT><B>-d</B>
+
+<DD>
+Daemonise. Detach service from console and run in the background.
+<DT><B>-t</B>
+
+<DD>
+Be silenT. Do not log start/stop/accept error records.
+<DT><B>-e</B>
+
+<DD>
+External address. IP address of interface proxy should initiate datagrams
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+<DT><B>-i</B>
+
+<DD>
+Internal address. IP address proxy accepts datagrams to.
+By default connection to any interface is accepted. It's usually unsafe.
+<DT><B>-l</B>
+
+<DD>
+Log. By default logging is to stdout. If
+<I>logfile</I>
+
+is specified logging is to file. Under Unix, if
+'<I>@</I>'
+
+preceeds
+<I>logfile</I>,
+
+syslog is used for logging.
+<DT><B>-s</B>
+
+<DD>
+Single packet. By default only one client can use udppm service, but
+if -s is specified only one packet will be forwarded between client and server.
+It allows to share service between multiple clients for single packet services
+(for example name lookups).
+</DL>
+<A NAME="lbAF">&nbsp;</A>
+<H2>ARGUMENTS</H2>
+
+<DL COMPACT>
+<DT><I>local_port</I>
+
+<DD>
+- port udppm accepts datagrams
+<DT><I>remote_host</I>
+
+<DD>
+- IP address of the host datagrams are forwarded to
+<DT><I>remote_port</I>
+
+<DD>
+- remote port datagrams are forwarded to
+</DL>
+<A NAME="lbAG">&nbsp;</A>
+<H2>CLIENTS</H2>
+
+Any UDP based application can be used as a client. Use
+<I>internal_ip</I>
+
+and
+<I>local_port</I>
+
+as a destination in client application. All datagrams are forwarded to
+<I>remote_host</I>:<I>remote_port</I>
+
+<A NAME="lbAH">&nbsp;</A>
+<H2>BUGS</H2>
+
+Report all bugs to
+<B><A HREF="mailto:3proxy@security.nnov.ru">3proxy@security.nnov.ru</A></B>
+
+<A NAME="lbAI">&nbsp;</A>
+<H2>SEE ALSO</H2>
+
+<A HREF="../man8/3proxy.8.html">3proxy</A>(8), <A HREF="../man8/proxy.8.html">proxy</A>(8), <A HREF="../man8/ftppr.8.html">ftppr</A>(8), <A HREF="../man8/socks.8.html">socks</A>(8), <A HREF="../man8/pop3p.8.html">pop3p</A>(8), <A HREF="../man8/udppm.8.html">udppm</A>(8), <A HREF="../man8/syslogd.8.html">syslogd</A>(8),
+<BR>
+
+<A HREF="http://3proxy.ru/">http://3proxy.ru/</A>
+<A NAME="lbAJ">&nbsp;</A>
+<H2>AUTHORS</H2>
+
+3proxy is designed by 3APA3A
+(<I><A HREF="mailto:3APA3A@security.nnov.ru">3APA3A@security.nnov.ru</A></I>),
+
+Vladimir Dubrovin
+(<I><A HREF="mailto:vlad@sandy.ru">vlad@sandy.ru</A></I>)
+
+<P>
+
+<HR>
+<A NAME="index">&nbsp;</A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAE">OPTIONS</A><DD>
+<DT><A HREF="#lbAF">ARGUMENTS</A><DD>
+<DT><A HREF="#lbAG">CLIENTS</A><DD>
+<DT><A HREF="#lbAH">BUGS</A><DD>
+<DT><A HREF="#lbAI">SEE ALSO</A><DD>
+<DT><A HREF="#lbAJ">AUTHORS</A><DD>
+</DL>
+<HR>
+This document was created by
+using the manual pages.<BR>
+Time: 21:23:57 GMT, April 07, 2014
+</BODY>
+</HTML>

doc/html/securityen.html

@@ -0,0 +1,37 @@
+<h3>3proxy security considirations</h3>
+</ul>
+<ol>
+<li>Never install 3proxy suid. If you need it to run suid write some
+wrapper with fixed configuration file.
+<li>Make configuration file only available to account 3proxy starts with.
+<li>Under Windows NT/2000/XP/2003 if 3proxy is used as service create new
+unprivileged local account without "logon locally" right. Assign this account
+to 3proxy service.
+<li>Under unix use chroot to jail 3proxy (make sure files included in
+configuration file after 'chroot' command, if any, are available from jail)
+<li>Under Unix, either start 3proxy with unprivileged account or, if you need
+some privileged ports to be used by 3proxy, use setgid/setuid commands inside
+3proxy.cfg immediately after last occurance of service binded to
+privileged port in configuration file (setgid must preceed setuid).
+<li>Allways use full paths in configuration file
+<li>Try to avoid 'strong' authentication, because only cleartext
+authentication method is currently available.
+<li>Always specify internal and external interfaces.
+<li>Always limit connections to internal network and localhost (to 127.0.0.1 and
+all interfaces) with ACLs. Be carefull, because BIND command in SOCKS requies
+BIND method with external interface IP address to be allowed.
+<li> Always use nserver and nscache under Unix, overwise DoS attack is possible
+with unreachable DNS server (because gethostbyname will block over threads).
+<li>Remember, that 'nbname' authentication is not reliable and can be spoofed.
+<li>Keep logs in secure location, because some confidential information from
+user's request can be logged.
+<li>Use -xyz+A character filtering sequences for 'logformat', especially with
+ODBC logging to prevent SQL and log record injections. 
+<li>Immediately report all service crashes to developers
+<li>Participate in code audit :)
+</ol>
+ 
+</ol>
+<p>
+
+<pre>$Id: securityen.html,v 1.4 2007/05/07 09:16:51 vlad Exp $</pre>

doc/ru/3proxy_for_dummies.rtf

@@ -0,0 +1,1825 @@
+{\rtf1\adeflang1025\ansi\ansicpg1251\uc1\adeff31507\deff0\stshfdbch31505\stshfloch31506\stshfhich31506\stshfbi31507\deflang1049\deflangfe1049\themelang1049\themelangfe0\themelangcs0{\fonttbl{\f0\fbidi \froman\fcharset204\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f1\fbidi \fswiss\fcharset204\fprq2{\*\panose 020b0604020202020204}Arial;}
+{\f1\fbidi \fswiss\fcharset204\fprq2{\*\panose 020b0604020202020204}Arial;}{\f39\fbidi \fswiss\fcharset204\fprq2{\*\panose 020b0604020202020204}Arial CYR;}{\flomajor\f31500\fbidi \froman\fcharset204\fprq2{\*\panose 02020603050405020304}Times New Roman;}
+{\fdbmajor\f31501\fbidi \froman\fcharset204\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\fhimajor\f31502\fbidi \froman\fcharset204\fprq2{\*\panose 02040503050406030204}Cambria;}
+{\fbimajor\f31503\fbidi \froman\fcharset204\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\flominor\f31504\fbidi \froman\fcharset204\fprq2{\*\panose 02020603050405020304}Times New Roman;}
+{\fdbminor\f31505\fbidi \froman\fcharset204\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\fhiminor\f31506\fbidi \fswiss\fcharset204\fprq2{\*\panose 020f0502020204030204}Calibri;}
+{\fbiminor\f31507\fbidi \froman\fcharset204\fprq2{\*\panose 02020603050405020304}Times New Roman;}{\f44\fbidi \froman\fcharset0\fprq2 Times New Roman;}{\f42\fbidi \froman\fcharset238\fprq2 Times New Roman CE;}
+{\f45\fbidi \froman\fcharset161\fprq2 Times New Roman Greek;}{\f46\fbidi \froman\fcharset162\fprq2 Times New Roman Tur;}{\f47\fbidi \froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\f48\fbidi \froman\fcharset178\fprq2 Times New Roman (Arabic);}
+{\f49\fbidi \froman\fcharset186\fprq2 Times New Roman Baltic;}{\f50\fbidi \froman\fcharset163\fprq2 Times New Roman (Vietnamese);}{\f54\fbidi \fswiss\fcharset0\fprq2 Arial;}{\f52\fbidi \fswiss\fcharset238\fprq2 Arial CE;}
+{\f55\fbidi \fswiss\fcharset161\fprq2 Arial Greek;}{\f56\fbidi \fswiss\fcharset162\fprq2 Arial Tur;}{\f57\fbidi \fswiss\fcharset177\fprq2 Arial (Hebrew);}{\f58\fbidi \fswiss\fcharset178\fprq2 Arial (Arabic);}
+{\f59\fbidi \fswiss\fcharset186\fprq2 Arial Baltic;}{\f60\fbidi \fswiss\fcharset163\fprq2 Arial (Vietnamese);}{\f54\fbidi \fswiss\fcharset0\fprq2 Arial;}{\f52\fbidi \fswiss\fcharset238\fprq2 Arial CE;}{\f55\fbidi \fswiss\fcharset161\fprq2 Arial Greek;}
+{\f56\fbidi \fswiss\fcharset162\fprq2 Arial Tur;}{\f57\fbidi \fswiss\fcharset177\fprq2 Arial (Hebrew);}{\f58\fbidi \fswiss\fcharset178\fprq2 Arial (Arabic);}{\f59\fbidi \fswiss\fcharset186\fprq2 Arial Baltic;}
+{\f60\fbidi \fswiss\fcharset163\fprq2 Arial (Vietnamese);}{\f434\fbidi \fswiss\fcharset0\fprq2 Arial CYR;}{\f432\fbidi \fswiss\fcharset238\fprq2 Arial CYR CE;}{\f435\fbidi \fswiss\fcharset161\fprq2 Arial CYR Greek;}
+{\f436\fbidi \fswiss\fcharset162\fprq2 Arial CYR Tur;}{\f437\fbidi \fswiss\fcharset177\fprq2 Arial CYR (Hebrew);}{\f438\fbidi \fswiss\fcharset178\fprq2 Arial CYR (Arabic);}{\f439\fbidi \fswiss\fcharset186\fprq2 Arial CYR Baltic;}
+{\f440\fbidi \fswiss\fcharset163\fprq2 Arial CYR (Vietnamese);}{\flomajor\f31510\fbidi \froman\fcharset0\fprq2 Times New Roman;}{\flomajor\f31508\fbidi \froman\fcharset238\fprq2 Times New Roman CE;}
+{\flomajor\f31511\fbidi \froman\fcharset161\fprq2 Times New Roman Greek;}{\flomajor\f31512\fbidi \froman\fcharset162\fprq2 Times New Roman Tur;}{\flomajor\f31513\fbidi \froman\fcharset177\fprq2 Times New Roman (Hebrew);}
+{\flomajor\f31514\fbidi \froman\fcharset178\fprq2 Times New Roman (Arabic);}{\flomajor\f31515\fbidi \froman\fcharset186\fprq2 Times New Roman Baltic;}{\flomajor\f31516\fbidi \froman\fcharset163\fprq2 Times New Roman (Vietnamese);}
+{\fdbmajor\f31520\fbidi \froman\fcharset0\fprq2 Times New Roman;}{\fdbmajor\f31518\fbidi \froman\fcharset238\fprq2 Times New Roman CE;}{\fdbmajor\f31521\fbidi \froman\fcharset161\fprq2 Times New Roman Greek;}
+{\fdbmajor\f31522\fbidi \froman\fcharset162\fprq2 Times New Roman Tur;}{\fdbmajor\f31523\fbidi \froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\fdbmajor\f31524\fbidi \froman\fcharset178\fprq2 Times New Roman (Arabic);}
+{\fdbmajor\f31525\fbidi \froman\fcharset186\fprq2 Times New Roman Baltic;}{\fdbmajor\f31526\fbidi \froman\fcharset163\fprq2 Times New Roman (Vietnamese);}{\fhimajor\f31530\fbidi \froman\fcharset0\fprq2 Cambria;}
+{\fhimajor\f31528\fbidi \froman\fcharset238\fprq2 Cambria CE;}{\fhimajor\f31531\fbidi \froman\fcharset161\fprq2 Cambria Greek;}{\fhimajor\f31532\fbidi \froman\fcharset162\fprq2 Cambria Tur;}
+{\fhimajor\f31535\fbidi \froman\fcharset186\fprq2 Cambria Baltic;}{\fhimajor\f31536\fbidi \froman\fcharset163\fprq2 Cambria (Vietnamese);}{\fbimajor\f31540\fbidi \froman\fcharset0\fprq2 Times New Roman;}
+{\fbimajor\f31538\fbidi \froman\fcharset238\fprq2 Times New Roman CE;}{\fbimajor\f31541\fbidi \froman\fcharset161\fprq2 Times New Roman Greek;}{\fbimajor\f31542\fbidi \froman\fcharset162\fprq2 Times New Roman Tur;}
+{\fbimajor\f31543\fbidi \froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\fbimajor\f31544\fbidi \froman\fcharset178\fprq2 Times New Roman (Arabic);}{\fbimajor\f31545\fbidi \froman\fcharset186\fprq2 Times New Roman Baltic;}
+{\fbimajor\f31546\fbidi \froman\fcharset163\fprq2 Times New Roman (Vietnamese);}{\flominor\f31550\fbidi \froman\fcharset0\fprq2 Times New Roman;}{\flominor\f31548\fbidi \froman\fcharset238\fprq2 Times New Roman CE;}
+{\flominor\f31551\fbidi \froman\fcharset161\fprq2 Times New Roman Greek;}{\flominor\f31552\fbidi \froman\fcharset162\fprq2 Times New Roman Tur;}{\flominor\f31553\fbidi \froman\fcharset177\fprq2 Times New Roman (Hebrew);}
+{\flominor\f31554\fbidi \froman\fcharset178\fprq2 Times New Roman (Arabic);}{\flominor\f31555\fbidi \froman\fcharset186\fprq2 Times New Roman Baltic;}{\flominor\f31556\fbidi \froman\fcharset163\fprq2 Times New Roman (Vietnamese);}
+{\fdbminor\f31560\fbidi \froman\fcharset0\fprq2 Times New Roman;}{\fdbminor\f31558\fbidi \froman\fcharset238\fprq2 Times New Roman CE;}{\fdbminor\f31561\fbidi \froman\fcharset161\fprq2 Times New Roman Greek;}
+{\fdbminor\f31562\fbidi \froman\fcharset162\fprq2 Times New Roman Tur;}{\fdbminor\f31563\fbidi \froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\fdbminor\f31564\fbidi \froman\fcharset178\fprq2 Times New Roman (Arabic);}
+{\fdbminor\f31565\fbidi \froman\fcharset186\fprq2 Times New Roman Baltic;}{\fdbminor\f31566\fbidi \froman\fcharset163\fprq2 Times New Roman (Vietnamese);}{\fhiminor\f31570\fbidi \fswiss\fcharset0\fprq2 Calibri;}
+{\fhiminor\f31568\fbidi \fswiss\fcharset238\fprq2 Calibri CE;}{\fhiminor\f31571\fbidi \fswiss\fcharset161\fprq2 Calibri Greek;}{\fhiminor\f31572\fbidi \fswiss\fcharset162\fprq2 Calibri Tur;}
+{\fhiminor\f31575\fbidi \fswiss\fcharset186\fprq2 Calibri Baltic;}{\fhiminor\f31576\fbidi \fswiss\fcharset163\fprq2 Calibri (Vietnamese);}{\fbiminor\f31580\fbidi \froman\fcharset0\fprq2 Times New Roman;}
+{\fbiminor\f31578\fbidi \froman\fcharset238\fprq2 Times New Roman CE;}{\fbiminor\f31581\fbidi \froman\fcharset161\fprq2 Times New Roman Greek;}{\fbiminor\f31582\fbidi \froman\fcharset162\fprq2 Times New Roman Tur;}
+{\fbiminor\f31583\fbidi \froman\fcharset177\fprq2 Times New Roman (Hebrew);}{\fbiminor\f31584\fbidi \froman\fcharset178\fprq2 Times New Roman (Arabic);}{\fbiminor\f31585\fbidi \froman\fcharset186\fprq2 Times New Roman Baltic;}
+{\fbiminor\f31586\fbidi \froman\fcharset163\fprq2 Times New Roman (Vietnamese);}}{\colortbl;\red0\green0\blue0;\red0\green0\blue255;\red0\green255\blue255;\red0\green255\blue0;\red255\green0\blue255;\red255\green0\blue0;\red255\green255\blue0;
+\red255\green255\blue255;\red0\green0\blue128;\red0\green128\blue128;\red0\green128\blue0;\red128\green0\blue128;\red128\green0\blue0;\red128\green128\blue0;\red128\green128\blue128;\red192\green192\blue192;}{\*\defchp 
+\fs22\loch\af31506\hich\af31506\dbch\af31505 }{\*\defpap \ql \li0\ri0\sa200\sl276\slmult1\widctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 }\noqfpromote {\stylesheet{\ql \li0\ri0\sa200\sl276\slmult1
+\widctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af31507\afs22\alang1025 \ltrch\fcs0 \fs22\lang1049\langfe1049\loch\f31506\hich\af31506\dbch\af31505\cgrid\langnp1049\langfenp1049 \snext0 \sqformat \spriority0 Normal;}
+{\*\cs10 \additive \ssemihidden \sunhideused \spriority1 Default Paragraph Font;}{\*
+\ts11\tsrowd\trftsWidthB3\trpaddl108\trpaddr108\trpaddfl3\trpaddft3\trpaddfb3\trpaddfr3\tblind0\tblindtype3\tsvertalt\tsbrdrt\tsbrdrl\tsbrdrb\tsbrdrr\tsbrdrdgl\tsbrdrdgr\tsbrdrh\tsbrdrv \ql \li0\ri0\sa200\sl276\slmult1
+\widctlpar\wrapdefault\aspalpha\aspnum\faauto\adjustright\rin0\lin0\itap0 \rtlch\fcs1 \af31507\afs22\alang1025 \ltrch\fcs0 \fs22\lang1049\langfe1049\loch\f31506\hich\af31506\dbch\af31505\cgrid\langnp1049\langfenp1049 \snext11 \ssemihidden \sunhideused 
+Normal Table;}}{\*\rsidtbl \rsid3764488\rsid11355186}{\mmathPr\mmathFont34\mbrkBin0\mbrkBinSub0\msmallFrac0\mdispDef1\mlMargin0\mrMargin0\mdefJc1\mwrapIndent1440\mintLim0\mnaryLim1}{\info{\operator vlad}{\creatim\yr2011\mo7\dy9\hr1\min32}
+{\revtim\yr2011\mo7\dy9\hr1\min34}{\version2}{\edmins2}{\nofpages18}{\nofwords7180}{\nofchars40932}{\nofcharsws48016}{\vern49255}}{\*\xmlnstbl {\xmlns1 http://schemas.microsoft.com/office/word/2003/wordml}}
+\paperw12240\paperh15840\margl1701\margr850\margt1134\margb1134\gutter0\ltrsect 
+\deftab709\widowctrl\ftnbj\aenddoc\trackmoves0\trackformatting1\donotembedsysfont0\relyonvml0\donotembedlingdata1\grfdocevents0\validatexml0\showplaceholdtext0\ignoremixedcontent0\saveinvalidxml0\showxmlerrors0\horzdoc\dghspace120\dgvspace120
+\dghorigin1701\dgvorigin1984\dghshow0\dgvshow3\jcompress\viewkind1\viewscale100\rsidroot3764488 \fet0{\*\wgrffmtfilter 2450}\ilfomacatclnup0\ltrpar \sectd \ltrsect\linex0\sectdefaultcl\sftnbj {\*\pnseclvl1\pnucrm\pnstart1\pnindent720\pnhang {\pntxta .}}
+{\*\pnseclvl2\pnucltr\pnstart1\pnindent720\pnhang {\pntxta .}}{\*\pnseclvl3\pndec\pnstart1\pnindent720\pnhang {\pntxta .}}{\*\pnseclvl4\pnlcltr\pnstart1\pnindent720\pnhang {\pntxta )}}{\*\pnseclvl5\pndec\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}
+{\*\pnseclvl6\pnlcltr\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}{\*\pnseclvl7\pnlcrm\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}{\*\pnseclvl8\pnlcltr\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}{\*\pnseclvl9
+\pnlcrm\pnstart1\pnindent720\pnhang {\pntxtb (}{\pntxta )}}\pard\plain \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 \rtlch\fcs1 \af31507\afs22\alang1025 \ltrch\fcs0 
+\fs22\lang1049\langfe1049\loch\af31506\hich\af31506\dbch\af31505\cgrid\langnp1049\langfenp1049 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 
+Kurmaeff Halit
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e8\'fe\'ed\'fc}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\hich\af39\dbch\af31505\loch\f39  2006
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 halit_at_mail_dot_ru
+\par }{\rtlch\fcs1 \ab\af39\afs20 \ltrch\fcs0 \b\f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d1\'e5\'ec\'fc\loch\f39 \hich\f39  \'f1\'eb\'ee\'e5\'e2\loch\f39 \hich\f39  \'ec\'e0\'f2\'f0\'e5\'f8\'ea\'e8\loch\f39 \hich\f39 , \'e8\'eb\'e8
+\loch\f39 \hich\f39  \'cd\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\loch\f39 \hich\f39  3proxy \'e4\'eb\'ff\loch\f39 \hich\f39  \'f7\'e0\'e9\'ed\'e8\'ea\'ee\'e2
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 (\'e2\'e5\'f0\'f1\'e8\'ff\loch\f39 \hich\f39  1.3, \'e8\'f1\'ef\'f0\'e0\'e2\'eb\'e5\'ed\'ed\'e0\'ff\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e4\'ee\'ef\'ee\'eb\'ed\'e5\'ed\'ed\'e0\'ff\loch\f39 \hich\f39 , 
+\'ec\'e0\'f0\'f2\loch\f39 , 2010) 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\par \loch\af39\dbch\af31505\hich\f39 \'d5\'ee\'f7\'f3\loch\f39 \hich\f39  \'ef\'ee\'e4\'e5\'eb\'e8\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'f1\'e2\'ee\'e8\'ec\loch\f39 \hich\f39  \'ee\'ef\'fb\'f2\'ee\'ec\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'ed\'e0
+\'f1\'f2\'f0\'ee\'e9\'ea\'e5\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0\'f2\'e5\'eb\'fc\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'ee\'f2\loch\f39 \hich\f39  \'c7\'e0\'f0\'e0\'e7\'fb
+\loch\f39 \hich\f39  - 3proxy. \'c4\'ee\'eb\'e3\'ee\'e5\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'e2\'f0\'e5\'ec\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'eb\'f1\'ff\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'e8\'ec\loch\f39 \hich\f39  \'e8
+\'ed\'f2\'e5\'f0\'e5\'f1\'ed\'fb\'ec\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'ee\'ec\loch\f39 \hich\f39  ES Proxy http://esproxy.org.ua \'ee\'f2\loch\f39 \hich\f39  \'c3\'e5\'ee\'f0\'e3\'e8\'ff\loch\f39 \hich\f39  \'cf\'e0
+\'e2\'eb\'e5\'ed\'ea\'ee\loch\f39 \hich\f39  - \'ec\'e0\'eb\'e5\'ed\'fc\'ea\'ee\'e3\'ee\loch\f39 \hich\f39  (\'e2\'f1\'e5\'e3\'ee\loch\f39 \hich\f39  \'ee\'e4\'e8\'ed\loch\f39 \hich\f39  exe-\'f8\'ed\'e8\'ea\loch\f39 \hich\f39  \'ed\'e0\loch\f39 
+\hich\f39  300 \'ea\'c1\loch\f39 \hich\f39 ), \'e4\'ee\'e2\'ee\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e5\loch\f39 \hich\f39  \'e8\loch\f39 
+\hich\f39  \'ee\'f7\'e5\'ed\'fc\loch\f39 \hich\f39  \'ed\'e5\'f2\'f0\'e5\'e1\'ee\'e2\'e0\'f2\'e5\'eb\'fc\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'f0\'e5\'f1\'f3\'f0\'f1\'e0\'ec\loch\f39 \hich\f39  - \'ef\'ee\loch\f39 \hich\f39  \'ea
+\'f0\'e0\'e9\'ed\'e5\'e9\loch\f39 \hich\f39  \'ec\'e5\'f0\'e5\loch\f39 \hich\f39 , \'ef\'f0\'e8\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'e8\loch\f39 \hich\f39  \'f1\'ee\'f2\'ed\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\loch\af39\dbch\af31505\hich\f39 \'fc
+\loch\af39\dbch\af31505\hich\f39 \'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39  \'ee\'ed\loch\f39 \hich\f39  \'f3\'ec\'f3\'e4\'f0\'ff\'eb\'f1\'ff\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\loch\f39 
+\hich\f39  \'f1\'f2\'e0\'f0\'e8\'ed\'ed\'ee\'ec\loch\f39 \hich\f39  P133, \'ef\'ee\'f7\'f2\'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e7\'e0\'f2\'fb\'ea\'e0\'ff\'f1\'fc\loch\f39 \hich\f39 . \'c8\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee
+\loch\f39 \hich\f39  \'e2\'ee\'f2\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  <\'ef\'ee\'f7\'f2\'e8\loch\f39 \hich\f39 > - \'e8\'ed\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea
+\'f1\'e8\'ea\loch\f39 \hich\f39  \'f1\'e0\'ec\'ee\'ef\'f0\'ee\'e8\'e7\'e2\'ee\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'ef\'ee\'e6\'e8\'f0\'e0\'eb\loch\f39 \hich\f39  100% \'ef\'f0\'ee\'f6\'e5\'f1\'f1\'ee\'f0\'e0\loch\f39 \hich\f39 , \'f5\'ee\'f2\'ff
+\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'f0\'ee\'e4\'ee\'eb\'e6\'e0\'eb\loch\f39 \hich\f39  \'f7\'e0\'f1\'f2\'e8\'f7\'ed\'ee\loch\f39 \hich\f39  \'e8\'eb\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'ed\'ee\'f1\'f2\'fc\'fe\loch\f39 \hich\f39  \'f1\'ef
+\'f0\'e0\'e2\'eb\'ff\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'f1\'ee\loch\f39 \hich\f39  \'f1\'e2\'ee\'e8\'ec\'e8\loch\f39 \hich\f39  \'ee\'e1\'ff\'e7\'e0\'ed\'ed\'ee\'f1\'f2\'ff\'ec\'e8\loch\f39 \hich\f39  - \'e0\loch\f39 \hich\f39  \'f2\'e0\'ea\'e6\'e5
+\loch\f39 \hich\f39  \'f2\'ee\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'e0\loch\af39\dbch\af31505\hich\f39 \'e2\'f2\'ee\'f0\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'e8\loch\f39 \hich\f39 
+ 4 \'e3\'ee\'e4\'e0\loch\f39 \hich\f39  \'ea\'e0\'ea\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ef\'ee\'e4\'e0\'e5\'f2\loch\f39 \hich\f39  \'ed\'e8\'ea\'e0\'ea\'e8\'f5\loch\f39 \hich\f39  \'ef\'f0\'e8\'e7\'ed\'e0\'ea\'ee\'e2\loch\f39 \hich\f39  
+\'e6\'e8\'e7\'ed\'e8\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'e5\'f1\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'e4\'f3\'ea\'f2\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f0\'e0\'e7\'e2\'e8\'f2\'e8\'e8
+\loch\f39 \hich\f39  - \'ef\'f0\'e8\'e2\'e5\'eb\'e8\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'ef\'ee\'e8\'f1\'ea\'e0\'ec\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\'e4\'f5\'ee\'e4\'ff\'f9\'e5\'e3\'ee\loch\f39 
+\hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39 . \'d1\'ea\'e0\'e6\'f3\loch\f39 \hich\f39  \'f1\'f0\'e0\'e7\'f3\loch\f39 \hich\f39  - \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ea\'f0
+\'e0\'f1\'e8\'e2\'fb\'ec\'e8\loch\f39 \hich\f39  GUI \'ec\'e5\'ed\'ff\loch\f39 \hich\f39  \'ef\'f0\'e8\'e2\'eb\'e5\'ea\'e0\'eb\'e8\loch\f39 \hich\f39  \'ec\'e0\'eb\'ee\loch\f39 \hich\f39 , \'ff\loch\f39 \hich\f39  \'f1\'f2\'ee\'f0\'ee\'ed\'ed\'e8\'ea
+\loch\f39 \hich\f39  \'ef\'f0\'e8\'ed\'f6\'e8\'ef\'e0\loch\f39 \hich\f39  <\'cc\'ed\'e5\loch\f39 \hich\f39  \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'e5\'f5\'e0\'f2\'fc\loch\f39 \hich\f39 >, \'e0\loch\f39 \hich\f39  \'ea\'f0\'e0
+\loch\af39\dbch\af31505\hich\f39 \'f1\loch\af39\dbch\af31505\hich\f39 \'e8\'e2\'fb\'e9\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9\'f1\loch\f39 \hich\f39  - \'fd\'f2\'ee\loch\f39 \hich\f39 , \'ea\'ee\'ed\'e5\'f7\'ed\'ee\loch\f39 \hich\f39 , \'f5
+\'ee\'f0\'ee\'f8\'ee\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f3\'f9\'e5\'f0\'e1\loch\f39 \hich\f39  \'ef\'f0\'ee\'e8\'e7\'e2\'ee\'e4\'e8\'f2\'e5\'eb\'fc\'ed\'ee\'f1\'f2\'e8\loch\f39 
+\hich\f39 . \'cf\'e5\'f0\'e5\'ef\'f0\'ee\'e1\'ee\'e2\'e0\'e2\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ee\'f2\loch\f39 \hich\f39  \'f5\'ee\'f0\'ee\'f8\'e5\'e9\loch\f39 \hich\f39  \'e6\'e8\'e7\'ed\'e8\loch\f39 \hich\f39  5-6 \'f0\'e0\'e7\'ed\'fb
+\'f5\loch\f39 \hich\f39  \'ef\'f0\'ee\'e4\'f3\'ea\'f2\'ee\'e2\loch\f39 \hich\f39  (\'f1\'f0\'e5\'e4\'e8\loch\f39 \hich\f39  \'ed\'e8\'f5\loch\f39 \hich\f39  Usergate, Proxy+, Lan4net....) \'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ee\'f1\'f2
+\'e0\'e2\'f8\'e8\'f1\'fc\loch\f39 \hich\f39  \'e4\'ee\'e2\'ee\'eb\'fc\'ed\'fb\'ec\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e0\'e5\'ec\'fb\'ec\'e8\loch\f39 \hich\f39  \'f0\'e5\'e7\'f3\'eb\'fc\'f2\'e0\'f2\'e0\'ec\'e8\loch\f39 \hich\f39  (\'e4\'ee\'eb\'e6
+\'e5\'ed\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f2\'e8\'f2\'fc\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e8\'e7\'e2\'e5\'f1\'f2\'ed\'fb\'e9\loch\f39 \hich\f39  \'ef\'f0\'ee\'e4\loch\af39\dbch\af31505\hich\f39 \'f3
+\loch\af39\dbch\af31505\hich\f39 \'ea\'f2\loch\f39 \hich\f39  \'ee\'f2\loch\f39 \hich\f39  Microsoft \'ff\loch\f39 \hich\f39  \'f0\'e5\'f8\'e8\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'ee\'f2\'ec\'e5\'eb\loch\f39 \hich\f39  \'e2\'e2\'e8\'e4\'f3
+\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  \'e2\'fb\'f1\'ee\'ea\'ee\'e9\loch\f39 \hich\f39  \'f1\'f2\'ee\'e8\'ec\'ee\'f1\'f2\'e8\loch\f39 \hich\f39 ), \'f0\'e5\'f8\'e8\'eb\loch\f39 \hich\f39  \'ef\'ee\'ef\'f0\'ee\'e1\'ee\'e2\'e0\'f2\'fc
+\loch\f39 \hich\f39  \'f2\'e0\'ea\'e8\loch\f39 \hich\f39  3proxy, \'f2\'e5\'ec\loch\f39 \hich\f39  \'ef\'e0\'f7\'e5\loch\f39 \hich\f39  \'f1\'eb\'fb\'f8\'e0\'eb\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ee\'f1\'ed\'ee\'e2\'ed\'ee\'ec\loch\f39 
+\hich\f39  \'f5\'ee\'f0\'ee\'f8\'e8\'e5\loch\f39 \hich\f39  \'ee\'f2\'ea\'eb\'e8\'ea\'e8\loch\f39 \hich\f39 . \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'ea\'f2\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e6\'e0\'eb\'ee\'e2\'e0\'eb\'f1\'ff\loch\f39 
+\hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ed\'e5\'e3\'ee\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'eb\'ee\'e6\'ed\'ee\'f1\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2
+\'f0\'ee\'e9\'ea\'e8\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'f7\'e5\'ec\loch\f39 \hich\f39 , \'e4\'ee\'eb\'e6\'e5\'ed\loch\f39 \hich\f39  \'f1\'ea\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39 , \'ed\'e5\'ec\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'e7\'e0
+\'e1\'e5\'e3\'e0\'ff\loch\f39 \hich\f39  \'e2\'ef\'e5\'f0\'e5\'e4\loch\f39 \hich\f39 , \'ff\loch\f39 \hich\f39  \'e8\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'e8\loch\af39\dbch\af31505\hich\f39 \'ec\'e5\'eb\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6
+\'ed\'ee\'f1\'f2\'fc\loch\f39 \hich\f39  \'f3\'e1\'e5\'e4\'e8\'f2\'fc\'f1\'ff\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'e0\'e9\'e4\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed\'e5\'f2\'e5\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e0\'e1\'ee\'f2\'f7\'e8\'ea\'e0\loch\f39 
+\hich\f39  http://3proxy.ru/, \'ef\'ee\'f7\'e8\'f2\'e0\'eb\loch\f39 \hich\f39  \'ef\'f0\'ee\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  - \'e8\loch\f39 \hich\f39  \'e2\'ee\'e7\'f0\'e0\'e4\'ee\'e2\'e0\'eb\'f1\'ff
+\loch\f39 \hich\f39 . \'d2\'f3\'f2\loch\f39 \hich\f39  \'f2\'e5\'e1\'e5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'eb\'fe\'e1\'fb\'e5\loch\f39 \hich\f39  \'eb\'e8\'ec\'e8\'f2\'fb\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ea\'e0\'e6\'e4\'ee
+\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39 , \'e8\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'f1\'ea\'ee\'f0\'ee\'f1\'f2\'e8\loch\f39 \hich\f39 , \'e8
+\loch\f39 \hich\f39  FTP, \'e8\loch\f39 \hich\f39  SOCKS, \'e8\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2-\'ec\'e0\'ef\'ef\'e5\'f0\'fb\loch\f39 \hich\f39 , \'e8\loch\f39 \hich\f39  \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\loch\f39 
+\hich\f39  \'ea\'e0\'ea\loch\f39 \hich\f39  \'ef\'ee\'e4\loch\f39  Win\hich\af39\dbch\af31505\loch\f39 \hich\f39 dows, \'f2\'e0\'ea\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'ee\'e4\loch\f39 \hich\f39  \'eb\'fe\'e1\'fb\'ec\'e8\loch\f39 \hich\f39  
+\'ed\'e8\'ea\'f1\'e0\'ec\'e8\loch\f39 \hich\f39 . \'c1\'ee\'eb\'e5\'e5\loch\f39 \hich\f39  \'f2\'ee\'e3\'ee\loch\f39 \hich\f39 , \'e5\'f1\'f2\'fc\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ed\'e5\'ea\'ee\'f2\'ee\'f0\'fb\'e5\loch\f39 \hich\f39  \'f3
+\'ed\'e8\'ea\'e0\'eb\'fc\'ed\'fb\'e5\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  - \'e2\'f0\'ee\'e4\'e5\loch\f39 \hich\f39  \'e2\'e5\'e4\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e6\'f3\'f0\'ed\'e0\'eb\'ee\'e2
+\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  ODBC \'e8\'eb\'e8\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee\'e8\'e7\'e2\'ee\'eb\'fc\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\'e0
+\loch\f39 \hich\f39  \'eb\'ee\'e3\'ee\'e2\loch\f39 \hich\f39 , \'f2\'e0\'ea\loch\f39 \hich\f39  \'f7\'f2\'ee\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  <\'f1
+\'ea\'ee\'f0\'ec\'e8\'f2\'fc\loch\f39 \hich\f39 > \'eb\'fe\'e1\'ee\'ec\'f3\loch\f39 \hich\f39  \'eb\'ee\'e3-\'e0\'ed\'e0\'eb\'e8\'e7\'e0\'f2\'ee\'f0\'f3\loch\f39 \hich\f39 . \'c2\loch\f39 \hich\f39  \'ee\'e1\'f9\'e5\'ec\loch\f39 \hich\f39 , \'e2\'f1\'b8
+\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'ed\'e0\'e4\'ee\'e1\'e8\'f2\'fc\loch\af39\dbch\af31505\hich\f39 \'f1\loch\af39\dbch\af31505\hich\f39 \'ff\loch\f39 \hich\f39  \'f1\'e8\'f1\'f2\'e5\'ec
+\'ed\'ee\'ec\'f3\loch\f39 \hich\f39  \'e0\'e4\'ec\'e8\'ed\'e8\'f1\'f2\'f0\'e0\'f2\'ee\'f0\'f3\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39  
+\'f3\'e4\'ee\'e2\'eb\'e5\'f2\'e2\'ee\'f0\'e8\'f2\'fc\loch\f39 \hich\f39 , \'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ef\'f3\'f1\'ea\'e0\'f2\'fc\loch\f39 \hich\f39  \'e8\'f5\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'ea\'f3\'e4\'e0
+\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ed\'f3\'e6\'ed\'ee\loch\f39 \hich\f39 ... \'cd\'e5\loch\f39 \hich\f39  \'f5\'e2\'e0\'f2\'e0\'e5\'f2\loch\f39 \hich\f39  \'f0\'e0\'e7\'e2\'e5\loch\f39 \hich\f39  \'f7\'f2\'ee\loch\f39 \hich\f39  \'ea\'fd
+\'f8\'e8\'f0\'ee\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39   \'e4\'e0\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'ef\'e0\'f0\'fb\loch\f39 \hich\f39  \'ec\'e5\'eb\'ee\'f7\'e5\'e9\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'fd\'f2\'ee
+\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'ee\'e1\'e5\'f9\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'ea\'ee\'f0\'ee\'ec\loch\f39 \hich\f39  \'e1\'f3\'e4\'f3\'f9\'e5\'ec\loch\f39 
+\hich\f39 , \'e4\'e0\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'f1\'ee\'e4\'e5\'f0\'e6\'e0\'ed\'e8\'fe\loch\f39 \hich\f39  \'f4\'ee\'f0\'f3\'ec\'e0\loch\f39 \hich\f39 , \'ee\'ef\'e5\'f0\'e0\'f2\'e8\'e2\'ed\'fb\'ec
+\loch\f39 \hich\f39  \'ee\'f2\'e2\'e5\'f2\'e0\'ec\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee\loch\af39\dbch\af31505\hich\f39 \'f1\loch\af39\dbch\af31505\hich\f39 \'fb\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5
+\'eb\'e5\'e9\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f1\'ee\'e4\'e5\'f0\'e6\'e8\'ec\'ee\'ec\'f3\loch\f39 \hich\f39  changelog'\'e0\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'e8\loch\f39 \hich\f39  0.6 \'e2\'e8\'e4\'ed\'ee\loch\f39 \hich\f39 , \'f7
+\'f2\'ee\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\loch\f39 \hich\f39  \'ed\'e0\'e4\loch\f39 \hich\f39  \'f1\'ee\'e2\'e5\'f0\'f8\'e5\'ed\'f1\'f2\'e2\'ee\'e2\'e0\'ed\'e8\'e5\'ec\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'e8
+\'e4\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'eb\'ed\'fb\'ec\loch\f39 \hich\f39  \'f5\'ee\'e4\'ee\'ec\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'ea\'e0\'f7\'e0\'e2\loch\f39 \hich\f39  \'e4\'e8\'f1\'f2\'f0\'e8\'e1\'f3\'f2\'e8\'e2\loch\f39 \hich\f39  (555 \'ea\'c1\loch\f39 \hich\f39 ! \'e2\loch\f39 \hich\f39  \'e0\'ea\'f2\'f3\'e0\'eb\'fc\'ed\'ee\'e9\loch\f39 
+\hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ec\'ee\'ec\'e5\'ed\'f2\loch\f39 \hich\f39  \'ed\'e0\'ef\'e8\'f1\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'f1\'f2\'e0\'f2\'fc\'e8\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'e8\loch\f39 \hich\f39  devel 0.6), \'ff
+\loch\f39 \hich\f39  \'ef\'ee\'e3\'f0\'f3\'e7\'e8\'eb\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e8\'e7\'f3\'f7\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e7\'f6\'e0\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'f3\'f0\'e0\'f6\'e8
+\'ee\'ed\'ed\loch\af39\dbch\af31505\hich\f39 \'ee\'e3\'ee\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'e0\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'fb\'e9\loch\f39 \hich\f39  \'ef\'f0\'e8\'eb\'e0\'e3\'e0\'eb\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  
+\'ea\'ee\'ec\'ef\'eb\'e5\'ea\'f2\'e5\loch\f39 \hich\f39 . \'cf\'ee\loch\f39 \hich\f39  \'f5\'ee\'e4\'f3\loch\f39 \hich\f39  \'e8\'e7\'f3\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e2\'ee\'e7\'ed\'e8\'ea\'eb\'ee\loch\f39 \hich\f39  \'ed\'e5\'ec\'e0\'eb\'ee
+\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee\'f1\'ee\'e2\loch\f39 \hich\f39 . \'d1\loch\f39 \hich\f39  \'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'e0\loch\f39 \hich\f39  \'ef\'f0\'e8\'f8\'eb\'ee\'f1\'fc\loch\f39 
+\hich\f39  \'f1\'ea\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f0\'e0\'f1\'ef\'e5\'f7\'e0\'f2\'e0\'f2\'fc\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'ed\'e5\'f1\'ef\'e5\'f8\'ed\'ee\loch\f39 \hich\f39  \'e8\'e7
+\'f3\'f7\'e8\'f2\'fc\loch\f39 \hich\f39 , FAQ \'e8\loch\f39 \hich\f39  HowTo. \'ca\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'fd\'f2\'e8\loch\f39 \hich\f39  \'ec\'e0\'f2\'e5\'f0\'e8\'e0\'eb\'fb\loch\f39 \hich\f39  \'e1\'fb\'eb\'e8
+\loch\f39 \hich\f39  \'e8\'e7\'f3\'f7\'e5\'ed\'fb\loch\f39 \hich\f39 , \'ee\'ea\'e0\'e7\'e0\'eb\'ee\'f1\'fc\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee\'f1\'ee\'e2\loch\f39 \hich\f39  \'ec\'e5\'ed\'fc\'f8\'e5\loch\f39 
+\hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f1\'f2\'e0\'eb\'ee\loch\f39 \hich\f39 . \'cf\'ee\'ef\'fb\'f2\'ea\'e8\hich\af39\dbch\af31505\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'e7\'e0\'ef\'f3\'f1\'f2\'e8\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1
+\'e8\loch\f39 \hich\f39  \'e1\'fb\'eb\'e8\loch\f39 \hich\f39  \'ef\'e5\'f0\'e2\'ee\'ed\'e0\'f7\'e0\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'e1\'e5\'e7\'f3\'f1\'ef\'e5\'f8\'ed\'fb\'ec\'e8\loch\f39 \hich\f39 , \'ef\'f0\'e8\'f8\'eb\'ee\'f1\'fc\loch\f39 
+\hich\f39  \'ef\'ee\'f7\'e8\'f2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ec\'e0\'f2\'e5\'f0\'e8\'e0\'eb\'fb\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e5\'f0\'e5\'ed\'f6\'e8\'e8\loch\f39 \hich\f39 , \'e3\'e4\'e5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e1\'fb
+\'eb\loch\f39 \hich\f39  \'ed\'e0\'e9\'e4\'e5\'ed\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e7\'e5\'f6\loch\f39 \hich\f39  \'ee\'f7\'e5\'ed\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'f3\'f0\'e0\'f6
+\'e8\'ee\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'e0\loch\f39 \hich\f39 , \'ef\'ee\'f1\'f2\'f0\'ee\'e5\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'ef\'f0\'e8\'ed\'f6\'e8\'ef\'f3\loch\f39 \hich\f39  <\'f0\'e0\'e7
+\'f0\'e5\'f8\'e8\'f2\'fc\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e2\'f1\'e5\'ec\loch\f39 \hich\f39 >. \'ca\'f1\'f2\'e0\'f2\'e8\loch\f39 \hich\f39 , \'e2\'ee\'f2\loch\f39 \hich\f39  \'ee\'ed\loch\f39 \hich\f39  (\'e2
+\'e5\'f0\'f1\'e8\'ff\loch\f39  0): 
+\par \hich\af39\dbch\af31505\loch\f39 auth none 
+\par \hich\af39\dbch\af31505\loch\f39 log
+\par \hich\af39\dbch\af31505\loch\f39 proxy 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'f1\'e5\loch\f39 \hich\f39  \'e3\'e5\'ed\'e8\'e0\'eb\'fc\'ed\'ee\'e5\loch\f39 \hich\f39 , \'ea\'e0\'ea\loch\f39 \hich\f39  \'e3\'ee\'e2\'ee\'f0\'e8\'f2\'f1\'ff\loch\f39 \hich\f39 , \'ef\'f0\'ee\'f1\'f2\'ee\loch\f39 
+\hich\f39 . \'c0\loch\f39 \hich\f39  \'ec\'ee\'ff\loch\f39 \hich\f39  \'ee\'f8\'e8\'e1\'ea\'e0\loch\f39 \hich\f39  \'e7\'e0\'ea\'eb\'fe\'f7\'e0\'eb\'e0\'f1\'fc\loch\f39 \hich\f39 , \'ea\'f1\'f2\'e0\'f2\'e8\loch\f39 \hich\f39 , \'ea\'e0\'ea\loch\f39 
+\hich\f39  \'f0\'e0\'e7\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f2\'ee\'ec\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ff\loch\f39 \hich\f39  \'ef\'fb\'f2\'e0\'eb\'f1\'ff\loch\f39 \hich\f39  \'f1\'f0\'e0\'e7\'f3\loch\f39 \hich\f39  \'ed
+\'e0\'ef\'e8\'f1\'e0\'f2\'fc\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f7\'e8\'e9\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'f1\'ee\loch\f39 \hich\f39  \'e2\'f1\'e5\'ec\'e8\loch\f39 \hich\f39  \'eb\'e8\'ec\'e8\'f2\'e0\'ec\'e8\loch\f39 
+\hich\f39  \'e8\loch\f39 \hich\f39  \'f2.\'e4\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'e0\'e6\'ed\'ee\loch\f39 \hich\f39 ! \'ca\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ee\'e1\'f9\'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5
+\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'e5\'ed\loch\f39 \hich\f39  \'ed\'e0\'f5\'ee\'e4\'e8\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ee\'e4\'ed\'ee\'e9\loch\f39 \hich\f39  \'ef\'e0\'ef\'ea\'e5\loch\f39 \hich\f39  \'f1\loch\f39 
+\hich\f39  \'e8\'f1\'ef\'ee\'eb\'ed\'ff\'e5\'ec\'fb\'ec\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'ee\'ec\loch\f39  3proxy.exe \hich\af39\dbch\af31505\loch\f39 \hich\f39 (\'ef\'ee\loch\f39 \hich\f39  \'f3\'ec\'ee\'eb\'f7\'e0\'ed\'e8\'fe\loch\f39 \hich\f39  
+\'e2\loch\f39 \hich\f39  \'ef\'e0\'ef\'ea\'e5\loch\f39 \hich\f39  bin). \'c8\'ed\'e0\'f7\'e5\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\'e0\'f2\'fc\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'ed\'ff\'e5\'ec\'fb\'e9
+\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'ed\'e8\'e5\'ec\loch\f39 \hich\f39  \'ef\'f3\'f2\'e8\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'f3\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  90% \'f1\'eb\'f3\'f7\'e0\'ff\'f5\loch\f39 \hich\f39  \'fd\'f2\'ee\'f2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2
+\'e0\'f2\'fc\loch\f39 \hich\f39 . \'d0\'e0\'e7\'e1\'e5\'f0\'e5\'ec\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e5\'ec\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  \'ef\'e5\'f0\'e2\'ee\'e9\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'f7\'ea\'e5\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'fb\'e2\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e0
+\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'ff\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f2\'f0\'e5\'e1\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39 , \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'e5\'ed\'ed\'ee\loch\f39 \hich\f39 , \'e4\'ee\'f1\'f2\'f3\'ef
+\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e0\'fe\'f2\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'fe\'e7\'e5\'f0\loch\af39\dbch\af31505\hich\f39 \'fb\loch\f39 \hich\f39  \'e1\'e5\'e7\loch\f39 \hich\f39  \'e8\'f1\'ea\'eb\'fe\'f7\'e5\'ed\'e8\'ff
+\loch\f39 \hich\f39 . \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e2\'fb\loch\f39 \hich\f39  \'ef\'ee\'ef\'fb\'f2\'e0\'e5\'f2\'e5\'f1\'fc\loch\f39 \hich\f39  \'e2\'e2\'e5\'f1\'f2\'e8\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'fd\'f2\'ee\'e9
+\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'fb\loch\f39 \hich\f39  \'ea\'e0\'ea\'e8\'e5-\'f2\'ee\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 
+\hich\f39  \'ee\'ed\'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f1\'f0\'e0\'e1\'ee\'f2\'e0\'fe\'f2\loch\f39 \hich\f39 , \'ee\loch\f39 \hich\f39  \'f7\'e5\'ec\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f1\'ee\'ee\'e1\'f9\'e0\'e5\'f2\'f1\'ff
+\loch\f39 \hich\f39  \'e2\loch\f39  FAQ. 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'ee\loch\f39 \hich\f39  \'e2\'f2\'ee\'f0\'ee\'e9\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'e5\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'e5\'ec\loch\f39 \hich\f39  \'e2\'e5\'e4\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'eb\'ee
+\'e3\'e0\loch\f39 \hich\f39 , \'ef\'f0\'e8\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'fb\'e2\'e0\'e5\'ec\loch\f39 \hich\f39  \'ef\'f3\'f2\'fc\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'f4
+\'e0\'e9\'eb\'f3\loch\f39 \hich\f39 , \'f1\'eb\'e5\'e4\'ee\'e2\'e0\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39 , \'eb\'ee\'e3\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e2\'fb\'e2\'ee\'e4\'e8\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'fd\loch\af39\dbch\af31505\hich\f39 \'ea\'f0\'e0\'ed\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'c8\loch\f39 \hich\f39 , \'ed\'e0\'ea\'ee\'ed\'e5\'f6\loch\f39 \hich\f39 , \'e7\'e0\'ef\'f3\'f1\'ea\'e0\'e5\'ec\loch\f39 \hich\f39  \'f1\'e0\'ec\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'f1\'f2\'e0\'ed\'e4\'e0\'f0\'f2\'ed\'ee\'ec\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'f3\loch\f39  3128. 
+\par \loch\af39\dbch\af31505\hich\f39 \'cc\'ed\'ee\'e3\'e8\'e5\loch\f39 \hich\f39  \'ef\'e0\'f0\'e0\'ec\'e5\'f2\'f0\'fb\loch\f39 \hich\f39  \'ee\'ef\'f3\'f9\'e5\'ed\'fb\loch\f39 \hich\f39 , \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'e5\'ed\'ed\'ee\loch\f39 
+\hich\f39 , \'e4\'eb\'ff\loch\f39 \hich\f39  \'ed\'e8\'f5\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'e2\'ee\'e7\'fc\'ec\'e5\'f2\loch\f39 \hich\f39  \'e7\'ed\'e0\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  
+\'f3\'ec\'ee\'eb\'f7\'e0\'ed\'e8\'fe\loch\f39 \hich\f39 . \'d2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'ec\'ee\'e6\'e5\'f2\'e5\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5
+\'eb\'fc\'f1\'ea\'e8\'f5\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e0\'f5\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e8\'f2\'fc\loch\f39 \hich\f39  \'e2\'e0\'f8\loch\f39 \hich\f39  \'eb\'fe\'e1\'e8\'ec\'fb\'e9\loch\f39 \hich\f39  \'e1
+\'f0\'e0\'f3\'e7\'e5\'f0\loch\f39 \hich\f39  - \'ed\'e5\loch\f39 \hich\f39  \'e7\'ed\'e0\'fe\loch\f39 \hich\f39 , \'ea\'e0\'ea\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'e2\'e0\loch\af39\dbch\af31505\hich\f39 \'f1\loch\f39 \hich\f39 , \'e0\loch\f39 
+\hich\f39  \'f3\loch\f39 \hich\f39  \'ec\'e5\'ed\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  \'ef\'ee\'f7\'e5\'f2\'ed\'ee\'e5\loch\f39 \hich\f39  \'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  \'eb\'e5\'f2\loch\f39 
+\hich\f39  8 \'e7\'e0\'ed\'e8\'ec\'e0\'e5\'f2\loch\f39 \hich\f39  Opera - \'e2\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  \'f1\'e5\'f2\'e5\'e2\'fb\'f5\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\'f5\loch\f39 \hich\f39  \'ef\'ee\'f1
+\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'e3\'e0\'eb\'ee\'f7\'ea\'f3\loch\f39 \hich\f39  "\'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39 ", \'e0\loch\f39 \hich\f39  \'e7\'e0\'f2\'e5
+\'ec\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'ef\'f0\'ee\'f2\'ee\'ea\'ee\'eb\'ee\'e2\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'f2\'fc\loch\f39 \hich\f39  IP \'e2\'e0\'f8\'e5\'e3\'ee\loch\f39 \hich\f39  
+\'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\loch\f39  3128.
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39  \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e2\'e0\'ec\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ed\'f3\'e6\'e5\'ed\loch\f39 \hich\f39  \'f3\'f7\'e5\'f2\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ea\'ee
+\'ed\'f2\'f0\'ee\'eb\'fc\loch\f39 \hich\f39 , \'ec\'e0\'eb\'ee\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'e5\'f1\'f3\'e5\'f2\loch\f39 \hich\f39  \'e1\'e5\'e7\'ee\'ef\'e0\loch\af39\dbch\af31505\hich\f39 \'f1\'ed\'ee\'f1\'f2\'fc\loch\f39 \hich\f39  \'f1\'e5
+\'f2\'e8\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'e2\'e0\'f1\loch\f39 \hich\f39  \'e1\'e5\'e7\'eb\'e8\'ec\'e8\'f2\'ed\'fb\'e9\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  
+\'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'fd\'f2\'e8\'ec\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e8\'f2\'fc\'f1\'ff\loch\f39 \hich\f39 , \'ef\'ee\loch\f39 \hich\f39  \'ea\'f0\'e0\'e9\'ed\'e5\'e9\loch\f39 \hich\f39  \'ec
+\'e5\'f0\'e5\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ef\'e5\'f0\'e2\'ee\'e5\loch\f39 \hich\f39  \'e2\'f0\'e5\'ec\'ff\loch\f39 \hich\f39 . \'cc\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'f3\'e4\'e0\'eb\'e8\'f2\'fc
+\loch\f39 \hich\f39  \'e2\'f2\'ee\'f0\'f3\'fe\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'f7\'ea\'f3\loch\f39 \hich\f39 , \'ee\'ed\'e0\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ee\'e1\'ff\'e7\'e0\'f2\'e5\'eb\'fc\'ed\'e0\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  \'ed\'e0\'f7\'e0\'eb\'e5\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'fb\'eb\'ee\loch\f39 \hich\f39  \'e1\'fb\loch\f39 
+\hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'ef\'ee\'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'f7\'ea\'f3\loch\f39 \hich\f39  service, \'e4\'eb\'ff\loch\f39 \hich\f39  \'f2\'ee\'e3\'ee\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb
+\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\'e0\'eb\'f1\'ff\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'ea\'e0\'ea\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'e0\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  
+\'ed\'e5\loch\f39 \hich\f39  \'ee\'f2\'e4\'e5\'eb\'fc\'ed\'fb\'ec\loch\f39 \hich\f39  \'ef\'f0\'e8\'eb\'ee\'e6\'e5\'ed\'e8\'e5\'ec\loch\f39 \hich\f39 . \'c2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 
+\hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ef\'f0\'e5\'e4\'e2\'e0\'f0\'e8\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'f3\'f1\'f2\'e0\'ed\'ee\'e2\'e8\'f2\'fc\loch\f39 
+\hich\f39  \'ea\'e0\'ea\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'f3\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'ee\'e9\loch\f39  3proxy --install. 
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'ee\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f1\'ef\'e5\'f8\'e8\'f2\'e5\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e4\'e5\'eb\'e0\'f2\'fc\loch\f39 \hich\f39 ! \'c4\'e5\'eb\'ee\loch\f39 
+\hich\f39  \'e2\loch\f39 \hich\f39  \'f2\'ee\'ec\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'f3\'f7\'e8\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f9\'e5\'ed\loch\f39 \hich\f39  \'ef\'f0\'e8\'eb\'ee\'e6\'e5\'ed\'e8\'e5\'ec\loch\f39 
+\hich\f39 , 3proxy \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'f1\'f0\'e0\'e7\'f3\loch\f39 \hich\f39  \'e2\'fb\'e4\'e0\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'fd\'ea\'f0\'e0\'ed\loch\f39 \hich\f39  \'f1\'ee\'ee\'e1\'f9\'e5\'ed
+\'e8\'ff\loch\f39 \hich\f39  \'ee\'e1\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'ee\'e1\'f0\'e0\'e1\'e0\'f2\'fb\'e2\'e0\'e5\'ec\'fb\'f5\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'ee\'f1\'e0\'f5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ee\'f8\'e8\'e1
+\'ea\'e0\'f5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e2\'e0\'ec\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ef\'f0\'e8\'e4\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f1\'ec\'ee\'f2\'f0\'e5\'f2\'fc\loch\f39 \hich\f39  \'f2\'e5\'ea\'f1\'f2\'ee\'e2
+\'fb\'e5\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\loch\f39 \hich\f39 . \'cf\'f0\'e8\'f7\'e5\'ec\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ee\'f1\'ee\'e1\'e5\'ed\'ed\'ee\loch\f39 \hich\f39  \'f0\'e0\'e4\'f3\'e5\'f2\loch\f39 \hich\f39 , \'f1
+\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'ed\'e8\'e5\'ec\loch\f39 \hich\f39  \'ea\'ee\'e4\'e0\loch\f39 \hich\f39  \'ee\'f8\'e8\'e1\'ea\'e8\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ed\'ee\'ec\'e5\'f0\'e0\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'e8
+\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39 , \'e3\'e4\'e5\loch\f39 \hich\f39  \'fd\'f2\'e0\loch\f39 \hich\f39  \'ee\'f8\'e8\'e1\'ea\'e0\loch\f39 \hich\f39  \'ef\'f0\'e8\'f1\'f3\'f2\'f1\'f2\'e2\'f3\'e5\'f2
+\loch\f39 \hich\f39 . \'c0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'f2\'e0\'e4\'e8\'e8\loch\f39 \hich\f39  \'ee\'e1\'f3\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  \'ee\'f7\'e5\'ed\'fc\loch\f39 \hich\f39  \'ef
+\'ee\'ec\'ee\'e3\'e0\'e5\'f2\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'e0\loch\f39 \hich\f39 , \'e8\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'ee\'e4\'ed\'ee\loch\f39 \hich\f39  \'e2\'e0\'e6\'ed\'ee\'e5\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0
+\loch\af39\dbch\af31505\hich\f39 \'ed\'e8\'e5\loch\f39 \hich\f39  \'ed\'e0\'f1\'f7\'e5\'f2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  - \'ed\'e8\'ea\'e0\'ea\'e8\'f5\loch\f39 \hich\f39  \'eb\'e8\'f8\'ed\'e8\'f5\loch\f39 \hich\f39 
+ \'ef\'f0\'ee\'e1\'e5\'eb\'ee\'e2\loch\f39 \hich\f39 , \'f2\'e0\'e1\'f3\'eb\'ff\'f6\'e8\'e9\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f2.\'ef\loch\f39 \hich\f39 . \'e7\'ed\'e0\'ea\'ee\'e2\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f7\'e0
+\'eb\'e5\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'e8\loch\f39 \hich\f39 , \'e8\'ed\'e0\'f7\'e5\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'e0\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'f1
+\'f7\'e8\'f2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'e7\'e0\'ea\'ee\'ec\'e5\'ed\'f2\'e8\'f0\'ee\'e2\'e0\'ed\'ed\'ee\'e9\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e7\'ed\'e0\'f7\'e8\'f2\loch\f39 \hich\f39 , \'ed\'e5\loch\f39 \hich\f39  \'e1\'f3\'e4
+\'e5\'f2\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e1\'e0\'f2\'fb\'e2\'e0\'f2\'fc\'f1\'ff\loch\f39 . 
+\par 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'ce\'ef\'e8\'f8\'e5\'ec\loch\f39 \hich\f39  \'ef\'f0\'e5\'e4\'ef\'ee\'eb\'e0\'e3\'e0\'e5\'ec\'f3\'fe\loch\f39 \hich\f39  \'f1\'e8\'f2\'f3\'e0\'f6\'e8\'fe\loch\f39 \hich\f39 . \'cd\'e0\'e4\'ee\loch\f39 \hich\f39  "\'ef\'f3
+\'f1\'f2\'e8\'f2\'fc\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed\'e5\'f2\loch\f39 \hich\f39 " \'ed\'e0\loch\f39 \hich\f39  3 \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e0\loch\f39 \hich\f39  \'f1\hich\af39\dbch\af31505\loch\f39 \hich\f39  IP \'e0\'e4\'f0\'e5
+\'f1\'e0\'ec\'e8\loch\f39 \hich\f39  192.168.0.2,192.168.0.3,192.168.0.4, \'e2\loch\f39 \hich\f39  \'ea\'e0\'f7\'e5\'f1\'f2\'e2\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'e2\'fb\'f1\'f2\'f3\'ef\'e0
+\'e5\'f2\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'e4\'e2\'f3\'ec\'ff\loch\f39 \hich\f39  \'f1\'e5\'f2\'e5\'e2\'fb\'ec\'e8\loch\f39 \hich\f39  \'ea\'e0\'f0\'f2\'e0\'ec\'e8\loch\f39 \hich\f39 , 
+\'e2\'ed\'f3\'f2\'f0\'e5\'ed\'ed\'e8\'ec\loch\f39 \hich\f39  IP-\'e0\'e4\'f0\'e5\'f1\'ee\'ec\loch\f39 \hich\f39  192.168.0.1 \'e8\loch\f39 \hich\f39  "\'e2\'ed\'e5\'f8\'ed\'e8\'ec\loch\f39 \hich\f39 ", \'f2\'ee\loch\f39 \hich\f39  \'e5\'f1\'f2\'fc
+\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'ed\'fb\'ec\loch\f39 \hich\f39  \'ee\'f2\loch\f39 \hich\f39  \'ef\'f0\'ee\'e2\'e0\'e9\'e4\'e5\'f0\'e0\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\'ee\'ec\loch\f39 \hich\f39  211.80.11.12. \'ce\'f2\loch\f39 
+\hich\f39  \'ef\'f0\'ee\'e2\'e0\'e9\'e4\'e5\'f0\'e0\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'fb\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\loch\af39\dbch\af31505\hich\f39 \'e0\hich\af39\dbch\af31505\loch\f39 \hich\f39 
+ DNS-\'f1\'e5\'f0\'e2\'e5\'f0\'ee\'e2\loch\f39 \hich\f39 : 213.153.100.1 \'e8\loch\f39  213.153.101.1. 
+\par \loch\af39\dbch\af31505\hich\f39 \'d3\loch\f39 \hich\f39  \'ef\'f0\'ee\'e2\'e0\'e9\'e4\'e5\'f0\'e0\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e5\'ed\loch\f39 \hich\f39  SMTP-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39  smtp.provider.ru. 
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'e0\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e5\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\'e0\'ec\'e8\loch\f39 \hich\f39  192.168.0.2-192.168.0.4 \'f0\'e0\'e1\'ee\'f2\'e0\'fe
+\'f2\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e8\loch\f39 \hich\f39  \'c8\'e2\'e0\'ed\'ee\'e2\loch\f39 \hich\f39 , \'cf\'e5\'f2\'f0\'ee\'e2\loch\f39 \hich\f39 , \'d1\'e8\'e4\'ee\'f0\'ee\'e2\loch\f39 \hich\f39  \'f1\'ee\'ee\'f2\'e2
+\'e5\'f2\'f1\'f2\'e2\'e5\'ed\'ed\'ee\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'cf\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 \hich\f39  \'f3\'f1\'f2\'e0\'ed\'ee\'e2\'e8\'ec\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'e0\'ef\'ea\'f3\loch\f39  c:\\\hich\f39 3proxy, \'f5
+\loch\af39\dbch\af31505\hich\f39 \'ee\'f2\'ff\loch\f39 \hich\f39  \'f3\'f1\'f2\'e0\'ed\'ee\'e2\'e8\'ec\loch\f39 \hich\f39  - \'fd\'f2\'ee\loch\f39 \hich\f39  \'e3\'f0\'ee\'ec\'ea\'ee\loch\f39 \hich\f39  \'f1\'ea\'e0\'e7\'e0\'ed\'ee\loch\f39 \hich\f39 , 
+\'e4\'eb\'ff\loch\f39 \hich\f39  \'ed\'e0\'f7\'e0\'eb\'e0\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'f2\'ee\loch\f39 \hich\f39  \'f0\'e0\'f1\'ef\'e0\'ea\'ee\'e2\'e0\'f2\'fc\loch\f39 
+\hich\f39  \'e8\'e7\loch\f39 \hich\f39  zip-\'e0\'f0\'f5\'e8\'e2\'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'ed\'ed\'f3\'fe\loch\f39 \hich\f39  \'ef\'e0\'ef\'ea\'f3\loch\f39 \hich\f39 , \'ef\'f3\'f1\'f2\'fc\loch\f39 \hich\f39  \'fd
+\'f2\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39  c:\\\hich\f39 3proxy (\'ef\'f0\'ee\loch\f39 \hich\f39  \'e8\'ed\'f1\'f2\'e0\'eb\'eb\'ff\'f6\'e8\'fe\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39  \'e1\'fb\'eb\'ee\loch\f39 
+\hich\f39  \'f1\'ea\'e0\'e7\'e0\'ed\'ee\loch\f39 \hich\f39  \'e2\'fb\'f8\'e5\loch\f39 ). 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\'e4\'ee\'e2\'e0\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'e7\'e0\'e9\'ec\'e5\'ec\'f1\'ff\loch\f39 \hich\f39  \'e4\'e0\'eb\'fc\'ed\'e5\'e9\'f8\'e8\'ec
+\loch\f39 \hich\f39  \'f3\'eb\'f3\'f7\'f8\'e5\'ed\'e8\'e5\'ec\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'e3\'ee\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0\'f2\'e5\'eb\'fc\'ed\'ee\'e3\'ee\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'ea\'ee\'ed\'f4\'e8\'e3\'e0
+\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'eb\'ff\loch\f39 \hich\f39  \'ed\'e0\'f7\'e0\'eb\'e0\loch\f39 \hich\f39  \'f3\'ea\'e0\'e6\'e5\'ec\loch\f39 \hich\f39  \'e2\'ed\'f3\'f2\'f0\'e5\'ed\'ed\'e8\'e9\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 internal 192.168.0.1 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'e2\'fb\loch\f39 \hich\f39  \'e2\'e5\'e4\'fc\loch\f39 \hich\f39  \'ef\'ee\'ed\'e8\'ec\'e0\'e5\'f2\'e5\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e7\'e4\'e5\'f1\'fc\loch\f39 \hich\f39  \'e4\'ee\'eb
+\'e6\'e5\'ed\loch\f39 \hich\f39  \'f1\'f2\'ee\'ff\'f2\'fc\loch\f39 \hich\f39  IP \'f1\'e5\'f2\'e5\'e2\'ee\'e9\loch\f39 \hich\f39  \'ea\'e0\'f0\'f2\'fb\loch\f39 \hich\f39  \'c2\'c0\'d8\'c5\'c3\'ce\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 
+\hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39 , \'ed\'e0\'f1\'f2\'f0\'ee\'e5\'ed\'ed\'ee\'e9\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'eb\'ee\'ea\'e0\'eb\'fc\'ed\'f3\'fe\loch\f39 \hich\f39  \'f1\'e5\'f2\'fc\loch\f39 \hich\f39 . \'dd
+\'f2\'e0\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'e5\'f2\loch\f39 \hich\f39  \'e8\'ec\'e5\'ed\'ed\'ee\loch\f39 \hich\f39  \'f2\'ee\'f2\loch\f39 \hich\f39  IP \'e0\'e4\'f0\'e5\'f1\loch\f39 \hich\f39  \'e2
+\loch\f39 \hich\f39  \'eb\'ee\'ea\'e0\'eb\'fc\'ed\'ee\'e9\loch\f39 \hich\f39  \'f1\'e5\'f2\'e8\loch\f39 \hich\f39 , \'ea\loch\f39 \hich\f39  \'ea\'ee\'f2\'ee\'f0\'ee\'ec\'f3\loch\f39 \hich\f39  \'e1\'f3\'e4\'f3\'f2\loch\f39 \hich\f39  \'ee
+\loch\af39\dbch\af31505\hich\f39 \'e1\'f0\'e0\'f9\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\'fb\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ea\'ee\'f2\'ee\'f0\'fb\'e9\loch\f39 \hich\f39 , \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2
+\'e5\'ed\'ed\'ee\loch\f39 \hich\f39 , \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ef\'f0\'ee\'ef\'e8\'f1\'e0\'ed\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e1\'f0\'e0\'f3\'e7\'e5\'f0\'e0\'f5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'e0\'f7\'e5
+\'f1\'f2\'e2\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39  
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'e8\loch\f39 \hich\f39  \'e2\'ed\'e5\'f8\'ed\'e8\'e9\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9\'f1\'fb\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0
+\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 external 211.80.11.12
+\par }\pard \ltrpar\ql \fi-360\li360\ri0\nowidctlpar\tx360\wrapdefault\hyphpar0\faauto\rin0\lin360\itap0 {\rtlch\fcs1 \af1\afs18 \ltrch\fcs0 \f1\fs18\kerning1\insrsid11355186\charrsid3764488 -\tab }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e0\loch\f39 \hich\f39  \'fd\'f2\'ee\'f2\loch\f39 \hich\f39  IP \'e0\'e4\'f0\'e5\'f1\loch\f39 \hich\f39  \'e2\'fb\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'ed\'fb\loch\f39 \hich\f39  \'e1
+\'fb\'eb\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e8\'f2\'fc\loch\f39 \hich\f39  \'ee\'f2\loch\f39 \hich\f39  \'ef\'f0\'ee\'e2\'e0\'e9\'e4\'e5\'f0\'e0\loch\f39 \hich\f39 , \'ea\'e0\'ea\loch\f39 \hich\f39  \'ef\'f0\'e0\'e2\'e8\'eb\'ee\loch\f39 
+\hich\f39 , \'e2\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'e2\'fb\'e4\'e5\'eb\'e5\'ed\'ed\'ee\'e9\loch\f39 \hich\f39  \'eb\loch\af39\dbch\af31505\hich\f39 \'e8\'ed\'e8\'e8\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  \'f2
+\'e0\'ea\loch\f39 \hich\f39  \'ed\'e0\'e7\'fb\'e2\'e0\'e5\'ec\'fb\'e9\loch\f39 \hich\f39  "\'f0\'e5\'e0\'eb\'fc\'ed\'fb\'e9\loch\f39 \hich\f39 " IP, \'ea\'ee\'f2\'ee\'f0\'fb\'e9\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'e5\'ed\loch\f39 \hich\f39  \'e1\'fb\'f2
+\'fc\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e5\'ed\loch\f39 \hich\f39  \'e8\'e7\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed\'e5\'f2\'e0\loch\f39 \hich\f39  (\'f5\'ee\'f2\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  \'ed\'e5\loch\f39 
+\hich\f39  \'ee\'e1\'ff\'e7\'e0\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 ).
+\par }{\rtlch\fcs1 \af1\afs18 \ltrch\fcs0 \f1\fs18\kerning1\insrsid11355186\charrsid3764488 -\tab }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e6\'e5\loch\f39 
+\hich\f39  \'f3\loch\f39 \hich\f39  \'e2\'e0\'f1\loch\f39 \hich\f39  \'ea\'ee\'ec\'ec\'f3\'f2\'e8\'f0\'f3\'e5\'ec\'fb\'e9\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39 : dial-up \'e8\'eb\'e8\loch\f39 \hich\f39  vpn \'e8\loch\f39 
+\hich\f39  \'e2\'e0\'f8\loch\f39 \hich\f39  \'e2\'ed\'e5\'f8\'ed\'e8\'e9\loch\f39 \hich\f39  IP \'f0\'e5\'e3\'f3\'eb\'ff\'f0\'ed\'ee\loch\f39 \hich\f39  \'ec\'e5\'ed\'ff\'e5\'f2\'f1\'ff\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39   \'e5\'f1\'f2\'fc
+\loch\f39 \hich\f39  2 \'f1\'ef\'ee\'f1\'ee\'e1\'e0\loch\f39 \hich\f39  \'f0\'e5\'f8\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'f0\'ee\'e1\'eb\'e5\'ec\'fb\loch\f39 \hich\f39 . \'cf\'e5\'f0\'e2\'fb\'e9\loch\f39  \hich\f39 \emdash \loch\f39 \hich\f39  \'ed
+\'e0\'ef\'e8\'f1\'e0\'f2\'fc\loch\f39 \hich\f39  \'f1\'ea\loch\af39\dbch\af31505\hich\f39 \'f0\'e8\'ef\'f2\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'fb\'e9\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'e4\'f1\'f2\'e0\'e2\'eb\'ff
+\'f2\'fc\loch\f39 \hich\f39  \'e2\'ed\'e5\'f8\'ed\'e8\'e9\loch\f39 \hich\f39  IP \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  include \'eb\'e8\'e1\'ee\loch\f39 \hich\f39  $ (\'fd\'f2\'ee\loch\f39 \hich\f39  \'ec\'fb\loch\f39 \hich\f39  \'ee\'e1\'f1\'f3\'e4
+\'e8\'ec\loch\f39 \hich\f39  \'ef\'ee\'e7\'e6\'e5\loch\f39 \hich\f39 ). \'c2\'f2\'ee\'f0\'ee\'e9\loch\f39  \hich\f39 \emdash \loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39  
+
+\par }{\rtlch\fcs1 \af1\afs18 \ltrch\fcs0 \f1\fs18\kerning1\insrsid11355186\charrsid3764488 -\tab }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 external 0.0.0.0
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'e5\'ee\'e1\'f5\'ee\'e4\'e8\'ec\'ee\'e5\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  - \'ea\'ee\'ec\'e0\'ed\'e4\'e0\'ec\'e8\loch\f39 \hich\f39  external \'e8\loch\f39 \hich\f39 
+ internal \'ec\'fb\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'e5\'ec\loch\f39 \hich\f39  \'e2\'ed\'f3\'f2\'f0\'e5\'ed\'ed\'e8\'e5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e2\'ed\'e5\'f8\'ed\'e8\'e5\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9\'f1
+\'fb\loch\f39 \hich\f39 , \'f2\'e0\'ea\loch\f39 \hich\f39  \'f1\'ea\'e0\'e7\'e0\'f2\'fc\loch\f39 \hich\f39 , \'e3\'eb\'ee\'e1\'e0\'eb\'fc\loch\af39\dbch\af31505\hich\f39 \'ed\'ee\loch\f39 \hich\f39 , \'ed\'e0\loch\f39 \hich\f39  \'e2\'e5\'f1\'fc\loch\f39 
+\hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39 . \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e5\'f1\'f2\'fc\loch\f39 
+\hich\f39  \'ed\'e5\'ee\'e1\'f5\'ee\'e4\'e8\'ec\'ee\'f1\'f2\'fc\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ee\'f2\'e4\'e5\'eb\'fc\'ed\'fb\'f5\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'e2\'e0\'f2\'fc
+\loch\f39 \hich\f39  \'f1\'e2\'ee\'e8\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9\'f1\'fb\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'f1\'e4\'e5\'eb\'e0\'f2\'fc
+\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ef\'ee\'ec\'ee\'f9\'fc\'fe\loch\f39 \hich\f39  \'ef\'e0\'f0\'e0\'ec\'e5\'f2\'f0\'ee\'e2\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39  -e \'e8\loch\f39 \hich\f39  -i, \'ed\'e0\'ef\'f0\'e8
+\'ec\'e5\'f0\loch\f39 \hich\f39 , \'e0\'ed\'e0\'eb\'ee\'e3\'ee\'ec\loch\f39 \hich\f39  \'f1\'ee\'e2\'ee\'ea\'f3\'ef\'ed\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\loch\f39  
+\par 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 internal 192.168.0.1 
+\par \hich\af39\dbch\af31505\loch\f39 external 211.80.11.12
+\par \hich\af39\dbch\af31505\loch\f39 proxy 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e1\'f3\'e4\'e5\'f2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ea\'ee\'ec\'e0\'ed\'e4\'e0}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 proxy -i192.168.0.1 -e211.80.11.12
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f3\'f1\'ea\'ee\'f0\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'f0\'ee
+\'f6\'e5\'f1\'f1\'e0\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e8\'ec\'e5\'ed\loch\f39 \hich\f39  \'f5\'ee\'f1\'f2\'ee\'e2\loch\f39 \hich\f39  \'f3\'ea\'e0\'e6\'e5\'ec\loch\f39 \hich\f39  DNS-\'f1\'e5\'f0\'e2\'e5
+\'f0\'e0\loch\f39 \hich\f39  - \'eb\'f3\'f7\'f8\'e5\loch\f39 \hich\f39  \'e2\'f1\'e5\'e3\'ee\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'f2\'fc\loch\f39 \hich\f39  DNS-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'e2\'e0\'f8\'e5\'e3\'ee\loch\f39 
+\hich\f39  \'ef\'f0\'ee\'e2\'e0\'e9\'e4\'e5\'f0\'e0\loch\f39 \hich\f39  - \'e8\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'f2\'e8\'ec\loch\f39 \hich\f39  \'ea\'fd\'f8\'e8\'f0\'ee\'e2\'e0\'ed\'e8\'e5\loch\f39  DNS: 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.100.1
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.101.1
+\par \hich\af39\dbch\af31505\loch\f39 nsc\hich\af39\dbch\af31505\loch\f39 ache 65536
+\par \loch\af39\dbch\af31505\hich\f39 \'e3\'e4\'e5\loch\f39 \hich\f39  \'e2\'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  65536 \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'e1\'fb\'f2\'fc\loch\f39 \hich\f39  \'eb\'fe\'e1\'ee\'e5\loch\f39 \hich\f39 , \'e6\'e5\'eb\'e0
+\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'ef\'f0\'e5\'e4\'f1\'f2\'e0\'e2\'eb\'ff\'fe\'f9\'e5\'e5\loch\f39 \hich\f39  \'f1\'f2\'e5\'ef\'e5\'ed\'fc\loch\f39 \hich\f39  \'f7\'e8\'f1\'eb\'e0\loch\f39 \hich\f39  2 \'e8\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2
+\'e0\'f2\'ee\'f7\'ed\'ee\loch\f39 \hich\f39  \'e1\'ee\'eb\'fc\'f8\'ee\'e5\loch\f39 \hich\f39 . \'ca\'f1\'f2\'e0\'f2\'e8\loch\f39 \hich\f39 , \'ee\'f2\loch\f39 \hich\f39  \'e7\'ed\'e0\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  nscache \'ed\'e0\'ef\'f0\'ff\'ec
+\'f3\'fe\loch\f39 \hich\f39  \'e7\'e0\'e2\'e8\'f1\'e8\'f2\loch\f39 \hich\f39  \'ea\'ee\'eb\'e8\'f7\'e5\'f1\'f2\'e2\'ee\loch\f39 \hich\f39  \'ee\'ef\'e5\'f0\'e0\'f2\'e8\'e2\'ed\'ee\'e9\loch\f39 \hich\f39  \'ef\'e0\'ec\'ff\'f2\'e8\loch\f39 \hich\f39 , \'e7
+\'e0\'ed\'e8\'ec\'e0\'e5\'ec\'ee\'e9\loch\f39 \hich\f39  3proxy. \'c8\'f2\'e0\'ea\loch\f39 \hich\f39 , \'ed\'e0\loch\f39 \hich\f39  \'e4\'e0\'ed\'ed\'ee\'ec\loch\f39 \hich\f39  \'fd\'f2\'e0\'ef\'e5\loch\f39 \hich\f39  \'ed\'e0\'f8\loch\f39 \hich\f39  \'ea
+\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'e2\'fb\'e3\'eb\'ff\'e4\'e8\'f2\loch\f39 \hich\f39  \'f1\'eb\'e5\'e4\'f3\'fe\'f9\'e8\'ec\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e7\'ee\'ec\loch\f39 \hich\f39  (\'e2\'e5\'f0\'f1\'e8\'ff
+\loch\f39  1): 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 internal 192.168.0.1 
+\par \hich\af39\dbch\af31505\loch\f39 external 211.80.11.12
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.100.1
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.101.1
+\par \hich\af39\dbch\af31505\loch\f39 nscache 65536
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 log
+\par \hich\af39\dbch\af31505\loch\f39 auth none 
+\par \hich\af39\dbch\af31505\loch\f39 proxy 
+\par \loch\af39\dbch\af31505\hich\f39 \'ca\'e0\'e6\'e5\'f2\'f1\'ff\loch\f39 \hich\f39 , \'ed\'e0\'ec\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f5\'e2\'e0\'f2\'e0\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'eb\'ed\'ee\'f6\'e5
+\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\'f0\'ee\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'ee\'e2\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ee\'f8\'e8\'e1\'ee\'ea\loch\f39 
+\hich\f39 , \'e2\'e5\'e4\'fc\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'fd\'ea\'f0\'e0\'ed\'e5\loch\f39 \hich\f39  \'eb\'ee\'e3\loch\f39 \hich\f39  \'ee\'f7\'e5\'ed\'fc\loch\f39 \hich\f39  \'e1\'fb\'f1\'f2\'f0\'ee\loch\f39  
+\loch\af39\dbch\af31505\hich\f39 \'ef\'f0\'ee\'eb\'e5\'f2\'e0\'e5\'f2\loch\f39 \hich\f39 ! \'cf\'ee\'ec\'e5\'ed\'ff\'e5\'ec\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39 \hich\f39  log \'ed\'e0\loch\f39 \hich\f39  \'e1\'ee\'eb\'e5\'e5
+\loch\f39 \hich\f39  \'f0\'e0\'f1\'f8\'e8\'f0\'e5\'ed\'ed\'f3\'fe\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 log c:\\3proxy\\logs\\3proxy.log D
+\par \loch\af39\dbch\af31505\hich\f39 \'d2\'e0\'ea\'e8\'ec\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e7\'ee\'ec\loch\f39 \hich\f39 , \'ec\'fb\loch\f39 \hich\f39  \'e4\'e0\'e5\'ec\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39 \hich\f39  \'f1\'ee\'f5\'f0
+\'e0\'ed\'ff\'f2\'fc\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'e0\'ef\'ea\'e5\loch\f39  c:\\3proxy\\\hich\f39 logs \'e8\loch\f39 \hich\f39  \'ea\'e0\'e6\'e4\'fb\'e9\loch\f39 \hich\f39  \'e4\'e5\'ed\'fc
+\loch\f39 \hich\f39  \'ed\'e0\'f7\'e8\'ed\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'ee\'e2\'fb\'e9\loch\f39 \hich\f39  \'eb\'ee\'e3\loch\f39 \hich\f39  (\'ee\'ef\'f6\'e8\'ff\loch\f39 \hich\f39  D). \'c5\'f9\'e5\loch\f39 \hich\f39  \'f0\'e0\'e7\loch\f39 
+\hich\f39  \'ed\'e0\'ef\'ee\'ec\'ed\'fe\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'f2\'e0\'e4\'e8\'e8\loch\f39 \hich\f39  \'f2\'e5\'f1\'f2\'e8\'f0\'ee\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'eb\'f3\'f7\'f8
+\'e5\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'e6\'e5\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'f1\'e4\'e5\'eb\'e0\'f2\'fc\loch\f39 \hich\f39  \'e2\'fb\'e2\'ee\'e4\loch\f39 \hich\f39  \'eb\'ee\'e3\'ee\'e2\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'fd\'ea\'f0\'e0\'ed\loch\f39 \hich\f39  - \'f2\'e0\'ea\loch\f39 \hich\f39  \'f3\'e4\'ee\'e1\'ed\'e5\'e5\loch\f39 \hich\f39  \'e8\'f1\'ea\'e0\'f2\'fc\loch\f39 \hich\f39  \'ee\'f8\'e8\'e1\'ea\'e8\loch\f39 \hich\f39 . \'c8\loch\f39 
+\hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'e4\'ee\'e1\'e0\'e2\'e8\'ec\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 rotate 30
+\par \loch\af39\dbch\af31505\hich\f39 \'e4\'eb\'ff\loch\f39 \hich\f39  \'f2\'ee\'e3\'ee\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'e0\'ef\'ea\'e5\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'eb\'ee\'e3\'e0
+\'ec\'e8\loch\f39 \hich\f39  \'f1\'ee\'f5\'f0\'e0\'ed\'ff\'eb\'e8\'f1\'fc\loch\f39 \hich\f39  \'eb\'e8\'f8\'fc\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\'e4\'ed\'e8\'e5\loch\f39 \hich\f39  30 \'f4\'e0\'e9\'eb\'ee\'e2\loch\f39 \hich\f39 , \'e0\loch\f39 
+\hich\f39  \'f2\'ee\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\loch\f39 \hich\f39  \'f2\'e0\'ea\loch\f39 \hich\f39  \'e1\'fb\'f1\'f2\'f0\'ee\loch\f39 \hich\f39  \'f0\'e0\'f1\'f2\'f3\'f2\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'e4\'e8\'f1\'ea\loch\f39 
+\hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f0\'e5\'e7\'e8\'ed\'ee\'e2\'fb\'e9\loch\f39 ! 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'f1\'ef\'ee\'ec\'e8\'ed\'e0\'e5\'ec\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  3proxy \'ef\'ee\'e7\'e2\'ee\'eb\'ff\'e5\'f2\loch\f39 \hich\f39  \'ed\'e0\'ec\loch\f39 \hich\f39  \'e2\'e8\'e4
+\loch\af39\dbch\af31505\hich\f39 \'ee\'e8\'e7\'ec\'e5\'ed\'e8\'f2\'fc\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\loch\f39 \hich\f39  \'eb\'ee\'e3\'ee\'e2\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 
+\hich\f39  \'e1\'fb\'eb\'ee\loch\f39 \hich\f39  \'e8\'f5\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e1\'e0\'f2\'fb\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'eb\'fe\'e1\'fb\'ec\loch\f39 \hich\f39  \'eb\'ee\'e3-\'e0\'ed\'e0\'eb\'e8\'e7\'e0\'f2\'ee\'f0\'ee\'ec
+\loch\f39 \hich\f39 . \'ca\'f1\'f2\'e0\'f2\'e8\loch\f39 \hich\f39 , \'ec\'ee\'e3\'f3\loch\f39 \hich\f39  \'ef\'ee\'f1\'ee\'e2\'e5\'f2\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'f1\'ea\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'f1
+\'e0\'e9\'f2\'e0\loch\f39 \hich\f39  www.wrspy.ru \'e4\'ee\'e2\'ee\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'ef\'f0\'e8\'eb\'e8\'f7\'ed\'fb\'e9\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'f1\'e5\'e9\'f7\'e0\'f1\loch\f39 
+\hich\f39  \'ed\'e5\'ec\'e0\'eb\'ee\'e2\'e0\'e6\'ed\'ee\loch\f39 \hich\f39 , \'e1\'e5\'f1\'ef\'eb\'e0\'f2\'ed\'fb\'e9\loch\f39 \hich\f39  \'eb\'ee\'e3-\'e0\'ed\'e0\'eb\'e8\'e7\'e0\'f2\'ee\'f0\loch\f39 \hich\f39  Wrspy \'ed\'e0\'f8\'e5\'e3\'ee\loch\f39 
+\hich\f39  \'ee\'f2\'e5\'f7\'e5\'f1\'f2\'e2\'e5\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'e3\'f0\'e0\'ec\'ec\'e8\'f1\'f2\'e0\loch\f39 \hich\f39 . \'d2\'e5\'ec\loch\f39 \hich\f39  \'e1\loch\af39\dbch\af31505\hich\f39 \'ee
+\loch\af39\dbch\af31505\hich\f39 \'eb\'e5\'e5\loch\f39 \hich\f39  \'f7\'f2\'ee\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\loch\f39 \hich\f39  \'e0\'ed\'e0\'eb\'e8\'e7\'e0\'f2\'ee\'f0\'e0\loch\f39 \hich\f39  \'eb\'fe\'e1\'e5\'e7\'ed\'ee\loch\f39 \hich\f39  
+\'ef\'ee\'f8\'e5\'eb\loch\f39 \hich\f39  \'ed\'e0\'e2\'f1\'f2\'f0\'e5\'f7\'f3\loch\f39 \hich\f39  \'ec\'ee\'e5\'e9\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'fc\'e1\'e5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ed\'e0\'f7\'e8\'ed\'e0\'ff\loch\f39 
+\hich\f39  \'f1\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'e8\loch\f39 \hich\f39  1.65 \'ef\'ee\'ff\'e2\'e8\'eb\'e0\'f1\'fc\loch\f39 \hich\f39 , \'ed\'e0\'ea\'ee\'ed\'e5\'f6\loch\f39 \hich\f39 , \'f2\'e0\'ea\loch\f39 \hich\f39  \'f1\'ea\'e0\'e7\'e0\'f2\'fc
+\loch\f39 \hich\f39 , \'ee\'ef\'f2\'e8\'ec\'e8\'e7\'e8\'f0\'ee\'e2\'e0\'ed\'ed\'e0\'ff\loch\f39 \hich\f39  \'ef\'ee\'e4\'e4\'e5\'f0\'e6\'ea\'e0\loch\f39 \hich\f39  3proxy - \'e8\'ec\'e5\'ed\'ed\'ee\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'eb
+\'ee\'e3\'ee\'e2\loch\f39 \hich\f39  \'ef\'f0\'e8\'e2\'e5\'e4\'e5\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'ed\'e8\'e6\'e5\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\'e0\loch\f39 :
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 logformat "L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" %E %I\hich\af39\dbch\af31505\loch\f39  %O %N/%R:%r"
+
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'f0\'e8\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e8\'ec\'e5\'f2\'fc\loch\f39 \hich\f39  
+\'e2\loch\f39 \hich\f39  \'e2\'e8\'e4\'f3\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e4\'e0\'ed\'ed\'fb\'e9\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\'f2
+\'fc\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'e5\'e9\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39  0.6.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'f3\'f2\loch\f39 \hich\f39  \'e2\'e8\'e4\loch\f39 : 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 192.168.0.4 - ivanov - [02/Jun/2006:11:13:56 +0500] 
+\par \hich\af39\dbch\af31505\loch\f39 "GET http://svalka.biz/uploads/posts/1147559374_00.jpg HTTP/1.0" 000 17\hich\af39\dbch\af31505\loch\f39 497 457 PROXY/http://svalka.biz:3128 
+\par 
+\par }\pard \ltrpar\ql \fi-360\li360\ri0\nowidctlpar\tx360\wrapdefault\hyphpar0\faauto\rin0\lin360\itap0 {\rtlch\fcs1 \af1\afs18 \ltrch\fcs0 \f1\fs18\kerning1\insrsid11355186\charrsid3764488 -\tab }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e3\'e4\'e5\loch\f39 \hich\f39  \'e8\'e4\'f3\'f2\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'ef\'ee\'f0\'ff\'e4\'ea\'f3\loch\f39 \hich\f39 : IP \'f0\'e0\'e1\'ee\'f7\'e5\'e9
+\loch\f39 \hich\f39  \'f1\'f2\'e0\'ed\'f6\'e8\'e8\loch\f39 \hich\f39  - \'e8\'ec\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39  - \'f7\'e8\'f1\'eb\'ee\loch\f39 \hich\f39 , \'ec\'e5\'f1\'ff\'f6\loch\f39 
+\hich\f39 , \'e3\'ee\'e4\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e2\'f0\'e5\'ec\'ff\loch\f39 \hich\f39  - \'e2\'e8\'e4\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'ee\'f1\'e0\loch\f39 \hich\f39  - URL - \'ed\'ee\'ec\'e5\'f0\loch\f39 \hich\f39  \'ee\'f8
+\'e8\'e1\'ea\'e8\loch\f39 \hich\f39  (\'e5\'f1\'eb\'e8\loch\f39 \hich\f39  000 - \'e7\'ed\'e0\'f7\'e8\'f2\loch\f39 \hich\f39 , \'ee\'f8\'e8\'e1\'ee\'ea\loch\f39 \hich\f39  \'ed\'e5\'f2\loch\f39 \hich\f39 ) - \'ef\'f0\'e8\'ed\'ff\'f2\'ee\loch\f39 
+\hich\f39  \'e1\'e0\'e9\'f2\loch\f39 \hich\f39  - \'ee\'f2\'ef\'f0\'e0\'e2\'eb\'e5\'ed\'ee\loch\f39 \hich\f39  \'e1\'e0\'e9\'f2\loch\f39 \hich\f39  - \'f1\'e5\'f0\'e2\'e8\'f1\loch\f39 \hich\f39  - \'f5\'ee\'f1\'f2\loch\f39 \hich\f39  - \'ef\'ee\'f0\'f2
+\loch\f39 \hich\f39 , \'ef\'ee\loch\f39 \hich\f39  \'ea\loch\af39\dbch\af31505\hich\f39 \'ee\'f2\'ee\'f0\'ee\'ec\'f3\loch\f39 \hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\loch\f39 \hich\f39  \'f1\'e2\'ff\'e7\'e0\'eb\'f1\'ff\loch\f39 \hich\f39  \'f1\loch\f39 
+\hich\f39  \'f1\'e5\'f0\'e2\'e8\'f1\'ee\'ec.
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cd\'e5\'ec\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'e7\'e0\'e1\'e5
+\'e3\'e0\'ff\loch\f39 \hich\f39  \'e2\'ef\'e5\'f0\'e5\'e4\loch\f39 \hich\f39 , \'f1\'ea\'e0\'e6\'f3\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\'f0\'ee\'e2\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  3proxy \'ef
+\'ee\'e7\'e2\'ee\'eb\'ff\'e5\'f2\loch\f39 \hich\f39  \'f3\'e4\'ee\'e2\'eb\'e5\'f2\'e2\'ee\'f0\'ff\'f2\'fc\loch\f39 \hich\f39  \'e4\'ee\'e2\'ee\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'f0\'e0\'e7\'ed\'ee\'ee\'e1\'f0\'e0\'e7\'ed\'fb\'e5\loch\f39 \hich\f39  
+\'e7\'e0\'ef\'f0\'ee\'f1\'fb\loch\f39 \hich\f39 , , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 \hich\f39 , \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e2\'e5\'f1\'f2\'e8\loch\f39 \hich\f39  \'ee\'f2\'e4\'e5\'eb\'fc\'ed\'fb\'e5\loch\f39 
+\hich\f39  \'eb\'ee\'e3\'e8\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\loch\f39 \hich\f39  \'e8\'eb\'e8\loch\f39 \hich\f39  \'ee\'f2\'e4\'e5\'eb\'fc\'ed\'fb\'e5\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\loch\f39 \hich\f39  \'e4
+\'eb\'ff\loch\f39 \hich\f39  \'ee\'e4\'ed\'ee\'e9\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'f0\'e0\'e7\'ed\'fb\'ec\'e8\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\'e0\'ec\'e8.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'f3\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ed\'e0\'ea\'ee\'ed\'e5\'f6\loch\f39 \hich\f39 , \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e2\'fb\loch\f39 \hich\f39  \'f5\'ee\'f2\'e8\'f2\'e5\loch\f39 \hich\f39  \'e5
+\'f9\'e5\loch\f39 \hich\f39  \'e1\'ee\'eb\'fc\'f8\'e5\loch\f39 \hich\f39  \'f1\'fd\'ea\'ee\'ed\'ee\'ec\'e8\'f2\'fc\loch\f39 \hich\f39  \'ec\'e5\'f1\'f2\'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e4\'e8\'f1\'ea\'e5\loch\f39 \hich\f39  \'ef\'ee
+\'e4\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'e8\'f5\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e0\'f0\'f5\'e8\'e2\'e8\'f0\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39 
+ \'ef\'ee\'ec\'ee\'f9\'fc\'fe\loch\f39 \hich\f39  \'eb\'fe\'e1\'ee\'e3\'ee\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'e0\'f0\'f5\'e8\'e2\'e0\'f2\'ee\'f0\'e0\loch\f39 \hich\f39 , \'ed\'e0\'ef\'f0\'e8\'ec\'e5\'f0
+\loch\f39 \hich\f39 , \'e2\'ee\'f2\loch\f39 \hich\f39  \'f2\'e0\'ea\loch\f39 : 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 archiver }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \hich\af39\dbch\af31505\loch\f39 rar \loch\af39\dbch\af31505\hich\f39 \'93\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "c:\\Program Files\\WinRAR\\rar.exe}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 
+\loch\af39\dbch\af31505\hich\f39 \'94\loch\af39\dbch\af31505\hich\f39 \'94\hich\af39\dbch\af31505\loch\f39 " }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\hich\af39\dbch\af31505\loch\f39 a -df -inul %A %F
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 (\'ef\'ee\'e4\'f1\'ea\'e0\'e7\'ea\'f3\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ee\'ef\'f6\'e8\'e9\loch\f39 \hich\f39  \'ea
+\'ee\'ec\'e0\'ed\'e4\'ed\'ee\loch\af39\dbch\af31505\hich\f39 \'e9\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'e8\loch\f39 \hich\f39  WinRAR \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'ed\'e0\'e9\'f2\'e8\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e5\'e3
+\'ee\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  Help'\'e5\loch\f39 ) 
+\par \loch\af39\dbch\af31505\hich\f39 \'ce\'e1\'f0\'e0\'f2\'e8\'f2\'e5\loch\f39 \hich\f39  \'e2\'ed\'e8\'ec\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f2\'ee\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ef\'f3\'f2\'fc
+\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'f3\loch\f39 \hich\f39  \'e7\'e0\'ea\'eb\'fe\'f7\'e5\'ed\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'ea\'ee\'e1\'ea\'e8\loch\f39 \hich\f39 . \'dd\'f2\'ee\loch\f39 \hich\f39  \'f1\'e2
+\'ff\'e7\'e0\'ed\'ee\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ed\'e0\'eb\'e8\'f7\'e8\'e5\'ec\loch\f39 \hich\f39  \'ef\'f0\'ee\'e1\'e5\'eb\'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'f3\'f2\'e8\loch\f39 \hich\f39 . \'c0\'ed\'e0\'eb\'ee\'e3
+\'e8\'f7\'ed\'ee\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e7\'e0\'ea\'eb\'fe\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'e0\'e2\'fb\'f7\'ea\'e8\loch\f39 \hich\f39  \'eb\'fe\'e1\'fb\'e5\loch\f39 \hich\f39  \'ef\'f3
+\'f2\'e8\loch\f39 \hich\f39  Windows, \'f1\'ee\'e4\'e5\'f0\'e6\'e0\'f9\'e8\'e5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'e5\'e1\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee\'e1\'e5\'eb\'fb\loch\f39 \hich\f39  \'eb\'e8\'e1\'ee\loch\f39  $.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'cc\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'f1\'ee\'e1\'e8\'f0\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'e4\loch\af39\dbch\af31505\hich\f39 \'e2\'e8\'ed\'f3\'f2\'f3\'fe\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'fe
+\loch\f39 \hich\f39  (\'e2\'e5\'f0\'f1\'e8\'ff\loch\f39 \hich\f39  2) \'ed\'e0\'f8\'e5\'e3\'ee\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 : 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 internal 192.168.0.1 
+\par \hich\af39\dbch\af31505\loch\f39 external 211.80.11.12
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.100.1
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.101.1
+\par \hich\af39\dbch\af31505\loch\f39 nscache 65536
+\par \hich\af39\dbch\af31505\loch\f39 logformat "L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" %E %I %O %N/%R:%r"
+\par \hich\af39\dbch\af31505\loch\f39 log c:\\3proxy\\logs\\3proxy.log D
+\par \hich\af39\dbch\af31505\loch\f39 rotate 30
+\par \hich\af39\dbch\af31505\loch\f39 archiver }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \hich\af39\dbch\af31505\loch\f39 rar \loch\af39\dbch\af31505\hich\f39 \'93\loch\af39\dbch\af31505\hich\f39 
+\'94}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "c:\\Program Files\\WinRAR\\rar.exe}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \loch\af39\dbch\af31505\hich\f39 \'94\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "\hich\af39\dbch\af31505\loch\f39  a -df -inul %A %F
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 auth none 
+\par \hich\af39\dbch\af31505\loch\f39 proxy -t
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c7\'e0\'ef\'f3\'f1\'ea\'e0\'e5\'ec\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ee\'ef\'f6\'e8\'e5\'e9\loch\f39 \hich\f39  -t , \'ea\'ee\'f2\'ee\'f0\'e0\'ff\loch\f39 
+\hich\f39  \'ef\'ee\'e7\'e2\'ee\'eb\'ff\'e5\'f2\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e2\'fb\'e2\'ee\'e4\'e8\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'eb\'ee\'e3\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e5\'e1\'ed\'fb\'e5\loch\f39 
+\hich\f39  \'f1\'ee\'ee\'e1\'f9\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ee\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\'e5\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\loch\f39 \hich\f39 . \'dd\'f2\'ee\loch\f39 \hich\f39  \'ef\'f0\'e8\'e3\'ee\'e4\'e8\'f2\'f1
+\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e4\'e0\'eb\'fc\'ed\'e5\'e9\'f8\'e5\'ec\loch\f39 \hich\f39 , \'ea\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e1\'e0
+\'f2\'fb\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\loch\f39 \hich\f39  \'ea\loch\af39\dbch\af31505\hich\f39 \'e0\'ea\'e8\'ec-\'ed\'e8\'e1\'f3\'e4\'fc\loch\f39 \hich\f39  \'e0\'ed\'e0\'eb\'e8\'e7\'e0\'f2\'ee\'f0\'ee\'ec.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'f1\'e5\loch\f39 \hich\f39  \'eb\'f3\'f7\'f8\'e5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'eb\'f3\'f7\'f8\'e5\loch\f39 \hich\f39 ! \'cf\'f0\'ee\'e4\'ee\'eb\'e6\'e0\'e5\'ec\loch\f39 \hich\f39 . \'cf\'ee\'e4\'f3
+\'ec\'e0\'e5\'ec\loch\f39 \hich\f39  \'ee\loch\f39 \hich\f39  \'f2\'ee\'ec\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39  \'ec\'ed\'ee\'e3\'ee\loch\f39 \hich\f39 , \'e0
+\loch\f39 \hich\f39  \'ea\'e0\'ed\'e0\'eb\loch\f39 \hich\f39 , \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39 , \'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ee\'f7\'e5\'ed\'fc\loch\f39 \hich\f39  \'f2\'ee\'eb\'f1\'f2\'fb\'e9\loch\f39 \hich\f39 , \'f5
+\'ee\'f0\'ee\'f8\'ee\loch\f39 \hich\f39 , \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'f5\'ee\'f2\'ff\loch\f39 \hich\f39  \'e1\'fb\loch\f39 \hich\f39  128 \'ea\'e1\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e4\'e8\'e0
+\'eb\'e0\'ef\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  33.6? \'cd\'e0\'f7\'e8\'ed\'e0\'e5\'ec\loch\f39 \hich\f39  \'f0\'e5\'e7\'e0\'f2\'fc\loch\f39 \hich\f39 , \'f2\'ee\'e2\'e0\'f0\'e8\'f9\'e8\loch\f39 ! 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 240000 * 192.168.0.2,192.168.0\hich\af39\dbch\af31505\loch\f39 .3
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'f0\'e0\'e7\'f0\'e5\'f8\'e0\'e5\'ec\loch\f39 \hich\f39  \'ea\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e0\'ec\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  IP-\'e0\'e4\'f0
+\'e5\'f1\'e0\'ec\'e8\loch\f39 \hich\f39  192.168.0.2 \'e8\loch\f39 \hich\f39  192.168.0.3 \'f1\'ee\loch\f39 \hich\f39  \'f1\'ea\'ee\'f0\'ee\'f1\'f2\'fc\'fe\loch\f39 \hich\f39  24 \'ea\'e1\'e8\'f2\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'e5\'ea
+\'f3\'ed\'e4\'f3\loch\f39 \hich\f39 , \'ef\'f0\'e8\'f7\'e5\'ec\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  24 \'ea\'e1\'e8\'f2\loch\f39 \hich\f39  \'ef\'f0\'e8\'f5\'ee\'e4\'ff\'f2\'f1\'ff\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'ea\'e0\'e6\'e4\'fb\'e9\loch\f39 \hich\f39  \'e8\'e7\loch\f39 \hich\f39  \'fd\'f2\'e8\'f5\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'ee\'e2\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  
+\'ee\'e1\'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'ee\'e2\'ee\'ea\'f3\'ef\'ed\'ee\'f1\'f2\'e8\loch\f39 \hich\f39 , \'f2.\'e5\loch\f39 \hich\f39 . \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'ee\'e1\'e0\loch\f39 \hich\f39  \'e1\'f3\'e4\'f3\'f2
+\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 \hich\f39 , \'ea\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'ee\'e4\'ed\'ee\'e2\'f0\'e5\'ec\'e5\'ed\'ed\'ee\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'fb\loch\f39 \hich\f39  \'f1
+\loch\f39 \hich\f39  \'e4\'ee\loch\af39\dbch\af31505\hich\f39 \'f1\'f2\'e0\'f2\'ee\'f7\'ed\'ee\loch\f39 \hich\f39  \'e1\'fb\'f1\'f2\'f0\'fb\'f5\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'ee\'e2\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'ea\'e0\'e6\'e4
+\'ee\'ec\'f3\loch\f39 \hich\f39  \'ef\'f0\'e8\'e4\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  12 \'ea\'e1\'e8\'f2\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'e5\'ea\'f3\'ed\'e4\'f3
+\loch\f39 \hich\f39  (\'e7\'e0\'ec\'e5\'f2\'fc\'f2\'e5\loch\f39 \hich\f39 , \'ea\'e8\'eb\'ee\'e1\'e8\'f2\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ea\'e8\'eb\'ee\'e1\'e0\'e9\'f2\loch\f39 \hich\f39 , \'e5\'f1\'eb\'e8
+\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'f1\'f7\'e8\'f2\'e0\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'e8\'eb\'ee\'e1\'e0\'e9\'f2\'fb\loch\f39 \hich\f39 , \'f0\'e0\'e7\'e4\'e5\'eb\'e8\'f2\'e5\loch\f39 
+\hich\f39  \'f7\'e8\'f1\'eb\'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39  8) 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 48000 * 192.168.0.4
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'e0\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\'f3\loch\f39 \hich\f39  \'f1\'f7\'e0\'f1\'f2\'eb\'e8\'e2\'f7\'e8\'ea\'f3\loch\f39 \hich\f39  \'e5\'e4\'e8\'ed\'ee\'eb\'e8\'f7\'ed\'ee\loch\f39 \hich\f39  \'f1\'ea\'ee
+\'f0\'ee\'f1\'f2\'fc\loch\f39 \hich\f39  48 \'ea\'e1\'e8\'f2\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'e5\'ea\'f3\'ed\'e4\loch\af39\dbch\af31505\hich\f39 \'f3\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 bandlimout 24000 *
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'e8\'f1\'f5\'ee\'e4\'ff\'f9\'f3\'fe\loch\f39 \hich\f39  \'f1\'ea\'ee\'f0\'ee\'f1\'f2\'fc\loch\f39 \hich\f39  \'f2\'ee\'e6\'e5\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e8\'ec\loch\f39 \hich\f39  \'e2
+\'f1\'e5\'ec\loch\f39 \hich\f39  \'e4\'ee\loch\f39 \hich\f39  24 \'ea\'e8\'eb\'ee\'e1\'e8\'f2\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'e5\'ea\'f3\'ed\'e4\'f3\loch\f39 \hich\f39  (\'f1\'e5\'e9\'f7\'e0\'f1\loch\f39 \hich\f39  \'fd\'f2\'e0
+\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\'e5\'f2\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'e8\loch\f39 \hich\f39  devel 0.6) \'cd
+\'f3\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ed\'e0\'ea\'ee\'ed\'e5\'f6\loch\f39 \hich\f39 , \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e2\'fb\loch\f39 \hich\f39  \'f5\'ee\'f2\'e8\'f2\'e5\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  
+\'fd\'f2\'e8\loch\f39 \hich\f39  \'e6\'e5\'f1\'f2\'ea\'e8\'e5\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ea\'e0\'f1\'e0\'eb\'e8\'f1\'fc\loch\f39 \hich\f39 , \'ea\loch\f39 \hich\f39  
+\'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 \hich\f39 , \'f1\'ea\'e0\'f7\'e8\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'f1\'ed\'e8\'ec\'e8\'f2\'e5\hich\af39\dbch\af31505\loch\f39 \hich\f39  
+\'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\loch\f39  110: 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 nobandlimin * * * 110
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e7\'e0\'e1\'f3\'e4\'fc\'f2\'e5\loch\f39 \hich\f39  \'ef\'ee\'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'fd\'f2\'f3\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4
+\'f3\loch\f39 \hich\f39  \'cf\'c5\'d0\'c5\'c4\loch\f39 \hich\f39  \'ef\'f0\'ee\'f7\'e8\'ec\'e8\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\'ec\'e8\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'f1\'ea\'ee\'f0
+\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  - \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e1\'e0\'f2\'fb\'e2\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\'e4\'ee\'e2\'e0\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'e4\'ee
+\loch\f39 \hich\f39  \'ef\'e5\'f0\'e2\'ee\'e3\'ee\loch\f39 \hich\f39  \'f3\'e4\'ee\'e2\'eb\'e5\'f2\'e2\'ee\'f0\'ff\'fe\'f9\'e5\'e3\'ee\loch\f39 \hich\f39  \'f3\'f1\'eb\'ee\'e2\'e8\'ff\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'ea\'ee\'f0\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  \'f1\'ea\'e0\'f7\'e8\'e2\'e0\'ed\'e8\'ff-\'e7\'e0\'ea\'e0\'f7\'e8\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'ec\'fb\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  
+\'e7\'e0\'e4\'e0\'eb\'e8\hich\af39\dbch\af31505\loch\f39 \hich\f39 , \'ef\'f0\'ee\'e4\'ee\'eb\'e6\'e0\'e5\'ec\loch\f39 \hich\f39  \'e7\'e0\'ea\'f0\'f3\'f7\'e8\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'e3\'e0\'e9\'ea\'e8\loch\f39 \hich\f39 . \'c2\loch\f39 
+\hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'ed\'e0\'ec\loch\f39 \hich\f39  \'ef\'ee\'ec\'ee\'e3\'f3\'f2\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'fb\loch\f39 \hich\f39  deny \'e8\loch\f39  allow 
+\par \hich\af39\dbch\af31505\loch\f39 deny * 192.168.200.4 * 110 * 1-5 18:00:00-23:59:59,00:00:00-08:00:00
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'e7\'e0\'ef\'f0\'e5\'f9\'e0\'e5\'ec\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fe
+\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  IP .4 \'e2\loch\f39 \hich\f39  \'ed\'e5\'f0\'e0\'e1\'ee\'f7\'e5\'e5\loch\f39 \hich\f39  \'e2\'f0\'e5\'ec\'ff\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'ed\'ff\'ec\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.200.4 * * * 1-5 09:00:00-18:00:00
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'f0\'e0\'e7\'f0\'e5\'f8\'e0\'e5\'ec\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2
+\'e0\'f2\'e5\'eb\'fe\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  IP .4 \'e8\'f1\'ea\'eb\'fe\'f7\'e8\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ef\'ee\'ed\'e5\'e4\'e5\'eb\'fc\'ed\'e8\'ea\'e0\loch\f39 \hich\f39  \'ef\'ee
+\loch\f39 \hich\f39  \'ef\'ff\'f2\'ed\'e8\'f6\'f3\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  9 \'f7\'e0\'f1\'ee\'e2\loch\f39 \hich\f39  \'f3\'f2\'f0\'e0\loch\f39 \hich\f39  \'e4\'ee\loch\f39 \hich\f39  6 \'e2\'e5\'f7\'e5\'f0\'e0\loch\f39 \hich\f39 , 
+\'ed\'ee\loch\f39 \hich\f39  \'e7\'e0\'f2\'ee\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e5\'ed\'fb\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'ee\'f1\'fb\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'eb\'fe\'e1\'fb\'e5\loch\f39 \hich\f39  \'ef\'ee\'f0
+\'f2\'fb\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'e5\'f1\'f2\'fc\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  FTP-\'f1\'e5\'f0\'e2\'e5\'f0\'ee\'e2\loch\f39 \hich\f39  \'ea\'e0
+\'f7\'e0\'f2\'fc\loch\f39 \hich\f39 , \'e8\loch\f39  HTTP\hich\af39\dbch\af31505\loch\f39 \hich\f39 S, \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'ca\'f1\'f2\'e0\'f2\'e8\loch\f39 \hich\f39 , \'e4\'eb\'ff\loch\f39 \hich\f39  \'f2\'ee\'e3\'ee\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e8\'f2\'fc\loch\f39 \hich\f39  \'e4\'ee
+\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  FTP \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'e1\'f0\'e0\'f3\'e7\'e5\'f0\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'f3\'fe\'f9\'e5\'ec\loch\f39 
+\hich\f39  \'ee\'ea\'ed\'e5\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e5\'ea\loch\f39 \hich\f39  \'e1\'f0\'e0\'f3\'e7\'e5\'f0\'e0\loch\f39 \hich\f39  (\'ef\'e0\'f0\'e0\'ec\'e5\'f2\'f0\'fb\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2
+\'e5\'f0\'e0\loch\f39 \hich\f39 ) \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'ef\'ee\'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'e3\'e0\'eb\'ee\'f7\'ea\'f3\loch\f39 \hich\f39  \'ed\'e0\'ef\'f0\'ee\'f2\'e8\'e2\loch\f39 \hich\f39  FTP \'e8\loch\f39 
+\hich\f39  \'ef\'ee\'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  IP \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'fb\'e9\loch\f39 
+\hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  HTTP (\'e2\loch\f39 \hich\f39  \'ed\'e0\loch\af39\dbch\af31505\hich\f39 \'f8\'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3
+\'f7\'e0\'e5\loch\f39 \hich\f39  3128), \'e0\loch\f39 \hich\f39  \'e2\'ee\'e2\'f1\'e5\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  21, \'ea\'e0\'ea\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'fb\'eb\'ee\loch\f39 \hich\f39  \'ef
+\'ee\'e4\'f3\'ec\'e0\'f2\'fc\loch\f39 \hich\f39 . \'c8\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'ee\'e4\'ed\'ee\loch\f39 \hich\f39  \'e3\'f0\'f3\'f1\'f2\'ed\'ee\'e5\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0\'ed\'e8\'e5\loch\f39 \hich\f39 
+. \'d2\'e5\'ea\'f3\'f9\'e0\'ff\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'ff\loch\f39 \hich\f39  \'e1\'f0\'e0\'f3\'e7\'e5\'f0\'e0\loch\f39 \hich\f39  Opera \'ef\'ee\'e4\loch\f39 \hich\f39  \'ed\'ee\'ec\'e5\'f0\'ee\'ec\loch\f39 \hich\f39  9 \'ed\'e5\'ea\'ee
+\'f0\'f0\'e5\'ea\'f2\'ed\'ee\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\'e5\'f2\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'f4\'f2\'ef-\'f1\'e5\'f0\'e2\'e5\'f0\'e0
+\'ec\'e8\loch\f39 \hich\f39 , \'f2\'f0\'e5\'e1\'f3\'fe\'f9\'e8\'ec\'e8\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'fe\loch\f39 \hich\f39 , \'f2\'e0\'ea\loch\f39 \hich\f39  \'f7\'f2\'ee\loch\f39 \hich\f39  \'eb\'e8\'e1\'ee\loch\f39 
+\hich\f39  \'ef\'f0\'e8\'e4\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'e2\'e5\'f0\'ed\'f3\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'e8\loch\f39 \hich\f39  8, \'eb\'e8\'e1\loch\af39\dbch\af31505\hich\f39 \'ee
+\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  IE \'e8\'eb\'e8\loch\f39  FireFox. 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3 * 80,443 * 1-7 00:00:00-23:59:59
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'e0\loch\f39 \hich\f39  \'e7\'e4\'e5\'f1\'fc\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e0\'e5\'ec\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  WEB-\'f1\'e5\'f0\'f4\'e8\'ed\'e3\loch\f39 
+\hich\f39 , \'e7\'e0\'f2\'ee\loch\f39 \hich\f39  \'ea\'f0\'f3\'e3\'eb\'ee\'f1\'f3\'f2\'ee\'f7\'ed\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'eb\'fe\'e1\'ee\'e9\loch\f39 \hich\f39  \'e4\'e5\'ed\'fc\loch\f39 \hich\f39  \'ed\'e5\'e4\'e5\'eb\'e8
+\loch\f39  
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'ca\'f1\'f2\'e0\'f2\'e8\loch\f39 \hich\f39  \'e2\'f1\'ef\'ee\'ec\'e8\'ed\'e0\'e5\'ec\loch\f39 \hich\f39  (\'e2\'fb\loch\f39 \hich\f39  \'e2\'e5\'e4\'fc\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  \'ec\'e5\'e4\'e8
+\'f2\'e8\'f0\'ee\'e2\'e0\'eb\'e8\loch\f39 \hich\f39  \'ed\'e0\'e4\loch\f39 \hich\f39  man, FAQ \'e8\loch\f39 \hich\f39  HowTO, \'ed\'e5\loch\f39 \hich\f39  \'ef\'f0\'e0\'e2\'e4\'e0\loch\f39 \hich\f39  \'eb\'e8\hich\af39\dbch\af31505\loch\f39 \hich\f39 
+?), \'f7\'f2\'ee\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 auth none
+\par \loch\af39\dbch\af31505\hich\f39 \'f1\'ee\'e1\'f1\'f2\'e2\'e5\'ed\'ed\'ee\loch\f39 \hich\f39  \'ed\'e8\'ea\'e0\'ea\'f3\'fe\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'fe\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e4\'e0\'e5\'f2
+\loch\f39 \hich\f39 , \'f2.\'ea\loch\f39 \hich\f39 . \'ee\'f2\'ea\'eb\'fe\'f7\'e0\'e5\'f2\loch\f39 \hich\f39  \'eb\'fe\'e1\'f3\'fe\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'fe\loch\f39 \hich\f39  \'f1\'ee\'e2\'f1\'e5\'ec\loch\f39 
+\hich\f39  \'e8\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'fb\loch\f39 \hich\f39  allow \'e8\loch\f39 \hich\f39  deny \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'ed\'e5\'e5\loch\f39 \hich\f39  \'f2\'e5\'f0\'ff\'fe\'f2\loch\f39 \hich\f39  \'e2\'f1\'ff
+\'ea\'e8\'e9\loch\f39 \hich\f39  \'f1\'ec\'fb\'f1\'eb\loch\f39 \hich\f39 . \'cf\'ee\'f0\'e0\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'e9\'f2\'e8\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f7\'f2\'ee-\'ed\'e8\'e1\'f3\'e4\'fc\loch\f39 \hich\f39  \'e1
+\'ee\'eb\'e5\'e5\loch\f39 \hich\f39  \'ef\'ee\'e4\'f5\'ee\'e4\'ff\'f9\'e5\'e5\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  \'e0\'e2\'f2
+\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'ff\loch\f39 \hich\f39  \'ef\'ee\loch\f39  IP: 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39  
+\par \hich\af39\dbch\af31505\loch\f39 auth ip\hich\af39\dbch\af31505\loch\f39 only
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'ed\'ee\'e2\'e0\loch\f39 \hich\f39  \'f1\'ee\'e1\'e8\'f0\'e0\'e5\'ec\loch\f39 \hich\f39  \'ee\'f7\'e5\'f0\'e5\'e4\'ed\'f3\'fe\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'fe\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3
+\'e0\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'f3\'f7\'e5\'f2\'ee\'ec\loch\f39 \hich\f39  \'e2\'fb\'f8\'e5\'ed\'e0\'ef\'e8\'f1\'e0\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  (\'e2\'e5\'f0\'f1\'e8\'ff\loch\f39  3): 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 internal 192.168.0.1 
+\par \hich\af39\dbch\af31505\loch\f39 external 211.80.11.12
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.100.1
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.101.1
+\par \hich\af39\dbch\af31505\loch\f39 nscache 65536
+\par \hich\af39\dbch\af31505\loch\f39 logformat "L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" %E %I %O %N/%R:%r"
+\par \hich\af39\dbch\af31505\loch\f39 l\hich\af39\dbch\af31505\loch\f39 og c:\\3proxy\\logs\\3proxy.log D
+\par \hich\af39\dbch\af31505\loch\f39 rotate 30
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0\pararsid3764488 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 
+archiver }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \hich\af39\dbch\af31505\loch\f39 rar \loch\af39\dbch\af31505\hich\f39 \'93\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 
+\ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "c:\\Program Files\\WinRAR\\rar.exe}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \loch\af39\dbch\af31505\hich\f39 \'94\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "\hich\af39\dbch\af31505\loch\f39  a -df -inul %A %F
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 
+nobandlimin * * * 110
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 24000 * 192.168.0.2,192.168.0.3
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 48000 * 192.168.0.4
+\par \hich\af39\dbch\af31505\loch\f39 bandlimout 24000 *
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly 
+\par \hich\af39\dbch\af31505\loch\f39 deny * 192.168.200.4 * 110 * 1-5 18:00:00-23:59:59,00:00:00-08:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.200.4 * * * 1-5 09:00:00-18:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3 * 80,443 * 1-7 00:00:00-23:59:59
+\par \hich\af39\dbch\af31505\loch\f39 deny *
+\par \hich\af39\dbch\af31505\loch\f39 proxy -t
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39  ACL (access client list \hich\f39 \emdash \loch\f39 \hich\f39  \'f1\'ef\'e8\'f1
+\'ee\'ea\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39  \'ea\'eb\'e8\loch\af39\dbch\af31505\hich\f39 \'e5\'ed\'f2\'ee\'e2\loch\f39 \hich\f39 ), \'f2.\'e5\loch\f39 \hich\f39 . \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  allow \'e8\loch\f39 
+\hich\f39  deny \'e4\'ee\'e1\'e0\'e2\'e8\'eb\'e8\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'ee\'e4\'e8\'ed\loch\f39 \hich\f39  deny * - \'fd\'f2\'ee\loch\f39 \hich\f39  \'ef\'ee\'e7\'e2\'ee\'eb\'e8\'f2\loch\f39 \hich\f39  \'e8\'e7\'e1\'e0\'e2
+\'e8\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'ee\'f2\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\'e5\'e4\'eb\'e8\'e2\'fb\'f5\loch\f39 \hich\f39  \'ee\'ea\'ee\'ed\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'ee\'f1\'e0\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\'ed\'e0\loch\f39 
+\hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'e0\'f0\'ee\'eb\'ff\loch\f39 \hich\f39 , \'e2\'fb\'f1\'ea\'e0\'ea\'e8\'e2\'e0\'fe\'f9\'e8\'f5\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'ef\'ee\'ef\'fb\'f2\'ea\'e5\loch\f39 \hich\f39  \'e7\'e0\'e3\'f0
+\'f3\'e7\'ea\'e5\loch\f39 \hich\f39  \'ea\'e0\'ea\'ee\'e3\'ee-\'ed\'e8\'e1\'f3\'e4\'fc\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'e5\'f9\'e5\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39  \'f0
+\'e5\'f1\'f3\'f0\'f1\'e0.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'cf\'f0\'ee\'e4\'ee\'eb\'e6\'e8\'ec\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\loch\f39 \hich\f39  \'f3\'e2\'eb\'e5\'ea\'e0\'f2\'e5\'eb\'fc\'ed\'ee\'e5\loch\f39 \hich\f39  \'e7\'e0\'ed\'ff\'f2\'e8\'e5\loch\f39 \hich\f39 . \'d3
+\'f7\'e5\'f2\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ea\'ee\loch\af39\dbch\af31505\hich\f39 \'ed\'f2\'f0\'ee\'eb\'fc\loch\f39 \hich\f39  - \'e2\'ee\'f2\loch\f39 \hich\f39  \'ee\'e4\'e8\'ed\loch\f39 \hich\f39  \'e8\'e7\loch\f39 \hich\f39  \'ee\'f1
+\'ed\'ee\'e2\'ed\'fb\'f5\loch\f39 \hich\f39  \'ed\'e0\'f8\'e8\'f5\loch\f39 \hich\f39  \'ef\'f0\'e8\'ed\'f6\'e8\'ef\'ee\'e2\loch\f39 \hich\f39 . \'c0\loch\f39 \hich\f39  \'ea\'e0\'ea\'ee\'e9\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'f3\'f7\'e5\'f2
+\loch\f39 \hich\f39  \'e1\'e5\'e7\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2\'f7\'e8\'ea\'ee\'e2\loch\f39 \hich\f39 ? \'ce\'ed\'e8\loch\f39 \hich\f39  \'ee\'ef\'f0\'e5\'e4\'e5\'eb\'ff\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\'ec\'e8
+\loch\f39 \hich\f39  counter, countin \'e8\loch\f39  nocountin. 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 counter "c:\\3proxy\\3proxy.3cf"
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'fd\'f2\'e8\'ec\loch\f39 \hich\f39  \'ec\'fb\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'e5\'ec\loch\f39 \hich\f39 , \'e3\'e4\'e5\loch\f39 
+\hich\f39  \'f3\loch\f39 \hich\f39  \'ed\'e0\'f1\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'f5\'f0\'e0\'ed\'e8\'f2\'fc\loch\f39 \hich\f39  \'ee\'e1\'f9\'e8\'e9\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  \'f5\'f0\'e0\'ed
+\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2\'f7\'e8\'ea\'ee\'e2\loch\f39 \hich\f39 . \'ce\'ed\loch\f39 \hich\f39  \'ef\'f0\loch\af39\dbch\af31505\hich\f39 \'e5\'e4\'f1\'f2
+\'e0\'e2\'eb\'ff\'e5\'f2\loch\f39 \hich\f39  \'f1\'ee\'e1\'ee\'e9\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e4\'e2\'ee\'e8\'f7\'ed\'ee\'ec\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\'e5\loch\f39 \hich\f39 , \'ef
+\'f0\'e8\'f7\'e5\'ec\loch\f39 \hich\f39  \'ee\'ed\loch\f39 \hich\f39  \'e2\'f1\'e5\'e3\'e4\'e0\loch\f39 \hich\f39  \'ee\'e4\'e8\'ed\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'dd\'f2\'f3\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'fb\'eb\'ee\loch\f39 \hich\f39  \'e1\'fb\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'f2\'fc
+\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\'e5\loch\f39  
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 counter "c:\\3proxy\\3proxy.3cf" D "C:\\3proxy\\traf\\traf"
+\par }\pard \ltrpar\ql \fi-360\li360\ri0\nowidctlpar\tx360\wrapdefault\hyphpar0\faauto\rin0\lin360\itap0 {\rtlch\fcs1 \af1\afs18 \ltrch\fcs0 \f1\fs18\kerning1\insrsid11355186\charrsid3764488 -\tab }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'f2\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'ea\'e0\'e6\'e4\'fb\'e9\loch\f39 \hich\f39  \'e4\'e5\'ed\'fc\loch\f39 \hich\f39  (\'f7\'e0\'f1\'f2\'ee\'f2\'e0\loch\f39 \hich\f39  \'e7\'e0\'e4
+\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e4\'e0\'ed\'ed\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ef\'e0\'f0\'e0\'ec\'e5\'f2\'f0\'ee\'ec\loch\f39 \hich\f39  D(\'e5\'e6\'e5\'e4\'ed\'e5\'e2\'ed\'ee
+\loch\f39 \hich\f39 ) - \'ed\loch\af39\dbch\af31505\hich\f39 \'e0\loch\f39 \hich\f39  \'ec\'e5\'f1\'f2\'e5\loch\f39 \hich\f39  D \'ec\'ee\'e3\'eb\'e8\loch\f39 \hich\f39  \'e1\'fb\'f2\'fc\loch\f39 \hich\f39  W(\'e5\'e6\'e5\'ed\'e5\'e4\'e5\'eb\'fc\'ed\'ee
+\loch\f39 \hich\f39 ), M(\'e5\'e6\'e5\'ec\'e5\'f1\'ff\'f7\'ed\'ee\loch\f39 \hich\f39 ) \'e8\'eb\'e8\loch\f39 \hich\f39  H(\'e5\'e6\'e5\'f7\'e0\'f1\'ed\'ee\loch\f39 \hich\f39 )) \'e2\loch\f39 \hich\f39  \'ef\'e0\'ef\'ea\'e5\loch\f39  C:\\3proxy\\traf\\
+\hich\f39 traf \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e3\'e5\'ed\'e5\'f0\'e8\'f0\'ee\'e2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  \'ee\'f2\'f7\'e5\'f2\'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f2\'e5\'ea
+\'f1\'f2\'ee\'e2\'ee\'ec\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\'e5\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'fb\'e9\loch\f39 \hich\f39  \'ef\'ee\'e7\'e2\'ee\'eb\'e8\'f2\loch\f39 \hich\f39  \'ed\'e0\'ec\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 
+\hich\f39  \'ed\'e5\'ee\'e1\'f5\'ee\'e4\'e8\'ec\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  \'ef\'ee\'f1\'ec\'ee\'f2\'f0\'e5\'f2\'fc\loch\f39 \hich\f39  \'f1\'f2\'e0\'f2\'e8\'f1\'f2\'e8\'ea\'f3\loch\f39 \hich\f39  \'e7\'e0\loch\f39 \hich\f39  \'eb\'fe\'e1\'ee\'e9
+\loch\f39 \hich\f39  \'e4\'e5\'ed\'fc\loch\f39 \hich\f39 . \'cf\'ee\'f1\'ec\'ee\'f2\'f0\'e8\'f2\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e0\'e5\'ec\'fb\'e5\loch\f39 \hich\f39  \'ee\'f2\'f7\'e5\'f2\'fb\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'e2
+\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'e1\'eb\'ee\'ea\'ed\'ee\'f2\'e5\loch\f39 \hich\f39 , \'f2\'e0\'ec\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'ef\'ee\'ed\'ff\'f2\'ed\'ee.
+\par }\pard \ltrpar\ql \li360\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin360\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d3\'f7\'f2\'e8\'f2\'e5\loch\f39 \hich\f39 , \'f7\'f2\'ee
+\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  \'ee\'f2\'f7\'e5\'f2\'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  
+\'e3\'e5\'ed\'e5\'f0\'e8\'f0\'ee\'e2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f6\'e5\loch\f39 \hich\f39  \'f1\'f3\'f2\'ee\'ea\loch\f39 \hich\f39 , \'ed\'e5\loch\f39 \hich\f39  \'f1\'f2\'ee\'e8\'f2\loch\f39 \hich\f39  
+\'e6\'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\'ff\'e2\'eb\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'f1\'f0\'e0\'e7\'f3\loch\f39 . 
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 countin "1/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\loch\af39\dbch\af31505\hich\f39 \'c8\'e2\'e0\'ed\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 50 * 192.168.0.2 * * *
+\par \hich\af39\dbch\af31505\loch\f39 countin "2/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'e5\'f2\'f0\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 80 * 192.168.0.3 * * *
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 countin "3/\'d1\'e8\'e4\'ee\'f0\'ee\'e2\hich\af39\dbch\af31505\loch\f39 " M 30 * 192.168.0.4 * * *
+\par }\pard \ltrpar\ql \fi-360\li360\ri0\nowidctlpar\tx360\wrapdefault\hyphpar0\faauto\rin0\lin360\itap0 {\rtlch\fcs1 \af1\afs18 \ltrch\fcs0 \f1\fs18\kerning1\insrsid11355186\charrsid3764488 -\tab }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e0\loch\f39 \hich\f39  \'fd\'f2\'e8\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'fb\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'fe\'f2\loch\f39 \hich\f39  \'f0\'e0\'e7\'ed\'fb\'e5\loch\f39 
+\hich\f39  \'ec\'e5\'f1\'ff\'f7\'ed\'fb\'e5\loch\f39 \hich\f39  (M) \'eb\'e8\'ec\'e8\'f2\'fb\loch\f39 \hich\f39  \'e2\'f5\'ee\'e4\'ff\'f9\'e5\'e3\'ee\loch\f39 \hich\f39  (\'f1\'f7\'e5\'f2\'f7\'e8\'ea\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e8
+\'f1\'f5\'ee\'e4\'ff\'f9\'e8\'e9\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39 , \'ea\'f1\'f2\'e0\'f2\'e8\loch\f39 \hich\f39 , \'e0\'e2\'f2\'ee\'f0\loch\f39 \hich\f39  \'ef\'f0\'ee\'e3\'f0\'e0\'ec\'ec\'fb\loch\f39 \hich\f39  \'f2\'ee\'e6
+\'e5\loch\f39 \hich\f39  \'ee\'e1\'e5\'f9\'e0\'e5\'f2\loch\f39 \hich\f39  \'f1\'e4\'e5\'eb\'e0\'f2\'fc\loch\f39 \hich\f39 ) \'f2\'f0\'e0\'f4\'e8\'ea\'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ec\'e5\'e3\'e0\'e1\'e0\'e9\'f2\'e0\'f5\loch\f39 
+\hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'fb\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  IP-\'e0\'e4\'f0\'e5\'f1\'e0\'ec\'e8\loch\f39 \hich\f39  192.168.0.2-192.168.0.4, \'ef\'f0\'e8\'f7\'e5\'ec\loch\f39 \hich\f39  
+\'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f8\loch\af39\dbch\af31505\hich\f39 \'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'f1\'f7\'e8\'f2\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'e0\'f5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'ef\'f0\'ee\'f2\'ee\'ea\'ee\'eb\'ee\'e2.
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c8\'ed\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'ed\'f3\'e6\'ed\'ee
+\loch\f39 \hich\f39  \'ea\'e0\'ea\'ee\'ec\'f3-\'f2\'ee\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fe\loch\f39 \hich\f39  \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'e5\'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'ed\'fb\'e9\loch\f39 
+\hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'e2\'e5\'f1\'f2\'e8\loch\f39 \hich\f39  \'f3\'f7\'e5\'f2\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8
+\'ea\'e0\loch\f39 \hich\f39  . \'d7\'f2\'ee\loch\f39 \hich\f39  \'e4\'e5\'eb\'e0\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39 ? \'d1\'e0\'ec\'ee\'e5\loch\f39 
+\hich\f39  \'ef\'f0\'ee\'f1\'f2\'ee\'e5\loch\f39 \hich\f39  \'f0\'e5\'f8\'e5\'ed\'e8\'e5\loch\f39  \hich\f39 \emdash \loch\f39 \hich\f39  \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fe\loch\f39 \hich\f39  \'f2\'e0
+\'ea\'ee\'e5\loch\f39 \hich\f39  \'e7\'ed\'e0\'f7\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\'e0\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'ee\'e5\loch\f39 \hich\f39  \'ee\loch\af39\dbch\af31505\hich\f39 \'ed\loch\f39 \hich\f39  \'ed\'e5
+\loch\f39 \hich\f39  \'f1\'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'f1\'ea\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'e2\'f1\'e5\'ec\loch\f39 \hich\f39  \'e6\'e5\'eb\'e0\'ed\'e8\'e8\loch\f39 \hich\f39 , \'ed\'e0\'ef\'f0\'e8
+\'ec\'e5\'f0\loch\f39 \hich\f39 , \'ef\'e0\'f0\'f3\loch\f39 \hich\f39  \'f2\'e5\'f0\'e0\'e1\'e0\'e9\'f2\loch\f39 \hich\f39 .  \'c8\'eb\'e8\loch\f39 \hich\f39  \'ed\'f3\'e6\'ed\'ee\loch\f39 \hich\f39  \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc
+\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fe\loch\f39 \hich\f39  \'ee\'ef\'f0\'e5\'e4\'e5\'eb\'e5\'ed\'ed\'f3\'fe\loch\f39 \hich\f39  \'ea\'e2\'ee\'f2\'f3\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39 , \'ed\'ee
+\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ed\'e5\'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'ed\'fb\'e9\loch\f39 \hich\f39  \'ef\'e5\'f0\'e8\'ee\'e4\loch\f39 \hich\f39  \'e2\'f0\'e5\'ec\'e5\'ed\'e8\loch\f39 \hich\f39 . \'c2\loch\f39 \hich\f39  \'f2\'e0
+\'ea\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'ef\'ee\'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2\'f7\'e8\'ea\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ef
+\'e5\'f0\'e8\'ee\'e4\'ee\'ec\loch\f39 \hich\f39  \'e4\'e5\'e9\'f1\'f2\'e2\'e8\'ff\loch\f39 \hich\f39  N (\'ed\'e8\'ea\'ee\'e3\'e4\'e0\loch\f39 \hich\f39 ) \'eb\'e8\'e1\'ee\loch\f39 \hich\f39  Y(\'e3\'ee\'e4\loch\f39 ).
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'e0\'e6\'ed\'ee\loch\f39 \hich\f39  - \'ed\'ee\'ec\'e5\'f0\loch\af39\dbch\af31505\hich\f39 \'e0\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2\'f7\'e8\'ea\'ee\'e2\loch\f39 \hich\f39  (\'e2\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5
+\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  1,2,3) \'ed\'e5\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'ed\'fb\loch\f39 \hich\f39  \'f1\'ee\'e2\'ef\'e0\'e4\'e0\'f2\'fc\loch\f39 \hich\f39 . \'c8\'ec\'e5\'ed\'e0\loch\f39 \hich\f39 , \'e2
+\'e5\'f0\'ed\'e5\'e5\loch\f39 \hich\f39 , \'f4\'e0\'ec\'e8\'eb\'e8\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed\'e5\'f2\'e0\loch\f39 \hich\f39 , \'e8\'e4\'f3\'f9\'e8\'e5
+\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'ea\'ee\'f1\'ee\'e9\loch\f39 \hich\f39  \'f7\'e5\'f0\'f2\'fb\loch\f39 \hich\f39  - \'ef\'f0\'e8\'e2\'e5\'e4\'e5\'ed\'fb\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f3\'e4\'ee\'e1
+\'f1\'f2\'e2\'e0\loch\f39 \hich\f39 , \'e8\'ec\'e5\'ed\'ed\'ee\loch\f39 \hich\f39  \'ee\'ed\'e8\loch\f39 \hich\f39  \'e1\'f3\'e4\'f3\'f2\loch\f39 \hich\f39  \'f7\'e8\'f2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'f2\'f0\'e0
+\'ed\'e8\'f6\'e5\loch\f39 \hich\f39  \'f1\'f2\'e0\'f2\'e8\'f1\'f2\'e8\'ea\'e8\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  \'ef\'ee\'e7\'e6\'e5\loch\f39 ... 
+\par \loch\af39\dbch\af31505\hich\f39 \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'e2\'e0\'f1\loch\f39 \hich\f39  \'ef\'ee\'ff\'e2\'e8\'f2\'f1\'ff\loch\f39 \hich\f39  \'e6\'e5\'eb\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  \'e7\'ed\'e0\'f2\'fc
+\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'f2\'e5\'ea\'f3\'f9\'e8\'e9\loch\f39 \hich\f39  \'ee\'e1\'f9\'e8\'e9\loch\f39 \hich\f39  \'e8\'e7\'f0\'e0\'f1\'f5\'ee\'e4\'ee\'e2\'e0\'ed\'ed\'fb\'e9\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 
+\hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f1\'ef\'e5\'f8\'e8\'f2\'e5\loch\f39 
+\hich\f39  \'e2\'ee\'ee\'f0\'f3\'e6\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'ea\'e0\'eb\'fc\'ea\'f3\'eb\'ff\'f2\'ee\'f0\'ee\'ec\loch\f39 \hich\f39 , \'fd\'f2\'ee\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'f1\'e4\'e5\'eb\'e0\'f2\'fc
+\loch\f39 \hich\f39  \'f1\'f0\'e5\'e4\'f1\'f2\'e2\'e0\'ec\'e8\loch\f39 \hich\f39  3proxy. \'c4\'ee\'f1\'f2\'e0\'f2\'ee\'f7\'ed\'ee\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2\'f7\'e8\'ea\loch\f39 \hich\f39 ,  \'f3\'f7
+\'e8\'f2\'fb\'e2\'fe\'f9\'e8\'e9\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39 , \'ed\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 
+\hich\f39 , \'f2\'e0\'ea\loch\f39 :
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 countin 100/month M 1000000 * 
+\par \hich\af39\dbch\af31505\loch\f39 coun\hich\af39\dbch\af31505\loch\f39 tin 101/day D 1000000 *
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'cf\'e5\'f0\'e2\'e0\'ff\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'f7\'ea\'e0\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'e5\'f2\loch\f39 \hich\f39  \'ee\'e1\'f9\'e8\'e9\loch\f39 \hich\f39  \'ec\'e5\'f1\'ff\'f7\'ed\'fb\'e9\loch\f39 
+\hich\f39  \'f1\'f7\'e5\'f2\'f7\'e8\'ea\loch\f39 \hich\f39 , \'e2\'f2\'ee\'f0\'e0\'ff\loch\f39 \hich\f39  \'ee\'e1\'f9\'e8\'e9\loch\f39 \hich\f39  \'e4\'ed\'e5\'e2\'ed\'ee\'e9\loch\f39 \hich\f39 . \'d2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'f1\'f2\'f0\'e0\'ed\'e8\'f7\'ea\'e5\loch\f39 \hich\f39  \'f1\'f2\'e0\'f2\'e8\'f1\'f2\'e8\'ea\'e8\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'ea\'e0\'e6\'e4\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5
+\'eb\'ff\loch\f39 \hich\f39  (\'ed\'e5\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'e0\'e4\'ec\'e8\'ed\'e8\'f1\'f2\'f0\'e0\'f2\'ee\'f0\'e0\loch\f39 \hich\f39 ) \'ef\'ee\'ff\'e2\'ff\'f2\'f1\'ff\loch\f39 
+\hich\f39  \'e4\'e2\'e5\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'f7\'ea\'e8\loch\f39 \hich\f39 , \'f3\'ea\'e0\'e7\'fb\'e2\'e0\'fe\'f9\'e8\'e5\loch\f39 \hich\f39  \'f2\'e5\'ea\'f3\'f9\'e8\'e5\loch\f39 \hich\f39  \'ec\'e5\'f1\'ff\'f7\'ed\'fb\'e9\loch\f39 
+\hich\f39  \'e8\loch\f39 \hich\f39  \'e4\'ed\'e5\'e2\'ed\'ee\'e9\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\'e8\loch\f39 \hich\f39 , \'ef\'f0\'ee\'f5\'ee\'e4\'ff\'f9\'e8\'e5\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 
+\hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'ca\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  nocountin, \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'e5\'ed\'ed\'ee\loch\f39 \hich\f39 , \'ef\'ee\'e7\'e2\'ee\'eb\'ff\'e5\'f2\loch\f39 \hich\f39  \'ed\'e5\loch\f39 
+\hich\f39  \'f1\'f7\'e8\'f2\'e0\'f2\'fc\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'ed\'ed\'ee\'ec\'f3\loch\f39 \hich\f39  \'f0\'ff\'e4\'f3\loch\f39 \hich\f39  \'ef\'e0\'f0\'e0\'ec\'e5
+\'f2\'f0\'ee\'e2\loch\f39 \hich\f39 . \'cd\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 \hich\f39 , \'ea\'ee\'ec\'e0\'ed\'e4\'ee\'e9\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 nocountin * 192.168.0.4 * 110 *
+\par \loch\af39\dbch\af31505\hich\f39 \'ef\'ee\'ec\'e5\'f9\'e5\'ed\'ed\'ee\'e9\loch\f39 \hich\f39  \'cf\'c5\'d0\'c5\'c4\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2\'f7\'e8\'ea\'e0\'ec\'e8\loch\f39 \hich\f39  countin, \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'ee\'f2
+\'ea\'eb\'fe\'f7\'e8\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'e4\'f1\'f7\'e5\'f2\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\'e0\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e0\loch\f39 \hich\f39  \'f1\loch\f39 
+ \hich\af39\dbch\af31505\loch\f39 \hich\f39 IP .4 \'ef\'f0\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'e8\'e8\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  110 \'ef\'ee\'f0\'f2\'f3\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'e0\'e4\'ee\loch\f39 \hich\f39  \'e8\'ec\'e5\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e2\'e8\'e4\'f3\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'ef\'ee
+\'f1\'eb\'e5\loch\f39 \hich\f39  \'e8\'f1\'f7\'e5\'f0\'ef\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\'e0\loch\f39 \hich\f39  \'f1\'f3\'f9\'e5\'f1\'f2\'e2\'f3\'fe\'f9\'e8\'e5\loch\f39 \hich\f39  \'f1\'ee\'e5\'e4\'e8\'ed\'e5\'ed\'e8\'ff
+\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ee\'e1\'f0\'fb\'e2\'e0\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39 , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'e0\'f1\'fc\'ea
+\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fc\loch\f39 \hich\f39  \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'e8\'e4\'e5\'f2\'fc\loch\f39 \hich\f39  \'e4\'ee\loch\f39 \hich\f39  \'ea\'ee\'ed\'f6\'e0\loch\f39 
+\hich\f39  \'e4\'ed\'ff\loch\f39 \hich\f39  \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'ef\'f0\'e5\'e2\'fb\'f8\'e5\'ed\'e8\'e8\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\'e0\loch\f39 \hich\f39 . \'c8\'eb\'e8\loch\f39 
+\hich\f39 , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 \hich\f39 , \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e7\'e0\'ea\'e0\'f7\'e0\'f2\'fc\hich\af39\dbch\af31505\loch\f39 \hich\f39   \'e1\'ee\'eb\'fc\'f8\'ee\'e9\loch\f39 \hich\f39  
+\'f4\'e0\'e9\'eb\loch\f39 \hich\f39 , \'e7\'ed\'e0\'f7\'e8\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'ef\'f0\'e5\'e2\'fb\'f8\'e0\'fe\'f9\'e8\'e9\loch\f39 \hich\f39  \'e2\'fb\'e4\'e5\'eb\'e5\'ed\'ed\'fb\'e9\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea
+\loch\f39  \hich\f39 \emdash \loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'f3\'f1\'eb\'ee\'e2\'e8\'e8\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f1\'ec\'ee
+\'e6\'e5\'f2\loch\f39 \hich\f39  \'ee\'ef\'f0\'e5\'e4\'e5\'eb\'e8\'f2\'fc\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  \'f0\'e0\'e7\'ec\'e5\'f0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f7\'e0\'eb\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee
+\'f6\'e5\'f1\'f1\'e0\loch\f39 \hich\f39  \'e7\'e0\'ea\'e0\'f7\'ea\'e8\loch\f39 \hich\f39 . \'c0\loch\f39 \hich\f39  \'e2\'ee\'f2\loch\f39 \hich\f39  \'f1\'ee\'e7\'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'ee\'e2\'ee\'e5\loch\f39 \hich\f39  \'f1\'ee\'e5\'e4
+\'e8\'ed\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'ef\'f0\'e5\'e2\'fb\'f8\'e5\'ed\'e8\'ff\loch\f39 \hich\f39   \'f2\'f0\'e0\'f4\'e8\'ea\'e0\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  \'ed\'e5\loch\f39 
+\hich\f39  \'f3\'e4\'e0\'f1\'f2\'f1\'ff.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'ed\'ee\'e2\'e0\loch\f39 \hich\f39  \'f1\'ee\'e1\'e8\'f0\'e0\'e5\'ec\loch\f39 \hich\f39  \'ee\'f7\'e5\'f0\'e5\'e4\'ed\'f3\'fe\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'fe\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3
+\'e0\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'f3\'f7\'e5\'f2\'ee\'ec\loch\f39 \hich\f39  \'e2\'fb\'f8\'e5\'ed\'e0\'ef\'e8\'f1\'e0\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  (\'e2\'e5\'f0\'f1\'e8\'ff\loch\f39  4): 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 internal 192.168.0.1 
+\par \hich\af39\dbch\af31505\loch\f39 external 211.80.11.12
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.100.1
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.101.1
+\par \hich\af39\dbch\af31505\loch\f39 nscache 65536
+\par \hich\af39\dbch\af31505\loch\f39 logformat "L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" %E %I %O %N/%R:%r"
+\par \hich\af39\dbch\af31505\loch\f39 log c:\\3proxy\\logs\\3proxy.log D
+\par \hich\af39\dbch\af31505\loch\f39 rotate 30
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0\pararsid3764488 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 
+archiver }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \hich\af39\dbch\af31505\loch\f39 rar \loch\af39\dbch\af31505\hich\f39 \'93\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 
+\ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "c:\\Program Files\\WinRAR\\rar.exe}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \loch\af39\dbch\af31505\hich\f39 \'94\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "\hich\af39\dbch\af31505\loch\f39  a -df -inul %A %F
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 
+nobandlimin * * * 110
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 24000 * 192.168.0.2,192.168.0.3
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 48000 * 192.168.0.4
+\par \hich\af39\dbch\af31505\loch\f39 bandlimout 24000 *
+\par \hich\af39\dbch\af31505\loch\f39 counter "c:\\3proxy\\3proxy.3cf" D "C:\\3proxy\\traf\\traf"
+\par \hich\af39\dbch\af31505\loch\f39 nocountin * 192.168.0.4\hich\af39\dbch\af31505\loch\f39  * 110 *
+\par \hich\af39\dbch\af31505\loch\f39 countin "1/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c8\'e2\'e0\'ed\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 50 * 192.168.0.2 * * *
+\par \hich\af39\dbch\af31505\loch\f39 countin "2/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'e5\'f2\'f0\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 80 * 192.168.0.3 * * *
+\par \hich\af39\dbch\af31505\loch\f39 countin "3/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d1\'e8\'e4\'ee\'f0\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 30 * 192.168.0.4 * * *
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly 
+\par \hich\af39\dbch\af31505\loch\f39 deny * 192.168.200.4 * 110 * 1-5 18:00:00-23:59:59,00:00:00-08:00:00
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 allow * 192.168.200.4 * * * 1-5 \hich\af39\dbch\af31505\loch\f39 09:00:00-18:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3 * 80,443 * 1-7 00:00:00-23:59:59
+\par \hich\af39\dbch\af31505\loch\f39 proxy -t
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'f3\loch\f39 \hich\f39  \'e2\'ee\'f2\loch\f39 \hich\f39 , \'ec\'fb\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'e8\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0
+\'ee\'e8\'eb\'e8\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'e2\'e5\'e4\'fc\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed\'e5\'f2\loch\f39 \hich\f39  - \'fd\'f2\'ee\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 
+\hich\f39  WEB-\'f1\'e5\'f0\'f4\'e8\'ed\'e3\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  FTP. \'dd\'eb\'e5\'ea\'f2\'f0\'ee\'ed\'ed\'e0\'ff\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'e0\loch\f39 \hich\f39 ! \'c2\'ee\'f2\loch\f39 \hich\f39  \'e5\'e9\loch\f39 
+\hich\f39  \'ec\'fb\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e7\'e0\'e9\'ec\'e5\'ec\'f1\'ff\loch\f39 \hich\f39 . \'c4\'eb\'ff\loch\f39 \hich\f39  \'ed\'e0\'f7\'e0\'eb\'e0\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e8\'ec\loch\f39 \hich\f39  \'ef
+\'ee\'eb\'f3\'f7\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\hich\af39\dbch\af31505\loch\f39 \hich\f39 . \'c4\'eb\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'ee\'f1\'f2\'e0\'e2\'e5\loch\f39 
+\hich\f39  3proxy \'e8\'ec\'e5\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f1\'e2\'ee\'e9\loch\f39 \hich\f39  pop3-\'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 : 
+\par 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 pop3p
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e8\'f2\'fc
+\loch\f39 \hich\f39  \'e2\'e0\'f8\'e8\loch\f39 \hich\f39  \'ec\'fd\'e9\'eb-\'ea\'eb\'e8\'e5\'ed\'f2\'fb\loch\f39 \hich\f39 . \'c5\'f1\'eb\'e8\loch\f39 \hich\f39 , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 \hich\f39 , \'e4\'eb\'ff
+\loch\f39 \hich\f39  \'ff\'f9\'e8\'ea\'e0\loch\f39 \hich\f39  vasya.pupkin@mail.ru \'e2\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\'f5\loch\f39 \hich\f39  \'ec\'ee\'e5\'e3\'ee\loch\f39 \hich\f39  \'eb\'fe\'e1\'e8\'ec\'ee\'e3\'ee\loch\f39 
+\hich\f39  TheBat! \'e2\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\'f5\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'e0\'e2\'ea\'e8\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39  (\'e7\'e0\'ea\'eb\'e0\'e4\'ea\'e0\loch\f39 \hich\f39  
+\'d2\'f0\'e0\'ed\'f1\'ef\'ee\'f0\'f2\loch\f39 \hich\f39 ) \'f0\'e0\'ed\'fc\'f8\loch\af39\dbch\af31505\hich\f39 \'e5\loch\f39 \hich\f39  \'f1\'f2\'ee\'ff\'eb\'e8\loch\f39 \hich\f39  \'f2\'e0\'ea\'e8\'e5\loch\f39 \hich\f39  \'ef\'e0\'f0\'e0\'ec\'e5\'f2\'f0
+\'fb\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 pop3-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 : pop.mail.ru 
+\par \loch\af39\dbch\af31505\hich\f39 \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fc\loch\f39 : vasya.pupkin 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'f2\'ee\loch\f39 \hich\f39  \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'f3\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea
+\'f1\'e8\loch\f39 \hich\f39 , \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e8\'f5\loch\f39 \hich\f39  \'ef\'ee\'ec\'e5\'ed\'ff\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'eb\'e5\'e4\'f3\'fe\'f9\'e8\'e5
+\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 pop3-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 : 192.168.0.1 
+\par \loch\af39\dbch\af31505\hich\f39 \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fc\loch\f39 : vasya.pupkin@pop.mail.ru 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'e2\'ed\'e8\'ec\'e0\'ed\'e8\'e5\loch\f39 \hich\f39 , \'e8\'ec\'e5\'ed\'ed\'ee\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\'e4\'ee\'e2\'e0\'f2\loch\af39\dbch\af31505\hich\f39 \'e5\'eb\'fc\'ed\'ee\'f1\'f2\'fc
+\loch\f39 \hich\f39  "\'e8\'ec\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39 "@"POP3-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 \hich\f39  \'e2\'e0\'f8\'e5\'e3\'ee\loch\f39 \hich\f39  \'ff\'f9\'e8\'ea\'e0\loch\f39 
+\hich\f39 ", \'e0\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e2\'e0\'f8\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'eb\'ff\loch\f39 \hich\f39  \'e1\'ee\'eb\'fc\'f8\'e5\'e9\loch\f39 \hich\f39  \'ed\'e0\'e3\'eb\'ff\'e4\'ed\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  \'f0\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e8\'ec\loch\f39 \hich\f39  \'e5\'f9\'e5
+\loch\f39 \hich\f39  \'e2\'e0\'f0\'e8\'e0\'ed\'f2\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e8\loch\f39 \hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\'e0\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 pop3-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 : mail.example.com 
+\par \loch\af39\dbch\af31505\hich\f39 \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fc\loch\f39 : vasya.pupkin@example.com 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d2\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'ef\'f0
+\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\af39\dbch\af31505\hich\f39 \'f8\'eb\'ee\'f1\'fc\loch\f39 \hich\f39  \'e1\'fb\loch\f39 \hich\f39  \'ef\'ee\'ec\'e5\'ed\'ff\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e8\loch\f39 
+\hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'eb\'e5\'e4\'f3\'fe\'f9\'e8\'e5\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 pop3-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 : 192.168.0.1 
+\par \loch\af39\dbch\af31505\hich\f39 \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fc\loch\f39 : vasya.pupkin@example.com@mail.example.com 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  \'ea\'e0\'f7\'e5\'f1\'f2\'e2\'e5\loch\f39 \hich\f39  \'f0\'e0\'e7\'e4\'e5\'eb\'e8\'f2\'e5\'eb\'ff\loch\f39 \hich\f39  \'e7\'e4\'e5\'f1\'fc\loch\f39 \hich\f39  \'e2\'fb\'f1\'f2\'f3\'ef\'e0\'e5\'f2
+\loch\f39 \hich\f39  @, \'ed\'ee\loch\f39 \hich\f39  \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'ed\'f3\'e6\'ed\'ee\loch\f39 \hich\f39 , \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'e4\'f0\'f3
+\'e3\'ee\'e9\loch\f39 \hich\f39  \'f1\'e8\'ec\'e2\'ee\'eb\loch\f39 \hich\f39 , \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'ff\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39  d
+\hich\af39\dbch\af31505\loch\f39 elimchar:
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 delimchar #
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d7\'f2\'ee\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'ea\'e0\'f1\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ee\'f2\'ef\'f0\'e0\'e2\'ea\'e8\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39 , \'f2\'ee
+\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e0\'e1\'ee\'f2\'f7\'e8\'ea\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'e3\'ee\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0\'f2\'e5\'eb\'fc\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5
+\'f0\'e0\loch\f39 \hich\f39  \'f0\'e5\'ea\'ee\'ec\'e5\'ed\'e4\'f3\'e5\'f2\loch\f39 \hich\f39  \'e2\'ee\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef
+\'ee\'f0\'f2\'ec\'e0\'ef\'ef\'e8\'ed\'e3\'ee\'ec\loch\f39 : 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 25 smtp.provider.ru 25
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'f2\'ee\loch\f39 \hich\f39  \'e5\'f1\'f2\'fc\loch\f39 \hich\f39 , \'ed\'e5\loch\f39 \hich\f39  \'ec\'f3\'e4\'f0\'f1\'f2\'e2\'f3\'ff\loch\f39 
+\hich\f39  \'eb\'f3\'ea\'e0\'e2\'ee\loch\f39 \hich\f39 , \'ec\'fb\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'f2\'ee\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'ee\'f1\loch\af39\dbch\af31505\hich\f39 \'fb\loch\f39 \hich\f39  \'ef\'ee
+\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'f3\loch\f39 \hich\f39  25, \'ef\'ee\loch\f39 \hich\f39  \'ea\'ee\'f2\'ee\'f0\'ee\'ec\'f3\loch\f39 \hich\f39 , \'f1\'ee\'e1\'f1\'f2\'e2\'e5\'ed\'ed\'ee\loch\f39 \hich\f39 , \'e8\loch\f39 \hich\f39  \'ee\'f2\'ef\'f0
+\'e0\'e2\'eb\'ff\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'ee\'e2\'fb\'e5\loch\f39 \hich\f39  \'f1\'ee\'ee\'e1\'f9\'e5\'ed\'e8\'ff\loch\f39 \hich\f39 , \'ef\'e5\'f0\'e5\'ea\'e8\'e4\'fb\'e2\'e0\'e5\'ec\loch\f39 \hich\f39  \'ed\'e0\loch\f39 
+\hich\f39  25-\'fb\'e9\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'ee\'e2\'ee\'e3\'ee\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'ef\'f0\'ee\'e2\'e0\'e9\'e4\'e5\'f0\'e0
+\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\'f5\loch\f39 \hich\f39  \'e2\'e0\'f8\'e5\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'ee\'e2\'ee\'e3\'ee\loch\f39 \hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\'e0
+\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f3\'ef\'ee\'ec\'ff\'ed\'f3\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e2\'fb\'f8\'e5\loch\f39 
+\hich\f39  \'ff\'f9\'e8\'ea\'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ee\'e1\'f9\'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ef\'ee\'ec\'e5\'ed\'ff\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'e7\'e0\'ef\'e8\'f1\'fc
+\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'e4\'eb\'ff\loch\f39 \hich\f39  SMTP-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 SMTP-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 : 192.168.0.1 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'ee\'eb\'e6\'e5\'ed\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f2\'e8\'f2\'fc\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39   \'ef\'f0\'e8\'e5\'ec\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'ec
+\'e0\'ef\'ef\'e8\'ed\'e3\'ee\'ec\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'fb\'eb\'ee\loch\f39 \hich\f39  \'e1\'fb\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  
+\'e4\'eb\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39 . \'c2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee
+\'eb\'fc\'e7\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 2110 pop.mail.ru 110
+\par \loch\af39\dbch\af31505\hich\f39 \'c5\'f1\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'e2\'e0\'f0\'e8\'e0\'ed\'f2\'e5\loch\f39 \hich\f39  \'ee\'e4\'ed\'e0\loch\f39 \hich\f39  \'ed\'e5\'ef\'f0\'e8\'ff\'f2\'ed
+\'e0\'ff\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'f1\'f2\'ee\'f0\'ee\'ed\'e0\loch\f39 \hich\f39  - \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e8\loch\f39 \hich\f39  \'e1\'f3\'e4\'f3\'f2\loch\f39 \hich\f39  \'ef
+\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'ff\'f9\'e8\'ea\'e0\'ec\'e8\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f0\'e0\'e7\'ed\'fb\'f5\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'ee\'e2\'fb\'f5\loch\f39 \hich\f39  \'f1\'e5\'f0
+\'e2\'e5\'f0\'e0\'f5\loch\f39 \hich\f39 , \'e1\'eb\'e0\'e3\'ee\loch\f39 \hich\f39  \'f7\'f2\'ee\loch\f39 \hich\f39  \'e8\'f5\loch\f39 \hich\f39  \'ec\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'f0\'e0\'e7\'e2\'e5\'eb\'ee\'f1\'fc\loch\f39 \hich\f39 
+ (yandex, rambler,newmail...), \'f2\'ee\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ea\'e0\'e6\'e4\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'ee\'e2\'ee\'e3\'ee\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'ef
+\'f0\'e8\'e4\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'e7\'e0\'e2\'e5\'f1\'f2\'e8\loch\f39 \hich\f39  \'ed\'ee\'e2\'f3\'fe\loch\f39 \hich\f39  \'e7\'e0\'ef\'e8\'f1\'fc\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'ec\'e0\'ef\'ef\'e8\'ed\'e3\'e0\loch\f39 \hich\f39  
+\'e2\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'ec\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39 , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 : 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 tcppm \hich\af39\dbch\af31505\loch\f39 -i192.168.0.1 3110 pop.yandex.ru 110
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c2\'ef\'f0\'ee\'f7\'e5\'ec\loch\f39 \hich\f39 , \'e2\'f0\'ff\'e4\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'e8\'f5\loch\f39 \hich\f39  \'f7
+\'e8\'f1\'eb\'ee\loch\f39 \hich\f39  \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e1\'ee\'eb\'fc\'f8\'ee\'ec\loch\f39 \hich\f39  \'ee\'f4\'e8\'f1\'e5\loch\f39 \hich\f39  \'ef\'f0\'e5\'e2\'fb\'f1\'e8\'f2\loch\f39  10-15. 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ef\'e0\'f0\'e0\'ec\'e5\'f2\'f0\'fb\loch\f39 \hich\f39  \'ff\'f9\'e8\'ea\'e0\loch\f39 \hich\f39  \'e2\loch\f39 
+\hich\f39  \'ec\'fd\'e9\'eb-\'ea\'eb\'e8\'e5\'ed\'f2\'e5\loch\f39 \hich\f39  \'e1\'f3\'e4\'f3\'f2\loch\f39 \hich\f39  \'f1\'eb\'e5\'e4\'f3\'fe\'f9\'e8\'e5\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 pop3-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 : 192.168.0.1 
+\par \loch\af39\dbch\af31505\hich\f39 \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fc\loch\f39 : vasya.pupkin 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'e8\loch\f39 \hich\f39  \'e4\'ee\'ef\'ee\'eb\'ed\'e8\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'ec\'e5\'ed\'ff\'f2\'fc
+\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  2110 \'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e7\'e0\'e1\'fb\'f2\'fc\loch\f39 \hich\f39  \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef
+\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\'ec\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'fd\'f2\'ee\'f2\loch\f39 \hich\f39  \'ed\'e5\'f1\'f2\'e0\'ed\'e4\'e0\'f0\'f2\'ed\'fb\'e9
+\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3 * 2110,25,110 * 1-5 00:00:00-20:00:00
+\par \loch\af39\dbch\af31505\hich\f39 \'ca\'e0\'ea\'ee\'e9\loch\f39 \hich\f39  \'e8\'e7\loch\f39 \hich\f39  \'f1\'ef\'ee\'f1\'ee\'e1\'ee\'e2\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39  
+\'e2\'fb\'e1\'e8\'f0\'e0\'f2\'fc\loch\f39 \hich\f39  - \'e4\'e5\'eb\'ee\loch\f39 \hich\f39  \'e2\'ea\'f3\'f1\'e0\loch\f39 \hich\f39 , \'ec\'ed\'e5\loch\f39 \hich\f39  \'e1\'ee\'eb\'e5\'e5\loch\f39 \hich\f39  \'ef\'f0\'e8\'e2\'fb\'f7\'e5\'ed\loch\f39 
+\hich\f39  \'ef\'ee\'f0\'f2\'ec\'e0\'ef\'ef\'e8\'ed\'e3\loch\f39 \hich\f39 , \'e5\'e3\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'ec\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc
+\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'ef\'f0\'ee\'f7\'e5\'ec\loch\f39 \hich\f39 , \'ef\'f0\'ee\'e3\'f0\'e5\'f1\'f1\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f1\'f2\'ee\'e8\'f2\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ec\'e5\'f1\'f2\'e5
+\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ee\'f2\'ef\'f0\'e0\'e2\'ea\'e8\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39  \'e5\'f1\'f2\'fc\loch\f39 \hich\f39 
+ smtp-\'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39 , \'f0\'e0\'e1\'ee\'f2\'e0\'fe\'f9\'e8\'e9\loch\f39 \hich\f39  \'e0\'ed\'e0\'eb\'ee\'e3\'e8\'f7\'ed\'ee\loch\f39  pop3p:
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 smtpp
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'cf\'ee\'f7\'f2\'ee\'e2\'fb\'e5\loch\f39 \hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\'fb\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'e0\'e8\'e2\'e0\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'e0\'ed\'e0\'eb\'ee\'e3\'e8\'f7\'ed\'ee
+\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e5\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  pop3p: \'ef\'ee\'f0\'f2\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'e0\'f0\'ee\'eb\'fc\loch\f39 \hich\f39  \'ee\'f1\'f2\'e0\'fe\'f2\'f1\'ff
+\loch\f39 \hich\f39  \'e1\'e5\'e7\loch\f39 \hich\f39  \'e8\'e7\'ec\'e5\'ed\'e5\'ed\'e8\'e9\loch\f39 \hich\f39 , \'e2\'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  pop3-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'f3\loch\af39\dbch\af31505\hich\f39 \'ea
+\'e0\'e7\'fb\'e2\'e0\'e5\'ec\loch\f39 \hich\f39  IP \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'ee\'eb\'e5\loch\f39 \hich\f39  \'e8\'ec\'e5\'ed\'e8\loch\f39 \hich\f39  
+\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39  \'e7\'e0\'e1\'e8\'e2\'e0\'e5\'ec\loch\f39 \hich\f39  \'e8\'ec\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 @POP_SERVER. 
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d0\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e8\'ec\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'e5\loch\f39 \hich\f39  \'ff\'f9\'e8\'ea\'e0\loch\f39  }{\field{\*\fldinst {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 
+HYPERLINK "mailto:ivan@mail.ru"}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid3764488 {\*\datafield 
+00d0c9ea79f9bace118c8200aa004ba90b0200000003000000e0c9ea79f9bace118c8200aa004ba90b400000006d00610069006c0074006f003a006900760061006e0040006d00610069006c002e00720075000000795881f43b1d7f48af2c825dc485276300000000a5ab0000}}}{\fldrslt {\rtlch\fcs1 
+\af39\afs20 \ltrch\fcs0 \f39\fs20\ul\cf9\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 ivan@mail.ru}}}\sectd \ltrsect\linex0\sectdefaultcl\sftnbj {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\hich\af39\dbch\af31505\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  \'ef\'ee\'eb\'e5\loch\f39 \hich\f39  \'ab\'d3\'f7\'e5\'f2\'ed\'e0\'ff\loch\f39 \hich\f39  \'e7\'e0\'ef\'e8\'f1\'fc\'bb\loch\f39 \hich\f39  \'e2\'ed\'ee\'f1\'e8\'ec\loch\f39  }{\field{\*\fldinst {
+\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 HYPERLINK "mailto:ivan@smtp.mail.ru"}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid3764488 {\*\datafield 
+00d0c9ea79f9bace118c8200aa004ba90b0200000003000000e0c9ea79f9bace118c8200aa004ba90b4a0000006d00610069006c0074006f003a006900760061006e00400073006d00740070002e006d00610069006c002e00720075000000795881f43b1d7f48af2c825dc485276300000000a5ab0000}}}{\fldrslt {
+\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\ul\cf9\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 ivan@smtp.mail.ru}}}\sectd \ltrsect\linex0\sectdefaultcl\sftnbj {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\hich\af39\dbch\af31505\loch\f39 \hich\f39 , \'ef\'ee\'f0\'f2\loch\f39 \hich\f39  25 \'ee\'f1\'f2\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39   \'e1\'e5\'e7\loch\f39 \hich\f39  \'e8\'e7\'ec\'e5\'ed\'e5\'ed\'e8\'e9\loch\f39 \hich\f39 , \'ea\'e0\'ea\loch\f39 
+\hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'e0\'f0\'ee\'eb\'fc\loch\f39 \hich\f39 . \'c0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'ee\'eb\'e5\loch\f39 \hich\f39  \'ab\'d1\'e5\'f0\'e2\'e5\'f0\loch\f39 \hich\f39  \'e8\'f1\'f5\'ee\'e4\'ff\'f9\'e5\'e9
+\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\'bb\loch\f39 \hich\f39  \'e7\'e0\'e1\'e8\'e2\'e0\'e5\'ec\loch\f39 \hich\f39  IP \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'ee\'e1\'e8\'f0\'e0\'e5\'ec\loch\f39 \hich\f39  \'ee\'f7\'e5\'f0\'e5\'e4\'ed\'f3\'fe\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'fe\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  \'f1\loch\f39 
+\hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'e8\'e5\'ec\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  pop3p (\'e2\'e5\'f0\'f1\'e8\'ff\loch\f39  5): 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 internal 192.168.0.1 
+\par \hich\af39\dbch\af31505\loch\f39 external 211.80.11.12
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.10\hich\af39\dbch\af31505\loch\f39 0.1
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.101.1
+\par \hich\af39\dbch\af31505\loch\f39 nscache 65536
+\par \hich\af39\dbch\af31505\loch\f39 logformat "L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" %E %I %O %N/%R:%r"
+\par \hich\af39\dbch\af31505\loch\f39 log c:\\3proxy\\logs\\3proxy.log D
+\par \hich\af39\dbch\af31505\loch\f39 rotate 30
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0\pararsid3764488 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 
+archiver }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \hich\af39\dbch\af31505\loch\f39 rar \loch\af39\dbch\af31505\hich\f39 \'93\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 
+\ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "c:\\Program Files\\WinRAR\\rar.exe}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \loch\af39\dbch\af31505\hich\f39 \'94\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "\hich\af39\dbch\af31505\loch\f39  a -df -inul %A %F
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 nobandlimin * * * 110
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 24000 * \hich\af39\dbch\af31505\loch\f39 192.168.0.2,192.168.0.3
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 48000 * 192.168.0.4
+\par \hich\af39\dbch\af31505\loch\f39 bandlimout 24000 *
+\par \hich\af39\dbch\af31505\loch\f39 counter "c:\\3proxy\\3proxy.3cf" D "C:\\3proxy\\traf\\traf"
+\par \hich\af39\dbch\af31505\loch\f39 nocountin * 192.168.0.4 * 110 *
+\par \hich\af39\dbch\af31505\loch\f39 countin "1/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c8\'e2\'e0\'ed\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 50 * 192.168.0.2 * * *
+\par \hich\af39\dbch\af31505\loch\f39 countin "2/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'e5\'f2\'f0\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 80 * 192.168.0.3 * * *
+\par \hich\af39\dbch\af31505\loch\f39 countin \hich\af39\dbch\af31505\loch\f39 "3/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d1\'e8\'e4\'ee\'f0\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 30 * 192.168.0.4 * * *
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly 
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.200.4 * * * 1-5 09:00:00-18:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3 * 80,443 * 1-7 00:00:00-23:59:59
+\par \hich\af39\dbch\af31505\loch\f39 proxy 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 # }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'ce\'d7\'d2\'c0}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly
+\par \hich\af39\dbch\af31505\loch\f39 deny * 192.168.200.4 * 110 * 1-5 18:00:00-23:59:59,00:00:00-08:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3,192.168.0.4 * 25,110 * 1-5 00:00:00-20:00:00
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 25}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186 00}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  smtp.provider.ru 25
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 pop3p
+\par \hich\af39\dbch\af31505\loch\f39 smtpr
+\par \loch\af39\dbch\af31505\hich\f39 \'e2\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'fb\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'ef\'ee\'f0
+\'f2\'ec\'e0\'ef\'ef\'e8\'ed\'e3\loch\f39 \hich\f39  \'f1\'e5\'ea\'f6\'e8\'ff\loch\f39 \hich\f39  \'ea\'ee\'ed\loch\af39\dbch\af31505\hich\f39 \'f4\'e8\'e3\'e0\loch\f39 \hich\f39 , \'e8\'e4\'f3\'f9\'e0\'ff\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5
+\loch\f39 \hich\f39  \'ea\'ee\'ec\'e5\'ed\'f2\'e0\'f0\'e8\'ff\loch\f39 \hich\f39  # \'cf\'ce\'d7\'d2\'c0\loch\f39 \hich\f39  \'e2\'fb\'e3\'eb\'ff\'e4\'e5\'eb\'e0\loch\f39 \hich\f39  \'e1\'fb\loch\f39 \hich\f39  \'ed\'e5\'ec\'ed\'ee\'e3\'ee\loch\f39 
+\hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'ee\'ec\'f3\loch\f39 : 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 # }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\loch\af39\dbch\af31505\hich\f39 \'cf\'ce\'d7\'d2\'c0}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly
+\par \hich\af39\dbch\af31505\loch\f39 deny * 192.168.200.4 * 110 * 1-5 18:00:00-23:59:59,00:00:00-08:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3,192.168.0.4 * 25,110 * 1-5 00:00:00-20:00:00
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192\hich\af39\dbch\af31505\loch\f39 .168.0.1 25}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186 00}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  smtp.provider.ru 25
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 2110 pop.mail.ru 110
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 3110 pop.yandex.ru 110
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c2\'fb\loch\f39 \hich\f39 , \'ed\'e0\'e2\'e5\'f0\'ed\'ee\'e5\loch\f39 \hich\f39 , \'e7\'e0\'ec\'e5\'f2\'e8\'eb\'e8\loch\f39 \hich\f39  \'ed\'ee\'e2
+\'f3\'fe\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39 \hich\f39  flush. \'cc\'fb\loch\f39 \hich\f39  \'e5\'e5\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'ed\'e8\'eb\'e8\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f1\'e1\'f0\'ee\'f1
+\'e0\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'e2\'fb\'f8\'e5\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ea\'e0\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  
+\'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'fb\'eb\'ee\loch\f39 \hich\f39  \'e8\'e7\'ec\'e5\'ed\'e8\'f2\'fc\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e5\'ed\'e8\loch\af39\dbch\af31505\hich\f39 \'ff\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0
+\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39 . \'c7\'e0\'ec\'e5\'f7\'f3\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'f1\'e1\'f0\'ee\'f1\loch\f39 \hich\f39  \'ed
+\'e5\loch\f39 \hich\f39  \'e4\'e5\'e9\'f1\'f2\'e2\'f3\'e5\'f2\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'f1\'ea\'ee\'f0\'ee\'f1\'f2\'e8\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'ee
+\'e5\loch\f39 \hich\f39  \'e4\'e5\'e9\'f1\'f2\'e2\'f3\'e5\'f2\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39 . \'c8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e7\'e0
+\'e1\'fb\'e2\'e0\'e5\'ec\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'ed\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'f1\'ef\'ee\'f1\'ee
+\'e1\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'e8\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d3\'f7\'f2\'e8\'f2\'e5\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39  smtpr}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\kerning1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1  }{\rtlch\fcs1 \af39\afs20 
+\ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ef\'ee\loch\f39 \hich\f39  \'f3\'ec\'ee\'eb\'f7\'e0\'ed\'e8\'fe\loch\f39 \hich\f39  \'e7\'e0\'ed\'e8\'ec\'e0\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\loch\f39 \hich\f39 
+ 25, \'ef\'ee\'fd\'f2\'ee\'ec\'f3\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'f3\loch\f39 \hich\f39  \'ed\loch\af39\dbch\af31505\hich\f39 \'e5\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'ed\'fb
+\loch\f39 \hich\f39  \'e2\'e8\'f1\'e5\'f2\'fc\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'e8\'e5\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c8\loch\f39 \hich\f39  \'ed\'e0\'ea\'ee\'ed\'e5\'f6\loch\f39 \hich\f39 , \'f0\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e8\'ec\loch\f39 \hich\f39  \'e2\'e0\'e6\'ed\'f3\'fe\loch\f39 \hich\f39  \'f1\'ee\'f1\'f2\'e0\'e2\'eb\'ff\'fe\'f9
+\'f3\'fe\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  - WEB-\'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9\'f1\loch\f39 \hich\f39  \'e0\'e4\'ec\'e8\'ed\'e8\'f1\'f2\'f0\'e8\'f0\'ee\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39 
+. \'c4\'eb\'ff\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'ed\'e5\'ec\'f3\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'f2\'e8\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ec
+\'e0\'ed\'e4\'f3\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 admin 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'eb\'ff\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9\'f1\'f3\loch\f39 \hich\f39  \'ef\'f0\'ee\'ef\'e8\'f8\'e8\'f2\'e5\loch\f39 
+\hich\f39  \'e2\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\'ed\'ee\'e9\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'e5\loch\f39 \hich\f39  \'e1\'f0\'e0\'f3\'e7\'e5\'f0\'e0\loch\f39 \hich\f39  \'f1\'eb\'e5\'e4\'f3\'fe\'f9\'e8\'e9\loch\f39 \hich\f39  \'e0\'e4
+\'f0\'e5\'f1\hich\af39\dbch\af31505\loch\f39 \hich\f39 : http://192.168.0.1:80, \'ed\'e5\loch\f39 \hich\f39  \'e7\'e0\'e1\'fb\'e2\loch\f39 \hich\f39 , \'ea\'ee\'ed\'e5\'f7\'ed\'ee\loch\f39 \hich\f39 , \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0
+\'e5\'f8\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fe\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  \'f1\'f2\'e0\'ed\'e4\'e0\'f0\'f2\'ed
+\'ee\'e3\'ee\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39  admin \'ef\'ee\'f0\'f2\'e0\loch\f39 \hich\f39  80. \'c2\loch\f39 \hich\f39  \'ee\'f2\'ea\'f0\'fb\'e2\'f8\'e5\'ec\'f1\'ff\loch\f39 \hich\f39  
+\'ee\'ea\'ed\'e5\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e8\'f2\'fc\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'e8\'ed\'f4
+\'ee\'f0\'ec\'e0\'f6\'e8\'e8\loch\f39 \hich\f39  \'ee\loch\f39 \hich\f39  \'ec\'e0\'ea\'f1\'e8\'ec\'e0\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'e4\'ee\'ef\'f3\'f1\'f2\'e8\'ec\'ee\'ec\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\'e5\loch\f39 \hich\f39  \'e8
+\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  \'f2\'e5\'ea\'f3\'f9\'e5\'ec\loch\f39 \hich\f39  \'e7\'ed\'e0\'f7\'e5\'ed\'e8\'e8\loch\f39 \hich\f39 , \'ef\'ee\'f1\'ec\'ee\'f2\'f0\'e5\loch\af39\dbch\af31505\hich\f39 \'f2
+\loch\af39\dbch\af31505\hich\f39 \'fc\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'f6\'e5\'eb\'e8\'ea\'ee\'ec\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'e7\'e0\'ef\'f3\'f1\'f2
+\'e8\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 \hich\f39 . \'cf\'ee\'fd\'f2\'ee\'ec\'f3\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'fd\'f2\'f3
+\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'f3\loch\f39 \hich\f39  \'f0\'e0\'e7\'e4\'e0\'e2\'e0\'e9\'f2\'e5\loch\f39 \hich\f39  \'ea\'f0\'e0\'e9\'ed\'e5\loch\f39 \hich\f39  \'e2\'ed\'e8\'ec\'e0\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39 ! \'c2\'ef\'f0\'ee
+\'f7\'e5\'ec\loch\f39 \hich\f39 , \'f3\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39  admin \'e5\'f1\'f2\'fc\loch\f39 \hich\f39  \'ea\'eb\'fe\'f7\loch\f39 \hich\f39  -s, \'ea\'ee\'f2\'ee\'f0\'fb\'e9\loch\f39 \hich\f39  \'ed\'e5\loch\f39 
+\hich\f39  \'e4\'e0\'e5\'f2\loch\f39 \hich\f39  \'e4\'e5\'eb\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fe\loch\f39 \hich\f39  \'ed\'e8\'f7\'e5\'e3\'ee\loch\f39 \hich\f39  \'ed\'e5\'e4\'ee\'e7\'e2\'ee\'eb\'e5\'ed\'ed\'ee
+\'e3\'ee.
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'e0\'e4\'ee\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'e8\'ec\'e5\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e2\'e8\'e4\'f3\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  
+\'e4\'eb\'ff\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'ec\'ee\'f2\'f0\loch\af39\dbch\af31505\hich\f39 \'e0\loch\f39 \hich\f39  \'f1\'f2\'e0\'f2\'e8\'f1\'f2\'e8\'ea\'e8\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e1\'f0\'e0\'f3\'e7\'e5\'f0\'e5\loch\f39 
+\hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'e3\'e0\'eb\'ee\'f7\'ea\'f3
+\loch\f39 \hich\f39  \'cd\'e5\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'f2\'fc
+\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e8\'e6\'e5\'f1\'f2\'ee\'ff\'f9\'e5\'ec\loch\f39 \hich\f39  \'ef\'ee\'eb\'e5\loch\f39 \hich\f39  \'e0\'e9-\'ef\'e8\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-
+\'f1\'e5\'f0\'e2\'e5\'f0\'e0}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \u8203\'3f}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 
+\hich\f39 , \'e2\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39   192.168.0.1
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39  \'d1\'f7\'e8\'f2\'e0\'fe\loch\f39 \hich\f39  \'f1\'e2\'ee\'e8\'ec\loch\f39 \hich\f39  \'e4\'ee\'eb\'e3\'ee\'ec\loch\f39 \hich\f39  \'f3\'ef\'ee\'ec\'ff\'ed\'f3\'f2\'fc\loch\f39 \hich\f39  \'ee\loch\f39 
+\hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e5\loch\f39 \hich\f39  writable, \'ea\'ee\'f2\'ee\'f0\'e0\'ff\loch\f39 \hich\f39 , \'e1\'f3\'e4\'f3\'f7\'e8\loch\f39 \hich\f39  \'f0\'e0\'e7\'ec\'e5\loch\af39\dbch\af31505\hich\f39 \'f9\'e5\'ed\'e0\loch\f39 \hich\f39  
+\'e2\loch\f39 \hich\f39  \'f1\'e0\'ec\'ee\'ec\loch\f39 \hich\f39  \'ed\'e0\'f7\'e0\'eb\'e5\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39 , \'e4\'e0\'e5\'f2\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\'f1\'f2\'fc\loch\f39 
+\hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'f7\'e8\'f2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  WEB-\'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9
+\'f1\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ec\'e5\'ed\'ff\'f2\'fc\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39 ! \'c0\'e2\'f2\'ee\'f0\loch\f39 \hich\f39  \'ef\'f0\'ee\'e3\'f0\'e0\'ec\'ec\'fb\loch\f39 
+\hich\f39  \'ef\'f0\'e5\'e4\'eb\'e0\'e3\'e0\'e5\'f2\loch\f39 \hich\f39  \'e4\'e2\'e0\'e6\'e4\'fb\loch\f39 \hich\f39  \'ef\'ee\'e4\'f3\'ec\'e0\'f2\'fc\loch\f39 \hich\f39 , \'ef\'f0\'e5\'e6\'e4\'e5\loch\f39 \hich\f39  \'f7\'e5\'ec\loch\f39 \hich\f39  \'e2
+\'ea\'eb\'fe\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'fd\'f2\'f3\loch\f39 \hich\f39  \'ee\'ef\'f6\'e8\'fe\loch\f39 \hich\f39 . \'d7\'f2\'ee\loch\f39 \hich\f39  \'ea\'e0\'f1\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 
+\hich\f39 , \'e5\'f1\'f2\'fc\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'ee\'e4\'ed\'e0\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0\'f2\'e5\'eb\'fc\'ed\'e0\'ff\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39 , \'ec\'e8\'ec
+\'ee\loch\f39 \hich\f39  \'ea\'ee\'f2\'ee\'f0\'ee\'e9\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'ff\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ec\'ee\'e3\'f3\loch\f39 \hich\f39  \'ef\'f0\'ee\'e9\'f2\'e8\loch\f39 \hich\f39 
+. \'dd\'f2\'ee\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  monitor, \'ea\'ee\'f2\'ee\'f0\'e0\'ff\loch\f39 \hich\f39  \'ef\'ee\'e7\'e2\'ee\'eb\'ff\'e5\'f2\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'f3
+\loch\f39 \hich\f39  \'f1\'eb\'e5\'e4\'e8\'f2\'fc\loch\f39 \hich\f39  \'e7\'e0\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'ee\'ec\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'f3\'f0\'e0\'f6\'e8\'e8\loch\f39 \hich\f39  (\'e8\loch\f39 \hich\f39  \'ed\'e5
+\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ee\'f1\'ed\'ee\'e2\'ed\'fb\'ec\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'ee\'ec\loch\f39 \hich\f39  3proxy.cfg, \'ed\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'eb\'fe\'e1\'fb\'ec
+\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'e8\'ec\loch\f39 \hich\f39 , \'e2\'ea\'eb\'fe\'f7\'e0\'e5\'ec\'fb\'ec\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  ) \'e8\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1
+\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ee\'e1\'ed\'e0\'f0\'f3\'e6\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e5\'e9\loch\f39 \hich\f39  \'e8\'e7\'ec\'e5\'ed\'e5\'ed\'e8\'e9\loch\f39 \hich\f39  \'ed\'e5\'e7\'e0\'ec\'e5\'e4\'eb
+\'e8\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  (\'ef\'ee\loch\f39 \hich\f39  \'ec\'ee\'e8\'ec\loch\f39 \hich\f39  \'ed\'e0\'e1\'eb\'fe\'e4\'e5\loch\af39\dbch\af31505\hich\f39 \'ed\loch\af39\dbch\af31505\hich\f39 \'e8\'ff\loch\f39 \hich\f39 , \'f7\'e5
+\'f0\'e5\'e7\loch\f39 \hich\f39  2-3 \'f1\'e5\'ea\'f3\'ed\'e4\'fb\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'f1\'ee\'f5\'f0\'e0\'ed\'e5\'ed\'e8\'ff\loch\f39 \hich\f39 ) \'e7\'e0\'e3\'f0\'f3\'e6\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'ee
+\'e2\'f3\'fe\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'f3\'f0\'e0\'f6\'e8\'fe\loch\f39 \hich\f39 . \'cf\'f0\'ee\'f1\'f2\'ee\loch\f39 \hich\f39  \'ee\'f2\'eb\'e8\'f7\'ed\'e0\'ff\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\'f1\'f2\'fc\loch\f39 
+\hich\f39 , \'ea\'ee\'f2\'ee\'f0\'ee\'e9\loch\f39 \hich\f39  \'ec\'ed\'e5\loch\f39 \hich\f39  \'f2\'e0\'ea\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f5\'e2\'e0\'f2\'e0\'eb\'ee\loch\f39 \hich\f39  \'e2\loch\f39  ES Proxy! 
+\par \loch\af39\dbch\af31505\hich\f39 \'d2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e8\'ec\'e5\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e2\'e8\'e4\'f3\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  
+\'fd\'f2\'e8\loch\f39 \hich\f39  \'e4\'e2\'e5\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'fb\loch\f39  \hich\f39 \emdash \loch\f39 \hich\f39  writable \'e8\loch\f39 \hich\f39  monitor - \'ed\'e5\'eb\'fc\'e7\'ff\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5
+\'ed\'ff\'f2\'fc\loch\f39 \hich\f39  \'e2\'ec\'e5\'f1\'f2\'e5.
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 monitor "c:\\3proxy\\bin\\\hich\af39\dbch\af31505\loch\f39 3proxy.cfg"
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d0\'e0\'e7\'f3\'ec\'e5\'e5\'f2\'f1\'ff\loch\f39 \hich\f39 , \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  \'ec\'ee\'ed\'e8\'f2\'ee\'f0\loch\f39 
+\hich\f39  \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ee\'f1\'ed\'ee\'e2\'ed\'fb\'ec\loch\f39 
+\hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'ee\'ec\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39 . \'c4\'e5\'eb\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f2\'ee\'ec\loch\f39 \hich\f39 , \'f7\'f2\'ee
+\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e2\'ea\'eb\'fe\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'ee\'f2\'e4\'e5\'eb\'fc\'ed\'fb\'e5\loch\f39 \hich\f39  \'f2\'e5\'ea
+\'f1\'f2\'ee\'e2\'fb\'e5\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'fb\loch\f39 \hich\f39  \'f1\'ee\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ea\'e0\'ec\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39 , \'f1\'e5\'f2
+\'e5\'e9\loch\f39 \hich\f39 , \'ef\'e0\'f0\'ee\'eb\'e5\'e9\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f2.\'e4\loch\f39 \hich\f39 . \'c4\'eb\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'f2\'f1
+\'ff\loch\f39 \hich\f39  \'ec\'e0\'ea\'f0\'ee\'f1\loch\f39 \hich\f39  $. \'cd\'e0\'ef\'f0\'e8\'ec\loch\af39\dbch\af31505\hich\f39 \'e5\'f0\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e7\'e0\'ef\'e8\'f1\'fb
+\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ee\'f1\'ed\'ee\'e2\'ed\'ee\'e9\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'e1\'ee\'eb\'fc\'f8\'ee\'e9\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ee\'ea\loch\f39 \hich\f39 
+ IP \'e0\'e4\'f0\'e5\'f1\'ee\'e2\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'ee\'e2\loch\f39 \hich\f39 , \'e8\'ec\'e5\'fe\'f9\'e8\'f5\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2
+\'e5\loch\f39 \hich\f39 , \'ec\'fb\loch\f39 \hich\f39  \'ec\'ee\'e6\'e5\'ec\loch\f39 \hich\f39  \'f1\'ee\'e7\'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'f2\'e5\'ea\'f1\'f2\'ee\'e2\'ee\'e9\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  IP_list.txt, 
+\'e2\loch\f39 \hich\f39  \'ed\'e5\'e3\'ee\loch\f39 \hich\f39  \'e2\'ed\'e5\'f1\'f2\'e8\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'e7\'e0\'ef\'ff\'f2\'f3\'fe\loch\f39 \hich\f39  (\'e1\'e5\'e7\loch\f39 \hich\f39  \'ef\'f0\'ee\'e1\'e5\'eb
+\'ee\'e2\loch\f39 \hich\f39 !) \'e2\'f1\'e5\loch\f39 \hich\f39  \'ed\'f3\'e6\'ed\'fb\'e5\loch\f39 \hich\f39  \'ed\'e0\'ec\loch\f39 \hich\f39  IP, \'f2\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39 , \'e7\'e0\'e4\'e0
+\'fe\'f9\'e0\'ff\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ee\'ea\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'ef\loch\af39\dbch\af31505\hich\f39 \'ee\loch\af39\dbch\af31505\hich\f39 \'f7\'f2\'e5\loch\f39 
+\hich\f39  \'e8\loch\f39 \hich\f39  \'e2\'fb\'e3\'eb\'ff\'e4\'ff\'f9\'e0\'ff\loch\f39 \hich\f39  \'f2\'e0\'ea\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3,192.168.0.4 * 2110,25,110 * 1-5
+\par \hich\af39\dbch\af31505\loch\f39 00:00:00-20:00:00
+\par \loch\af39\dbch\af31505\hich\f39 \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'e1\'fb\'f2\'fc\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'ed\'e5\'ed\'e0\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'ee\'e9\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 allow * $"c:\\3proxy\\IP_list.txt" * 2110,25,110 * 1-5 00:00:00-20:00:00
+\par \loch\af39\dbch\af31505\hich\f39 \'d2\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'ec\'fb\loch\f39 \hich\f39  \'ec\'ee\'e6\'e5\'ec\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'f1\'eb\'e5\'e6\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'e8
+\loch\f39 \hich\f39  \'e7\'e0\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ea\'ee\'ec\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\loch\af39\dbch\af31505\hich\f39 \'f1\'ee\'e2\loch\f39 \hich\f39  \'e8\'e7\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'e0\loch\f39 \hich\f39 
+ IP_list.txt \'ea\'ee\'ec\'e0\'ed\'e4\'ee\'e9\loch\f39  
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 monitor "c:\\3proxy\\bin\\IP_list.txt"
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c5\'f9\'e5\loch\f39 \hich\f39  \'ee\'e4\'ed\'e0\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0\'f2\'e5\'eb\'fc\'ed\'e0\'ff\loch\f39 \hich\f39  \'ee
+\'f1\'ee\'e1\'e5\'ed\'ed\'ee\'f1\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  - \'ef\'f0\'e8\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'ed\'e8\'e8\loch\f39 \hich\f39  \'ea\'ee\'ec
+\'e0\'ed\'e4\'fb\loch\f39 \hich\f39  monitor \'ec\'fb\loch\f39 \hich\f39  \'ec\'ee\'e6\'e5\'ec\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ea\'ee\'f0\'f0\'e5\'ea\'f2\'e8\'f0\'ee\'e2\'e0\'f2\'fc\loch\f39 
+\hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'e8\'e7\'ec\'e5\'ed\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e1\'f3\'e4\'f3\'f2\loch\f39 \hich\f39  \'ef\'f0\'e8\'ed\'e8\'ec\'e0\'f2\'fc\'f1
+\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'eb\'e5\'f2\'f3\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39 , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\loch\af39\dbch\af31505\hich\f39 \'f3\loch\f39 \hich\f39 , 
+\'ef\'ee\'e4\'ec\'e5\'ed\'e8\'f2\'fc\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'e8\'ec\loch\f39 \hich\f39  \'e2\'e0\'f0\'e8\'e0\'ed\'f2\'ee\'ec\loch\f39 \hich\f39 , \'f2\'e0\'ea\loch\f39 \hich\f39  \'ea\'e0\'ea\loch\f39 
+\hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e1\'eb\'ee\'ea\'e8\'f0\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'ee\'ec\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 
+\hich\f39  \'ee\'f2\'f1\'eb\'e5\'e6\'e8\'e2\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ed\'e0\'eb\'e8\'f7\'e8\'e5\loch\f39 \hich\f39  \'e8\'e7\'ec\'e5\'ed\'e5\'ed\'e8\'e9\loch\f39 \hich\f39 . \'dd\'f2\'ee\loch\f39 \hich\f39  
+\'e1\'fb\'e2\'e0\'e5\'f2\loch\f39 \hich\f39  \'ee\'f7\'e5\'ed\'fc\loch\f39 \hich\f39  \'f3\'e4\'ee\'e1\'ed\'ee\loch\f39 \hich\f39 . \'cd\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 \hich\f39 , \'f3\loch\f39 \hich\f39  \'ec\'e5\'ed\'ff\loch\f39 \hich\f39  \'e5
+\'f1\'f2\'fc\loch\f39 \hich\f39  \'e4\'e2\'e0\loch\f39 \hich\f39  \'e3\'ee\'f2\'ee\'e2\'fb\'f5\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  - \'ee\'e4\'e8\'ed\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee
+\'f2\'fb\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  ADSL, \'e2\'f2\'ee\'f0\'ee\'e9\loch\f39 \hich\f39  - \'e4\'eb\'ff\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'fb\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'f3\'f1\'ea
+\'ee\'f0\'e8\'f2\'e5\'eb\'fc\loch\f39 \hich\f39  \'f1\'ef\'f3\loch\af39\dbch\af31505\hich\f39 \'f2\loch\af39\dbch\af31505\hich\f39 \'ed\'e8\'ea\'ee\'e2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed\'e5\'f2\'e0\loch\f39 \hich\f39 , \'ea\'ee\'ed
+\'f4\'e8\'e3\'e8\loch\f39 \hich\f39  \'ee\'f2\'eb\'e8\'f7\'e0\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'e4\'ee\'e2\'ee\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'e7\'ed\'e0\'f7\'e8\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39 . \'cf\'f0\'e8\loch\f39 \hich\f39  \'ed
+\'e5\'ee\'e1\'f5\'ee\'e4\'e8\'ec\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'ea\'eb\'fe\'f7\'e8\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'ee\'e9\loch\f39 \hich\f39  \'ea\'e0\'ed\'e0\'eb\loch\f39 
+\hich\f39  \'ff\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'e8\'ec\'e5\'ed\'ee\'e2\'fb\'e2\'e0\'fe\loch\f39 \hich\f39  (\'e8\'eb\'e8\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'ed\'ee\'f8\'f3\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'f3\'fe
+\loch\f39 \hich\f39  \'ef\'e0\'ef\'ea\'f3\loch\f39 \hich\f39 ) \'e8\'f1\'f5\'ee\'e4\'ed\'fb\'e9\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39 , \'e2\'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  \'ed\'e5\'e3\'ee\loch\f39 \hich\f39  \'f1\'f2
+\'e0\'e2\'eb\'fe\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'ee\'e9\loch\f39 \hich\f39  - \'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e8\loch\f39 \hich\f39  \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'ed\'e8\'f7\'e5\'e3\'ee\loch\f39 
+\hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f3\'f1\'ef\'e5\'e2\'e0\'fe\'f2\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f2\'e8\'f2\'fc\loch\f39 \hich\f39 , \'f2\'e0\'ea\loch\f39 \hich\f39  \'ea\loch\af39\dbch\af31505\hich\f39 \'e0\loch\af39\dbch\af31505\hich\f39 
+\'ea\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ed\'f3\'e6\'ed\'ee\loch\f39 \hich\f39  \'ed\'e8\loch\f39 \hich\f39  \'ee\'f1\'f2\'e0\'ed\'e0\'e2\'eb\'e8\'e2\'e0\'f2\'fc\loch\f39 \hich\f39 , \'ed\'e8
+\loch\f39 \hich\f39  \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ef\'e0\'f3\'e7\'f3\loch\f39 \hich\f39 . \'ce\'f2\'eb\'e8\'f7\'ed\'e0\'ff\loch\f39 \hich\f39  \'f4\'e8\'f7\'e0
+\loch\f39 \hich\f39 , \'ed\'e5\loch\f39 \hich\f39  \'e7\'ed\'e0\'fe\loch\f39 \hich\f39  \'ed\'e8\loch\f39 \hich\f39  \'ee\'e4\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2
+\'e5\'f0\'e0\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'f2\'e0\'ea\'ee\'e9\loch\f39 \hich\f39 ! \'cd\'e5\'ee\'e1\'f5\'ee\'e4\'e8\'ec\'ee\'e5\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0\'ed\'e8\'e5\loch\f39 \hich\f39 : \'fd\'f2\'e0\loch\f39 \hich\f39 
+ \'f4\'e8\'f7\'e0\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'e8\'e7\'ec\'e5\'ed\'e5\'ed\'e8\'e5\'ec\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'eb\'e5\'f2\'f3\loch\f39 \hich\f39  \'ed\'e5
+\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\'e5\'f2\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'ee\'f7\'e5\'f2\'e0\'ed\'e8\'e8\loch\f39 \hich\f39  \'f1\loch\f39  writable. 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'e0\loch\f39 \hich\f39 , \'f7\'f3\'f2\'fc\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e7\'e0\'e1\'fb\'eb\'e8\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'e4\'e2\'e5\loch\f39 \hich\f39  \'f1\'eb\'f3
+\loch\af39\dbch\af31505\hich\f39 \'e6\'e1\'fb\loch\f39 \hich\f39  - FTP-\'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  SOCKS-\'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39 , \'e7\'e0\'ef\'f3\'f1\'ea\'e0\'e5\'ec\'fb\'e5\loch\f39 
+\hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\'ec\'e8\loch\f39  
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 ftppr 
+\par \hich\af39\dbch\af31505\loch\f39 socks
+\par \loch\af39\dbch\af31505\hich\f39 \'cf\'ee\loch\f39 \hich\f39  \'f3\'ec\'ee\'eb\'f7\'e0\'ed\'e8\'fe\loch\f39 \hich\f39  \'ee\'ed\'e8\loch\f39 \hich\f39  \'f3\'f1\'f2\'e0\'ed\'e0\'e2\'eb\'e8\'e2\'e0\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39 
+\hich\f39  \'ef\'ee\'f0\'f2\'fb\loch\f39 \hich\f39  21 \'e8\loch\f39 \hich\f39  1080 \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'e5\'ed\'ed\'ee.
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39  \'d1\'eb\'f3\'e6\'e1\'e0\loch\f39 \hich\f39  ftppr \'ef\'ee\'e7\'e2\'ee\'eb\'ff\'e5\'f2\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'f2\'e8\'f2\'fc\loch\f39 \hich\f39  "\'ed\'e0\'f1\'f2\'ee\'ff\'f9\'e8\'e9
+\loch\f39 \hich\f39 " FTP-\'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39 , \'f1\loch\f39 \hich\f39  \'ef\'ee\'e4\'e4\'e5\'f0\'e6\'ea\'ee\'e9\loch\f39 \hich\f39  \'e2\'f1\'e5\'e3\'ee\loch\f39 \hich\f39  \'f1\'f2\'e0\'ed\'e4\'e0\'f0\'f2\'ed\'ee\'e3\'ee
+\loch\f39 \hich\f39  \'ed\'e0\'e1\'ee\'f0\'e0\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\loch\f39 \hich\f39  \'ef\'f0\'ee\'f2\'ee\'ea\'ee\'eb\'e0\loch\f39  FTP,\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e7\'e0\'e1\'f3\'e4
+\'fc\'f2\'e5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\'f5\loch\f39 \hich\f39  \'e2\'e0\'f8\'e5\'e3\'ee\loch\f39 \hich\f39  FTP-\'ea\'eb\'e8\'e5\'ed\'f2\'e0\loch\f39 \hich\f39  (\'e2\loch\f39 \hich\f39  \'ec\'ee\'e5
+\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  FAR) \'f3\'ea\'e0\'e7\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 \hich\f39  192.168.0.1 \'ed\'e0
+\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'f3\loch\f39 \hich\f39  21. \'c0\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'e0\loch\f39 \hich\f39  SOCKS \'ef\'ee\'e7\'e2\'ee\'eb\'e8\'f2\loch\f39 \hich\f39  \'e2\'e0\'ec\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee
+\'e2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39 , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 \hich\f39 , \'e2\'e0\'f8\'e5\'e9\loch\f39 \hich\f39  \'eb\'fe\'e1\'e8\'ec\'ee\'e9\loch\f39 \hich\f39  \'e0\'f1\'fc\'ea\'ee\'e9\loch\f39 \hich\f39 
+, \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'e5\'ed\'ed\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e5\'e5\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\'f5\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2
+\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'f2\'fc\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'f3\loch\f39  SOCKS5,\hich\af39\dbch\af31505\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 \hich\f39  192.168.0.1 \'e8\loch\f39 
+\hich\f39  \'ef\'ee\'f0\'f2\loch\f39  1080. 
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'ee\loch\f39 \hich\f39  ICQ \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'ef\'f3\'f1\'f2\'e8\'f2\'fc\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'f7\'e5\'f0
+\'e5\'e7\loch\f39 \hich\f39  SOCKS, \'ed\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'f1\'ef\'e5\'f6\'e8\'e0\'eb\'fc\'ed\'fb\'e9\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  icqpr. \'cd
+\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 \hich\f39 , \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'ee\'e4\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'e8\'e7\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 
+\hich\f39  \'ed\'ee\'ec\'e5\'f0\loch\f39 \hich\f39  ICQ 123456789, \'f2\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  
+\'ed\'e0\'ef\'e8\'f1\'e0\'f2\'fc\loch\f39 :
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth useronly
+\par \hich\af39\dbch\af31505\loch\f39 allow 123456789
+\par \hich\af39\dbch\af31505\loch\f39 icqpr 5190 login.icq.com 5190
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ce\'e1\'f0\'e0\'f2\'e8\'f2\'e5\loch\f39 \hich\f39  \'e2\'ed\'e8\'ec\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'ef\'e5
+\'f6\'e8\'e0\'eb\'fc\'ed\'fb\'e9\loch\f39 \hich\f39   \'e2\'e8\'e4\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'e8\loch\f39 \hich\f39  useronly. \'d2\'e5\loch\f39 \hich\f39 , \'ea\'ee\'ec\'f3\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2
+\loch\f39 \hich\f39  \'eb\'e5\'ed\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'ef\'e8\'f1\'fb\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'ee\'ec\'e5\'f0\'e0\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ea\'e0\'e6\'e4\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef
+\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39 , \'e2\'f2\'ee\'f0\'f3\'fe\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'f7\'ea\'f3\loch\f39 \hich\f39  \'ec\'ee\'e3\'f3\'f2\loch\f39 \hich\f39  \'ef\'f0\'ee\'ef\'e8\'f1\'e0\'f2\'fc\loch\f39 
+\hich\f39  \'f2\'e0\'ea\loch\f39 :
+\par \hich\af39\dbch\af31505\loch\f39 allow *
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  icqpr, \'f2\'ee\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\loch\f39 \hich\f39  \'ea\'eb\'e8\'e5\'ed
+\'f2\'e0\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'f1\'ef\'e5\loch\af39\dbch\af31505\hich\f39 \'f6\'e8\'f4\'e8\'f7\'e5\'f1\'ea\'ee\'e9\loch\f39 \hich\f39 . \'cd\'e5\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'f1\'f2\'e0
+\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'e3\'e0\'eb\'ee\'f7\'ea\'f3\loch\f39 \hich\f39  \'ab\'c8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\'bb\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'e2\'ee\'f2
+\loch\f39 \hich\f39  \'e2\'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  \'ef\'f0\'e5\'e4\'eb\'e0\'e3\'e0\'fe\'f9\'e5\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'f3\'ec\'ee\'eb\'f7\'e0\'ed\'e8\'fe\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'e0
+\loch\f39 \hich\f39  login.icq.com \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e2\'ed\'e5\'f1\'f2\'e8\loch\f39 \hich\f39  IP \'ed\'e0\'f8\'e5\'e3\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0
+\'e0.\'ce\'f1\'f2\'e0\'eb\'ee\'f1\'fc\loch\f39 \hich\f39  \'ef\'f0\'e8\'e2\'e5\'f1\'f2\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e8\'e2\'f8\'e8\'e9\'f1\'ff\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f7\'e8\'e9\loch\f39 \hich\f39  \'e2\'e0\'f0\'e8\'e0\'ed
+\'f2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  (\'e2\'e5\'f0\'f1\'e8\'ff\loch\f39  6): 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 service
+\par \hich\af39\dbch\af31505\loch\f39 internal 192.16\hich\af39\dbch\af31505\loch\f39 8.0.1 
+\par \hich\af39\dbch\af31505\loch\f39 external 211.80.11.12
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.100.1
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.101.1
+\par \hich\af39\dbch\af31505\loch\f39 nscache 65536
+\par \hich\af39\dbch\af31505\loch\f39 monitor "c:\\3proxy\\bin\\3proxy.cfg"
+\par \hich\af39\dbch\af31505\loch\f39 monitor "c:\\3proxy\\IP_list.txt"
+\par \hich\af39\dbch\af31505\loch\f39 logformat "L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" %E %I %O %N/%R:%r"
+\par \hich\af39\dbch\af31505\loch\f39 log c:\\3proxy\\logs\\3proxy.log D
+\par \hich\af39\dbch\af31505\loch\f39 r\hich\af39\dbch\af31505\loch\f39 otate 30
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0\pararsid3764488 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 
+archiver }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \hich\af39\dbch\af31505\loch\f39 rar \loch\af39\dbch\af31505\hich\f39 \'93\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 
+\ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "c:\\Program Files\\WinRAR\\rar.exe}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \loch\af39\dbch\af31505\hich\f39 \'94\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "\hich\af39\dbch\af31505\loch\f39  a -df -inul %A %F
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 nobandlimin * * * 110
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 24000 * 192.168.0.2,192.168.0.3
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 48000 * 192.168.0.4
+\par \hich\af39\dbch\af31505\loch\f39 bandlimout 24000 *
+\par \hich\af39\dbch\af31505\loch\f39 counter "c:\\3proxy\\3proxy.3cf" D "C:\\3proxy\\traf\\traf"
+\par \hich\af39\dbch\af31505\loch\f39 nocountin * 192.168.0.4 * 110 *
+\par \hich\af39\dbch\af31505\loch\f39 countin "1/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c8\'e2\'e0\'ed\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 50 * 192.168.0.2 * * *
+\par \hich\af39\dbch\af31505\loch\f39 countin "2/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'e5\'f2\'f0\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 80 * 192.168.0.3 * * *
+\par \hich\af39\dbch\af31505\loch\f39 countin "3/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d1\'e8\'e4\'ee\'f0\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 30 * 192.168.0.4 * * *
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly 
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.200.4 * * * 1-5 09:00:00-18:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168\hich\af39\dbch\af31505\loch\f39 .0.3 * 80,443 * 1-7 00:00:00-23:59:59
+\par \hich\af39\dbch\af31505\loch\f39 proxy 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 # }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'ce\'d7\'d2\'c0}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly
+\par \hich\af39\dbch\af31505\loch\f39 deny * 192.168.200.4 * 110 * 1-5 18:00:00-23:59:59,00:00:00-08:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3,192.168.0.4 * 25,110 * 1-5 00:00:00-20:00:00
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 2500 smtp.provider\hich\af39\dbch\af31505\loch\f39 .ru 25
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 2110 pop.mail.ru 110
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 3110 pop.yandex.ru 110
+\par \hich\af39\dbch\af31505\loch\f39 pop3p
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3 * 21,1080 * 1-5 00:00:00-20:00:00
+\par \hich\af39\dbch\af31505\loch\f39 ftppr 
+\par \hich\af39\dbch\af31505\loch\f39 socks
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 allow *
+\par \hich\af39\dbch\af31505\loch\f39 icqpr
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 auth iponly
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.4 * 80 * 1-5 00:00:00-20:00:00
+\par \hich\af39\dbch\af31505\loch\f39 admin 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c7\'e4\'e5\'f1\'fc\loch\f39 \hich\f39  \'ec\'fb\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\'e0\'e5\'ec\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 
+\hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ea\'e0\'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'eb\'ee\'e6\'e5\'ed\'e8\'e5\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'ea\'e0\'ea\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'f3\loch\f39 \hich\f39 , \'e4\'eb\'ff
+\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  service. \'cd\'e0\'ef\'ee\'ec\'e8\'ed\'e0\'fe\loch\f39 \hich\f39 , \'f7\'f2
+\'ee\loch\f39 \hich\f39  \'f3\'f1\'f2\'e0\'ed\'ee\'e2\'ea\'e0\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39  \'ef\'f0\'ee\'e8\'e7\'e2\'ee\'e4\'e8\'f2\'f1\'ff\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'ee\'e9\loch\f39 \hich\f39  \'e8
+\'e7\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'ed\'ee\'e9\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'e8\loch\f39 \hich\f39  Windows \'eb\'e8\'e1\'ee\loch\f39 \hich\f39  \'eb\'fe\loch\af39\dbch\af31505\hich\f39 \'e1\'ee\'e3\'ee\loch\f39 \hich\f39  \'f4
+\'e0\'e9\'eb-\'ec\'e5\'ed\'e5\'e4\'e6\'e5\'f0\'e0\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 3proxy --install 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ee\'e1\'ff\'e7\'e0\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'ed\'fb\loch\f39 \hich\f39  \'e2\'e8\'f1\'e5\'f2\'fc\loch\f39 
+\hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'f2\'e0\'ed\'e4\'e0\'f0\'f2\'ed\'fb\'f5\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'e0\'f5\loch\f39 \hich\f39 , \'eb\'fe\'e1\'f3\'fe\loch\f39 \hich\f39  \'e8\'e7\loch\f39 \hich\f39  \'ed\'e8\'f5\loch\f39 \hich\f39  
+\'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'f1\'ea\'ee\'ed\'f4\'e8\'e3\'f3\'f0\'e8\'f0\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'ee\'e9\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\loch\f39 \hich\f39  \'ee\'ef\'f6\'e8
+\'e5\'e9\loch\f39 \hich\f39  -p\'cd\'ce\'cc\'c5\'d0\loch\f39 \hich\f39 _\'cf\'ce\'d0\'d2\'c0\loch\f39 \hich\f39 , \'ed\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 : 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 proxy -p8080
+\par \hich\af39\dbch\af31505\loch\f39 ftppr -p2121
+\par \hich\af39\dbch\af31505\loch\f39 admin -p8081
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d5\'ee\'f7\'f3\loch\f39 \hich\f39  \'ef\'f0\'ee\'ff\'f1\'ed\'e8\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0
+\'e0\'f5\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'ee\'e4\'e8\'ed\loch\f39 \hich\f39  \'ec\'ee\'ec\'e5\'ed\'f2\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'fb\'e9\loch\f39 \hich\f39  \'ff\loch\f39 \hich\f39  \'f1\'e0\'ec
+\loch\f39 \hich\f39  \'ef\'ee\'ed\'ff\'eb\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f1\'f0\'e0\'e7\'f3\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'ee\'ed\'e8\'ec\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  \'ea\'ee\'f2\'ee\'f0\'ee\'e3\'ee
+\loch\f39 \hich\f39 , \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39 , \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'e2\'fb\'e7\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'e1\'eb\'e5\'ec\'fb\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f3
+\loch\f39 \hich\f39  \'e2\'e0\'f1\loch\f39 \hich\f39 . \'dd\'f2\'ee\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'e8\loch\f39 \hich\f39  auth strong. \'cf\'f0\'e5\'e4
+\'ef\'ee\'eb\'ee\'e6\'e8\'ec\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ed\'e0\'ec\loch\f39 \hich\f39  \'f5\'ee\'f7\'e5\'f2\'f1\'ff\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ea
+\loch\f39 \hich\f39  WEB-\'e0\'e4\'ec\'e8\'ed\'e8\'f1\'f2\'f0\'e8\'f0\'ee\'e2\'e0\'ed\'e8\'fe\loch\f39 \hich\f39  \'e1\'fb\'eb\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e5\'ed\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'f1
+\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e0\loch\f39  192.168.0\hich\af39\dbch\af31505\loch\f39 \hich\f39 .4, \'ef\'f0\'e8\'f7\'e5\'ec\loch\f39 \hich\f39  \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec
+\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'e0\'f8\'e8\'e2\'e0\'eb\'f1\'ff\loch\f39 \hich\f39  \'ef\'e0\'f0\'ee\'eb\'fc\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39 . \'c2\loch\f39 \hich\f39  
+\'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'f3\'fe\'f9\'e0\'ff\loch\f39 \hich\f39  \'f1\'e5\'ea\'f6\'e8\'ff\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 
+\hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e2\'fb\'e3\'eb\'ff\'e4\'e5\'f2\'fc\loch\f39 \hich\f39  \'f2\'e0\'ea\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth strong
+\par \hich\af39\dbch\af31505\loch\f39 allow Administrator 192.168.0.4 * 80 * 1-5 00:00:00-20:00:00
+\par \hich\af39\dbch\af31505\loch\f39 deny *
+\par \hich\af39\dbch\af31505\loch\f39 admin
+\par \loch\af39\dbch\af31505\hich\f39 \'c8\loch\f39 \hich\f39  \'f0\'e0\'e7\'f3\'ec\'e5\'e5\'f2\'f1\'ff\loch\f39 \hich\f39 , \'ef\'f0\'e5\'e6\'e4\'e5\loch\f39 \hich\f39  \'f7\'e5\'ec\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\'f1\'ff
+\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'e5\'e9\loch\f39 \hich\f39  strong, \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e7\'e0\'e2\'e5\'f1\'f2\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff
+\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39  Administrator: 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 users Administrator:CL:password
+\par \loch\af39\dbch\af31505\hich\f39 \'d2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'ef\'ee\'ef\'fb\'f2\'ea\'e5\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'f2\'f0\'e0
+\'ed\'e8\'f6\'f3\loch\f39 \hich\f39  WEB-\'e0\'e4\'ec\'e8\'ed\'e8\'f1\'f2\'f0\'e8\'f0\'ee\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e0\loch\f39 \hich\f39  \'d1\'e8\'e4\'ee\'f0\'ee\'e2\'e0
+\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'e0\'f8\'e8\'e2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'ef\'e0\'f0\'ee\'eb\'fc\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'e8
+\'f5\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e0\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\loch\af39\dbch\af31505\hich\f39 \'ef\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'eb\'ed\'ee\'f1\'f2\'fc\'fe\loch\f39 
+\hich\f39  \'e7\'e0\'ea\'f0\'fb\'f2\loch\f39 \hich\f39 . \'ca\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  deny * \'e2\'f1\'e5\'e3\'e4\'e0\loch\f39 \hich\f39  \'ef\'f0\'e8\'f1\'f3\'f2\'f1\'f2\'e2\'f3\'e5\'f2\loch\f39 \hich\f39  \'ed\'e5\'ff\'e2\'ed\'ee
+\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f6\'e5\loch\f39 \hich\f39  \'eb\'fe\'e1\'ee\'e3\'ee\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ea\'e0\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39 , \'e8\loch\f39 \hich\f39  
+\'e5\'e5\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'fb\'eb\'ee\loch\f39 \hich\f39  \'e1\'fb\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'fb\'e2\'e0\'f2\'fc\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  
+\'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e5\'e5\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'ef\'e0\'f0\'ee\'eb\'fc\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  
+\'e7\'e0\'ef\'f0\'e0\'f8\'e8\'e2\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'eb\'fe\'e1\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f1\loch\f39 
+\hich\f39  \'eb\'fe\'e1\'ee\'e9\loch\f39 \hich\f39  \'ec\'e0\'f8\'e8\'ed\'fb\loch\f39 \hich\f39 , \'f5\'ee\'f2\'ff\loch\f39 \hich\f39  \'ef\'f3\'f1\'f2\'ff\'f2\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'f0\'e0\'e2\'ed\'ee\loch\f39 \hich\f39  
+\'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'e0\loch\af39\dbch\af31505\hich\f39 \'e4\loch\af39\dbch\af31505\hich\f39 \'f0\'e5\'f1\'e0\loch\f39 \hich\f39  192.168.0.4. \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e6\'e5\loch\f39 
+\hich\f39  \'f2\'f0\'e5\'f2\'fc\'ff\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'f7\'ea\'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'f0\'e8\'e2\'e5\'e4\'e5\'ed\'ed\'ee\'e9\loch\f39 \hich\f39  \'e2\'fb\'f8\'e5\loch\f39 \hich\f39  \'f1\'e5\'ea\'f6\'e8
+\'e8\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e2\'fb\'e3\'eb\'ff\'e4\'e5\'f2\'fc\loch\f39 \hich\f39  \'f2\'e0\'ea\loch\f39 : 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 allow Administrator * * 80 * 1-5 00:00:00-20:00:00
+\par \loch\af39\dbch\af31505\hich\f39 \'f2\'ee\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'e0\'e4\'ec\'e8\'ed\'e8\'f1\'f2\'f0\'e8\'f0\'ee\'e2\'e0\'ed\'e8\'fe\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 
+\hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e8\'f2\'fc\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'eb\'fe\'e1\'ee\'e3\'ee\loch\f39 \hich\f39  \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e0\loch\f39 \hich\f39  \'ef\'f0\'e8
+\loch\f39 \hich\f39  \'ef\'f0\'e5\'e4\'fa\'ff\'e2\'eb\'e5\'ed\'e8\'e8\loch\f39 \hich\f39  \'ef\'e0\'f0\'ee\'eb\'ff\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\loch\af39\dbch\af31505\hich\f39 \'f2\'e5\'eb\'ff
+\loch\f39  Administrator. 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'ca\'e0\'e6\'e4\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 
+\hich\f39 , \'ef\'ee\loch\f39 \hich\f39  \'e2\'f1\'e5\'e9\loch\f39 \hich\f39  \'e2\'e8\'e4\'e8\'ec\'ee\'f1\'f2\'e8\loch\f39 \hich\f39 , \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'e5\'f1\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'f2\'f0
+\'e0\'f4\'e8\'ea\loch\f39 \hich\f39 , \'e8\'e7\'f0\'e0\'f1\'f5\'ee\'e4\'ee\'e2\'e0\'ed\'ed\'fb\'e9\loch\f39 \hich\f39  \'e8\'ec\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f2\'e5\'ea\'f3\'f9\'e8\'e9\loch\f39 \hich\f39  \'ec\'ee\'ec\'e5\'ed\'f2
+\loch\f39 \hich\f39 . \'c4\'eb\'ff\loch\f39 \hich\f39  \'f2\'ee\'e3\'ee\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fe\loch\f39 \hich\f39  \'f2\'e0\'ea
+\'f3\'fe\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\'f1\'f2\'fc\loch\f39 \hich\f39 , \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e2\'f1\'e5\'e3\'ee\loch\f39 \hich\f39  \'eb\'e8\'f8\'fc\loch\f39 \hich\f39  \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'e5\'ec
+\'f3\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'f2\'f0\'e0\'ed\'e8\'f6\'f3\loch\f39 \hich\f39  WEB-\'e0\'e4\'ec\'e8\'ed\'e8\'f1\'f2\'f0\'e8\'f0\'ee\loch\af39\dbch\af31505\hich\f39 \'e2\'e0\'ed\'e8
+\'ff\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'ed\'fb\'ec\'e8\loch\f39 \hich\f39  \'ef\'f0\'e0\'e2\'e0\'ec\'e8\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'ee\'ed
+\loch\f39 \hich\f39  \'ec\'ee\'e3\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ef\'ee\'f1\'ec\'ee\'f2\'f0\'e5\'f2\'fc\loch\f39 \hich\f39  \'f2\'e5\'ea\'f3\'f9\'e8\'e5\loch\f39 \hich\f39  \'e7\'ed\'e0\'f7\'e5\'ed\'e8\'ff\loch\f39 
+\hich\f39  \'f1\'e2\'ee\'e5\'e3\'ee\loch\f39 \hich\f39  (\'e8\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'f1\'e2\'ee\'e5\'e3\'ee\loch\f39 \hich\f39 !) \'e8\'e7\'f0\'e0\'f1\'f5\'ee\'e4\'ee\'e2\'e0\'ed\'ed\'ee\'e3\'ee\loch\f39 
+\hich\f39  \'e8\loch\f39 \hich\f39  \'ec\'e0\'ea\'f1\'e8\'ec\'e0\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'e4\'ee\'ef\'f3\'f1\'f2\'e8\'ec\'ee\'e3\'ee\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\'e0\loch\f39 \hich\f39 . \'c4\'eb\'ff\loch\f39 \hich\f39  \'fd
+\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'f2\'e8\'f2\'fc\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'f3\loch\f39 \hich\f39  admin \'e4\'eb\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39 
+ \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'f0\'e0\'e7\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'ee\'ec\loch\f39 \hich\f39  \'ef\'ee
+\'f0\'f2\'f3\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f1\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'ea\loch\af39\dbch\af31505\hich\f39 \'eb\'fe\'f7\'ee\'ec\loch\f39 \hich\f39  -s (\'f1\'ee\'ea\'f0\'e0\'f9\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'ee
+\'f2\loch\f39 \hich\f39  \'f1\'eb\'ee\'e2\'e0\loch\f39 \hich\f39  security), \'e4\'eb\'ff\loch\f39 \hich\f39  \'f7\'e5\'e3\'ee\loch\f39 \hich\f39  \'e4\'ee\'ef\'e8\'f1\'fb\'e2\'e0\'e5\'ec\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8
+\'e3\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'f7\'ea\'e8\loch\f39 : 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly
+\par \hich\af39\dbch\af31505\loch\f39 allow *
+\par \hich\af39\dbch\af31505\loch\f39 admin -p8081 -s
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'ea\'e0\'e6\'e4\'fb\'e9\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fc\loch\f39 
+\hich\f39  \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'ee\'f2\'ea\'f0\'fb\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e1\'f0\'e0\'f3\'e7\'e5\'f0\'e5\loch\f39 \hich\f39  \'f1\'f2\'f0\'e0\'ed\'e8\'f6\'f3\loch\f39 \hich\f39 
+ http://192.168.0.1:8081/C \'e8\loch\f39 \hich\f39  \'f3\'e2\'e8\'e4\'e5\'f2\'fc\loch\f39 \hich\f39  \'f2\'e0\'ec\loch\f39 \hich\f39  \'f1\'e2\'ee\'fe\loch\f39 \hich\f39  \'f1\'f2\'e0\'f2\'e8\'f1\'f2\'e8\'ea\'f3\loch\f39 \hich\f39 . \'c0\loch\f39 
+\hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fc\hich\af39\dbch\af31505\loch\f39 \hich\f39  Administrator \'ed\'e0\loch\f39 \hich\f39  \'f1\'f2\'f0\'e0\'ed\'e8\'f6\'e5\loch\f39 \hich\f39  http://192.168.0.1:8080/C \'ec\'ee\'e6\'e5\'f2\loch\f39 
+\hich\f39  \'ef\'ee\'f1\'ec\'ee\'f2\'f0\'e5\'f2\'fc\loch\f39 \hich\f39  \'f1\'f2\'e0\'f2\'e8\'f1\'f2\'e8\'ea\'f3\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39 . \'cf\'f0\'e8\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec
+\loch\f39 \hich\f39  \'e5\'f1\'f2\'fc\loch\f39 \hich\f39  \'ee\'ef\'f0\'e5\'e4\'e5\'eb\'e5\'ed\'ed\'e0\'ff\loch\f39 \hich\f39  \'f5\'e8\'f2\'f0\'ee\'f1\'f2\'fc\loch\f39 \hich\f39 : \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2
+\'e5\'eb\'fc\loch\f39 \hich\f39  \'ee\'ef\'f0\'e5\'e4\'e5\'eb\'ff\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  IP-\'e0\'e4\'f0\'e5\'f1\'f3\loch\f39 \hich\f39 , \'ea\'e0\'ea\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5
+\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39 , \'f2\'ee\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f2\'ee\'e3\'ee\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'ee\'ed\loch\f39 \hich\f39  \'e2\'e8\'e4
+\'e5\'eb\loch\f39 \hich\f39  \'e4\'e5\'e9\'f1\'f2\'e2\'e8\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'f1\'e2\'ee\'fe\loch\f39 \hich\f39  \'f1\'f2\'e0\'f2\'e8\'f1\'f2\'e8\'ea\'f3\loch\f39 \hich\f39 , \'ed\'e5\'ee\loch\af39\dbch\af31505\hich\f39 \'e1
+\loch\af39\dbch\af31505\hich\f39 \'f5\'ee\'e4\'e8\'ec\'ee\loch\f39 \hich\f39 , \'f7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\'f5\loch\f39 \hich\f39  \'e1\'f0\'e0\'f3\'e7\'e5\'f0\'e0\loch\f39 
+\hich\f39  (\'ed\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 \hich\f39  Internet Explorer) \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  http://192.168.0.1 \'ef\'f0\'ee\'e8\'f1\'f5\'ee\'e4\'e8\'eb\loch\f39 \hich\f39  \'e1\'e5\'e7
+\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39 . \'c8\'ed\'e0\'f7\'e5\loch\f39 \hich\f39  \'e2\'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\'e0\loch\f39 \hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\'e0
+\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'e0\loch\f39 \hich\f39  admin \'f3\'e2\'e8\'e4\'e8\'f2\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\loch\f39 \hich\f39  \'f1\'e0\'ec\'ee\'e3\'ee\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39 , 
+\'f2.\'ea\loch\f39 \hich\f39 . \'ea\'eb\'e8\'e5\'ed\'f2\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'f2\'e8\'f2\'f1\'ff\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'ed\'e5\'e9\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1
+\'e8\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ee\'f2\'f0\'e0\'e1\'ee\'f2\'e0\'e5\'f2\loch\f39 \hich\f39  \'ed\'e5\'ef\'f0\'e0\'e2\'e8\loch\af39\dbch\af31505\hich\f39 \'eb\loch\af39\dbch\af31505\hich\f39 \'fc\'ed\'ee\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c8\'e7\loch\f39 \hich\f39  \'ef\'f0\'e8\'e2\'e5\'e4\'e5\'ed\'ed\'fb\'f5\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'ee\'e2\loch\f39 \hich\f39  \'f1\'f2\'e0\'ed\'ee\'e2\'e8\'f2\'f1\'ff\loch\f39 \hich\f39  \'ff\'f1\'ed
+\'ee\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'ff\loch\f39 \hich\f39  strong \'ef\'f0\'e5\'e4\'ef\'ee\'eb\'e0\'e3\'e0\'e5\'f2\loch\f39 \hich\f39  \'ef\'f0\'ee\'e2\'e5\'f0\'ea\'f3\loch\f39 \hich\f39  
+\'ef\'ee\loch\f39 \hich\f39  \'ed\'e0\'e8\'e1\'ee\'eb\'e5\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\'ed\'ee\'ec\'f3\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ea\'f3\loch\f39 \hich\f39  \'ef\'e0\'f0\'e0\'ec\'e5\'f2\'f0\'ee\'e2\loch\f39 \hich\f39 : IP \'f0\'e0\'e1
+\'ee\'f7\'e5\'e9\loch\f39 \hich\f39  \'f1\'f2\'e0\'ed\'f6\'e8\'e8\loch\f39 \hich\f39 , \'e8\'ec\'ff\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'e0\'f0\'ee\'eb\'fc\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 
+\hich\f39 , \'f1\'ef\'e8\'f1\'ee\'ea\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e5\'ed\'ed\'fb\'f5\loch\f39 \hich\f39  \'f5\'ee\'f1\'f2\'ee\'e2\loch\f39 \hich\f39 , \'ef\'ee\'f0\'f2\'ee\'e2\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f2.\'e4
+\loch\f39 \hich\f39 ., \'e2\loch\f39 \hich\f39  \'ee\'f2\'eb\'e8\'f7\'e8\'e5\loch\f39 \hich\f39  \'ee\'f2\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'e8\loch\f39 \hich\f39  iponly, \'ea\'ee\loch\af39\dbch\af31505\hich\f39 \'e3\'e4\'e0
+\loch\f39 \hich\f39  \'e8\'ec\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee\'e2\'e5\'f0\'ff\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  - \'ed\'ee\loch\f39 \hich\f39  \'e7
+\'e2\'e5\'e7\'e4\'ee\'f7\'ea\'f3\loch\f39 \hich\f39  \'e2\'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  \'e8\'ec\'e5\'ed\'e8\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed
+\'e4\'e5\loch\f39 \hich\f39  allow \'ec\'fb\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'e2\'fb\'ed\'f3\'e6\'e4\'e5\'ed\'fb\loch\f39 \hich\f39  \'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 
+\hich\f39  \'f1\'ee\'e2\'ec\'e5\'f1\'f2\'e8\'ec\'ee\'f1\'f2\'e8\loch\f39 ! 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c0\loch\f39 \hich\f39  \'f2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'ef\'f0\'e5\'e4\'ef\'ee\'eb\'ee\'e6\'e8\'ec\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ed\'e0\'ec\loch\f39 \hich\f39  \'ed\'f3\'e6\'ed\'ee
+\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'f0\'ff\'e4\'f3\loch\f39 \hich\f39  \'ef\'f0\'e8\'f7\'e8\'ed\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'e5\'f2\'e8\'f2\'fc\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ed\'e0\loch\f39 
+\hich\f39  \'ed\'e5\'ea\'ee\'f2\'ee\'f0\'fb\'e5\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'fb\loch\f39 \hich\f39 , \'ed\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 \hich\f39 , \'ee\'e1\'f9\'e5\'e8\'e7\'e2\'e5\'f1\'f2\'ed\'fb\'e9\loch\f39  ww
+\hich\af39\dbch\af31505\loch\f39 \hich\f39 w.anekdot.ru. \'c4\'eb\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39   \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'ec\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39  nsrecord: 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 nsrecord www.anekdot.ru 127.0.0.3
+\par \loch\af39\dbch\af31505\hich\f39 \'f2\'e5\'ec\loch\f39 \hich\f39  \'f1\'e0\'ec\'fb\'ec\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'ed\'e0\'ef\'f0\'e0\'e2\'eb\'ff\'e5\'ec\loch\f39 \hich\f39  \'eb\'fe\'e1\'fb\'e5\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'ee\'f1\'fb
+\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'e0\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'e0\'ed\'e5\'ea\'e4\'ee\'f2\'e0\'ec\'e8\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'eb\'ee\'ea\'e0\'eb\'fc\'ed\'fb\'e9\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1
+\loch\f39 \hich\f39 . \'cc\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'fd\'f2\'f3\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e1\'ee\'eb\'e5
+\'e5\loch\f39 \hich\f39  \'e8\'e7\'ee\'f9\'f0\'e5\'ed\'ed\'ee\'ec\loch\f39 \hich\f39  \'e2\'e0\'f0\'e8\'e0\'ed\'f2\'e5\loch\f39 \hich\f39 , \'ed\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 , 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 nsrecord www.ane\hich\af39\dbch\af31505\loch\f39 kdot.ru 87.250.251.11
+\par \loch\af39\dbch\af31505\hich\f39 \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e2\'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'e0\loch\f39 \hich\f39  www.anekdot.ru \'ef\'e5\'f0\'e5\'ed\'e0\'ef\'f0\'e0\'e2\'eb\'ff\'f2\'fc\loch\f39 \hich\f39  
+\'ed\'e0\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\loch\f39 \hich\f39  www.yandex.ru. \'c2\'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  \'ff\'ed\'e4\'e5\'ea\'f1\'e0\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'fb\'eb\'ee\loch\f39 \hich\f39  
+\'e1\'fb\loch\f39 \hich\f39  \'f1\'e4\'e5\'eb\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'ed\'e0\'ef\'f0\'e0\'e2\'eb\'e5\'ed\'e8\'e5\loch\f39 \hich\f39 , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 \hich\f39 , \'ed\'e0\loch\f39 
+\hich\f39  \'ea\'ee\'f0\'ef\'ee\'f0\'e0\'f2\'e8\'e2\'ed\'fb\'e9\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'ef\'f0\'ee\'f7\'e5\'ec\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'e8\loch\f39 \hich\f39  0.6 \'ef\'ee\'ff\'e2\'e8\'eb\'e0\'f1\'fc\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\'f1\'f2
+\'fc\loch\f39 \hich\f39  \'e1\'ee\'eb\'e5\'e5\loch\f39 \hich\f39  \'f3\'e4\'ee\'e1\'ed\'ee\loch\f39 \hich\f39  \'f3\'ef\'f0\'e0\'e2\'eb\'ff\'f2\'fc\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ea\'ee\loch\af39\dbch\af31505\hich\f39 \'ec\loch\f39 \hich\f39  \'e4
+\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'fb\loch\f39 \hich\f39 . \'c4\'eb\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc
+\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  \'f5\'ee\'f0\'ee\'f8\'ee\loch\f39 \hich\f39  \'e7\'ed\'e0\'ea\'ee\'ec\'f3\'fe\loch\f39 \hich\f39  \'ed\'e0\'ec\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39 
+\hich\f39  deny \'f1\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'ed\'e8\'e5\'ec\loch\f39 \hich\f39  \'f8\'e0\'e1\'eb\'ee\'ed\'ee\'e2\loch\f39 \hich\f39 , \'ed\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 :
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 deny * * www.anekdot.ru *
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'e1\'e5\'e7\'f3\'f1\'eb\'ee\'e2\'ed\'ee\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'e5\'f9\'e0\'e5\'f2\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2
+\loch\f39  }{\field{\*\fldinst {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 HYPERLINK "http://www.anekdot.ru/"}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid3764488 
+{\*\datafield 00d0c9ea79f9bace118c8200aa004ba90b0200000003000000e0c9ea79f9bace118c8200aa004ba90b4600000068007400740070003a002f002f007700770077002e0061006e0065006b0064006f0074002e00720075002f000000795881f43b1d7f48af2c825dc485276300000000a5ab0000}}
+}{\fldrslt {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\ul\cf9\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 www.anekdot.ru}}}\sectd \ltrsect\linex0\sectdefaultcl\sftnbj {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\kerning1\insrsid11355186 
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 deny * * anekdot* *
+\par 
+\par }\pard \ltrpar\ql \fi-360\li360\ri0\nowidctlpar\tx360\wrapdefault\hyphpar0\faauto\rin0\lin360\itap0 {\rtlch\fcs1 \af1\afs18 \ltrch\fcs0 \f1\fs18\kerning1\insrsid11355186\charrsid3764488 -\tab }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e7\'e0\'ef\'f0\'e5\'f9\'e0\'e5\'f2\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'fb
+\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'ed\'e0\'e7\'e2\'e0\'ed\'e8\'e8\loch\f39 \hich\f39  \'ea\'ee\'f2\'ee\'f0\'fb\'f5\loch\f39 \hich\f39  \'e2\'f1\'f2\'f0\'e5\'f7\'e0\'e5\'f2\'f1\'ff\loch\f39  anekdot.
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'ef\'f0\'ee\'f7\'e5\'ec\loch\f39 \hich\f39 , \'ef\'f0\'ee\'e4\'e2\'e8\'ed\'f3\'f2\'fb\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e8\loch\f39 \hich\f39  \'ec\'ee\'e3\'f3\'f2\loch\f39 
+\hich\f39  \'ee\'e1\'ee\'e9\'f2\'e8\loch\f39 \hich\f39  \'fd\'f2\'ee\'f2\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'e5\'f2\loch\f39 \hich\f39 , \'ee\'e1\'f0\'e0\'f9\'e0\'ff\'f1\'fc\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'f3\loch\f39 
+\hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'e5\'e3\'ee\loch\f39 \hich\f39  IP \'e8\'eb\'e8\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'ff\loch\f39 \hich\f39  \'e0\'ed\'ee\'ed\'e8\'ec\'ed\'fb\'e5\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'fb.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d3\loch\f39 \hich\f39  \'f1\'e5\'e1\'ff\loch\f39 \hich\f39  \'ff\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'fe\loch\f39 \hich\f39  \'f6\'e5\'eb\'fb\'e9\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ee\'ea\loch\f39 
+\hich\f39  \'f8\'e0\'e1\'eb\'ee\'ed\'ee\'e2,\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39 , \'ea\'ee\'ec\'f3-\'f2\'ee\loch\f39 \hich\f39  \'ef\'f0\'e8\'e3\'ee\'e4\'e8\'f2\'f1\'ff\loch\f39 :
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 
+deny * * *sex*,*porn*,*adult*,*xxx*,*gamepark*,*vagina*,*mpp3*,*seks*,*virgin*,*pipisk*,*pastushka*,*1xuk.ru*,*teens*,*zaycev*,*lubovmorkov*,*mp3*,*bannerbank*,*yadro*,*dosug.nu*,*lesbo*,*lesbian*,*eroti*,*viporg.ru*,*intim*
+\hich\af39\dbch\af31505\loch\f39 
+,*erohost*,*eross*,*teenfant*,*nudist*,*pimpserver*,*banner*,*ads.sup.com*,*rb.mail.ru*,*counter.rambler.ru*,*carol.ru*,*video.mail.ru*,*pelotka*,*akadostream*,*media.kino-govno.com*,*odnoklassniki.ru*,*vkontakte.ru*,*zhuki.mail.ru*,*fishki.net*,*dofiga.n
+\hich\af39\dbch\af31505\loch\f39 e\hich\af39\dbch\af31505\loch\f39 t*
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d7\'f2\'ee\'e1\'fb\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e7\'e0\'e3\'f0\'ee\'ec\'ee\'e6\'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'e4\'eb\'e8\'ed\'ed\'fb\'ec\'e8
+\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ea\'e0\'ec\'e8\loch\f39 \hich\f39 , \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39 \hich\f39  include \'e8
+\loch\f39 \hich\f39  \'ec\'e0\'ea\'f0\'ee\'f1\loch\f39 \hich\f39  $. \'cd\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 \hich\f39 , \'ef\'f0\'e5\'e4\'fb\'e4\'f3\'f9\'e0\'ff\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  \'ec\'ee\'e3\'eb\'e0
+\loch\f39 \hich\f39  \'e1\'fb\loch\f39 \hich\f39  \'e2\'fb\'e3\'eb\'ff\'e4\'e5\'f2\'fc\loch\f39 \hich\f39  \'f2\'e0\'ea\loch\f39 :
+\par \hich\af39\dbch\af31505\loch\f39 deny * * $c:\\3proxy\\ban.txt
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'e3\'e4\'e5\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39  ban.txt \hich\f39 \emdash \loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  \'f2\'e5\'ea\'f1\'f2\'ee\'e2\'fb\'e9\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb
+\loch\f39 \hich\f39 , \'f1\'ee\'e4\'e5\'f0\'e6\'e0\'f9\'e8\'e9\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ee\'ea\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'e5\'f2\'ed\'fb\'f5\loch\f39 \hich\f39  \'f0\'e5\'f1\'f3\'f0\'f1\'ee\'e2\hich\af39\dbch\af31505\loch\f39 
+\hich\f39  (\'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'e7\'e0\'ef\'ff\'f2\'f3\'fe\loch\f39 \hich\f39 , \'e1\'e5\'e7\loch\f39 \hich\f39  \'ef\'f0\'ee\'e1\'e5\'eb\'ee\'e2\loch\f39 )
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'eb\'e8\'e1\'ee}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'f2\'e0\'ea}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 :
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 include c\\3proxy\\ban\-include.txt
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e3\'e4\'e5\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  ban_include.txt \'f1\'ee\'e4\'e5\'f0\'e6\'e0\'eb\loch\f39 \hich\f39  \'e1\'fb
+\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'e5\'e1\'e5\loch\f39 \hich\f39  \'e2\'f1\'fe\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'f3\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'e5
+\'f2\'e0\'ec\'e8.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c6\'e5\'eb\'e0\'fe\'f9\'e8\'e5\loch\f39 \hich\f39  \'ec\'ee\'e3\'f3\'f2\loch\f39 \hich\f39  \'ed\'e0\'e9\'f2\'e8\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ea\'e8\loch\f39 \hich\f39  \'e1\'e0\'ed-\'eb\'e8\'f1\'f2\'ee\'e2
+\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed\'e5\'f2\'e5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'e0\'e4\'e0\'ef\'f2\'e8\'f0\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\'f3
+\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39  3proxy, \'e1\'eb\'e0\'e3\'ee\loch\f39 \hich\f39  \'f7\'f2\'ee\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'e9\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'f0\'e0\'e7\'ec\'e5\'f0\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39   \'ed\'e5\'f2\loch\f39 \hich\f39 .  \'d2\'e0\'ea\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'ea\'e0\'ea\loch\f39 \hich\f39  \'ed\'e5
+\'f2\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'e9\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'fb\loch\f39 \hich\f39 , \'e2\'ea\'eb\'fe\'f7\'e5\'ed\'ed\'fb\'e5\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 
+\hich\f39  include. \'cd\'e0\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'fb\loch\f39 \hich\f39 , \'e2\'ea\'eb\'fe\'f7\'e5\'ed\'ed\'fb\'e5\loch\f39 \hich\f39  \'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'ec\'e0\'ea\'f0\'ee\'f1\loch\f39 \hich\f39  $, \'f1\'f3\'f9
+\'e5\'f1\'f2\'e2\'f3\'e5\'f2\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  64 \'ea\'e8\'eb\'ee\'e1\'e0\'e9\'f2\'e0.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'eb\'ff\loch\f39 \hich\f39  \'f3\'e4\'ee\'e1\'f1\'f2\'e2\'e0\loch\f39 \hich\f39  \'e4\'e0\'eb\'fc\'ed\'e5\'e9\'f8\'e5\'e3\'ee\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'ea
+\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'f0\'e0\'e7\'e1\'e8\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\'f7\'e5\'f1\'ea\'e8\'e5\loch\f39 \hich\f39  \'f0\'e0\'e7\'e4\'e5\'eb\'fb
+\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'ee\'ef\'ee\'eb\'ed\'e8\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ec\'ec\'e5\'ed\'f2\'e0\'f0\'e8\'ff\'ec\'e8\loch\f39 \hich\f39 . \'df\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 
+\hich\f39  \'e4\'e5\'eb\'e0\'fe\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ef\'ee\'ec\'ee\'f9\'fc\loch\f39 \hich\f39  \'f1\'e8\'ec\'e2\'ee\'eb\'e0\loch\f39 \hich\f39  #. \'cd\'e0\'ef\'ee\'ec\'ed\'fe\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 
+\hich\f39  \'eb\'fe\'e1\'e0\'ff\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'e0\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39 , \'ed\'e0\'f7\'e8\'ed\'e0\'fe\'f9\'e0\'ff\'f1\'ff\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'ef\'f0\'ee
+\'e1\'e5\'eb\'e0\loch\f39 \hich\f39  \'e8\'eb\'e8\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'f1\'e8\'ec\'e2\'ee\'eb\'e0\loch\f39 \hich\f39  #, \'e2\'ee\'f1\'ef\'f0\'e8\'ed\'e8\'ec\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'ee
+\'ec\loch\f39 \hich\f39  \'ea\'e0\'ea\loch\f39 \hich\f39  \'ea\'ee\'ec\'ec\'e5\'ed\'f2\'e0\'f0\'e8\'e9\loch\f39 \hich\f39 . \'c2\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ee\'ea\'ee\'ed\'f7
+\'e0\'f2\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  "\'e2\'fb\'eb\'e8\'e7\'e0\'ed\'ed\'fb\'e9\loch\f39 \hich\f39 " \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'e2\'fb\'e3\'eb\'ff\'e4\'e5\'f2\'fc\loch\f39 \hich\f39  
+\'f2\'e0\'ea\loch\f39 \hich\f39  (\'e2\'e5\'f0\'f1\'e8\'ff\loch\f39  7):\hich\af39\dbch\af31505\loch\f39  
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par \hich\af39\dbch\af31505\loch\f39 # }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ce\'c1\'d9\'c8\'c5}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'c0\'d0\'c0\'cc\'c5\'d2\'d0
+\'db}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 service
+\par \hich\af39\dbch\af31505\loch\f39 internal 192.168.0.1 
+\par \hich\af39\dbch\af31505\loch\f39 external 211.80.11.12
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.100.1
+\par \hich\af39\dbch\af31505\loch\f39 nserver 213.153.101.1
+\par \hich\af39\dbch\af31505\loch\f39 nscache 655\hich\af39\dbch\af31505\loch\f39 36
+\par \hich\af39\dbch\af31505\loch\f39 deny * * anekdot* *monitor "c:\\3proxy\\bin\\3proxy.cfg"
+\par \hich\af39\dbch\af31505\loch\f39 monitor "c:\\3proxy\\IP_list.txt"
+\par \hich\af39\dbch\af31505\loch\f39 logformat "L%C - %U [%d/%o/%Y:%H:%M:%S %z] ""%T"" %E %I %O %N/%R:%r"
+\par \hich\af39\dbch\af31505\loch\f39 log c:\\3proxy\\logs\\3proxy.log D
+\par \hich\af39\dbch\af31505\loch\f39 rotate 30
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0\pararsid3764488 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 
+archiver }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \hich\af39\dbch\af31505\loch\f39 rar \loch\af39\dbch\af31505\hich\f39 \'93\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 
+\ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "c:\\Program Files\\WinRAR\\rar.exe}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488 \loch\af39\dbch\af31505\hich\f39 \'94\loch\af39\dbch\af31505\hich\f39 \'94}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid3764488\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 "\hich\af39\dbch\af31505\loch\f39  a -df -inul %A %F
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 # \'c7\'c0\'c4\'c0\'c5\'cc\loch\f39 \hich\f39  \'cf\'ce\'cb\'dc\'c7\'ce\'c2\'c0\'d2\'c5\'cb\'c5\'c9\loch\f39 \hich\f39 , \'ce\'c3\'d0\'c0\'cd\'c8\'d7\'c5\'cd\'c8\'df\loch\f39 \hich\f39  \'d1\'ca\'ce\'d0\'ce\'d1
+\'d2\'c8\loch\f39 \hich\f39  \'c8\loch\f39 \hich\f39  \'d1\'d7\'c5\'d2\'d7\'c8\'ca\'c8
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 users Administrator:CL:password
+\par \hich\af39\dbch\af31505\loch\f39 nobandlimin * * * 110
+\par \hich\af39\dbch\af31505\loch\f39 bandli\hich\af39\dbch\af31505\loch\f39 min 24000 * 192.168.0.2,192.168.0.3
+\par \hich\af39\dbch\af31505\loch\f39 bandlimin 48000 * 192.168.0.4
+\par \hich\af39\dbch\af31505\loch\f39 bandlimout 24000 *
+\par \hich\af39\dbch\af31505\loch\f39 counter "c:\\3proxy\\3proxy.3cf" D "C:\\3proxy\\traf\\traf"
+\par \hich\af39\dbch\af31505\loch\f39 nocountin * 192.168.0.4 * 110 *
+\par \hich\af39\dbch\af31505\loch\f39 countin "1/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c8\'e2\'e0\'ed\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 50 * 192.168.0.2 * * *
+\par \hich\af39\dbch\af31505\loch\f39 countin "2/}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'e5\'f2\'f0\'ee\'e2}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 " M 80 * 192.168.0.3 * * *
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 countin "3/\'d1\'e8\'e4\'ee\'f0\'ee\'e2\loch\f39 " M 30 * 192.168.0.4 * * *
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 # \'d0\'c0\'c7\'c4\'c0\'c5\'cc\loch\f39  WEB
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly 
+\par \hich\af39\dbch\af31505\loch\f39 deny * * *sex*,*porn*,*adul\hich\af39\dbch\af31505\loch\f39 
+t*,*xxx*,*gamepark*,*vagina*,*mpp3*,*seks*,*virgin*,*pipisk*,*pastushka*,*1xuk.ru*,*teens*,*zaycev*,*lubovmorkov*,*mp3*,*bannerbank*,*yadro*,*dosug.nu*,*lesbo*,*lesbian*,*eroti*,*viporg.ru*,*intim*,*erohost*,*eross*,*teenfant*,*nudist*,*pimpserver*,*banne
+\hich\af39\dbch\af31505\loch\f39 r\hich\af39\dbch\af31505\loch\f39 
+*,*ads.sup.com*,*rb.mail.ru*,*counter.rambler.ru*,*carol.ru*,*video.mail.ru*,*pelotka*,*akadostream*,*media.kino-govno.com*,*odnoklassniki.ru*,*vkontakte.ru*,*zhuki.mail.ru*,*fishki.net*,*dofiga.net*
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.4 * * * 1-5 09:00:00-18:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow *\hich\af39\dbch\af31505\loch\f39  192.168.0.2,192.168.0.3 * 80,443 * 1-7 00:00:00-23:59:59
+\par \hich\af39\dbch\af31505\loch\f39 proxy \hich\f39 \endash \loch\f39 a -t
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par \hich\af39\dbch\af31505\loch\f39 # }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d0\'c0\'c7\'c4\'c0\'c5\'cc}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'ce\'d7\'d2\'d3}{
+\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly
+\par \hich\af39\dbch\af31505\loch\f39 deny * 192.168.200.4 *\hich\af39\dbch\af31505\loch\f39  110 * 1-5 18:00:00-23:59:59,00:00:00-08:00:00
+\par \hich\af39\dbch\af31505\loch\f39 allow * $"c:\\3proxy\\IP_list.txt" * 3110,25,110 * 1-5 00:00:00-20:00:00
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 25 smtp.provider.ru 25
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 2110 pop.mail.ru 110
+\par \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 3110 pop.yandex.ru 110
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par \hich\af39\dbch\af31505\loch\f39 # }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d0\'c0\'c7\'c4\'c0\'c5\'cc}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  FTP }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c8}{\rtlch\fcs1 
+\af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c0\'d1
+\'dc\'ca\'d3}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly
+\par \hich\af39\dbch\af31505\loch\f39 allow * 192.168.0.2,192.168.0.3 * 2110,25,110 * 1-5 00:00:00-20:00:00
+\par \hich\af39\dbch\af31505\loch\f39 ftppr 
+\par \hich\af39\dbch\af31505\loch\f39 socks
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 flu\hich\af39\dbch\af31505\loch\f39 sh
+\par \hich\af39\dbch\af31505\loch\f39 allow *
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 icqpr
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 # \'c0\'c4\'cc\'c8\'cd\'c8\'d1\'d2\'d0\'c0\'d2\'c8\'c2\'cd\'db\'c9\loch\f39 \hich\f39  \'c4\'ce\'d1\'d2\'d3\'cf
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth strong
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 allow Administrator 192.168.0.4 * 80 * 1-5 00:00:00-20:00:00
+\par \hich\af39\dbch\af31505\loch\f39 admi\hich\af39\dbch\af31505\loch\f39 n
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 flush
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly
+\par \hich\af39\dbch\af31505\loch\f39 allow *
+\par \hich\af39\dbch\af31505\loch\f39 admin -p8081 -s
+\par \hich\af39\dbch\af31505\loch\f39 dnspr
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 end
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 # \'ca\'ce\'cd\'c5\'d6\loch\f39 \hich\f39  \'ca\'ce\'cd\'d4\'c8\'c3\'c0
+\par \hich\af39\dbch\af31505\loch\f39 ###############################################################
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'ee\'e3\'eb\'e0\'f1\'e8\'f2\'e5\'f1\'fc\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'f2\'e0\'ea\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'ed\'e0\'ec\'ed\'ee\'e3\'ee\loch\f39 
+\hich\f39  \'e8\'ed\'f4\'ee\'f0\'ec\'e0\'f2\'e8\'e2\'ed\'e5\'e5\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'eb\'e5\'e3\loch\af39\dbch\af31505\hich\f39 \'f7\'e5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e2\'ee\'f1\'ef\'f0\'e8\'ff\'f2\'e8\'e8
+\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'ca\'eb\'fe\'f7\loch\f39 \hich\f39  -\'e0\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'ef\'ee\'e7\'e2\'ee\'eb\'ff\'e5
+\'f2\loch\f39 \hich\f39  \'f1\'ea\'f0\'fb\'f2\'fc\loch\f39 \hich\f39  \'e2\'ed\'f3\'f2\'f0\'e5\'ed\'ed\'e8\'e9\loch\f39 \hich\f39  IP \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'f7\'e5\'ec\loch\f39 
+\hich\f39  \'eb\'e5\'e3\'ea\'ee\loch\f39 \hich\f39  \'f3\'e1\'e5\'e4\'e8\'f2\'fc\'f1\'ff\loch\f39 \hich\f39 , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 \hich\f39 , \'e7\'e0\'e9\'e4\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39  2ip.ru
+
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f6\'e5\loch\f39 \hich\f39  \'ef\'ee\'f1\'f2\'e0\'e2\'e8\'eb\'e8\loch\f39 \hich\f39  \'ed\'e5\'ee\'e1\'ff\'e7\'e0\'f2\'e5\'eb\'fc\'ed\'f3\'fe\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed
+\'e4\'f3\loch\f39 \hich\f39  end. \'c2\'f1\'e5\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ed\'e0\'f5\'ee\'e4\'e8\'f2\'f1\'ff\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'ed\'e5\'e5\loch\f39 \hich\f39 , \'f1\'e5\'f0\'e2\'e5
+\'f0\'ee\'ec\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e1\'e0\'f2\'fb\'e2\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39 . \'ca\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39  en\hich\af39\dbch\af31505\loch\f39 \hich\f39 d - \'fd\'f2\'ee\loch\f39 
+\hich\f39  \'f1\'e2\'ee\'e5\'e3\'ee\loch\f39 \hich\f39  \'f0\'ee\'e4\'e0\loch\f39 \hich\f39  \'e7\'ed\'e0\'ea\loch\f39 \hich\f39  \'e3\'eb\'ee\'e1\'e0\'eb\'fc\'ed\'ee\'e3\'ee\loch\f39 \hich\f39 , \'e4\'ee\loch\f39 \hich\f39  \'ea\'ee\'ed\'f6\'e0\loch\f39 
+\hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39 , \'ea\'ee\'ec\'ec\'e5\'ed\'f2\'e0\'f0\'e8\'ff\loch\f39 \hich\f39 . \'c1\'fb\'e2\'e0\'e5\'f2\loch\f39 \hich\f39  \'e8\'ed\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'f3\'e4\'ee\'e1\'ed\'ee\loch\f39 
+\hich\f39  \'ee\'f2\'ea\'eb\'fe\'f7\'e8\'f2\'fc\loch\f39 \hich\f39  \'e1\'ee\'eb\'fc\'f8\'f3\'fe\loch\f39 \hich\f39  \'f7\'e0\'f1\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39 , \'ef\'f0\'ee\'f1\'f2\'ee\loch\f39 \hich\f39  
+\'ef\'ee\'f1\'f2\'e0\'e2\'e8\'e2\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'e4\loch\f39 \hich\f39  \'ed\'e5\'e9\loch\f39 \hich\f39  \'fd\'f2\'f3\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39 . 
+\par \loch\af39\dbch\af31505\hich\f39 \'ca\'f0\'ee\'ec\'e5\loch\f39 \hich\f39  \'f2\'ee\'e3\'ee\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'f2\'e8\'eb
+\'e8\loch\f39 \hich\f39  \'ea\'fd\'f8\'e8\'f0\'f3\'fe\'f9\'e8\'e9\loch\f39 \hich\f39  dns \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  dnspr, \'f2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'ed\'e0\loch\f39 
+\hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\'f1\'ea\'e8\'f5\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'ea\'ee\'ec\'ef\'fc\'fe\'f2\'e5\'f0\'e0\'f5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e9\'ea\'e0\'f5\loch\f39 \hich\f39  \'f1\'e5
+\'f2\'e8\loch\f39 \hich\f39  \'ed\'e0\'e7\'ed\'e0\'f7\'e8\'f2\'fc\loch\f39 \hich\f39  IP \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39  \'ea\'e0\'ea\loch\f39 \hich\f39  DNS \'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 
+. 
+\par \loch\af39\dbch\af31505\hich\f39 \'d0\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e8\'ec\loch\f39 \hich\f39  \'f2\'e5\'ef\'e5\'f0\'fc\loch\f39 \hich\f39  \'ed\'e5\'f0\'e5\'e4\'ea\'e8\'e9\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e9\loch\f39 \hich\f39 , \'ea\'ee\'e3\'e4
+\'e0\loch\f39 \hich\f39  \'ed\'f3\'e6\'ed\'ee\loch\f39 \hich\f39  \'f0\'e0\'e7\'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed\'e5\'f2\loch\f39 \hich\f39 , \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'ef\'f0\'ee\'e2\'e0\'e9
+\'e4\'e5\'f0\'e0\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\loch\f39 \hich\f39 , \'f2.\'e5\loch\f39 \hich\f39 . \'f1\'eb\'f3\'f7\'e0\'e9\loch\f39 \hich\f39  \'e2\'fb\'f8\'e5\'f1\'f2\'ee\'ff\'f9\'e5\'e3\'ee
+\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39 . \'ca\'f0\'ee\'ec\'e5\loch\f39 \hich\f39  \'f2\'ee\'e3\'ee\loch\f39 \hich\f39 , \'fd\'f2\'ee\loch\f39 \hich\f39  \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'ef\'f0\'e8\'e3\'ee\'e4\'e8\'f2
+\'fc\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\loch\af39\dbch\af31505\hich\f39 \'ee\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  
+\'f7\'e5\'f0\'e5\'e7\loch\f39 \hich\f39  \'f3\'f1\'ea\'ee\'f0\'e8\'f2\'e5\'eb\'fc\loch\f39 \hich\f39  \'f1\'ef\'f3\'f2\'ed\'e8\'ea\'e0\loch\f39 \hich\f39 , \'ea\'e0\'ea\loch\f39 \hich\f39  \'fd\'f2\'ee\loch\f39 \hich\f39  \'e1\'fb\'eb\'ee\loch\f39 
+\hich\f39  \'f3\loch\f39 \hich\f39  \'ec\'e5\'ed\'ff\loch\f39 \hich\f39 . \'c2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f1
+\'e2\'ff\'e7\'ea\'e0\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'ed\'e0\'ef\'f0\'e0\'e2\'eb\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  parent \'e8\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'fb\loch\f39 \hich\f39  allow. \'d0\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e8\'ec
+\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 \hich\f39 , \'ea\'ee\'e3\'e4\'e0\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f9\'e5\'ed\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'eb\'ee\'ea\'e0\'eb\'fc
+\'ed\'ee\'ec\loch\f39 \hich\f39  \'f5\'ee\'f1\'f2\'e5\loch\f39 \hich\f39  127.0.0.1, \'ef\'ee\'f0\'f2\loch\f39  3128 \hich\f39 \emdash \loch\f39 \hich\f39  \'f2\'e8\'ef\'e8\'f7\'ed\'fb\'e9\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e9\loch\f39 \hich\f39  
+\'e4\'eb\'ff\loch\f39 \hich\f39  \'f3\'f1\'ea\'ee\'f0\'e8\'f2\'e5\'eb\'ff\loch\f39 \hich\f39  \'f1\'ef\'f3\'f2\'ed\'e8\loch\af39\dbch\af31505\hich\f39 \'ea\loch\af39\dbch\af31505\hich\f39 \'ee\'e2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'ed
+\'e5\'f2\'e0\loch\f39 \hich\f39 . \'c2\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'f2\'e5\'e9\'f8\'e8\'e9\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39   \'e1
+\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e2\'fb\'e3\'eb\'ff\'e4\'e5\'f2\'fc\loch\f39 \hich\f39  \'f2\'e0\'ea\loch\f39 :
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 fakeresolve 
+\par \hich\af39\dbch\af31505\loch\f39 auth iponly 
+\par \hich\af39\dbch\af31505\loch\f39 allow * 
+\par \hich\af39\dbch\af31505\loch\f39 parent 1000 http 127.0.0.1 3128
+\par \hich\af39\dbch\af31505\loch\f39 proxy -p8080
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c7\'e4\'e5\'f1\'fc\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  fakeresolve, \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'ec\'e0\'ff
+\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e8\'ec\'e5\'ed\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'eb\'f3\'f7\'e0\'e5\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'ed\'e0\'ef\'f0
+\'e0\'e2\'eb\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'e7\'e0\'ef\'f0\'ee\'f1\'ee\'e2\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e2\'fb\'f8\'e5\'f1\'f2\'ee\'ff\'f9\'e8\'e9\loch\f39 \hich\f39 
+ \'ef\'f0\'ee\'ea\'f1\'e8.
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'e5\'ee\'e1\'f5\'ee\'e4\'e8\'ec\'ee\'e5\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\'f1\'eb\'ee\'e2\'e8\'e5
+\par \loch\af39\dbch\af31505\hich\f39 \'cf\'f0\'e8\'e2\'e5\'e4\'e5\'ed\'ed\'fb\'e9\loch\f39 \hich\f39  \'e2\'fb\'f8\'e5\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39  \'e4\'ee\'e2\'ee\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'e1\'eb\'e8\'e7\'ee
+\'ea\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'f2\'ee\'ec\'f3\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ff\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'fe\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ee\'f4\'e8\'f1\'e5
+\loch\f39 \hich\f39 , \'e7\'e0\loch\f39 \hich\f39  \'e8\'f1\'ea\'eb\'fe\'f7\'e5\'ed\'e8\'e5\'ec\loch\f39 \hich\f39  \'ea\'ee\'eb\'e8\'f7\'e5\'f1\'f2\'e2\'e0\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39  \'e8
+\loch\f39 \hich\f39  \'ed\'e5\'ea\'ee\'f2\'ee\'f0\'fb\'f5\loch\f39 \hich\f39  \'f1\'ef\'e5\'f6\'e8\'f4\'e8\'f7\'ed\'fb\'f5\loch\f39 \hich\f39  \'ec\'ee\'ec\'e5\'ed\'f2\'ee\'e2\loch\f39 \hich\f39 . \'cf\'f0\'e8\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec
+\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'e8\'ec\'e5\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e2\'e8\'e4\'f3\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'f7\'e0\'f1\'f2\'fc\loch\f39 \hich\f39  \'f4\'f3\'ed\'ea
+\'f6\'e8\'e9\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\hich\af39\dbch\af31505\loch\f39 \hich\f39 , \'f0\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e5\'ed\'ed\'fb\'f5\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'e0\'f5\loch\f39 \hich\f39 , 
+\'f0\'e0\'e1\'ee\'f2\'e0\'e5\'f2\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e2\'e5\'f0\'f1\'e8\'e8\loch\f39 \hich\f39  0.6, \'f3\'f2\'ee\'f7\'ed\'e8\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  
+\'ea\'ee\'ed\'ea\'f0\'e5\'f2\'ed\'fb\'ec\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\'ec\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e2\loch\f39  changelog: http://3proxy.ru/current/Changelog.txt
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'ee\'eb\'e6\'e5\'ed\loch\f39 \hich\f39  \'ef\'f0\'e8\'e7\'ed\'e0\'f2\'fc\'f1\'ff\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'ec\'fb\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f0\'e0\'f1\'f1\'ec\'ee
+\'f2\'f0\'e5\'eb\'e8\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f2\'f0\'e5\'f2\'e8\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'fb\'f5\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e5\'ea\loch\f39 \hich\f39  
+\'f1\'e5\'f0\'e2\'e5\'f0\'e0\loch\f39 \hich\f39 . \'c5\'f1\'f2\'fc\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'ec\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'f0\'e0\'e7\'ed\'fb\'f5\loch\f39 \hich\f39  \'ea\'ee\'ec\loch\af39\dbch\af31505\hich\f39 \'e0
+\'ed\'e4\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'fb\'e5\loch\f39 \hich\f39  \'e2\'e0\'ec\loch\f39 \hich\f39  \'ec\'ee\'e3\'f3\'f2\loch\f39 \hich\f39  \'ef\'ee\'ed\'e0\'e4\'ee\'e1\'e8\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  -  dialer, maxconn, system, i, 
+\'ea\'ee\'f2\'ee\'f0\'fb\'e5\loch\f39 \hich\f39  \'ee\'f1\'f2\'e0\'eb\'e8\'f1\'fc\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f0\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e5\'ed\'ed\'fb\'ec\'e8\loch\f39 \hich\f39  \'e2\'ee\'ee\'e1\'f9\'e5\loch\f39 \hich\f39 , 
+\'e4\'e0\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f0\'e0\'e7\'ed\'ee\'ee\'e1\'f0\'e0\'e7\'e8\'e5\loch\f39 \hich\f39  \'e2\'f1\'e5\'ec\'ee\'e7\'ec\'ee\'e6\'ed\'fb\'f5\loch\f39 \hich\f39  \'f1\'ee\'f7\'e5\'f2\'e0\'ed\'e8\'e9\loch\f39 \hich\f39  \'f0
+\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e5\'ed\'ed\'fb\'f5\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\loch\f39 \hich\f39  \'ed\'e0\'ec\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'e1\'ee\'e3\'e0\'f7\'e5\loch\f39 \hich\f39 . \'cd\'ee\loch\f39 \hich\f39  \'ff\loch\f39 
+\hich\f39  \'e8\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f1\'f2\'e0\'e2\'e8\'eb\loch\f39 \hich\f39  \'f1\'e5\'e1\'e5\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'f7\'f3\loch\f39 \hich\f39  \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'e1\'ee\'eb\'e5\'e5-\'ec
+\'e5\'ed\'e5\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\'ed\'ee\'e5\loch\f39 \hich\f39  \'ee\'ef\'e8\'f1\'e0\'ed\'e8\'e5\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\loch\af39\dbch\af31505\hich\f39 \'e3\loch\af39\dbch\af31505\hich\f39 \'e0\loch\f39 \hich\f39 , \'ee
+\'e3\'f0\'e0\'ed\'e8\'f7\'e8\'e2\'f8\'e8\'f1\'fc\loch\f39 \hich\f39  \'e1\'ee\'eb\'e5\'e5\loch\f39 \hich\f39  \'f1\'ea\'f0\'ee\'ec\'ed\'ee\'e9\loch\f39 \hich\f39  - \'f0\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e5\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\loch\f39 
+\hich\f39  \'f0\'ff\'e4\'e5\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'ee\'e2\loch\f39 \hich\f39 , \'ef\'ee\'f1\'f2\'f0\'ee\'e5\'ed\'ed\'fb\'f5\loch\f39 \hich\f39  \'ea\'e0\'ea\loch\f39 \hich\f39  \'ec\'e0\'f2\'f0\'e5\'f8\'ea\'e0\loch\f39 \hich\f39  - 
+\'ee\'f2\loch\f39 \hich\f39  \'f1\'e0\'ec\'ee\'e3\'ee\loch\f39 \hich\f39  \'ec\'e0\'eb\'e5\'ed\'fc\'ea\'ee\'e3\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'e4\'ee\loch\f39 \hich\f39  \'e4\'ee\'f1
+\'f2\'e0\'f2\'ee\'f7\'ed\'ee\loch\f39 \hich\f39  \'f1\'eb\'ee\'e6\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  "\'ef\'f0\'e0\'e2\'e8\'eb\'fc\'ed\'ee\'e3\'ee\loch\f39 \hich\f39 " - \'ea\'ee\'ed\'f4\'e8\'e3\loch\f39 \hich\f39 , \'f7\'f2\'ee
+\'e1\'fb\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e8\'f5\loch\f39 \hich\f39  \'ee\'f1\'ed\'ee\'e2\'e5\loch\f39 \hich\f39  \'ef\'ee\'ed\'ff\'f2\'fc\loch\f39 \hich\f39  \'ee\'f1\'ed\'ee\'e2\'ed\'fb\'e5\loch\f39 \hich\f39  \'ef\'f0\'e8\'ed\'f6\'e8
+\'ef\'fb\loch\f39 \hich\f39 . \'cd\'e5\'f1\'ec\'ee\'f2\'f0\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ea\'e0\'e6\'f3\'f9\'f3\'fe\'f1\'ff\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ef\'e5\'f0\'e2\'fb\'e9\loch\f39 \hich\f39  \'e2\'e7\'e3
+\'eb\'ff\'e4\hich\af39\dbch\af31505\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'f1\'eb\'ee\'e6\'ed\'ee\'f1\'f2\'fc\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\'ea\'e8\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39 , \'ed\'e0\'e4\'e5\'fe\'f1
+\'fc\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'ef\'f0\'ee\'f6\'e5\'f1\'f1\'e5\loch\f39 \hich\f39  \'f7\'f2\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'f2\'e5\'ea\'f1\'f2\'e0\loch\f39 \hich\f39  \'e2\'fb\loch\f39 
+\hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  \'f3\'e1\'e5\'e4\'e8\'eb\'e8\'f1\'fc\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e5\'ec\loch\f39 \hich\f39  \'e2\'f1\'e5\loch\f39 \hich\f39  \'e4\'ee\'e2\'ee\'eb\'fc\'ed
+\'ee\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'e3\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\'f7\'ed\'ee\loch\f39 \hich\f39 . \'ce\'ef\'ff\'f2\'fc\loch\f39 \hich\f39  \'e6\'e5\loch\f39 \hich\f39  \'e0\'e2\'f2\'ee\'f0\loch\f39 \hich\f39 
+ \'ef\'f0\'ee\'e3\'f0\'e0\'ec\'ec\'fb\loch\f39 \hich\f39  \'ee\'e1\'e5\'f9\'e0\'e5\'f2\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'f0\'e5\'eb\'e8\'e7\'f3\loch\f39 \hich\f39  \'f1\'e4\'e5\'eb\'e0\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3
+\loch\f39 \hich\f39  \'e1\'ee\'eb\'e5\'e5\loch\f39 \hich\f39  \'f7\'e8\'f2\'e0\'e5\'ec\'fb\'ec\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'ee\'ed\'ff\'f2\'ed\'fb\'ec\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'e0\'e6\'ed\'ee\loch\f39 \hich\f39  \'ef\'ee\'ed\'ff\'f2\'fc\loch\f39 \hich\f39 , \'ea\'e0\'ea\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\'e5\'f2\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e1\'ee\'f2\'f7\'e8\'ea
+\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\hich\af39\dbch\af31505\loch\f39 \hich\f39 . \'ce\'f7\'e5\'ed\'fc\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'f2\'ee\loch\f39 \hich\f39  - \'e2\loch\f39 \hich\f39  \'ef\'ee\'f0\'ff\'e4\'ea\'e5\loch\f39 \hich\f39 
+ \'f1\'eb\'e5\'e4\'ee\'e2\'e0\'ed\'e8\'ff\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39 . \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'f1\'e5\'f0\'e2\'e5\'f0\'f3
+\loch\f39 \hich\f39  \'ed\'e0\'e4\'ee\loch\f39 \hich\f39  \'ee\'ef\'f0\'e5\'e4\'e5\'eb\'e8\'f2\'fc\loch\f39 \hich\f39 , \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'f2\'ee\'f2\loch\f39 \hich\f39  \'e8\'eb\'e8\loch\f39 \hich\f39  \'e8\'ed\'ee\'e9\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'ee\'f1\loch\f39 \hich\f39  - \'ee\'ed\loch\f39 \hich\f39  \'e8\'f9\'e5\'f2\loch\f39 \hich\f39  \'ef\'e5\'f0\'e2
+\'ee\'e5\loch\f39 \hich\f39  \'f3\'e4\'ee\'e2\'eb\'e5\'f2\'e2\'ee\'f0\'ff\'fe\'f9\'e5\'e5\loch\f39 \hich\f39  \'ef\'f0\'e0\'e2\'e8\'eb\'ee\loch\f39 \hich\f39  \'e8\'e7\loch\f39 \hich\f39  \'f1\'ef\'e8\'f1\'ea\'e0\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3
+\'ef\'e0\loch\f39 \hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\'ee\'e2\loch\f39 \hich\f39  (ACL) \'e8\loch\f39 \hich\f39  \'e4\'e5\'e9\'f1\'f2\'e2\'f3\'e5\'f2\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'e8\'e8\loch\f39 
+\hich\f39  \'f1\loch\f39 \hich\f39  \'ed\'e8\'ec\loch\f39 \hich\f39 , \'e4\'e0\'e6\'e5\loch\f39 \hich\f39  \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'ed\'e5\'e3\loch\af39\dbch\af31505\hich\f39 \'ee
+\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'e5\'f1\'f2\'fc\loch\f39 \hich\f39  \'e4\'f0\'f3\'e3\'e8\'e5\loch\f39 \hich\f39  \'ef\'f0\'e0\'e2\'e8\'eb\'e0\loch\f39 \hich\f39 . \'c8\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'ee\'e4\'ed\'ee
+\loch\f39 \hich\f39  - \'e2\'f1\'e5\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'ed\'fb\loch\f39 \hich\f39  \'e1\'fb\'f2\'fc\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'ed\'fb\loch\f39 \hich\f39  \'e2
+\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39  \'c4\'ce\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\'e0\loch\f39 \hich\f39  \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'f3\'fe\'f9\'e5\'e9\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb
+\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e5\'f1\'f2\'fc\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee\'f1\'fb\loch\f39 \hich\f39  - \'e4\'ee\'e1\'f0\'ee\loch\f39 \hich\f39  \'ef\'ee\'e6\'e0\'eb\'ee\'e2\'e0\'f2\'fc\loch\f39 
+\hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'f4\'ee\'f0\'f3\'ec\loch\f39 \hich\f39  http://3proxy.ru/board.html. \'c2\'ef\'f0\'ee\'f7\'e5\'ec\loch\f39 \hich\f39 , \'e4\'ee\'eb\'e6\'e5\'ed\loch\f39 \hich\f39  \'ef\'f0\'e5\'e4\'f3\'ef\'f0\'e5\'e4\'e8\'f2\'fc
+\loch\f39 \hich\f39 , \'f7\'f2\'ee\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee\'f1\'fb\loch\f39 \hich\f39  \'f2\'e8\'ef\'e0\loch\f39 \hich\f39  "\'e0\loch\f39 \hich\f39  \'ef\'ee\'f7\'e5\'ec\'f3\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'ec\'e5\'ed\'ff
+\loch\f39 \hich\f39  \'ed\loch\af39\dbch\af31505\hich\f39 \'e8\'f7\'e5\'e3\'ee\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\'e5\'f2\loch\f39 \hich\f39 ?" \'e7\'e4\'e5\'f1\'fc\loch\f39 \hich\f39 , \'ea\'e0\'ea\loch\f39 
+\hich\f39  \'ef\'f0\'e0\'e2\'e8\'eb\'ee\loch\f39 \hich\f39 , \'ed\'e5\loch\f39 \hich\f39  \'ef\'f0\'e8\'e2\'e5\'f2\'f1\'f2\'e2\'f3\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'f0\'e5\'e4\'e2\'e0\'f0\'e8\'f2\'e5\'eb\'fc\'ed\'ee\'e5
+\loch\f39 \hich\f39  \'f7\'f2\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'f5\'ee\'f2\'ff\loch\f39 \hich\f39  \'e1\'fb\loch\f39 \hich\f39  FAQ \'e8\loch\f39 \hich\f39  HowTO \'ed\'e5\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ef\'f0\'e8
+\'e2\'e5\'f2\'f1\'f2\'e2\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ff\'e2\'eb\'ff\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'ee\'e1\'ff\'e7\'e0\'f2\'e5\'eb\'fc\'ed\'fb\'ec\loch\f39 \hich\f39 . \'cd\'e0
+\loch\f39 \hich\f39  \'ee\'f1\'ed\'ee\'e2\'e0\'ed\'e8\'e8\loch\f39 \hich\f39  \'f1\'ee\'e1\'f1\'f2\'e2\'e5\'ed\'ed\'ee\'e3\'ee\loch\f39 \hich\f39  \'ee\'ef\'fb\'f2\'e0\loch\f39 \hich\f39  \'ec\'ee\'e3\'f3\loch\f39 \hich\f39  \'ef\'ee\'f1\'ee\'e2\'e5\'f2
+\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'f0\'f3\'f1\'f1\'ea\'ee\'ff\'e7\'fb\'f7\'ed\'fb\'f5\loch\f39 \hich\f39  FAQ \'e8\loch\f39 \hich\f39  HowTO, \'e7\'e0\'f2\'e5\'ec\loch\f39 
+\hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'f1\'f0\loch\af39\dbch\af31505\hich\f39 \'e0\loch\af39\dbch\af31505\hich\f39 \'e2\'ed\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ef\'f0\'ee\'f7\'e8\'f2\'e0\'f2\'fc\loch\f39 \hich\f39  \'e0\'ed\'e3\'eb\'ee\'ff\'e7
+\'fb\'f7\'ed\'fb\'e5\loch\f39 \hich\f39  FAQ \'e8\loch\f39 \hich\f39  HowTO, \'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'e8\'f5\loch\f39 \hich\f39  \'ed\'e0\'f8\'e5\'eb\loch\f39 \hich\f39  \'ed\'e5\'ea\'ee\'f2\'ee\'f0\'fb\'e5\loch\f39 
+\hich\f39  \'e2\'e7\'e0\'e8\'ec\'ee\'e4\'ee\'ef\'ee\'eb\'ed\'ff\'fe\'f9\'e8\'e5\loch\f39 \hich\f39  \'ec\'ee\'ec\'e5\'ed\'f2\'fb\loch\f39 \hich\f39 . \'cd\'f3\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f0\'e0\'e7\'f3\'ec\'e5\'e5\'f2\'f1\'ff\loch\f39 
+\hich\f39 , \'ec\'e5\'e4\'e8\'f2\'e0\'f6\'e8\'ff\loch\f39 \hich\f39  \'ed\'e0\'e4\loch\f39 \hich\f39  man (\'f3\'e2\'fb\loch\f39 \hich\f39 , \'ee\'ed\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e0\'ed
+\'e3\'eb\'e8\'e9\'f1\'ea\'ee\'ec\loch\f39 \hich\f39 ) \'e4\'e0\'f1\'f2\loch\f39 \hich\f39  \'e2\'e0\'ec\loch\f39 \hich\f39  \'ee\'f2\'e2\'e5\'f2\'fb\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'e8\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e2\'f1\'e5
+\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee\'f1\'fb\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\'f3\loch\f39 \hich\f39  \'e7\'e0\'ec\'e5\'f7\'e0\'f2\'e5\'eb\'fc\'ed\'ee\'ec\'f3\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0
+\'e2\'e5\'f0\'f3\loch\f39 \hich\f39 . \'cc\'ee\'e3\'f3\loch\f39 \hich\f39  \'f3\'f2\'e2\'e5\'f0\'e6\'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'fd\'f2\loch\af39\dbch\af31505\hich\f39 \'ee\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  
+\'f1\'ee\'e1\'f1\'f2\'e2\'e5\'ed\'ed\'ee\'ec\'f3\loch\f39 \hich\f39  \'ee\'ef\'fb\'f2\'f3\loch\f39 \hich\f39 . \'cd\'e0\loch\f39 \hich\f39  \'ee\'f1\'f2\'e0\'e2\'f8\'e8\'e5\'f1\'ff\loch\f39 \hich\f39  \'e5\'f9\'e5\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee
+\'f1\'fb\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'ed\'e0\'e9\'f2\'e8\loch\f39 \hich\f39  \'ee\'f2\'e2\'e5\'f2\'fb\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  changelog, \'ed\'f3\loch\f39 
+\hich\f39  \'e0\loch\f39 \hich\f39  \'e5\'f1\'eb\'e8\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'f2\'e0\'ec\loch\f39 \hich\f39  \'e2\'fb\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ed\'e0\'e9\'e4\'e5\'f2\'e5\loch\f39 \hich\f39  \'ee\'f2\'e2\'e5
+\'f2\'e0\loch\f39 \hich\f39  - \'e7\'ed\'e0\'f7\'e8\'f2\loch\f39 \hich\f39 , \'f3\'e6\'e5\loch\f39 \hich\f39  \'ef\'ee\'f0\'e0\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee\'f1\loch\f39 \hich\f39  \'ed\'e0
+\loch\f39 \hich\f39  \'f4\'ee\'f0\'f3\'ec\'e5\loch\f39 . 
+\par 
+\par 
+\par }{\rtlch\fcs1 \ab\af39\afs20 \ltrch\fcs0 \b\f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'c4\'ee\'ef\'ee\'eb\'ed\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'ee\'f2\loch\f39 \hich\f39  30 \'ec\'e0\'f0\'f2\'e0\loch\f39 \hich\f39  2010 \'e3
+\'ee\'e4\'e0.
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\par \loch\af39\dbch\af31505\hich\f39 \'d0\'e0\'f1\'f1\'ec\'ee\'f2\'f0\'e8\'ec\loch\f39 \hich\f39  \'ed\'e5\'ea\'ee\'f2\'ee\'f0\'fb\'e5\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee\'f1\'fb\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'fb\'e5\loch\f39 \hich\f39  \'f7
+\'e0\'f9\'e5\loch\f39 \hich\f39  \'e2\'f1\'e5\'e3\loch\af39\dbch\af31505\hich\f39 \'ee\loch\f39 \hich\f39  \'e2\'ee\'e7\'ed\'e8\'ea\'e0\'fe\'f2\loch\f39 \hich\f39  \'f3\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39  }{
+\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\kerning1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 3}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 proxy
+}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 . \'c0\loch\f39 \hich\f39  \'f2\'e0\'ea\'e6\'e5\loch\f39 \hich\f39  \'ed\'e5\'ea\'ee\'f2\'ee\'f0\'fb\'e5\loch\f39 \hich\f39  \'e8\'ed\'f2
+\'e5\'f0\'e5\'f1\'ed\'fb\'e5\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 \hich\f39  \'ed\'e5\'ee\'f7\'e5\'e2\'e8\'e4\'ed\'fb\'e5\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8-\'f1\'e5\'f0\'e2\'e5
+\'f0\'e0.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 1. \'ca\'e0\'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'e2\'ff\'e7\'e0\'f2\'fc\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186 
+\hich\af1\dbch\af31505\loch\f1 MAC}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\kerning1\insrsid11355186\charrsid3764488 -}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e0\'e4\'f0\'e5\'f1
+\loch\f39 \hich\f39  \'f1\'e5\'f2\'e5\'e2\'ee\'e9\loch\f39 \hich\f39  \'ea\'e0\'f0\'f2\'fb\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 ?
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'eb\'ff\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39 
+ }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 system}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\kerning1\insrsid11355186\charrsid3764488 
+\hich\af1\dbch\af31505\loch\f1 :
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 system arp -s 1.2.3.4 AA:BB:CC:DD:EE:FF}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1  
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'fd\'f2\'e0\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\loch\af39\dbch\af31505\hich\f39 \'f7\'ea\'e0\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed
+\'f4\'e8\'e3\'e5\loch\f39 \hich\f39  \'e4\'e0\'e5\'f2\loch\f39 \hich\f39  \'ee\'f2\'f1\'fb\'eb\'ea\'f3\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'f1\'e8\'f1\'f2\'e5\'ec\'ed\'ee\'e9\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e5}{\rtlch\fcs1 
+\af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 arp}{\rtlch\fcs1 
+\af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'e0\'ff\loch\f39 \hich\f39  \'ef\'f0\'e8\'e2\'ff\'e7\'fb\'e2\'e0\'e5\'f2\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'ed\'ed\'fb\'e9
+\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 IP}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1  
+}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e0\'e4\'f0\'e5\'f1\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'ed\'ed\'ee\'ec\'f3\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 MAC}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 -}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 
+\loch\af39\dbch\af31505\hich\f39 \'e0\'e4\'f0\'e5\'f1\'f3.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 2. \'cc\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39  \'f6\'e5\'eb\'fb
+\'e5\loch\f39 \hich\f39  \'f1\'e5\'f2\'ea\'e8\loch\f39 \hich\f39 , \'f2.\'e5\loch\f39 \hich\f39 . \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ec\'e0\'f1\'ea\'f3\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 192.168.100.* }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e2\'ec\'e5\'f1\'f2\'ee\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5
+\'f7\'e8\'f1\'eb\'e5\'ed\'e8\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 IP}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e0\'e4\'f0\'e5\'f1\'ee\'e2\loch\f39 ?
+\par \loch\af39\dbch\af31505\hich\f39 \'c4\'e0\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39  \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e8\loch\af39\dbch\af31505\hich\f39 \'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2
+\'fc\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 CIDR}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 
+\hich\f39 , \'ea\loch\f39 \hich\f39  \'ef\'f0\'e8\'ec\'e5\'f0\'f3\loch\f39 :
+\par }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 allow}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 
+ * 192.168.100/32
+\par 
+\par \hich\af1\dbch\af31505\loch\f1 3}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 . \'c5\'f1\'f2\'fc\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'e4\'e8\'ed\'e0\'ec\'e8\'f7\'e5\'f1\'ea\'e8
+\'e9\loch\f39 \hich\f39  \'f8\'e5\'e9\'ef\'e5\'f0\loch\f39 \hich\f39  \'e2\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 3}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 proxy}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 , \'f2.\'e5\loch\f39 \hich\f39 . \'ec\'ee\'e6
+\'ed\'ee\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'f0\'e8\'ee\'f0\'e8\'f2\'e5\'f2\'fb\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'f1\'ea\'ee\'f0\'ee\'f1\'f2\'e8\loch\f39 \hich\f39  
+\'e4\'eb\'ff\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 ?
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'e0\loch\f39 \hich\f39  \'e4\'e0\'ed\'ed\'fb\'e9\loch\f39 \hich\f39  \'ec\'ee\'ec\'e5\'ed\'f2\loch\f39 \hich\f39  (\'ec\'e0\'f0\'f2\loch\f39 \hich\f39  2010) \'ed\'e5\'f2\loch\f39 \hich\f39 , \'ed\'ee\loch\f39 
+\hich\f39  \'e0\'e2\'f2\'ee\'f0\loch\f39 \hich\f39  \'ee\'e1\'e5\'f9\'e0\'eb\loch\f39 \hich\f39  \'ef\'f0\'e8\'ea\'f0\'f3\'f2\'e8\'f2\'fc.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 4. \'c5\'f1\'f2\'fc\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'e0\'ed\'f2\'e8\'e2\'e8\'f0\'f3\'f1\'ed\'fb\'e9\loch\f39 \hich\f39  \'ec\'ee\'e4\'f3\'eb\'fc\loch\f39 \hich\f39  \'e2\loch\f39  }{\rtlch\fcs1 
+\af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 3}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 proxy}{\rtlch\fcs1 
+\af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 ?
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'ec\'ee\'f2\'f0\'e8\loch\f39 \hich\f39  \'ee\'f2\'e2\'e5\'f2\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e2\'ee\'ef\'f0\'ee\'f1\loch\f39  3.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 5. \'c3\'e4\'e5\loch\f39 \hich\f39  \'f1\'ea\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'e0\'ed\'e0\'eb\'e8\'e7\'e0\'f2\'ee\'f0\loch\f39 \hich\f39  \'eb\'ee\'e3\'ee\'e2\loch\f39  }{\rtlch\fcs1 \af1\afs20 
+\ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 WRSpy}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 :
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 http://www.wrspy.ru/download/WrSpySetup.rar - \'f1\'f1\'fb\'eb\'ea\'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'e8\'ed\'f1\'f2\'e0\'eb
+\'eb\'ff\'f2\'ee\'f0
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 http://www.wrspy.ru/download/WrSpyUp166.rar - \'f1\'f1\'fb\'eb\'ea\'e0\loch\f39 \hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\'e4\'ed\'e5\'e5\loch\f39 \hich\f39  \'ee\'e1\'ed\'ee\'e2\'eb\'e5\'ed
+\'e8\'e5.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 6. \'ca\'e0\'ea\loch\f39 \hich\f39  \'ef\'f0\'e0\'e2\'e8\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'f2\'fc\loch\f39 \hich\f39  \'e3\'eb\'ee\'e1\'e0\'eb\'fc\'ed\'fb\'e5\loch\f39  
+\loch\af39\dbch\af31505\hich\f39 \'ef\'e0\'f0\'e0\'ec\'e5\'f2\'f0\'fb\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0\loch\f39 \hich\f39 , \'ee\'f2\'ed\'ee\'f1\'ff\'f9\'e8\'e5\'f1\'ff\loch\f39 \hich\f39  \'ea\'ee\loch\f39 \hich\f39  \'e2\'f1\'e5\'ec
+\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\'e0\'e5\'ec\'fb\'ec\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'e0\'ec\loch\f39 ?
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ca\'ee\'ec\'e0\'ed\'e4\'fb\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e0
+\loch\f39 \hich\f39  \'e2\'fb\'ef\'ee\'eb\'ed\'ff\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'ed\'e5\'ef\'ee\'f1\'f0\'e5\'e4\'f1\'f2\'e2\'e5\'ed\'ed\'ee\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'e8\'ff\loch\f39 
+\hich\f39 , \'f2.\'e5\loch\f39 \hich\f39 . \'ea\'e0\'ea\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e5\'ed\'e0\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  "proxy" - \'f1\'eb\'f3\'e6\'e1
+\'e0\loch\f39 \hich\f39  \'f1\'f2\'e0\'f0\'f2\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f1\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'ed\'ed\'ee\'e9\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'f3\'f0\'e0\'f6\'e8\'e5\'e9\loch\f39 \hich\f39  \'e8\loch\f39 
+\hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'fd\'f2\'ee\'e3\'ee\loch\f39 \hich\f39  \'f1\'f7\'e8\'f2\'fb\'e2\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f1\'eb\'e5\'e4\'f3\'fe\'f9\'e0\'ff\loch\f39 
+\hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\loch\af39\dbch\af31505\hich\f39 \'e0\loch\f39 \hich\f39 . \'cf\'ee\'fd\'f2\'ee\'ec\'f3\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39  \'e2\'f1\'e5\'e3\'e4
+\'e0\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'e5\'ed\loch\f39 \hich\f39  \'e1\'fb\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\'e4\'ed\'e5\'e9\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'ee\'e9\loch\f39 \hich\f39 , \'ef\'ee\'f1\'eb\'e5\loch\f39 
+\hich\f39  \'ed\'e5\'e3\'ee\loch\f39 \hich\f39  \'ed\'e8\'f7\'e5\'e3\'ee\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'ed\'ee\loch\f39 \hich\f39  \'e1\'fb\'f2\'fc\loch\f39 \hich\f39 , \'ea\'f0\'ee\'ec\'e5\loch\f39 \hich\f39  \'ea\'ee
+\'ed\'f4\'e8\'e3\'f3\'f0\'e0\'f6\'e8\'e8\loch\f39 \hich\f39  \'f1\'eb\'e5\'e4\'f3\'fe\'f9\'e5\'e9\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 \hich\f39 . \'c5\'f1\'eb\'e8\loch\f39 \hich\f39  \'f7\'f2\'ee-\'f2\'ee\loch\f39 \hich\f39  \'e8
+\loch\f39 \hich\f39  \'ef\'ee\'eb\'f3\'f7\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f3\'ea\'e0\'e7\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\'e0\loch\f39 \hich\f39  \'f1\'eb\'f3\'e6\'e1\'fb\loch\f39 
+\hich\f39  - \'fd\'f2\'ee\loch\f39 \hich\f39  \'ef\'f0\'ee\'f1\'f2\'ee\loch\f39 \hich\f39  \'f1\'ee\'e2\'ef\'e0\'e4\'e5\'ed\'e8\'e5\loch\f39 \hich\f39 , \'e2\loch\f39 \hich\f39  \'eb\'fe\'e1\'ee\'e9\loch\f39 \hich\f39  \'ec\'ee\'ec\'e5\'ed\'f2\loch\f39 
+\hich\f39  \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'f1\'f2\'e0\'f2\'fc\loch\f39 \hich\f39  \'f0\'e0\'e1\'ee\'f2\'e0\'f2\'fc.
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 7. \'cc\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'ed\'e5\'f1\'ea\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'e2\'ed\'e5
+\'f8\'ed\'e8\'f5\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9\'f1\'ee\'e2\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8\loch\f39 ?
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ca\'ee\'ec\'e0\'ed\'e4\'e0\loch\f39 \hich\f39  parent \'f1\loch\f39 \hich\f39  
+\'ed\'f3\'eb\'e5\'e2\'fb\'ec\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'ee\'ec\loch\f39 \hich\f39  \'f3\'f1\'f2\'e0\'ed\'e0\'e2\'eb\'e8\'e2\'e0\'e5\'f2\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'ec\'ee
+\'e3\'ee\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9\'f1\'e0\loch\f39 \hich\f39 . \'cd\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39  
+\par \hich\af39\dbch\af31505\loch\f39 allow vasya 
+\par \hich\af39\dbch\af31505\loch\f39 parent 1000 http 192.168.1.1 0 
+\par \hich\af39\dbch\af31505\loch\f39 allow petya 
+\par \hich\af39\dbch\af31505\loch\f39 parent 1000 http 192.168.2.1 0 
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'f3\'f1\'f2\'e0\'ed\'e0\'e2\'eb\'e8\'e2\'e0
+\loch\af39\dbch\af31505\hich\f39 \'e5\'f2\loch\f39 \hich\f39  \'e2\'ed\'e5\'f8\'ed\'e8\'e9\loch\f39 \hich\f39  \'e8\'ed\'f2\'e5\'f0\'f4\'e5\'e9\'f1\loch\f39 \hich\f39  192.168.1.1 \'e4\'eb\'ff\loch\f39 \hich\f39  vasya \'e8\loch\f39 \hich\f39 
+ 192.168.2.1 \'e4\'eb\'ff\loch\f39  petya
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 8. \'ca\'e0\'ea\loch\f39 \hich\f39  \'ed\'e0\'f1\'f2\'f0\'ee\'e8\'f2\'fc\loch\f39 \hich\f39  \'f4\'e8\'eb\'fc\'f2\'f0\'e0\'f6\'e8\'fe\loch\f39 \hich\f39  \'ed\'e5\'e6\'e5\'eb\'e0\'f2\'e5\'eb\'fc\'ed\'fb\'f5
+\loch\f39 \hich\f39  \'f0\'e5\'f1\'f3\'f0\'f1\'ee\'e2\loch\f39 \hich\f39  (\'ed\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 \hich\f39 , \'e4\'eb\'ff\loch\f39 \hich\f39  \'f8\'ea\'ee\'eb\'fb\loch\f39 )?
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'ee\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e9\'f2\'e5\'f1\'fc\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 DNS}{\rtlch\fcs1 
+\af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39  \'d1\'e8\'f1\'f2\'e5\'ec\'fb\loch\f39 \hich\f39  \'ea\'ee\'ed\'f2\'e5\'ed\'f2\'ed\'ee\'e9\loch\f39 \hich\f39  \'f4\'e8\'eb\'fc\'f2\'f0\'e0\'f6\'e8\'e8
+\loch\f39 :
+\par }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 nserver}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 
+ 81.176.72.82
+\par }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 nserver}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 
+ 81.176.72.83}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\par \loch\af39\dbch\af31505\hich\f39 \'c2\'f1\'e5\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'ee\'f1\'fb\loch\f39 \hich\f39  \'ee\'e1\'f0\'e0\'e1\'e0\'f2\'fb\'e2\'e0\loch\af39\dbch\af31505\hich\f39 \'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'f1\'e8\'f1\'f2\'e5\'ec\'ee
+\'e9\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'f0\'e0\'ea\'f2\'e8\'f7\'e5\'f1\'ea\'e8\loch\f39 \hich\f39  \'ed\'e8\loch\f39 \hich\f39  \'ee\'e4\'ed\'e0\loch\f39 \hich\f39  \'f1\'f2\'f0\'e0\'ed\'e8\'f6\'e0\loch\f39 \hich\f39  \'f1\loch\f39 
+\hich\f39  \'ef\'ee\'f0\'ed\'ee\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'ed\'e0.
+\par \loch\af39\dbch\af31505\hich\f39 \'cf\'f0\'e0\'e2\'e4\'e0\loch\f39 \hich\f39 , \'f1\'e8\'f1\'f2\'e5\'ec\'e0\loch\f39 \hich\f39  \'e4\'ee\'e2\'ee\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'e6\'e5\'f1\'f2\'ea\'ee\loch\f39 \hich\f39  \'f4\'e8\'eb\'fc\'f2\'f0\'f3
+\'e5\'f2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f2\'e5\'ed\'f2\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'ef\'e5\'f0\'e5\'ea\'f0\'fb\'e2\'e0\'e5\'f2\loch\f39 \hich\f39  \'e4\'ee\'e2\'ee\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'ec\'ed\'ee\'e3\'ee\loch\f39 
+\hich\f39  \'f1\'f0\'e0\'e2\'ed\'e8\'f2\'e5\'fc\'ed\'ee\loch\f39 \hich\f39  \'e1\'e5\'e7\'ee\'ef\'e0\'f1\'ed\'fb\'f5\loch\f39 \hich\f39  \'f1\'e0\'e9\'f2\'ee\'e2.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 9. \'cc\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39 \hich\f39  \'f0\'e0\'e7\'e4\'e5\'eb\'e8\'f2\'e5\'eb\'fc\loch\f39 \hich\f39  \'e2
+\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\'ee\'e2\'ee\'ec\loch\f39 \hich\f39  \'ea\'eb\'e8\'e5\'ed\'f2\'e5\loch\f39 \hich\f39 , \'ee\'f2\'eb\'e8\'f7\'ed\'fb\'e9\loch\f39 \hich\f39  \'ee\'f2\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\kerning1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 #}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 ?
+\par \loch\af39\dbch\af31505\hich\f39 \'c8\loch\af39\dbch\af31505\hich\f39 \'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e9\'f2\'e5\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 delimchar}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\kerning1\insrsid11355186\charrsid3764488 
+\par 
+\par \hich\af1\dbch\af31505\loch\f1 10. }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ca\'e0\'ea\loch\f39 \hich\f39  \'e7\'e0\'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2
+\'e5\'eb\'fe\loch\f39 \hich\f39  \'e1\'e5\'e7\'eb\'e8\'ec\'e8\'f2\'ed\'fb\'e9\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 ?
+\par \loch\af39\dbch\af31505\hich\f39 \'c8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e9\'f2\'e5\loch\f39 \hich\f39  \'e7\'ed\'e0\'f7\'e5\'ed\'e8\'e5\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'ee\'e5\loch\f39 \hich\f39  \'ee\'ed\loch\f39 \hich\f39  \'ed\'e5\loch\f39 
+\hich\f39  \'f1\'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'e2\'fb\'ea\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'f0\'e8\'ed\'f6\'e8\'ef\'e5.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 11. \'ca\'e0\'ea\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'fe\loch\f39 \hich\f39  \'e4\'e0\'f2\'fc\loch\f39 \hich\f39  \'ee\'ef\'f0\'e5\'e4\'e5\'eb\'e5\'ed\'ed\'fb\'e9\loch\f39 \hich\f39  
+\'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39 , \'ea\'ee\'f2\'ee\'f0\'fb\'e9\loch\f39 \hich\f39  \'ee\'ed\loch\f39 \hich\f39  \'ec\'ee\'e6\'e5\'f2\loch\f39 \hich\f39  \'f1\'ea\'e0\'f7\'e0\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'eb\'fe\'e1\'ee
+\'e5\loch\f39 \hich\f39  \'e2\'f0\'e5\'ec\'ff\loch\f39 \hich\f39 , \'e0\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f2\'ee\'eb\'fc\'ea\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'e4\'e0\'ed\'ed\'fb\'e9\loch\f39 \hich\f39  \'ec\'e5\'f1\'ff
+\'f6\hich\af39\dbch\af31505\loch\f39 \hich\f39  \'e8\'eb\'e8\loch\f39 \hich\f39  \'e4\'e5\'ed\'fc\loch\f39 ?
+\par \loch\af39\dbch\af31505\hich\f39 \'c8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e9\'f2\'e5}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 
+\af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 Y - }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ed\'e0}{
+\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e3
+\'ee\'e4}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 , N - }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 
+\loch\af39\dbch\af31505\hich\f39 \'ed\'e8\'ea\'ee\'e3\'e4\'e0}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'e4\'eb\'ff}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 
+\ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ef\'e0\'f0\'e0\'ec\'e5\'f2\'f0\'e0}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 
+\hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 type: }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 countin <number> <type> <limit> <userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 1}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\kerning1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 2}{\rtlch\fcs1 \af39\afs20 
+\ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 . \'cf\'ee\'f7\'e5\'ec\'f3\loch\f39 \hich\f39  \'ee\'e3\'f0\'e0\'ed\'e8\'f7\'e5\'ed\'e8\'e5\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\'e0\loch\f39 \hich\f39  \'ed
+\'e5\loch\f39 \hich\f39  \'e2\'f1\'e5\'e3\'e4\'e0\loch\f39 \hich\f39  \'e4\'e5\'e9\'f1\'f2\'e2\'f3\'e5\'f2\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'f1\'ea\'e0\'f7\'e8\'e2\'e0\'ed\'e8\'e8\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'ee\'e2\loch\f39 
+?
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 3proxy \'ed\'e5\loch\f39 \hich\f39  \'ef\'f0\loch\af39\dbch\af31505\hich\f39 \'e5\'f0\'fb\'e2\'e0\'e5\'f2\loch\f39 \hich\f39  \'e7\'e0\'ea\'e0
+\'f7\'ea\'f3\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'e0\loch\f39 \hich\f39  \'e8\loch\f39 \hich\f39  \'eb\'e8\'ec\'e8\'f2\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ff\'e2\'eb\'ff\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'e6\'e5\'f1\'f2\'ea\'e8\'ec
+\loch\f39 \hich\f39 . \'cd\'ee\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'ed\'e0\'f7\'e0\'eb\'e5\loch\f39 \hich\f39  \'e7\'e0\'ea\'e0\'f7\'ea\'e8\loch\f39 \hich\f39 , \'ef\'ee\loch\f39 \hich\f39  \'e2\'ee\'e7\'ec\'ee\'e6\'ed\'ee\'f1\'f2\'e8
+\loch\f39 \hich\f39 , \'ef\'f0\'ee\'e2\'e5\'f0\'ff\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'f3\'ea\'eb\'e0\'e4\'fb\'e2\'e0\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\loch\f39 \hich\f39  \'ef\'ee\loch\f39 \hich\f39  \'f0
+\'e0\'e7\'ec\'e5\'f0\'e0\'ec\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ed\'ee\'f0\'ec\'f3.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 1}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 3}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 
+\hich\f39 . \'ca\'e0\'ea\'ee\'e9\loch\f39 \hich\f39  \'f4\'ee\'f0\'ec\'e0\'f2\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f4\'e0\'e9\'eb\'e0\'f5\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2
+\'f7\'e8\'ea\'ee\'e2\loch\f39 \hich\f39 , \'e7\'e0\'e4\'e0\'e2\'e0\'e5\'ec\'fb\'f5\loch\f39 \hich\f39  \'ea\'ee\'ec\'e0\'ed\'e4\'ee\'e9\loch\f39  counter ?
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cd\'ee\'ec\'e5\'f0\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2\'f7\'e8\'ea\'e0
+\loch\f39 \hich\f39  - \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39 *4GB + \'f2\loch\af39\dbch\af31505\hich\f39 \'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39 . \'cf\'f0\'ee\'f1\'f2\'ee\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'f6\'e5\'eb\'fb\'e9\loch\f39 
+\hich\f39  \'f2\'e8\'ef\loch\f39 \hich\f39  \'e1\'ee\'eb\'fc\'f8\'e5\loch\f39 \hich\f39  4GB \'ed\'e5\loch\f39 \hich\f39  \'e2\'eb\'e0\'e7\'e8\'f2.
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'e0\'ef\'f0\'e8\'ec\'e5\'f0\loch\f39 \hich\f39 , \'f1\'f2\'f0\'ee\'f7\'ea\'e0\loch\f39 \hich\f39  00100 0000000021 3468801478 \'f1\'ee\'ee\'f2\'e2\'e5\'f2\'f1\'f2\'e2\'f3\'e5\'f2\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2
+\'f7\'e8\'ea\'f3\loch\f39 \hich\f39  \'ed\'ee\'ec\'e5\'f0\loch\f39 \hich\f39  100 \'f1\'ee\loch\f39 \hich\f39  \'e7\'ed\'e0\'f7\'e5\'ed\'e8\'e5\'ec\loch\f39 \hich\f39  21*4 + 3=89\'c3\'e1.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 1}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 4}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 
+\hich\f39 . \'cc\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'eb\'e8\loch\f39 \hich\f39  \'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'e2\'f1\'e5
+\loch\f39 \hich\f39  \'e7\'e2\'e5\'e7\'e4\'ee\'f7\'ea\'e8\loch\f39 \hich\f39  \'e2\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 ACL}{\rtlch\fcs1 \af1\afs20 
+\ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 ?
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 * \'e2\loch\f39 \hich\f39  \'ea\'ee\'ed\'f6\'e5\loch\f39 \hich\f39  ACL \'ec\'ee\'e6\'ed\'ee\loch\f39 \hich\f39  \'e2\'ee\'ee\'e1\'f9\'e5
+\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39 \hich\f39 . \'d2\'ee\loch\f39 \hich\f39  \'e5\'f1\'f2\loch\af39\dbch\af31505\hich\f39 \'fc\loch\f39 \hich\f39  \'e2\'ef\'ee\'eb\'ed\'e5\loch\f39 \hich\f39  \'f0\'e0
+\'e1\'ee\'f7\'e5\'e9\loch\f39 \hich\f39  \'e1\'f3\'e4\'e5\'f2\loch\f39 \hich\f39  \'f1\'f2\'f0\'ee\'ea\'e0\loch\f39 \hich\f39  \'e2\'e8\'e4\'e0\loch\f39 :
+\par }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 allow}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1  }{
+\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 user}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 
+\par 
+\par \hich\af1\dbch\af31505\loch\f1 15. }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ca\'e0\'ea\loch\f39 \hich\f39  \'e0\'e4\'ec\'e8\'ed\'e8\'f1\'f2\'f0\'e0\'f2\'ee\'f0\'f3\loch\f39 \hich\f39  \'f1\'ec
+\'ee\'f2\'f0\'e5\'f2\'fc\loch\f39 \hich\f39  \'ee\'e1\'f9\'e8\'e9\loch\f39 \hich\f39  (\'e4\'eb\'ff\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'e5\'e9\loch\f39 \hich\f39 ) \'f1\'f3\'f2\'ee\'f7\'ed
+\'fb\'e9\loch\f39 \hich\f39  \'e8\'eb\'e8\loch\f39 \hich\f39  \'ec\'e5\'f1\'ff\'f7\'ed\'fb\'e9\loch\f39 \hich\f39   \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 ?
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 countin 100/month M 1000000 * 
+\par \hich\af39\dbch\af31505\loch\f39 countin 101/day D 1000000 *
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 1}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 6}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\cf1\insrsid11355186 .}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1   }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ca\'e0
+\'ea\loch\f39 \hich\f39  \'f0\'e0\'e7\'f0\'e5\'f8\'e8\'f2\'fc\loch\f39 \hich\f39  \'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'e5\'eb\'ff\'ec\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'ea\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 ICQ}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 , \'ed\'e5\loch\f39 \hich\f39  \'e4\'e0\'e2\'e0
+\loch\af39\dbch\af31505\hich\f39 \'ff\loch\f39 \hich\f39  \'ef\'f0\'e8\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\'e0\loch\f39 \hich\f39  \'ea\loch\f39 \hich\f39  \'eb\'fe\'e1\'fb\'ec\loch\f39 \hich\f39  \'f1\'e0\'e9
+\'f2\'e0\'ec\loch\f39 ?
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 allow * [\'f1\'ef\'e8\'f1\'ee\'ea\loch\f39 \hich\f39  \'f1\'e2\'ee\'e8\'f5\loch\f39 \hich\f39  \'f1\'e5\'f2\'e5\'e9\loch\f39 ] 64.12.0.0/16,205.188.0.0/16 3190 
+\par \hich\af39\dbch\af31505\loch\f39 deny * 
+\par \loch\af39\dbch\af31505\hich\f39 \'cd\'ee\loch\f39 \hich\f39  \'eb\'f3\'f7\'f8\'e5\loch\f39 \hich\f39  \'e8\'f1\'ef\'ee\'eb\'fc\'e7\'ee\'e2\'e0\'f2\'fc\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 icqpr}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 .
+\par 
+\par \hich\af1\dbch\af31505\loch\f1 17. }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ca\'e0\'ea\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  3proxy \'f0\'e0\'e7\'f0\'e5\'f8\'e8\'f2\'fc\loch\f39 
+\hich\f39  \'f0\'e0\'e1\'ee\'f2\'f3\loch\f39 \hich\f39  \'ef\'f0\'ee\'f2\'ee\'ea\'ee\'eb\'e0\loch\f39 \hich\f39  IMAP \'e4\'eb\'ff\loch\f39  outlook?
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'e4\'e5\'eb\'e0\'e9\loch\f39 \hich\f39  tcppm \'e4\'eb\'ff\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'e0\loch\f39  143.  
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 18. \'cf\'ee\'f7\'e5\'ec\'f3\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ef\'f0\'e8\'f5\'ee\'e4\'e8\'f2\loch\f39 \hich\f39  \'ef\'ee\'f7\'f2\loch\af39\dbch\af31505\hich\f39 \'e0\loch\f39 \hich\f39  \'ef
+\'f0\'e8\loch\f39 \hich\f39  \'f2\'e0\'ea\'ee\'ec\loch\f39 \hich\f39  \'ea\'ee\'ed\'f4\'e8\'e3\'e5\loch\f39 ?
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186\charrsid3764488 \hich\af39\dbch\af31505\loch\f39 tcppm -i192.168.0.1 25 mail.infobox.ru 25 
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 smtpp 
+\par 
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'d2\'fb\loch\f39 \hich\f39  \'ef\'fb\'f2\'e0\'e5\'f8\'fc\'f1\'ff\loch\f39 
+\hich\f39  \'ed\'e0\loch\f39 \hich\f39  \'ee\'e4\'ed\'ee\'ec\loch\f39 \hich\f39  25-\'ee\'ec\loch\f39 \hich\f39  \'ef\'ee\'f0\'f2\'f3\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'f2\'e8\'f2\'fc\loch\f39 \hich\f39  2 \'f0\'e0\'e7\'ed\'fb\'f5\loch\f39 
+\hich\f39  \'f1\'e5\'f0\'e2\'e8\'f1\'e0.
+\par 
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 19. \'c5\'f1\'f2\'fc\loch\f39 \hich\f39  \'f1\'e5\'f2\'fc\loch\f39 \hich\f39  10.10.1.0/24, \'e4\'eb\'ff\loch\f39 \hich\f39  \'ed\'e5\'e5\loch\f39 \hich\f39  \'e7\'e0\'e2\'e5\'e4\'e5\'ed\loch\f39 \hich\f39  \'f1
+\'f7\'e5\'f2\'f7\'e8\'ea\loch\f39 \hich\f39 : countin "60/\'d5\'d5\'d5\loch\f39 \hich\f39 " M 5000 * 10.10.1.0/24 * * *, \'f2\'f0\'e5\'e1\'f3\'e5\'f2\'f1\'ff\loch\f39 \hich\f39  \'e2\'e5\'f1\'f2\'e8\loch\f39 \hich\f39  \'ef\'ee\'e4\'f1\'f7
+\loch\af39\dbch\af31505\hich\f39 \'e5\'f2\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'e4\'e2\'f3\'f5\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\'ee\'e2\loch\f39 \hich\f39  \'e8\'e7\loch\f39 \hich\f39  \'fd\'f2\'ee\'e9\loch\f39 \hich\f39  \'f1\'e5
+\'f2\'e8\loch\f39 \hich\f39  \'ee\'f2\'e4\'e5\'eb\'fc\'ed\'ee\loch\f39 \hich\f39  \'ee\'f2\loch\f39 \hich\f39  \'ee\'f1\'ed\'ee\'e2\'ed\'ee\'e3\'ee\loch\f39 \hich\f39 . \'cf\'f0\'e8\loch\f39 \hich\f39  \'fd\'f2\'ee\'ec\loch\f39 \hich\f39 , \'e5\'f1\'eb
+\'e8\loch\f39 \hich\f39  \'ee\'f1\'ed\'ee\'e2\'ed\'e0\'ff\loch\f39 \hich\f39  \'f1\'e5\'f2\'fc\loch\f39 \hich\f39  \'f3\'e6\'e5\loch\f39 \hich\f39  \'e2\'fb\'e1\'f0\'e0\'eb\'e0\loch\f39 \hich\f39  \'f1\'e2\'ee\'e9\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8
+\'ea\loch\f39 \hich\f39 , \'f3\loch\f39 \hich\f39  \'fd\'f2\'e8\'f5\loch\f39 \hich\f39  \'e4\'e2\'f3\'f5\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\'ee\'e2\loch\f39 \hich\f39  \'e4\'ee\'f1\'f2\'f3\'ef\loch\f39 \hich\f39  \'e4\'ee\'eb\'e6\'e5\'ed\loch\f39 
+\hich\f39  \'f1\'ee\'f5\'f0\'e0\'ed\'ff\'f2\'fc\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'f0\'e5\'e4\'e5\'eb\'e0\'f5\loch\f39 \hich\f39  \'e8\'f5\loch\f39 \hich\f39  \'f1\'ee\'e1\'f1\'f2\'e2\'e5\'ed\'ed\'fb\'f5\loch\f39 \hich\f39  \'eb
+\'e8\'ec\'e8\'f2\'ee\'e2\loch\f39 . 
+\par 
+\par \loch\af39\dbch\af31505\hich\f39 \'d1\'e4\'e5\'eb\'e0\'f2\'fc\loch\f39 \hich\f39  \'ef\'e5\'f0\'e2\'fb\'e5\loch\f39 \hich\f39  \'e4\'e2\'e0\loch\f39 \hich\f39  \'f1\'f7\'e5\'f2\'f7\'e8\'ea\'e0\loch\f39 \hich\f39  \'e4\'eb\'ff\loch\f39 \hich\f39  \'e2\'fb
+\'e4\'e5\'eb\'e5\'ed\'ed\'fb\'f5\loch\f39 \hich\f39  \'e0\'e4\'f0\'e5\'f1\'ee\'e2\loch\f39 \hich\f39 , \'e7\'e0\'f2\'e5\'ec\loch\f39 \hich\f39  \'e4\'e0\'f2\'fc\loch\f39  \loch\af39\dbch\af31505\hich\f39 \'ea\'ee\'ec\'e0\'ed\'e4\'f3\loch\f39  nocount}{
+\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 in}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \hich\af39\dbch\af31505\loch\f39 \hich\f39 , \'f7\'f2\'ee
+\'e1\'fb\loch\f39 \hich\f39  \'e8\'f5\loch\f39 \hich\f39  \'f2\'f0\'e0\'f4\'e8\'ea\loch\f39 \hich\f39  \'ed\'e5\loch\f39 \hich\f39  \'ef\'ee\'ef\'e0\'e4\'e0\'eb\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ee\'f1\'f2\'e0\'eb\'fc\'ed\'ee\'e9.
+\par \loch\af39\dbch\af31505\hich\f39 \'cf\'f0\'e0\'e2\'e8\'eb\'e0\loch\f39 \hich\f39  countin \'e8\loch\f39 \hich\f39  nocountin \'ee\'e1\'f0\'e0\'e1\'e0\'f2\'fb\'e2\'e0\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'e2\loch\f39 \hich\f39  \'ef\'ee\'f0\'ff\'e4\'ea\'e5
+\loch\f39 \hich\f39  \'ee\'f7\'e5\'f0\'e5\'e4\'e8\loch\f39 \hich\f39  \'e4\'ee\loch\f39 \hich\f39  \'ef\'e5\'f0\'e2\'ee\'e3\'ee\loch\f39 \hich\f39  \'ef\'f0\'e0\'e2\'e8\'eb\'e0\loch\f39  nocountin/nocountout.
+\par 
+\par }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1 20. }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'cf\'f0\'e8\loch\f39 \hich\f39  \'e0
+\'e2\'f2\'ee\'f0\'e8\'e7\'e0\'f6\'e8\'e8\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 strong}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ef\'e5\'f0\'e8\'ee\'e4\'e8\'f7\'e5\'f1\'ea\'e8\loch\f39 \hich\f39  \'ef\'f0
+\'e8\loch\f39 \hich\f39  \'e7\'e0\'e3\'f0\'f3\'e7\'ea\'e5\loch\f39 \hich\f39  \'f1\'f2\'f0\'e0\'ed\'e8\'f6\loch\f39 \hich\f39  \'ef\'ee\'ff\'e2\'eb\'ff\'fe\'f2\'f1\'ff\loch\f39 \hich\f39  \'ee\'ea\'ed\'e0\loch\f39 \hich\f39  \'e7\'e0\'ef\'f0\'ee\'f1\'e0
+\loch\f39 \hich\f39  \'eb\'ee\'e3\'e8\'ed\'e0-\'ef\'e0\loch\af39\dbch\af31505\hich\f39 \'f0\'ee\'eb\'ff\loch\f39 \hich\f39 . \'ca\'e0\'ea\loch\f39 \hich\f39  \'e8\'e7\'e1\'e0\'e2\'e8\'f2\'fc\'f1\'ff\loch\f39 ?
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'cf\'ee\'ef\'f0\'ee\'e1\'f3\'e9\'f2\'e5\loch\f39 \hich\f39  \'ef\'ee\'f1\'eb\'e5\loch\f39 \hich\f39  \'e2\'f1\'e5\'f5\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 
+\f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 allow}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 
+\f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ef\'ee\'f1\'f2\'e0\'e2\'e8\'f2\'fc\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 deny}{
+\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1  *}{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 .
+\par \hich\af39\dbch\af31505\loch\f39 \hich\f39 - \'c8\'f1\'ef\'ee\'eb\'fc\'e7\'f3\'e9\'f2\'e5\loch\f39 \hich\f39  \'ee\'ef\'f6\'e8\'fe\loch\f39  }{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 -}{\rtlch\fcs1 \af1\afs20 
+\ltrch\fcs0 \f1\fs20\cf1\lang1033\langfe1049\langnp1033\insrsid11355186 \hich\af1\dbch\af31505\loch\f1 n}{\rtlch\fcs1 \af1\afs20 \ltrch\fcs0 \f1\fs20\cf1\insrsid11355186\charrsid3764488 \hich\af1\dbch\af31505\loch\f1  }{\rtlch\fcs1 \af39\afs20 
+\ltrch\fcs0 \f39\fs20\cf1\insrsid11355186 \loch\af39\dbch\af31505\hich\f39 \'ef\'f0\'e8\loch\f39 \hich\f39  \'e7\'e0\'ef\'f3\'f1\'ea\'e5\loch\f39 \hich\f39  \'ef\'f0\'ee\'ea\'f1\'e8.
+\par 
+\par }\pard \ltrpar\ql \li0\ri0\nowidctlpar\wrapdefault\hyphpar0\faauto\rin0\lin0\itap0 {\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\kerning1\insrsid11355186 
+\par 
+\par }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 \loch\af39\dbch\af31505\hich\f39 \'a9\loch\f39  2006-2010 by Kurmaeff Halit <halit_at_mail_dot_ru> 
+\par \hich\af39\dbch\af31505\loch\f39  }{\rtlch\fcs1 \af39\afs20 \ltrch\fcs0 \f39\fs20\lang1033\langfe1049\kerning1\langnp1033\insrsid11355186\charrsid3764488 
+\par }{\*\themedata 504b030414000600080000002100e9de0fbfff0000001c020000130000005b436f6e74656e745f54797065735d2e786d6cac91cb4ec3301045f748fc83e52d4a
+9cb2400825e982c78ec7a27cc0c8992416c9d8b2a755fbf74cd25442a820166c2cd933f79e3be372bd1f07b5c3989ca74aaff2422b24eb1b475da5df374fd9ad
+5689811a183c61a50f98f4babebc2837878049899a52a57be670674cb23d8e90721f90a4d2fa3802cb35762680fd800ecd7551dc18eb899138e3c943d7e503b6
+b01d583deee5f99824e290b4ba3f364eac4a430883b3c092d4eca8f946c916422ecab927f52ea42b89a1cd59c254f919b0e85e6535d135a8de20f20b8c12c3b0
+0c895fcf6720192de6bf3b9e89ecdbd6596cbcdd8eb28e7c365ecc4ec1ff1460f53fe813d3cc7f5b7f020000ffff0300504b030414000600080000002100a5d6
+a7e7c0000000360100000b0000005f72656c732f2e72656c73848fcf6ac3300c87ef85bd83d17d51d2c31825762fa590432fa37d00e1287f68221bdb1bebdb4f
+c7060abb0884a4eff7a93dfeae8bf9e194e720169aaa06c3e2433fcb68e1763dbf7f82c985a4a725085b787086a37bdbb55fbc50d1a33ccd311ba548b6309512
+0f88d94fbc52ae4264d1c910d24a45db3462247fa791715fd71f989e19e0364cd3f51652d73760ae8fa8c9ffb3c330cc9e4fc17faf2ce545046e37944c69e462
+a1a82fe353bd90a865aad41ed0b5b8f9d6fd010000ffff0300504b0304140006000800000021006b799616830000008a0000001c0000007468656d652f746865
+6d652f7468656d654d616e616765722e786d6c0ccc4d0ac3201040e17da17790d93763bb284562b2cbaebbf600439c1a41c7a0d29fdbd7e5e38337cedf14d59b
+4b0d592c9c070d8a65cd2e88b7f07c2ca71ba8da481cc52c6ce1c715e6e97818c9b48d13df49c873517d23d59085adb5dd20d6b52bd521ef2cdd5eb9246a3d8b
+4757e8d3f729e245eb2b260a0238fd010000ffff0300504b030414000600080000002100a55e7d2dc7060000d71b0000160000007468656d652f7468656d652f
+7468656d65312e786d6cec59cf6e1b4518bf23f10ea3bdb7b113278da33a55ecd80db469a3d82dea71bc1eef4e33bbb39a1927f5ad4a8f482044411ca8045c38
+2020528bb8b4efe03e43a0088ad457e09b99ddf54ebca1491b4105cd21de9dfd7dffffcc37bb172fdd8918da2542521e37bceaf98a8748ecf3018d838677a3d7
+39b7ec21a9703cc08cc7a4e18d89f42eadbefbce45bca242121104f4b15cc10d2f542a59999b933e2c63799e27248667432e22ace05604730381f7806fc4e6e6
+2b95a5b908d3d843318e80ede49bc94f93c79303747d38a43ef15633fe6d06426225f582cf4457732719d1d74ff72707932793479383a777e1fa09fc7e6c6807
+3b554d21c7b2c504dac5ace181e801dfeb913bca430c4b050f1a5ec5fc7973ab17e7f04a4ac4d431b405ba8ef94be95282c1cebc9129827e2eb4daa9d52face7
+fc0d80a9595cbbdd6eb5ab393f03c0be0f965b5d8a3c6b9de56a33e35900d9cb59deadca62a5e6e20bfc176674ae379bcdc57aaa8b656a40f6b236835fae2cd5
+d6e61dbc0159fce20cbed65c6bb5961cbc0159fcd20cbe73a1be5473f10614321aefcca075403b9d947b0e1972b6510a5f06f87225854f51900d79b66911431e
+ab93e65e846f73d101024dc8b0a23152e3840cb10f89dec2515f50ac05e215820b4fec922f6796b46c247d4113d5f0de4f3014cd94df8bc7dfbf78fc101dee3f
+3adcfff9f0debdc3fd1f2d23876a03c74191eaf9b79ffcf9e02efae3e157cfef7f568e9745fcaf3f7cf8cb934fcb81504e53759e7d7ef0dba383675f7cf4fb77
+f74be06b02f78bf01e8d8844d7c81edae6111866bce26a4efae27414bd10d322c55a1c481c632da5847f5b850efada18b3343a8e1e4de27af0a680765206bc3c
+baed28dc0dc548d112c957c2c8016e72ce9a5c947ae18a965570736f1407e5c2c5a888dbc678b74c760bc74e7cdba304fa6a96968ee1ad90386a6e311c2b1c90
+9828a49ff11d424aacbb45a9e3d74dea0b2ef950a15b1435312d75498ff69d6c9a126dd008e2322eb319e2edf866f3266a725666f53ad975915015989528df23
+cc71e3653c52382a63d9c3112b3afc2a56619992ddb1f08bb8b65410e980308eda03226519cd7501f616827e0543072b0dfb261b472e5228ba53c6f32ae6bc88
+5ce73bad10474919b64be3b0887d4fee408a62b4c555197c93bb15a2ef210e383e36dc372971c2fdf26e7083068e4ad304d14f46a22496970977f2b73b66434c
+4cab8126eff4ea88c67fd7b81985ce6d259c5de38656f9eccb07257abfa92d7b0d76afb29ad938d2a88fc31d6dcf2d2e06f4cdefceeb78146f112888d92dea6d
+737edb9cbdff7c733eae9ecfbe254fbb3034683d8bd8c1db8ce1d189a7f02165acabc68c5c95661097b0170d3ab0a8f998432ac94f69490897bab241a0830b04
+36344870f501556137c4090cf1554f330964ca3a9028e1120e9366b994b7c6c34140d9a3e8a23ea4d84e22b1dae403bbbca097b3b348cec66815980370266841
+3338a9b0850b2953b0ed558455b55227965635aa9926e948cb4dd62e36877870796e1a2ce6de842107c168045e5e82d7045a341c7e302303ed771ba32c2c260a
+67192219e2014963a4ed9e8d51d50429cb951943b41d3619f4c1f2255e2b48ab6bb6af21ed24412a8aab1d232e8bdeeb4429cbe0699480dbd1726471b138598c
+f61a5e7d717ed1433e4e1ade10cecd7019251075a9e74acc02783fe52b61d3fea5c56caa7c1acd7a66985b0455783562fd3e63b0d3071221d53a96a14d0df328
+4d01166b4956fff94570eb591950d28d4ea6c5c23224c3bfa605f8d10d2d190e89af8ac12eac68dfd9dbb495f29122a21b0ef6509f8dc43686f0eb54057b0654
+c2eb0fd311f40dbcbbd3de368fdce69c165df18d99c1d975cc9210a7ed56976856c9166e1a52ae83b92ba807b695ea6e8c3bbd29a6e4cfc894621affcf4cd1fb
+09bc8d5818e808f8f0365960a42ba5e171a1420e5d2809a9df11304898de01d902ef7fe1312415bcd336bf82ecea5f5b739687296b3854aa6d1a2041613f52a1
+20640bda92c9be9730aba67b9765c9524626a30aeacac4aadd27bb84f5740f5cd27bbb87424875d34dd236607047f3cfbd4f2ba81fe821a7586f4e27cbf75e5b
+03fff4e4638b198c72fbb0196832ffe72ae6e3c17457b5f4863cdb7b8b86e807d331ab965505082b6c05f5b4ec5f5185536eb5b663cd583cbf982907519cb518
+16f3812881774a48ff83fd8f0a9fd9af237a43edf16de8ad083e6e6866903690d5e7ece0817483b48b7d189ceca24d26cdcaba361d9db4d7b2cdfa8c27dd5cee
+11676bcd4e12ef533a3b1fce5c714e2d9ea5b3530f3bbeb66bc7ba1a227bb4446169981d6c4c60cc97b5e2972fdebf0d815e876f0823a6a44926f88e2530ccd0
+5d530750fc56a2215dfd0b0000ffff0300504b0304140006000800000021000dd1909fb60000001b010000270000007468656d652f7468656d652f5f72656c73
+2f7468656d654d616e616765722e786d6c2e72656c73848f4d0ac2301484f78277086f6fd3ba109126dd88d0add40384e4350d363f2451eced0dae2c082e8761
+be9969bb979dc9136332de3168aa1a083ae995719ac16db8ec8e4052164e89d93b64b060828e6f37ed1567914b284d262452282e3198720e274a939cd08a54f9
+80ae38a38f56e422a3a641c8bbd048f7757da0f19b017cc524bd62107bd5001996509affb3fd381a89672f1f165dfe514173d9850528a2c6cce0239baa4c04ca
+5bbabac4df000000ffff0300504b01022d0014000600080000002100e9de0fbfff0000001c0200001300000000000000000000000000000000005b436f6e7465
+6e745f54797065735d2e786d6c504b01022d0014000600080000002100a5d6a7e7c0000000360100000b00000000000000000000000000300100005f72656c73
+2f2e72656c73504b01022d00140006000800000021006b799616830000008a0000001c00000000000000000000000000190200007468656d652f7468656d652f
+7468656d654d616e616765722e786d6c504b01022d0014000600080000002100a55e7d2dc7060000d71b00001600000000000000000000000000d60200007468
+656d652f7468656d652f7468656d65312e786d6c504b01022d00140006000800000021000dd1909fb60000001b0100002700000000000000000000000000d10900007468656d652f7468656d652f5f72656c732f7468656d654d616e616765722e786d6c2e72656c73504b050600000000050005005d010000cc0a00000000}
+{\*\colorschememapping 3c3f786d6c2076657273696f6e3d22312e302220656e636f64696e673d225554462d3822207374616e64616c6f6e653d22796573223f3e0d0a3c613a636c724d
+617020786d6c6e733a613d22687474703a2f2f736368656d61732e6f70656e786d6c666f726d6174732e6f72672f64726177696e676d6c2f323030362f6d6169
+6e22206267313d226c743122207478313d22646b3122206267323d226c743222207478323d22646b322220616363656e74313d22616363656e74312220616363
+656e74323d22616363656e74322220616363656e74333d22616363656e74332220616363656e74343d22616363656e74342220616363656e74353d22616363656e74352220616363656e74363d22616363656e74362220686c696e6b3d22686c696e6b2220666f6c486c696e6b3d22666f6c486c696e6b222f3e}
+{\*\latentstyles\lsdstimax267\lsdlockeddef0\lsdsemihiddendef1\lsdunhideuseddef1\lsdqformatdef0\lsdprioritydef99{\lsdlockedexcept \lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority0 \lsdlocked0 Normal;
+\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority9 \lsdlocked0 heading 1;\lsdqformat1 \lsdpriority9 \lsdlocked0 heading 2;\lsdqformat1 \lsdpriority9 \lsdlocked0 heading 3;\lsdqformat1 \lsdpriority9 \lsdlocked0 heading 4;
+\lsdqformat1 \lsdpriority9 \lsdlocked0 heading 5;\lsdqformat1 \lsdpriority9 \lsdlocked0 heading 6;\lsdqformat1 \lsdpriority9 \lsdlocked0 heading 7;\lsdqformat1 \lsdpriority9 \lsdlocked0 heading 8;\lsdqformat1 \lsdpriority9 \lsdlocked0 heading 9;
+\lsdpriority39 \lsdlocked0 toc 1;\lsdpriority39 \lsdlocked0 toc 2;\lsdpriority39 \lsdlocked0 toc 3;\lsdpriority39 \lsdlocked0 toc 4;\lsdpriority39 \lsdlocked0 toc 5;\lsdpriority39 \lsdlocked0 toc 6;\lsdpriority39 \lsdlocked0 toc 7;
+\lsdpriority39 \lsdlocked0 toc 8;\lsdpriority39 \lsdlocked0 toc 9;\lsdqformat1 \lsdpriority35 \lsdlocked0 caption;\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority10 \lsdlocked0 Title;\lsdpriority1 \lsdlocked0 Default Paragraph Font;
+\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority11 \lsdlocked0 Subtitle;\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority22 \lsdlocked0 Strong;\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority20 \lsdlocked0 Emphasis;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority59 \lsdlocked0 Table Grid;\lsdunhideused0 \lsdlocked0 Placeholder Text;\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority1 \lsdlocked0 No Spacing;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority60 \lsdlocked0 Light Shading;\lsdsemihidden0 \lsdunhideused0 \lsdpriority61 \lsdlocked0 Light List;\lsdsemihidden0 \lsdunhideused0 \lsdpriority62 \lsdlocked0 Light Grid;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority63 \lsdlocked0 Medium Shading 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority64 \lsdlocked0 Medium Shading 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority65 \lsdlocked0 Medium List 1;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority66 \lsdlocked0 Medium List 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority67 \lsdlocked0 Medium Grid 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority68 \lsdlocked0 Medium Grid 2;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority69 \lsdlocked0 Medium Grid 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority70 \lsdlocked0 Dark List;\lsdsemihidden0 \lsdunhideused0 \lsdpriority71 \lsdlocked0 Colorful Shading;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority72 \lsdlocked0 Colorful List;\lsdsemihidden0 \lsdunhideused0 \lsdpriority73 \lsdlocked0 Colorful Grid;\lsdsemihidden0 \lsdunhideused0 \lsdpriority60 \lsdlocked0 Light Shading Accent 1;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority61 \lsdlocked0 Light List Accent 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority62 \lsdlocked0 Light Grid Accent 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority63 \lsdlocked0 Medium Shading 1 Accent 1;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority64 \lsdlocked0 Medium Shading 2 Accent 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority65 \lsdlocked0 Medium List 1 Accent 1;\lsdunhideused0 \lsdlocked0 Revision;
+\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority34 \lsdlocked0 List Paragraph;\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority29 \lsdlocked0 Quote;\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority30 \lsdlocked0 Intense Quote;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority66 \lsdlocked0 Medium List 2 Accent 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority67 \lsdlocked0 Medium Grid 1 Accent 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority68 \lsdlocked0 Medium Grid 2 Accent 1;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority69 \lsdlocked0 Medium Grid 3 Accent 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority70 \lsdlocked0 Dark List Accent 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority71 \lsdlocked0 Colorful Shading Accent 1;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority72 \lsdlocked0 Colorful List Accent 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority73 \lsdlocked0 Colorful Grid Accent 1;\lsdsemihidden0 \lsdunhideused0 \lsdpriority60 \lsdlocked0 Light Shading Accent 2;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority61 \lsdlocked0 Light List Accent 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority62 \lsdlocked0 Light Grid Accent 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority63 \lsdlocked0 Medium Shading 1 Accent 2;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority64 \lsdlocked0 Medium Shading 2 Accent 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority65 \lsdlocked0 Medium List 1 Accent 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority66 \lsdlocked0 Medium List 2 Accent 2;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority67 \lsdlocked0 Medium Grid 1 Accent 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority68 \lsdlocked0 Medium Grid 2 Accent 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority69 \lsdlocked0 Medium Grid 3 Accent 2;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority70 \lsdlocked0 Dark List Accent 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority71 \lsdlocked0 Colorful Shading Accent 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority72 \lsdlocked0 Colorful List Accent 2;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority73 \lsdlocked0 Colorful Grid Accent 2;\lsdsemihidden0 \lsdunhideused0 \lsdpriority60 \lsdlocked0 Light Shading Accent 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority61 \lsdlocked0 Light List Accent 3;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority62 \lsdlocked0 Light Grid Accent 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority63 \lsdlocked0 Medium Shading 1 Accent 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority64 \lsdlocked0 Medium Shading 2 Accent 3;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority65 \lsdlocked0 Medium List 1 Accent 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority66 \lsdlocked0 Medium List 2 Accent 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority67 \lsdlocked0 Medium Grid 1 Accent 3;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority68 \lsdlocked0 Medium Grid 2 Accent 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority69 \lsdlocked0 Medium Grid 3 Accent 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority70 \lsdlocked0 Dark List Accent 3;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority71 \lsdlocked0 Colorful Shading Accent 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority72 \lsdlocked0 Colorful List Accent 3;\lsdsemihidden0 \lsdunhideused0 \lsdpriority73 \lsdlocked0 Colorful Grid Accent 3;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority60 \lsdlocked0 Light Shading Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority61 \lsdlocked0 Light List Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority62 \lsdlocked0 Light Grid Accent 4;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority63 \lsdlocked0 Medium Shading 1 Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority64 \lsdlocked0 Medium Shading 2 Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority65 \lsdlocked0 Medium List 1 Accent 4;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority66 \lsdlocked0 Medium List 2 Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority67 \lsdlocked0 Medium Grid 1 Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority68 \lsdlocked0 Medium Grid 2 Accent 4;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority69 \lsdlocked0 Medium Grid 3 Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority70 \lsdlocked0 Dark List Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority71 \lsdlocked0 Colorful Shading Accent 4;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority72 \lsdlocked0 Colorful List Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority73 \lsdlocked0 Colorful Grid Accent 4;\lsdsemihidden0 \lsdunhideused0 \lsdpriority60 \lsdlocked0 Light Shading Accent 5;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority61 \lsdlocked0 Light List Accent 5;\lsdsemihidden0 \lsdunhideused0 \lsdpriority62 \lsdlocked0 Light Grid Accent 5;\lsdsemihidden0 \lsdunhideused0 \lsdpriority63 \lsdlocked0 Medium Shading 1 Accent 5;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority64 \lsdlocked0 Medium Shading 2 Accent 5;\lsdsemihidden0 \lsdunhideused0 \lsdpriority65 \lsdlocked0 Medium List 1 Accent 5;\lsdsemihidden0 \lsdunhideused0 \lsdpriority66 \lsdlocked0 Medium List 2 Accent 5;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority67 \lsdlocked0 Medium Grid 1 Accent 5;\lsdsemihidden0 \lsdunhideused0 \lsdpriority68 \lsdlocked0 Medium Grid 2 Accent 5;\lsdsemihidden0 \lsdunhideused0 \lsdpriority69 \lsdlocked0 Medium Grid 3 Accent 5;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority70 \lsdlocked0 Dark List Accent 5;\lsdsemihidden0 \lsdunhideused0 \lsdpriority71 \lsdlocked0 Colorful Shading Accent 5;\lsdsemihidden0 \lsdunhideused0 \lsdpriority72 \lsdlocked0 Colorful List Accent 5;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority73 \lsdlocked0 Colorful Grid Accent 5;\lsdsemihidden0 \lsdunhideused0 \lsdpriority60 \lsdlocked0 Light Shading Accent 6;\lsdsemihidden0 \lsdunhideused0 \lsdpriority61 \lsdlocked0 Light List Accent 6;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority62 \lsdlocked0 Light Grid Accent 6;\lsdsemihidden0 \lsdunhideused0 \lsdpriority63 \lsdlocked0 Medium Shading 1 Accent 6;\lsdsemihidden0 \lsdunhideused0 \lsdpriority64 \lsdlocked0 Medium Shading 2 Accent 6;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority65 \lsdlocked0 Medium List 1 Accent 6;\lsdsemihidden0 \lsdunhideused0 \lsdpriority66 \lsdlocked0 Medium List 2 Accent 6;\lsdsemihidden0 \lsdunhideused0 \lsdpriority67 \lsdlocked0 Medium Grid 1 Accent 6;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority68 \lsdlocked0 Medium Grid 2 Accent 6;\lsdsemihidden0 \lsdunhideused0 \lsdpriority69 \lsdlocked0 Medium Grid 3 Accent 6;\lsdsemihidden0 \lsdunhideused0 \lsdpriority70 \lsdlocked0 Dark List Accent 6;
+\lsdsemihidden0 \lsdunhideused0 \lsdpriority71 \lsdlocked0 Colorful Shading Accent 6;\lsdsemihidden0 \lsdunhideused0 \lsdpriority72 \lsdlocked0 Colorful List Accent 6;\lsdsemihidden0 \lsdunhideused0 \lsdpriority73 \lsdlocked0 Colorful Grid Accent 6;
+\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority19 \lsdlocked0 Subtle Emphasis;\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority21 \lsdlocked0 Intense Emphasis;
+\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority31 \lsdlocked0 Subtle Reference;\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority32 \lsdlocked0 Intense Reference;
+\lsdsemihidden0 \lsdunhideused0 \lsdqformat1 \lsdpriority33 \lsdlocked0 Book Title;\lsdpriority37 \lsdlocked0 Bibliography;\lsdqformat1 \lsdpriority39 \lsdlocked0 TOC Heading;}}{\*\datastore 010500000200000018000000
+4d73786d6c322e534158584d4c5265616465722e362e3000000000000000000000060000
+d0cf11e0a1b11ae1000000000000000000000000000000003e000300feff090006000000000000000000000001000000010000000000000000100000feffffff00000000feffffff0000000000000000ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+fffffffffffffffffdfffffffeffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
+ffffffffffffffffffffffffffffffff52006f006f007400200045006e00740072007900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000016000500ffffffffffffffffffffffff0c6ad98892f1d411a65f0040963251e5000000000000000000000000002c
+52e2b63dcc01feffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffff00000000000000000000000000000000000000000000000000000000
+00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffff0000000000000000000000000000000000000000000000000000
+000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffff000000000000000000000000000000000000000000000000
+0000000000000000000000000000000000000000000000000105000000000000}}

doc/ru/example1.txt

@@ -0,0 +1,99 @@
+KOI8-R
+
+Kirill Lopuchov, lopuchov at mail ru
+
+<3proxy>
+Довольно часто перед системным администратором встает задача предоставить доступ к Internet-ресурсам группе пользователей (небольшой офис, Internet-кафе). Данную задачу можно решить, настроив на Internet-шлюзе proxy-сервер, службу NAT (трансляция сетевых адресов) или раздать каждому пользователю реальный IP адрес.
+
+Давайте рассмотрим самый простой способ подключения - установку proxy-сервера. Традиционно для этих целей применяется популярный proxy Squid, но не всегда бывает необходимость в столь тяжеловатой программе :), да и в squid отсутствуют такие иногда необходимые вещи как SOCKS4/5-сервер, TCP/UP порт-маппинг. Поэтому вторым номером хочется представить вашему вниманию PROXY-сервер, под названием "3proxy" (http://3proxy.ru/), разработанный нашим программистом из г. Нижний Новгород. Одним из главных его достоинств является компактность и высокая переносимость. Код сервера написан так, что легко компилируется как для Win9x/2000/XP так и для Linux и FreeBSD.
+
+Сервер поддерживает следующие возможности:
+
+HTTP(S) proxy;
+FTP over HTTP proxy;
+SOCKS4/5 proxy;
+POP3 proxy;
+TCP & UDP маппинг портов;
+листы доступа к различным службам и адресам;
+ограничение пропускной способности канала каждого пользователя (чтобы пользователь не съел весь канал, качая кучу файлов в несколько потоков :) ); 
+ограничение трафика пользователя на день, неделю и месяц;
+авторизацию пользователей ко всем proxy-службам по имени и паролю или по ip адресам;
+ведение журналов через ODBC (по-моему, такого нет ни в одном proxy) и syslog и т. д. 
+
+К недостаткам можно отнести отсутствие кэширования информации :-|. Но в последнее время Inernet-контент становится все более динамичным (то есть не поддающийся кэшированию) и может быть для кого-то экономия в 25% трафика за счет его кэширования не будет столь критична. Для тех пользователей, кому она может оказаться критичной, автор предлагает использовать цепочку из 2-х серверов и в качестве кэша такие сервера как wwwoffle или им подобные, либо ждать появления поддержки кеша в 3proxy :)
+
+Установка
+
+# wget http://3proxy.ru/current/3proxy.tgz
+# tar -xvzf 3proxy.tgz
+# cd 3proxy
+# make -f Makefile.unix
+# mkdir /usr/local/3proxy
+# mkdir /usr/local/3proxy/logs
+# mkdir /usr/local/3proxy/stat
+# cp src/3proxy /usr/local/3proxy
+# touch /usr/local/3proxy/3proxy.cfg
+# chown -R nobody:nogroup /usr/local/3proxy 
+
+Далее приведу небольшой пример конфигурационного файла 3proxy.cfg с 
+комментариями, более подробную информацию по конфигурированию можно 
+найти файле 3proxy.cfg.sample или в 
+HowTo http://3proxy.ru/howtor.asp
+и FAQ http://3proxy.ru/faqr.asp
+
+-------------3proxy.cfg-------------
+# ВНИМАНИЕ !! не должны быть пробелов
+# перед любыми опциями конфигурации !!
+
+# ip-адрес DNS-сервера провайдера или локального
+nserver 127.0.0.1
+timeouts 1 5 30 60 180 1800 15 60
+
+# Создаем двух пользователей vasia, petia и vova 
+# и назначаем им пароли 24555, 14656 и 45455 соответственно
+users vasia:CL:24555
+users petia:CL:14656
+users vova:CL:45455
+
+# Лог-файл со списком запросов пользователей 
+# будет создаваться каждый день новый
+log /usr/local/3proxy/logs/3proxy.log D
+logformat "%d-%m-%Y %H:%M:%S %U %C:%c %R:%r %O %I %T"
+
+# Внешний интерфейс,
+# через который будут уходить запросы от сервера
+external 10.1.1.1
+
+# ip-адрес интерфейса, на котором будут приниматься 
+# запросы от клиентов
+internal 192.168.1.1
+
+# Устанавливаем тип авторизации по имени и паролю
+auth strong
+# Разрешаем доступ к портам 80,8080-8088
+allow * * * 80,8080-8088
+# Расскоментировать секцию parent, если у вас есть прокси верхнего 
+# уровня и заменить ip, порт, имя пользователя и пароль на свои значения 
+# parent 1000 http 192.168.0.1 8080 username passwd
+# allow *
+# Запускаем службу HTTP-proxy на порту (3128) и 
+# (-n) c отключенной NTLM-авторизацией)
+proxy -p3128 -n
+
+# Ограничиваем толшину канала для пользователей 
+# vasia и petia в 20000 bps,
+# а для vova 10000 bps
+bandlimin 20000 vasia,petia
+bandlimin 10000 vova 
+
+# Запускаем сервер от пользователя nobody 
+# (возможно в вашей ОС uid и gid пользователя nobody
+# будут другими. Для их определения воспользуйтесь коммандой id nobody) 
+setgid 65534
+setuid 65534
+------------------------------------
+
+После того как мы создали конфигурационный файл сервера, запускаем 3proxy командой:
+/usr/local/3proxy/3proxy /usr/local/3proxy/3proxy.cfg
+
+$Id: example1.txt,v 1.7 2007/04/20 19:58:42 vlad Exp $

doc/ru/iodbc.txt

@@ -0,0 +1,101 @@
+KOI8-R
+
+Kirill Lopuchov, lopuchov at mail ru
+
+÷ÅÄÅÎÉÅ ÌÏÇÏ× ÓÅÒ×ÅÒÁ × SQL-ÂÁÚÅ ÉÍÅÅÔ Ó×ÏÉ ÐÒÉÅÍÕÝÅÓÔ×Á ÐÅÒÅÄ ÏÂÙÞÎÙÍÉ ÔÅËÓÔÏ×ÙÍÉ ÆÁÊÌÁÍÉ. 3proxy ÐÏÄÄÅÒÖÉ×ÁÅÔ ×ÅÄÅÎÉÅ ÌÏÇÏ× ÞÅÒÅÚ ODBC-ÍÅÎÅÄÖÅÒ × ÌÀÂÏÊ ÂÁÚÅ ÄÁÎÎÙÈ, ÉÍÅÀÝÉÈ ODBC-ÄÒÁÊ×ÅÒ. üÔÏÔ ÍÅÎÅÄÖÅÒ ÓÔÁÌ ÓÔÁÎÄÁÒÔÏÍ ÄÅ-ÆÁËÔÏ × ÓÒÅÄÅ Windows, ÞÅÇÏ, Ë ÓÏÖÁÌÅÎÉÀ, ÎÅ ÓËÁÖÅÛØ ÐÒÏ Unix. ðÏÜÔÏÍÕ ÄÁÌÅÅ  ÒÁÓÓÍÏÔÒÉÍ ÎÁ ÐÒÉÍÅÒÅ FreeBSD ÎÁÓÔÒÏÊËÕ ×ÅÄÅÎÉÑ ÌÏÇÏ× × ÂÁÚÅ SQLite. üÔÁ  ÂÁÚÁ ÄÁÎÎÙÈ ×ÙÂÒÁÎÁ × ËÁÞÅÓÔ×Å ÐÒÉÍÅÒÁ ÐÏÔÏÍÕ,  ÞÔÏ ÏÎÁ ÐÒÏÓÔÁ × ÕÓÔÁÎÏ×ËÅ É ÎÁÓÔÒÏËÅ (× ÐÒÉÎÃÉÐÅ ÎÁÓÔÒÏÊËÁ ×ÅÄÅÎÉÑ ÌÏÇÏ× × ÌÀÂÏÊ ÄÒÕÇÏÊ ÂÁÚÅ mysql ÉÌÉ  postgresql ÏÔÌÉÞÁÅÔÓÑ ÔÏÌØËÏ ÎÁÓÔÒÏÊËÏÊ ÅÇÏ odbc-ÄÒÁÊ×ÅÒÁ)
+ 
+ õÓÔÁÎÁ×ÌÉ×ÁÅÍ SQLite
+wget http://www.sqlite.org/sqlite-2.8.14.tar.gz
+tar -xvzf sqlite-2.8.14.tar.gz
+cd sqlite 
+./configure
+gmake 
+gmake install
+
+ õÓÔÁÎÁ×ÌÉ×ÁÅÍ iODBC ÍÅÎÅÄÖÅÒ
+wget http://www.iodbc.org/libiodbc-3.51.2.tar.gz
+tar -xvzf libiodbc-3.51.2.tar.gz
+cd libiodbc-3.51.2
+./configure --disable-gui --disable-gtktest
+make 
+make install
+
+ õÓÔÁÎÁ×ÌÉ×ÁÅÍ odbc ÄÒÁÊ×ÅÒ SQLite
+wget http://www.ch-werner.de/sqliteodbc/sqliteodbc-0.62.tar.gz
+tar -xvzf sqliteodbc-0.62.tar.gz
+cd sqliteodbc-0.62
+
+./configure
+ åÓÌÉ Õ ×ÁÓ ÓËÒÉÐÔ configure ×ÙÄÁÌ ÏÛÉÂËÕ : 
+ (configure: error: SQLite library too old)
+ ÔÏ ÅÅ ÍÏÖÎÏ ÐÏÐÒÏÂÏ×ÁÔØ ÏÂÏÊÔÉ, ×ÓÔÁ×É× (SQLITE_COMPILE=1
+ × ÓÔÒ. 5092 ÐÏÓÌÅ ÕÓÌÏ×ÉÑ if endif) × ÆÁÊÌÅ configure
+make 
+make install
+
+
+ äÁÌÅÅ ÎÁÓÔÒÁÉ×ÁÅÍ ÚÁÐÉÓÉ ÄÌÑ iODBC ÍÅÎÅÄÖÅÒÁ ×
+ÆÁÊÌÁÈ /etc/odbcinst.ini É /etc/odbc.ini
+
+îÁÓÔÒÁÉ×ÁÅÍ odbc ÄÒÁÊ×ÅÒ 
+--------------/etc/odbcinst.ini-------------
+[ODBC Drivers]
+SQLite=Installed
+
+[SQLite]
+Driver=/usr/local/lib/libsqliteodbc.so
+---------------------------------------
+
+óÏÚÄÁÅÍ DSN ÄÌÑ ÂÁÚÙ c ÉÍÅÎÅÍ "sqlite", ËÏÔÏÒÁÑ ÂÕÄÅÔ 
+ÒÁÓÐÏÌÁÇÁÔØÓÑ × ËÁÔÁÌÏÇÅ: /usr/local/3proxy/logs.db
+
+--------------/etc/odbc.ini----------------
+[ODBC Data Sources]
+sqlite=SQLite
+
+[sqlite]
+Driver=/usr/local/lib/libsqliteodbc.so
+Description=SQLite test database
+Database=/usr/local/3proxy/logs.db
+# optional lock timeout in milliseconds
+Timeout=2000
+---------------------------------------
+
+óÏÚÄÁÅÍ ÂÁÚÕ ÄÌÑ ÌÏÇÏ× É ÔÁÂÌÉÃÕ × ÆÏÒÍÁÔÅ (logformat 
+ÓÍ. ÏÐÉÓÁÎÉÅ × 3proxy.cfg.sample )
+
+sqlite /usr/local/3proxy/logs.db
+
+SQLite version 2.8.14
+Enter ".help" for instructions
+sqlite>create table log (
+   ...> l_date char (11), 
+   ...> l_chour char (10), 
+   ...> l_user char (30), 
+   ...> l_service char (30), 
+   ...> l_in  integer, 
+   ...> l_out integer, 
+   ...> l_descr char  (64000), 
+   ...>);
+
+
+äÏÂÁ×ÌÑÅÍ ÓÌÅÄÕÀÝÉÅ ÚÁÐÉÓÉ × ËÏÎÆÉÇÕÒÁÃÉÏÎÎÙÊ ÆÁÊÌ 3proxy.cfg
+---------------3proxy.cfg-----------------   
+log &sqlite
+
+logformat "Linsert into log ( l_date, l_chour, l_user, l_service, l_in, l_out, 
+l_descr)
+values ('%d-%m-%Y', '%H:%M:%S', '%U', '%N', %I, %O, '%T')"
+------------------------------------------
+
+CÏÂÒÁÔØ 3proxy c ÐÏÄÄÒÅÖËÏÊ iODBC, ÄÌÑ ÜÔÏÇÏ × Makefile.unix ÐÏÍÅÎÑÔØ
+ 
+CFLAGS = -Wall -O2 -c -pthread -D_THREAD_SAFE -D_REENTRANT -DWITH_STD_MALLOC -I/usr/local/include
+LIBS = -L /usr/local/lib -lodbc
+
+É ÄÁÔØ ËÏÍÁÎÄÙ
+
+make clean
+make -f Makefile.unix
+
+$Id: iodbc.txt,v 1.3 2006/02/08 17:59:07 vlad Exp $

doc/ru/odbc.txt

@@ -0,0 +1,28 @@
+Eugene: Re: 3proxy 0.6 + iODBC + PostgreSQL  22.11.2007 19:04:23
+ 	 	 	 	 	Наконец-то я разобрался и запустил.
+1. Я использовал пакет unixODBC.
+2. /etc/unixODBC/odbc.ini
+[proxy]
+Description             = PostgreSQL ODBC driver
+Driver                  = PostgreSQL ODBC driver
+Database                = proxy
+ServerName              = localhost
+3. /etc/unixODBC/odbcinst.ini
+[PostgreSQL ODBC driver]
+Description             = PostgreSQL ODBC driver
+Driver          = /usr/local/lib/psqlodbcw.so
+Setup           = /usr/lib/libodbcpsqlS.so
+4. Собирал вручную psqlodbc-08.02.0500, слитый с postgresql.org (получился psqlodbcw.so).
+5. 3proxy.conf
+log &proxy,logger,123
+logformat "LINSERT INTO logger (ldatetime,username,userip,trafin,trafout,service,host,port,
+url) VALUES ('%Y-%m-%d %H:%M:%S','%U','%C',
+'%I','%O','%N',
+'%n','%r','%T');"
+
+То есть пароли и логины в odbc.ini прописывать не надо - система падает на драйвере ODBC.
+Использовать libiodbc тоже не надо - система падает на libiodbc.so.
+
+Все вышесказанное справедливо для unixODBC + psqlodbc производства postgresql.org, как с -DSAFESQL, так и без оного.
+С myodbc + unixODBC проблем не наблюдалось никаких.
+Шаманство, в общем ;) 

man/3proxy.8

@@ -0,0 +1,153 @@
+.TH 3proxy "8" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B 3proxy
+\- 3[APA3A] tiny proxy server, or trivial proxy server, or free proxy
+server
+.SH SYNOPSIS
+.B 3proxy
+.RI [ config_file ]
+.br
+.B 3proxy
+.RI [ \-\-install ]
+.br
+.B 3proxy
+.RI [ \-\-remove ]
+.SH DESCRIPTION
+.B 3proxy
+is universal proxy server. It can be used to provide internal users wuth
+fully controllable access to external resources or to provide external
+users with access to internal resources. 3proxy is not developed to replace
+.BR squid (8),
+but it can extend functionality of existing cashing proxy.
+It can be used to route requests between different types of clients and proxy
+servers. Think about it as application level
+gateway with configuration like hardware router has for network layer.
+It can establish multiple
+gateways with HTTP and HTTPS proxy with FTP over HTTP support, SOCKS v4,
+v4.5 and v5, POP3 proxy, UDP and TCP portmappers. Each gateway is started
+from configuration file like independant service 
+.BR proxy (8)
+.BR socks (8)
+.BR pop3p (8)
+.BR tcppm (8)
+.BR udppm (8)
+.BR ftppr (8)
+.BR dnspr
+but
+.BR 3proxy
+is not a kind of wrapper or superserver for this daemons. It just has same
+code compiled in, but provides much more functionality. SOCKSv5
+implementatation allows to use 3proxy with any UDP or TCP based client
+applications designed without
+proxy support (with
+.IR SocksCAP ,
+.I FreeCAP
+or another client-side redirector under Windows of with socksification library
+under Unix). So you can play your favourite games, listen music, exchange
+files and messages and even accept incoming connections behind proxy server.
+.PP
+.I dnspr
+does not exist as independant service. It\' DNS caching proxy (it requires
+.I nscache
+and
+.I nserver
+to be set in configuration. Only A-records are cached. Please note, the
+this caching is mostly a 'hack' and has nothing to do with real
+DNS server, but it works perfectly for SOHO networks.
+
+.PP
+3proxy supports access control lists (ACL) like network router. Source
+and destination networks and destination port can be specified. In addition,
+usernames and gateway action (for example GET or POST) can be used in ACLs.
+In order to filter request on username basis user must be authenticated somehow. There are few
+authentication types including password authentication and authentication by
+NetBIOS name for Windows clients (it\'s very like ident authentication).
+Depending on ACL action request can be allowed, denied or redirected to another
+host or to another proxy server or even to a chain of proxy servers.
+.PP
+It supports different types of logging: to logfiles, 
+.BR syslog (3)
+(only under Unix) or to ODBC database. Logging format is turnable to provide
+compatibility with existing log file parsers. It makes it possible to use
+3proxy with IIS, ISA, Apache or Squid log parsers.
+.SH OPTIONS
+.TP
+.B config_file
+Name of config file. See
+.BR 3proxy.cfg (3)
+for configuration file format. Under Windows, if config_file is not specified,
+.BR 3proxy
+looks for file named
+.I 3proxy.cfg
+in the default location (in same directory with executable file and in current
+directory). Under Unix, if no config file is specified, 3proxy reads
+configuration from stdin. It makes it possible to use 3proxy.cfg file as
+executable script just by setting +x mode and adding
+.br
+#!/usr/local/3proxy/3proxy
+.br
+as a first line in 3proxy.cfg
+.TP
+.B --install
+(Windows NT family only) install 
+.BR 3proxy
+as a system service
+.TP
+.B --remove
+(Windows NT family only) remove
+.BR 3proxy
+from system services
+.SH SIGNALS
+Under Unix there are few signals
+.BR 3proxy
+catches. See
+.BR kill (1).
+.TP
+.B SIGTERM
+cleanup connections and exit
+.TP
+.B SIGPAUSE
+stop to accept new connections, on second signal - start and re-read
+configuration
+.TP
+.B SIGCONT
+start to accept new conenctions
+.TP
+.B SIGUSR1
+reload configuration
+.PP
+Under Windows, if
+.BR 3proxy
+is installed as service you can standard service management to start, stop,
+pause and continue 3proxy service, for example:
+.br
+.BR "net start 3proxy"
+.br
+.BR "net stop 3proxy"
+.br
+.BR "net pause 3proxy"
+.br
+.BR "net continue 3proxy"
+.PP
+Web admin service can also be used to reload configuration. Use
+wget to automate this task.
+.SH FILES
+.TP
+.I "/usr/local/3proxy/3proxy.cfg (3proxy.cfg)"
+.BR 3proxy
+configuration file
+.SH BUGS
+Report all bugs to
+.BR 3proxy@security.nnov.ru
+.SH SEE ALSO
+3proxy.cfg(3), proxy(8), ftppr(8), socks(8), pop3p(8), tcppm(8), udppm(8),
+kill(1), syslogd(8),
+.br
+http://3proxy.ru/
+.SH TRIVIA
+3APA3A is pronounced as \`\`zaraza\'\'.
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

man/3proxy.cfg.3

@@ -0,0 +1,896 @@
+.TH 3proxy.cfg "3" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B 3proxy.cfg
+\- 3proxy configuration file
+.SH DESCRIPTION
+ Common structure:
+.br
+Configuration file is a text file 3proxy reads configuration from. Each line
+of the file is a command executed immediately, as it was given from
+console. Sequence of commands is important. Configuration file as actually a
+script for 3proxy executable.
+Each line of the file is treated as a blank (space or tab) separated
+command line. Additional space characters are ignored. 
+Think about 3proxy as "application level router" with console interface.
+.br
+ Comments:
+.br
+Any string beginning with space character or \'#\' character is comment. It\'s
+ignored. <LF>s are ignored. <CR> is end of command.
+
+.br
+ Quotation:
+.br
+Quotation character is " (double quote). Quotation must be used to quote
+spaces or another special characters. To use quotation character inside
+quotation character must be dubbed (BASIC convention). For example to use
+HELLO "WORLD" as an argument you should use it as "HELLO ""WORLD"""\.
+Good practice is to quote any argument you use.
+.br
+ File inclusion:
+.br
+You can include file by using $FILENAME macro (replace FILENAME with a path
+to file, for example $/usr/local/etc/3proxy/conf.incl or 
+ $"c:\\Program Files\\3proxy\\include.cfg" Quotation is
+required in last example because path contains space character. 
+For included file <CR> (end of line characters) is treated as space character
+(arguments delimiter instead of end of command delimiter). 
+Thus, include files are only useful to store long signle-line commands
+(like userlist, network lists, etc).
+To use dollar sign somewhere in argument it must be quoted. 
+Recursion is not allowed.
+.br
+ Next commands start gateway services:
+.br
+.B   proxy
+[options]
+.br
+.B   socks
+[options]
+.br
+.B   pop3p
+[options]
+.br
+.B   ftppr
+[options]
+.br
+.B   admin
+[options]
+.br
+.B   dnspr
+[options]
+.br
+.B   tcppm
+[options]
+<SRCPORT> <DSTADDR> <DSTPORT>
+.br
+.B   udppm
+[options]
+<SRCPORT> <DSTADDR> <DSTPORT>
+.br
+ Descriptions:
+.br
+.B proxy
+\- HTTP/HTTPS proxy (default port 3128)
+.br
+.B socks
+\- SOCKS 4/4.5/5 proxy (default port 1080)
+.br
+.B pop3p
+\- POP3 proxy (default port 110)
+.br
+.B ftppr
+\- FTP proxy (default port 21)
+.br
+.B admin
+\- Web interface (default port 80)
+.br
+.B dnspr
+\- caching DNS proxy (default port 53)
+.br
+.B tcppm
+\- TCP portmapper
+.br
+.B udppm
+\- UDP portmapper
+.br
+
+ Options:
+.br
+.B -pNUMBER
+change default server port to NUMBER
+.br
+.B -n
+disable NTLM authentication (required if passwords are stored in Unix crypt format.
+.br
+.B -s
+(for admin) - allow only secure operations (currently only traffic counters
+view without ability to reset).
+.br
+.B -a
+(for proxy) - anonymous proxy (no information about client reported)
+.br
+.B -a1
+(for proxy) - anonymous proxy (random client information reported)
+.br
+ Also, all options mentioned for 
+.BR proxy (8)
+.BR socks (8)
+.BR pop3p (8)
+.BR tcppm (8)
+.BR udppm (8)
+.BR ftppr (8)
+ are also supported.
+.br
+ Portmapping services listen at SRCPORT and connect to DSTADDR:DSTPORT
+HTTP and SOCKS proxies are standard. 
+.br
+ POP3 proxy must be configured as POP3 server and requires username in the form of:
+pop3username@pop3server. If POP3 proxy access must be authenticated, you can
+specify username as proxy_username:proxy_password:POP3_username@pop3server
+.br
+ DNS proxy resolves any types of records but only hostnames are cached. It
+requires nserver/nscache to be configured.
+.br
+ FTP proxy can be used as FTP server in any FTP client or configured as FTP
+proxy on a client with FTP proxy support. Username format is one of
+.br
+ FTPuser@FTPServer
+.br
+ FTPuser:FTPpassword@FTPserver
+.br
+ proxyuser:proxypassword:FTPuser:FTPpassword@FTPserver
+.br
+ Please note, if you use FTP client interface for FTP proxy
+do not add FTPpassword and FTPServer to username, because
+FTP client does it for you. That is, if you use 3proxy with
+authentication use
+proxyuser:proxypassword:FTPuser
+as FTP username, otherwise do not change original FTP user name	
+
+.B include
+<path>
+.br
+Include config file
+
+.br
+.B config
+<path>
+.br
+Path to configuration file to use on 3proxy restart or to save configuration.
+
+.br
+.B writable
+.br
+ReOpens configuration file for write access via Web interface,
+and re-reads it. Usually should be first command on config file
+but in combination with "config" it can be used anywhere to open
+alternate config file. Think twice before using it.
+
+.br
+.B end
+.br
+End of configuration
+
+.br
+.B log
+[[@|&]logfile] [<LOGTYPE>]
+.br
+sets logfile for all gateways
+.br
+ @ - (for Unix) use syslog, filename is used as ident name
+.br
+ & - use ODBC, filename consists of comma-delimited datasource,username,password (username and password are optional)
+.br
+ LOGTYPE is one of:
+.br
+  M - Monthly
+.br
+  W - Weekly (starting from Sunday)
+.br
+  D - Daily
+.br
+  H - Hourly
+.br
+if logfile is not specified logging goes to stdout. You can specify individual logging options for gateway by using
+-l option in gateway configuration.
+.br
+"log" command supports same format specifications for filename template
+as "logformat" (if filename contains '%' sign it's believed to be template).
+As with "logformat" filename must begin with 'L' or 'G' to specify Local or
+Grinwitch time zone for all time-based format specificators.
+
+.br
+.B rotate
+<n>
+how many archived log files to keep
+
+.br
+.B logformat
+<format>
+
+Format for log record. First symbol in format must be L (local time)
+or G (absolute Grinwitch time). 
+It can be preceeded with -XXX+Y where XXX is list of characters to be
+filtered in user input (any non-printable characters are filtered too
+in this case) and Y is replacement character. For example, "-,%+ L" in
+the beginning of logformat means comma and percent are replaced
+with space and all time based elemnts are in local time zone.
+.br
+You can use:
+
+.br
+ %y - Year in 2 digit format
+.br
+ %Y - Year in 4 digit format
+.br
+ %m - Month number
+.br
+ %o - Month abbriviature
+.br
+ %d - Day
+.br
+ %H - Hour
+.br
+ %M - Minute
+.br
+ %S - Second
+.br
+ %t - Timstamp (in seconds since 01-Jan-1970)
+.br
+ %. - milliseconds
+.br
+ %z - timeZone (from Grinvitch)
+.br
+ %D - request duration (in milliseconds)
+.br
+ %b - average send rate per request (in Bytes per second) this speed is typically below connection speed shown by download manager.
+.br
+ %B - average receive rate per request (in Bytes per second) this speed is typically below connection speed shown by download manager.
+.br
+ %U - Username
+.br
+ %N - service Name
+.br
+ %p - service Port
+.br
+ %E - Error code
+.br
+ %C - Client IP
+.br
+ %c - Client port
+.br
+ %R - Remote IP
+.br
+ %r - Remote port
+.br
+ %e - External IP used to establish connection
+.br
+ %Q - Requested IP
+.br
+ %q - Requested port
+.br
+ %n - requested hostname
+.br
+ %I - bytes In
+.br
+ %O - bytes Out
+.br
+ %h - Hops (redirections) count
+.br
+ %T - service specific Text
+.br
+ %N1-N2T - (N1 and N2 are positive numbers) - log only fields from N1 thorugh N2 of service specific text
+.br
+in case of ODBC logging logformat specifies SQL statement, for exmample:
+.br
+   logformat "-'+_Linsert into log (l_date, l_user, l_service, l_in, l_out, l_descr) values ('%d-%m-%Y %H:%M:%S', '%U', '%N', %I, %O, '%T')"
+
+.br
+.B logdump
+<in_traffic_limit> <out_traffic_limit>
+.br
+Immediately creates additional log records if given amount of incoming/outgoing
+traffic is achieved for connection, without waiting for connection to finish.
+It may be useful to prevent information about long-lasting downloads on server
+shutdown.
+
+.br
+.B archiver
+<ext> <commandline>
+.br
+Archiver to use for log files. <ext> is file extension produced by
+archiver. Filename will be last argument to archiver, optionally you
+can use %A as produced archive name and %F as filename.
+
+.br
+.B timeouts
+<BYTE_SHORT> <BYTE_LONG> <STRING_SHORT> <STRING_LONG> <CONNECTION_SHORT> <CONNECTION_LONG> <DNS> <CHAIN>
+.br
+Sets timeout values
+.br
+ BYTE_SHORT - short timeout for single byte, is usually used for receiving single byte from stream.
+.br
+ BYTE_LONG - long timeout for single byte, is usually used for receiving first byte in frame (for example first byte in socks request).
+.br
+ STRING_SHORT - short timeout, for character string within stream (for example to wait between 2 HTTP headers)
+.br
+ STRING_LONG - long timeout, for first string in stream (for example to wait for HTTP request).
+.br
+ CONNECTION_SHORT - inactivity timeout for short connections (HTTP, POP3, etc).
+.br
+ CONNECTION_LONG - inactivity timeout for long connection (SOCKS, portmappers, etc).
+.br
+ DNS - timeout for DNS request before requesting next server
+.br
+ CHAIN - timeout for reading data from chained connection
+.br
+
+.br
+.B nserver
+ <ipaddr>
+.br
+Nameserver to use for name resolutions. If none spcified system
+or name server fails system routines for name resolution will be
+used. It's better to specify nserver because gethostbyname() may
+be thread unsafe.
+
+.br
+.B nscache
+<cachesize>
+.br
+
+Cache <cachesize> records for name resolution. Cachesize usually
+should be large enougth (for example 65536).
+
+.br
+.B nsrecord
+<hostname> <hostaddr>
+.BR
+Adds static record to nscache. nscache must be enabled. If 0.0.0.0
+is used as a hostaddr host will never resolve, it can be used to
+blacklist something or together with 
+.B dialer
+command to set up UDL for dialing.
+
+.br
+.B fakeresolve
+.BR
+All names are resolved to 127.0.0.2 address. Usefull if all requests are
+redirected to parent proxy with http, socks4+, connect+ or socks5+.
+
+.br
+.B dialer
+<progname>
+.br
+Execute progname if external name can't be resolved.
+Hint: if you use nscache, dialer may not work, because names will
+be resolved through cache. In this case you can use something like
+http://dial.right.now/ from browser to set up connection.
+
+
+.br
+.B internal
+<ipaddr>
+.br
+sets ip address of internal interface. This IP address will be used
+to bind gateways. Alternatively you can use -i option for individual
+gateways
+
+.br
+.B external
+<ipaddr>
+.br
+sets ip address of external interface. This IP address will be source
+address for all connections made by proxy. Alternatively you can use
+-e option to specify individual address for gateway.
+   
+.br
+.B maxconn
+<number>
+.br
+sets maximum number of simulationeous connections to each services
+started after this command. Default is 100.
+
+.br
+.B service
+.br
+(depricated). Indicates 3proxy to behave as Windows 95/98/NT/2000/XP
+service, no effect for Unix. Not required for 3proxy 0.6 and above. If
+you upgraded from previous version of 3proxy use --remove and --install
+to reinstall service.
+
+.br
+.B daemon
+.br
+Should be specified to close console. Do not use 'daemon' with 'service'.
+At least under FreeBSD 'daemon' should preceed any proxy service
+and log commands to avoid sockets problem. Always place it in the beginning
+of the configuration file.
+
+.br
+.B auth
+<authtype> [...]
+.br
+Type of user authorization. Currently supported:
+.br
+ none - no authentication or authorization required.
+ Note: is auth is none any ip based limitation, redirection, etc will not work. 
+ This is default authentication type
+.br
+ iponly - authentication by access control list with username ignored.
+ Appropriate for most cases
+.br
+ useronly - authentication by username without checking for any password with
+authorization by ACLs. Useful for e.g. SOCKSv4 proxy and icqpr (icqpr set UIN /
+AOL screen name as a username)
+.br
+ dnsname - authentication by DNS hostnname with authorization by ACLs.
+DNS hostname is resolved via PTR (reverse) record and validated (resolved
+name must resolve to same IP address). It's recommended to use authcache by
+ip for this authentication.
+NB: there is no any password check, name may be spoofed.
+.br
+ nbname - authentication by NetBIOS name with authorization by ACLs.
+Messanger service should be started on user's machine. Note, that
+Windows 95/98 hosts do not have messanger service by default,
+WinPopup program need to be started. It's recommended to use authcache by
+ip for this authentication.
+NB: there is no any password check, name may be spoofed.
+.br
+ strong - username/password authentication required. It will work with
+SOCKSv5, FTP, POP3 and HTTP proxy. 
+.br
+ cache - cached authentication, may be used with 'authcache'.
+.br
+Plugins may add additional authentication types.
+.br
+
+ It's possible to use few authentication types in the same commands. E.g.
+.br
+auth iponly strong
+.br
+In this case 'strong' authentication will be used only in case resource
+access can not be performed with 'iponly' authentication, that is username is
+required in ACL. It's usefull to protect access to some resources with
+password allowing passwordless access to another resources, or to use
+IP-based authentication for dedicated laptops and request username/password for
+shared ones.
+.br
+.B authcache
+<cachtype> <cachtime>
+.br
+Cache authentication information to given amount of time (cachetime) in seconds.
+Cahtype is one of:
+.br
+ ip - after successful authentication all connections during caching time
+from same IP are assigned to the same user, username is not requested.
+.br
+ ip,user username is requested and all connections from the same IP are
+assigned to the same user without actual authentication.
+.br
+ user - same as above, but IP is not checked. 
+.br
+ user,password - both username and password are checked against cached ones.
+.br
+Use auth type 'cache' for cached authentication
+.br
+.B allow
+<userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+<weekdayslist> <timeperiodslist>
+.br
+.B deny
+<userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+<weekdayslist> <timeperiodslist>
+.br
+Access control entries. All lists are comma-separated, no spaces are
+allowed. Usernames are case sensitive (if used with authtype nbname
+username must be in uppercase). Source and target lists may contain
+IP addresses (W.X.Y.Z) or CIDRs (W.X.Y.Z/L). Since 0.6, targetlist may also
+contain host names, instead of addresses. It's possible to use wildmask in
+the begginning and in the the end of hostname, e.g. *badsite.com or
+*badcontent*. Hostname is only checked if hostname presents in request.
+Targetportlist may contain ports (X) or port ranges lists (X-Y). For any field
+* sign means "ANY" If access list is empty it's assumed to be
+.br
+ allow *
+.br
+ If access list is not empty last item in access list is assumed to be
+.br
+ deny *
+.br
+ You may want explicitly add "deny *" to the end of access list to prevent
+HTTP proxy from requesting user's password.
+Access lists are checked after user have requested any resource.
+If you want 3proxy to reject connections from specific addresses
+immediately without any conditions you should either bind proxy
+to appropriate interface only or to use ip filters.
+.br
+
+Operation is one of:
+.br
+ CONNECT - establish outgoing TCP connection
+.br
+ BIND - bind TCP port for listening
+.br
+ UDPASSOC - make UDP association
+.br
+ ICMPASSOC - make ICMP association (for future use)
+.br
+ HTTP_GET - HTTP GET request
+.br
+ HTTP_PUT - HTTP PUT request
+.br
+ HTTP_POST - HTTP POST request
+.br
+ HTTP_HEAD - HTTP HEAD request
+.br
+ HTTP_CONNECT - HTTP CONNECT request
+.br
+ HTTP_OTHER - over HTTP request
+.br
+ HTTP - matches any HTTP request except HTTP_CONNECT
+.br
+ HTTPS - same as HTTP_CONNECT
+.br
+ FTP_GET - FTP get request
+.br
+ FTP_PUT - FTP put request
+.br
+ FTP_LIST - FTP list request
+.br
+ FTP_DATA - FTP data connection. Note: FTP_DATA requires access to dynamic
+ non-ptivileged (1024-65535) ports on remote side.
+.br
+ FTP - matches any FTP/FTP Data request
+.br
+ ADMIN - access to administration interface
+.br
+
+Weeksdays are week days numbers or periods (0 or 7 means Sunday, 1 is Monday,
+1-5 means Monday through Friday). Timeperiodlists is a list of time
+periods in HH:MM:SS-HH:MM:SS format. For example, 
+ 00:00:00-08:00:00,17:00:00-24:00:00
+lists non-working hours.
+	
+.br
+.B parent
+<weight> <type> <ip> <port> <username> <password>
+.br
+this command must follow "allow" rule. It extends last allow rule to
+build proxy chain. Proxies may be grouped. Proxy inside the
+group is selected randomly. If few groups are specified one proxy
+is randomly picked from each group and chain of proxies is created
+(that is second proxy connected through first one and so on).
+Weight is used to group proxies. Weigt is a number between 1 and 1000.
+Weights are summed and proxies are grouped together untill weight of
+group is 1000. That is:
+.br
+ allow *
+.br
+ parent 500 socks5 192.168.10.1 1080
+.br
+ parent 500 connect 192.168.10.1 3128
+.br
+ makes 3proxy to randomly choose between 2 proxies for all outgoing
+connections. These 2 proxies form 1 group (summarized weight is 1000).
+.br
+ allow * * * 80
+.br
+ parent 1000 socks5 192.168.10.1 1080
+.br
+ parent 1000 connect 192.168.20.1 3128
+.br
+ parent 300 socks4 192.168.30.1 1080
+.br
+ parent 700 socks5 192.168.40.1 1080
+.br
+ creates chain of 3 proxies: 192.168.10.1, 192.168.20.1 and third
+is (192.168.30.1 with probability of 0.3 or 192.168.40.1
+with probability of 0.7) for outgoing web connections.
+
+.br
+ type is one of:
+.br
+ tcp - simply redirect connection. TCP is always last in chain.
+.br
+ http - redirect to HTTP proxy. HTTP is always last chain.
+.br
+ pop3 - redirect to POP3 proxy (only local redirection is supported, can not be
+used for chaining)
+.br
+ ftp - redirect to FTP proxy (only local redirection is supported, can not be
+used for chaining)
+.br
+ connect - parent is HTTP CONNECT method proxy
+.br
+ connect+ - parent is HTTP CONNECT proxy with name resolution
+.br
+ socks4 - parent is SOCKSv4 proxy
+.br
+ socks4+ - parent is SOCKSv4 proxy with name resolution (SOCKSv4a)
+.br
+ socks5 - parent is SOCKSv5 proxy
+.br
+ socks5+ - parent is SOCKSv5 proxy with name resolution
+.br
+ socks4b - parent is SOCKS4b (broken SOCKSv4 implementation with shortened
+server reply. I never saw this kind ofservers byt they say there are).
+Normally you should not use this option. Do not mess this option with
+SOCKSv4a (socks4+).
+.br
+ socks5b - parent is SOCKS5b (broken SOCKSv5 implementation with shortened
+server reply. I think you will never find it useful). Never use this option
+unless you know exactly you need it.
+.br
+ admin - redirect request to local 'admin' service (with -s parameter).
+.br
+ Use "+" proxy only with "fakeresolve" option
+.br
+
+ IP and port are ip addres and port of parent proxy server.
+If IP is zero, ip is taken from original request, only port is changed.
+If port is zero, it's taken from original request, only IP is changed.
+If both IP and port are zero - it's a special case of local redirection,
+it works only with
+.B socks
+proxy. In case of local redirection request is redirected to different service, 
+.B ftp
+locally redirects to
+.B ftppr
+.B pop3
+locally redirects to
+.B pop3p
+.B http
+locally redurects to
+.B proxy
+.B admin
+locally redirects to admin -s service.
+.br
+
+ Main purpose of local redirections is to have requested resource
+(URL or POP3 username) logged and protocol-specific filters to be applied.
+In case of local redirection ACLs are revied twice: first, by SOCKS proxy up to
+'parent' command and then with gateway service connection is
+redirected (HTTP, FTP or POP3) after 'parent' command. It means,
+additional 'allow' command is required for redirected requests, for
+example:
+.br
+ allow * * * 80
+.br
+ parent 1000 http 0.0.0.0 0
+.br
+ allow * * * 80 HTTP_GET,HTTP_POST
+.br
+ socks
+.br
+redirects all SOCKS requests with target port 80 to local HTTP proxy,
+local HTTP proxy parses requests and allows only GET and POST requests.
+.br
+ parent 1000 http 1.2.3.4 0
+.br
+Changes external address for given connection to 1.2.3.4
+(an equivalent to -e1.2.3.4)
+
+ Optional username and password are used to authenticate on parent
+proxy. Username of '*' means username must be supplied by user.
+
+
+.br
+.B nolog
+<n>
+extends last allow or deny command to prevent logging, e.g.
+.br
+allow * * 192.168.1.1
+.br
+nolog
+
+
+.br
+.B weight
+<n>
+extends last allow or deny command to set weight for this request
+.br
+allow * * 192.168.1.1
+.br
+weight 100
+.br
+Weight may be used for different purposes.
+
+.br
+.B bandlimin
+<rate> <userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+.br
+.B nobandlimin
+<userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+.B bandlimout
+<rate> <userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+.br
+.B nobandlimout
+<userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+.br
+ bandlim sets bandwith limitation filter to <rate> bps (bits per second)
+(if you want to specife bytes per second - multiply your value to 8).
+bandlim rules act in a same manner as allow/deny rules except
+one thing: bandwidth limiting is applied to all services, not to some
+specific service. 
+bandlimin and nobandlimin applies to incoming traffic
+bandlimout and nobandlimout applies to outgoing traffic
+If tou want to ratelimit your clients with ip's 192.168.10.16/30 (4
+addresses) to 57600 bps you have to specify 4 rules like
+.br
+ bandlimin 57600 * 192.168.10.16
+.br
+ bandlimin 57600 * 192.168.10.17
+.br
+ bandlimin 57600 * 192.168.10.18
+.br
+ bandlimin 57600 * 192.168.10.19
+.br
+ and every of you clients will have 56K channel.	if you specify
+.br
+ bandlimin 57600 * 192.168.10.16/30
+.br
+ you will have 56K channel shared between all clients.
+if you want, for example, to limit all speed ecept access to POP3 you can use
+.br
+ nobandlimin * * * 110
+.br
+ before the rest of bandlim rules.
+
+.br
+.B counter
+<filename> <reporttype> <repotname>
+.br
+.B countin
+<number> <type> <limit> <userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+.br
+.B nocountin
+<userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+.br
+.B countout
+<number> <type> <limit> <userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+.br
+.B nocountout
+<userlist> <sourcelist> <targetlist> <targetportlist> <operationlist>
+.br
+
+ counter, countin, nocountin, countout, noucountout  commands are 
+used to set traffic limit
+in MB for period of time (day, week or month). Filename is a path
+to a special file where traffic information is permanently stored.
+number is sequential number of record in this file. If number is 0
+no traffic information  on this counter is saved in file (that is
+if proxy restarted all information is loosed) overwise it should be
+unique sequential number.
+Type specifies a type of counter. Type is one of:
+.br
+ D - counter is resetted daily
+.br
+ W - counter is resetted weekly
+.br
+ M - counter is resetted monthely
+.br
+ reporttype/repotname may be used to generate traffic reports.
+Reporttype is one of D,W,M,H(hourly) and repotname specifies filename
+template for reports. Report is text file with counter values in
+format:
+.br
+ <COUNTERNUMBER> <TRAF*4GB> <TRAF>
+.br
+ The rest of parameters is identical to bandlim/nobandlim.
+
+.br
+.B users
+username[:pwtype:password] ...
+.br
+pwtype is one of:
+.br
+ none (empty) - use system authentication
+.br
+ CL - password is cleartext
+.br
+ CR - password is crypt-style password
+.br
+ NT - password is NT password (in hex)
+.br
+example:
+.br
+ users test1:CL:password1 "test2:CR:$1$lFDGlder$pLRb4cU2D7GAT58YQvY49."
+.br
+ users test3:NT:BD7DFBF29A93F93C63CB84790DA00E63
+.br
+(note: double quotes are requiered because password contains $ sign).	
+
+.br
+.B flush
+.br
+empty active access list. Access list must be flushed avery time you creating
+new access list for new service. For example:
+.br
+ allow *
+.br
+ pop3p
+.br
+ flush
+.br
+ allow * 192.168.1.0/24
+.br
+ socks
+.br
+sets different ACLs for
+.B pop3p
+and
+.B socks
+
+.br
+.B system
+.br
+execute system command
+
+.br
+.B pidfile
+<filename>
+.br
+write pid of current process to file. It can be used to manipulate
+3proxy with signals under Unix. Currently next signals are available:
+
+.br
+.B monitor
+<filename>
+.br
+If file monitored changes in modification time or size, 3proxy reloads
+configuration within one minute. Any number of files may be monitored.
+
+.br
+.B setuid
+<uid>
+.br
+calls setuid(uid), uid must be numeric. Unix only. Warning: under some Linux
+kernels setuid() works onle for current thread. It makes it impossible to suid
+for all threads.
+
+.br
+.B setgid
+<gid>
+.br
+calls setgid(gid), gid must be numeric. Unix only.
+
+.br
+.B chroot
+<path>
+.br
+calls chroot(path). Unix only.
+.SH PLUGINS
+
+.br
+.B plugin
+<path_to_shared_library> <function_to_call> [<arg1> ...]
+.br
+Loads specified library and calls given export function with given arguments,
+as 
+.br
+int functions_to_call(struct pluginlink * pl, int argc, char * argv[]);
+.br
+function_to_call must return 0 in case of success, value > 0 to indicate error.
+
+.br
+.B filtermaxsize
+<max_size_of_data_to_filter>
+.br
+If Content-length (or another data length) is greater than given value, no
+data filtering will be performed thorugh filtering plugins to avoid data
+corruption and/or Content-Length chaging. Default is 1MB (1048576).
+
+
+.SH SEE ALSO
+3proxy(8), proxy(8), ftppr(8), socks(8), pop3p(8), tcppm(8), udppm(8), syslogd(8),
+.br
+http://3proxy.ru/
+.SH TRIVIA
+3APA3A is pronounced as \`\`zaraza\'\'.
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

man/ftppr.8

@@ -0,0 +1,85 @@
+.TH ftppr "8" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B ftppr
+\- FTP proxy gateway service
+.SH SYNOPSIS
+.BR "ftppr " [ -d ]
+.IB \fR[ -l \fR[ \fR[ @ \fR] logfile \fR]]
+.IB \fR[ -p port\fR]
+.IB \fR[ -i internal_ip\fR]
+.IB \fR[ -e external_ip\fR]
+.IB \fR[ -h default_ip[:port]\fR]
+.SH DESCRIPTION
+.B ftppr
+is FTP gateway service to allow internal users to access external FTP
+servers.
+.SH OPTIONS
+.TP
+.B -I
+Inetd mode. Standalone service only.
+.TP
+.B -d
+Daemonise. Detach service from console and run in the background.
+.TP
+.B -t
+Be silenT. Do not log start/stop/accept error records.
+.TP
+.B -u
+Never look for username authentication.
+.TP
+.B -e
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+.TP
+.B -i
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It\'s usually unsafe.
+.TP
+.B -h
+Default destination. It's used if targed address is not specified by user.
+.TP
+.B -p
+Port. Port proxy listens for incoming connections. Default is 21.
+.TP
+.B -l
+Log. By default logging is to stdout. If
+.I logfile
+is specified logging is to file. Under Unix, if
+.RI \' @ \'
+preceeds
+.IR logfile ,
+syslog is used for logging.
+.SH CLIENTS
+You can use any FTP client, regardless of FTP proxy support. For client with
+FTP proxy support configure
+.I internal_ip
+and
+.IR port
+in FTP proxy parameters.
+For clients without FTP proxy support use
+.I internal_ip
+and
+.IR port
+as FTP server. Address of real FTP server must be configured as a part of
+FTP username. Format for username is
+.IR username \fB@ server ,
+where
+.I server
+is address of FTP server and
+.I username
+is user\'s login on this FTP server. Login itself may contain \'@\' sign.
+Only cleartext authentication is currently supported.
+.SH BUGS
+Report all bugs to
+.BR 3proxy@security.nnov.ru
+.SH SEE ALSO
+3proxy(8), proxy(8), pop3p(8), socks(8), tcppm(8), udppm(8), syslogd(8),
+.br
+http://3proxy.ru/
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

man/icqpr.8

@@ -0,0 +1,78 @@
+.TH icqpr "8" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B icqpr
+\- ICQ (AOL OSCAR) proxy
+.SH SYNOPSIS
+.BR "icqpr " [ -d ]
+.IB \fR[ -l \fR[ \fR[ @ \fR] logfile \fR]]
+.IB \fR[ -i internal_ip\fR]
+.IB \fR[ -e external_ip\fR]
+.I local_port remote_host remote_port
+.SH DESCRIPTION
+.B icqpr
+forwards ICQ connections from local to remote ICQ host. Most usual is
+.B icqpr 5190 login.icq.com 5190
+Also, icqpr adds UIN / AOL screen name as a username. It makes it possible
+to control user's access to ICQ/AOL by UIN/screen name (use
+.B auth useronly
+in 3proxy).
+.SH OPTIONS
+.TP
+.B -I
+Inetd mode. Standalone service only.
+.TP
+.B -d
+Daemonise. Detach service from console and run in the background.
+.TP
+.B -t
+Be silenT. Do not log start/stop/accept error records.
+.TP
+.B -e
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+.TP
+.B -i
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It\'s usually unsafe.
+.TP
+.B -l
+Log. By default logging is to stdout. If
+.I logfile
+is specified logging is to file. Under Unix, if
+.RI \' @ \'
+preceeds
+.IR logfile ,
+syslog is used for logging.
+.SH ARGUMENTS
+.TP
+.I local_port
+- port icqpr accepts connection
+.TP
+.I remote_host
+- IP address of the host connection is forwarded to
+.TP
+.I remote_port
+- remote port connection is forwarded to
+.SH CLIENTS
+You can use any ICQ/AOL client where server address configuration is supported
+or spoof login server name (e.g. login.icq.com) with IP address of proxy server
+via DNS record or hosts file. Transparent redirection is also possible. Use
+.I internal_ip
+and
+.I local_port
+as a destination in client application. Connection is forwarded to
+.IR remote_host : remote_port
+.SH BUGS
+Report all bugs to
+.BR 3proxy@security.nnov.ru
+.SH SEE ALSO
+3proxy(8), proxy(8), ftppr(8), socks(8), pop3p(8), udppm(8), syslogd(8),
+.br
+http://3proxy.ru/
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

man/pop3p.8

@@ -0,0 +1,81 @@
+.TH pop3p "8" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B pop3p
+\- POP3 proxy gateway service
+.SH SYNOPSIS
+.BR "pop3p " [ -d ]
+.IB \fR[ -l \fR[ \fR[ @ \fR] logfile \fR]]
+.IB \fR[ -p port\fR]
+.IB \fR[ -i internal_ip\fR]
+.IB \fR[ -e external_ip\fR]
+.IB \fR[ -h default_ip[:port]\fR]
+.SH DESCRIPTION
+.B pop3p
+is POP3 gateway service to allow internal users to access external POP3
+servers.
+.SH OPTIONS
+.TP
+.B -I
+Inetd mode. Standalone service only.
+.TP
+.B -d
+Daemonise. Detach service from console and run in the background.
+.TP
+.B -t
+Be silenT. Do not log start/stop/accept error records.
+.TP
+.B -u
+Never look for username authentication.
+.TP
+.B -e
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+.TP
+.B -i
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It\'s usually unsafe.
+.TP
+.B -p
+Port. Port proxy listens for incoming connections. Default is 110.
+.TP
+.B -h
+Default destination. It's used if targed address is not specified by user.
+.TP
+.B -l
+Log. By default logging is to stdout. If
+.I logfile
+is specified logging is to file. Under Unix, if
+.RI \' @ \'
+preceeds
+.IR logfile ,
+syslog is used for logging.
+.SH CLIENTS
+You can use any MUA (Mail User Agent) with POP3 support. Set client to use
+.I internal_ip
+and
+.IR port
+as a POP3 server. Address of real POP3 server must be configured as a part of
+POP3 username. Format for username is
+.IR username \fB@ server ,
+where
+.I server
+is address of POP3 server and
+.I username
+is user\'s login on this POP3 server. Login itself may contain \'@\' sign.
+Only cleartext authentication is supported, because challenge-response
+authentication (APOP, CRAM-MD5, etc) requires challenge from server before
+we know which server to connect.
+.SH BUGS
+Report all bugs to
+.BR 3proxy@security.nnov.ru
+.SH SEE ALSO
+3proxy(8), ftppr(8), proxy(8), socks(8), tcppm(8), udppm(8), syslogd(8),
+.br
+http://3proxy.ru/
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

man/proxy.8

@@ -0,0 +1,76 @@
+.TH proxy "8" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B proxy
+\- HTTP proxy gateway service
+.SH SYNOPSIS
+.BR "proxy " [ -d ][ -a ]
+.IB \fR[ -l \fR[ \fR[ @ \fR] logfile \fR]]
+.IB \fR[ -p port\fR]
+.IB \fR[ -i internal_ip\fR]
+.IB \fR[ -e external_ip\fR]
+.SH DESCRIPTION
+.B proxy
+is HTTP gateway service with HTTPS and FTP over HTTPS support.
+.SH OPTIONS
+.TP
+.B -I
+Inetd mode. Standalone service only.
+.TP
+.B -d
+Daemonise. Detach service from console and run in the background.
+.TP
+.B -t
+Be silenT. Do not log start/stop/accept error records.
+.TP
+.B -u
+Never ask for username authentication
+.TP
+.B -e
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+.TP
+.B -i
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It\'s usually unsafe.
+.TP
+.B -a
+Anonymous. Hide information about client.
+.TP
+.B -a1
+Anonymous. Show fake information about client.
+.TP
+.B -p
+Port. Port proxy listens for incoming connections. Default is 3128.
+.TP
+.B -l
+Log. By default logging is to stdout. If
+.I logfile
+is specified logging is to file. Under Unix, if
+.RI \' @ \'
+preceeds
+.IR logfile ,
+syslog is used for logging.
+.SH CLIENTS
+You should use client with HTTP proxy support or configure router to redirect
+HTTP traffic to proxy (transparent proxy). Configure client to connect to
+.I internal_ip
+and
+.IR port .
+HTTPS support allows to use almost any TCP based protocol. If you need to
+limit clients, use 
+.BR 3proxy (8)
+instead.
+.SH BUGS
+Report all bugs to
+.BR 3proxy@security.nnov.ru
+.SH SEE ALSO
+3proxy(8), ftppr(8), socks(8), pop3p(8), tcppm(8), udppm(8), syslogd(8),
+.br
+http://3proxy.ru/
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

man/smtpp.8

@@ -0,0 +1,82 @@
+.TH smtpp "8" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B smtpp
+\- SMTP proxy gateway service
+.SH SYNOPSIS
+.BR "smtpp " [ -d ]
+.IB \fR[ -l \fR[ \fR[ @ \fR] logfile \fR]]
+.IB \fR[ -p port\fR]
+.IB \fR[ -i internal_ip\fR]
+.IB \fR[ -e external_ip\fR]
+.IB \fR[ -h default_ip[:port]\fR]
+.SH DESCRIPTION
+.B smtpp
+is SMTP gateway service to allow internal users to access external SMTP
+servers.
+.SH OPTIONS
+.TP
+.B -I
+Inetd mode. Standalone service only.
+.TP
+.B -d
+Daemonise. Detach service from console and run in the background.
+.TP
+.B -t
+Be silenT. Do not log start/stop/accept error records.
+.TP
+.B -u
+Never look for username authentication.
+.TP
+.B -e
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+.TP
+.B -i
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It\'s usually unsafe.
+.TP
+.B -p
+Port. Port proxy listens for incoming connections. Default is 25.
+.TP
+.B -h
+Default destination. It's used if targed address is not specified by user.
+.TP
+.B -l
+Log. By default logging is to stdout. If
+.I logfile
+is specified logging is to file. Under Unix, if
+.RI \' @ \'
+preceeds
+.IR logfile ,
+syslog is used for logging.
+.SH CLIENTS
+You can use any MUA (Mail User Agent) with SMTP authentication support.
+Set client to use
+.I internal_ip
+and
+.IR port
+as a SMTP server. Address of real SMTP server must be configured as a part of
+SMTP username. Format for username is
+.IR username \fB@ server ,
+where
+.I server
+is address of SMTP server and
+.I username
+is user\'s login on this SMTP server. Login itself may contain \'@\' sign.
+Only cleartext authentication is supported, because challenge-response
+authentication (CRAM-MD5, SPA, etc) requires challenge from server before
+we know which server to connect.
+.SH BUGS
+Report all bugs to
+.BR 3proxy@security.nnov.ru
+.SH SEE ALSO
+3proxy(8), ftppr(8), proxy(8), socks(8), tcppm(8), udppm(8), syslogd(8),
+.br
+http://3proxy.ru/
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

man/socks.8

@@ -0,0 +1,77 @@
+.TH socks "8" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B socks
+\- SOCKS 4/4.5/5 gateway service
+.SH SYNOPSIS
+.BR "socks " [ -d ]
+.IB \fR[ -l \fR[ \fR[ @ \fR] logfile \fR]]
+.IB \fR[ -p port\fR]
+.IB \fR[ -i internal_ip\fR]
+.IB \fR[ -e external_ip\fR]
+.SH DESCRIPTION
+.B socks
+is SOCKS server. It supports SOCKSv4, SOCKSv4.5 (extension to v4 for
+server side name resolution) and SOCKSv5. SOCKSv5 specification allows both
+outgoing and reverse TCP connections and UDP portmapping.
+.SH OPTIONS
+.TP
+.B -I
+Inetd mode. Standalone service only.
+.TP
+.B -d
+Daemonise. Detach service from console and run in the background.
+.TP
+.B -t
+Be silenT. Do not log start/stop/accept error records.
+.TP
+.B -u
+Never ask for username authentication
+.TP
+.B -e
+External address. IP address of interface proxy should initiate connections
+from. External IP must be specified if you need incoming connections.
+By default system will deside which address to use in accordance
+with routing table.
+.TP
+.B -i
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It\'s usually unsafe.
+.TP
+.B -p
+Port. Port proxy listens for incoming connections. Default is 1080.
+.TP
+.B -l
+Log. By default logging is to stdout. If
+.I logfile
+is specified logging is to file. Under Unix, if
+.RI \' @ \'
+preceeds
+.IR logfile ,
+syslog is used for logging.
+.SH CLIENTS
+You should use client with SOCKS support or use some socksification support
+(for example
+.I SocksCAP
+or
+.IR FreeCAP ).
+Configure client to use
+.I internal_ip
+and
+.IR port .
+SOCKS allows to use almost any application protocol without limitation. This
+implementation also allows to open priviledged port on server (if socks has
+sufficient privileges). If you need to control access use
+.BR 3proxy (8)
+instead.
+.SH BUGS
+Report all bugs to
+.BR 3proxy@security.nnov.ru
+.SH SEE ALSO
+3proxy(8), proxy(8), ftppr(8), pop3p(8), tcppm(8), udppm(8), syslogd(8),
+.br
+http://3proxy.ru/
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

man/tcppm.8

@@ -0,0 +1,71 @@
+.TH tcppm "8" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B tcppm
+\- TCP port mapper
+.SH SYNOPSIS
+.BR "tcppm " [ -d ]
+.IB \fR[ -l \fR[ \fR[ @ \fR] logfile \fR]]
+.IB \fR[ -i internal_ip\fR]
+.IB \fR[ -e external_ip\fR]
+.I local_port remote_host remote_port
+.SH DESCRIPTION
+.B tcppm
+forwards connections from local to remote TCP port
+.SH OPTIONS
+.TP
+.B -I
+Inetd mode. Standalone service only.
+.TP
+.B -d
+Daemonise. Detach service from console and run in the background.
+.TP
+.B -t
+Be silenT. Do not log start/stop/accept error records.
+.TP
+.B -e
+External address. IP address of interface proxy should initiate connections
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+.TP
+.B -i
+Internal address. IP address proxy accepts connections to.
+By default connection to any interface is accepted. It\'s usually unsafe.
+.TP
+.B -l
+Log. By default logging is to stdout. If
+.I logfile
+is specified logging is to file. Under Unix, if
+.RI \' @ \'
+preceeds
+.IR logfile ,
+syslog is used for logging.
+.SH ARGUMENTS
+.TP
+.I local_port
+- port tcppm accepts connection
+.TP
+.I remote_host
+- IP address of the host connection is forwarded to
+.TP
+.I remote_port
+- remote port connection is forwarded to
+.SH CLIENTS
+Any TCP based application can be used as a client. Use
+.I internal_ip
+and
+.I local_port
+as a destination in client application. Connection is forwarded to
+.IR remote_host : remote_port
+.SH BUGS
+Report all bugs to
+.BR 3proxy@security.nnov.ru
+.SH SEE ALSO
+3proxy(8), proxy(8), ftppr(8), socks(8), pop3p(8), udppm(8), syslogd(8),
+.br
+http://3proxy.ru/
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

man/udppm.8

@@ -0,0 +1,77 @@
+.TH udppm "8" "July 2009" "3proxy 0.7" "Universal proxy server"
+.SH NAME
+.B udppm
+\- UDP port mapper
+.SH SYNOPSIS
+.BR "pop3p " [ -ds ]
+.IB \fR[ -l \fR[ \fR[ @ \fR] logfile \fR]]
+.IB \fR[ -i internal_ip\fR]
+.IB \fR[ -e external_ip\fR]
+.I local_port remote_host remote_port
+.SH DESCRIPTION
+.B udppm
+forwards datagrams from local to remote UDP port
+.SH OPTIONS
+.TP
+.B -I
+Inetd mode. Standalone service only.
+.TP
+.B -d
+Daemonise. Detach service from console and run in the background.
+.TP
+.B -t
+Be silenT. Do not log start/stop/accept error records.
+.TP
+.B -e
+External address. IP address of interface proxy should initiate datagrams
+from. 
+By default system will deside which address to use in accordance
+with routing table.
+.TP
+.B -i
+Internal address. IP address proxy accepts datagrams to.
+By default connection to any interface is accepted. It\'s usually unsafe.
+.TP
+.B -l
+Log. By default logging is to stdout. If
+.I logfile
+is specified logging is to file. Under Unix, if
+.RI \' @ \'
+preceeds
+.IR logfile ,
+syslog is used for logging.
+.TP
+.B -s
+Single packet. By default only one client can use udppm service, but
+if -s is specified only one packet will be forwarded between client and server.
+It allows to share service between multiple clients for single packet services
+(for example name lookups).
+.SH ARGUMENTS
+.TP
+.I local_port
+- port udppm accepts datagrams
+.TP
+.I remote_host
+- IP address of the host datagrams are forwarded to
+.TP
+.I remote_port
+- remote port datagrams are forwarded to
+.SH CLIENTS
+Any UDP based application can be used as a client. Use
+.I internal_ip
+and
+.I local_port
+as a destination in client application. All datagrams are forwarded to
+.IR remote_host : remote_port
+.SH BUGS
+Report all bugs to
+.BR 3proxy@security.nnov.ru
+.SH SEE ALSO
+3proxy(8), proxy(8), ftppr(8), socks(8), pop3p(8), udppm(8), syslogd(8),
+.br
+http://3proxy.ru/
+.SH AUTHORS
+3proxy is designed by 3APA3A
+.RI ( 3APA3A@security.nnov.ru ),
+Vladimir Dubrovin
+.RI ( vlad@sandy.ru )

news

@@ -0,0 +1,143 @@
+Fixes in 0.5.3g
+! Previous fixes were not backported completely from 0.6
+! Fixed ident string should not be freed for openlog() to prevent garbage in
+  syslog().
+
+Fixes in 0.5.3f
+! Fixed SOCKSv4 for parent proxy
+
+Fixes in 0.5.3e
+! Fixed POST request problem with NTLM authentication
+
+Fixes in 0.5.3d
+! Fixed endless loop on 'udppm -s'
+
+Fixes in 0.5.3c
+! Fixed aborted download on some requests
+
+Fixes in 0.5.3b
+! Fixed double 3xx reply on USER command in ftppr.
+
+Fixes in 0.5.3a
+! 64-bit pointer arythnmetics problem fix applied to ntlm.c
+  (requested by Mike Frysinger)
+
+0.5.3 is bugfix release for 0.5.2:
+Fixes backported from 0.6 as 0.5.3:
+!! Fixed: NTLM authentication doesn't work for NT-encoded passwords and may
+  cause account blocking (reported by boris16 at tut.by)
+! Fixed: offer NTLM authentication before basic
+! Fixed: buffered input may double some data on empty reads
++ FTP diagnostics improved for FTP login problems
+! SOCKS BIND/UDPASSOC problems fixed (based on Artem Rebrov's patch)
+! Fixed: endless loop on configuration parsing if ACL weekdays are given as
+  a comma delimited list (reported by Andrey S. Alexeenko).
+
+
+
+ Known bugs:
+
+  Non-reproduced problem reported with poll() implemenration for some 2.4
+  Linux kernel, may be hardware dependant. As a result 3proxy goes to a loop
+  with 100% CPU utilization soon after start. Compile 3proxy without
+  -DWITH_POLL in Makefile(s) if you observe this behaviour.
+
+  report to 3proxy@security.nnov.ru
+
+
+
+14/10/2006 3[APA3A]tiny proxy 0.5.2
+New features since 0.4 are marked with !.
+
+ Features:
+  1. General
+	+ HTTP/1.1 Proxy with keep-alive client and server support,
+          transparent proxy support.
+	! Anonymous and random client emulation HTTP proxy mode
+	+ FTP over HTTP support.
+	+ DNS caching with built-in resolver
+	+ HTTPS (CONNECT) proxy
+	+ SOCKSv4/4.5 Proxy
+	+ SOCKSv5 Proxy
+	! UDP and bind support for SOCKSv5 (fully compatible with
+	  SocksCAP/FreeCAP for UDP)
+	+ Transparent SOCKS->HTTP redirection
+	! Transparent SOCKS->FTP redirection
+	! Transparent SOCKS->POP3 redirection
+	+ POP3 Proxy
+	! FTP proxy
+	! DNS proxy
+	+ TCP port mapper
+	+ UDP port mapper
+	+ Threaded application (no child process).
+	! Web administration and statistics
+  2. Proxy chaining
+	+ Parent proxy support for any type of incoming connection
+	+ Username/password authentication for parent proxy(s).
+	+ HTTPS/SOCKS4/SOCKS5 and redirection parent support
+	+ Random parent selection
+	+ Chain building (multihop proxing)
+  3. Logging
+	+ turnable log format compatible with any log parser
+	+ stdout logging
+	+ file logging
+	+ syslog logging (Unix)
+	+ ODBC logging (Windows and Unix)
+	+ log file rotation (hourly, daily, weekly, monthly)
+	+ automatic log file comperssion with external archiver (for files)
+	+ automatic removal of older log files
+	! Character filtering for log files
+	! different log files for different servces are supported
+  4. Access control
+	+ ACL-driven (user/source/destination/protocol/weekday/daytime or
+	combined) bandwith limitation for incoming and (!)outgoing trafic.
+	+ ACL-driven (user/source/destination/protocol/weekday/daytime or
+	combined) traffic limitation per day, week or month
+	+ User authorization by NetBIOS messanger name
+	+ Access control by username, source IP, destination IP, destination
+	port and destination action (POST, PUT, GET, etc), weekday and daytime.
+	+ Access control by username/password for SOCKSv5 and HTTP/HTTPS/FTP
+	+ Cleartext or encrypted (crypt/MD5 or NT) passwords.
+	+ Connection redirection
+	+ Access control by requested action (CONNECT/BIND, 
+	  HTTP GET/POST/PUT/HEAD/OTHER).
+	! NTLM authentication for HTTP proxy access
+	! All access controle entries now support weekday and daytime
+	limitations.
+  5. Configuration
+	+ support for configuration files
+	+ support for includes in configuration files
+	+ interface binding
+	+ running as daemon process
+	+ utility for automated networks list building
+	! configuration reload on any file change
+     Unix
+	+ support for chroot
+	+ support for setgid
+	+ support for setuid
+	! support for signals
+     Windows NT/2K/XP/2K3
+	+ support --install as service
+	+ support --remove as service
+	+ support for service START, STOP, PAUSE and CONTINUE commands (on
+	PAUSE no new connection accepted, but active connections still in
+	progress, on CONTINUE configuration is reloaded)
+     Windows 95/98/ME
+	! support --install as service
+	! support --remove as service
+  6. Compilation
+	+ MSVC (msvcrt.dll)
+	+ Intel Windows Compiler (msvcrt.dll)
+	+ Windows/gcc (msvcrt.dll)
+	+ Cygwin/gcc (cygwin.dll)
+	+ Unix/gcc
+	+ Unix/ccc
+	! Solaris
+
+
+ Planned for future (0.6) release:
+   - External modules API
+   - Addon URL, antiviral, HTTP cache filters modules, authentication
+     modules for different protocols (RADIUS, PAM, integrated system, etc).
+
+$Id: news,v 1.2 2007/03/01 16:19:43 vlad Exp $

scripts/3proxy.cfg

@@ -0,0 +1,32 @@
+#!/usr/local/etc/3proxy/bin/3proxy
+daemon
+pidfile /usr/local/etc/3proxy/3proxy.pid
+nscache 65536
+nserver 127.0.0.1
+
+config /usr/local/etc/3proxy/3proxy.cfg
+monitor /usr/local/etc/3proxy/3proxy.cfg
+monitor /usr/local/etc/3proxy/counters
+monitor /usr/local/etc/3proxy/passwd
+monitor /usr/local/etc/3proxy/bandlimiters
+
+log /usr/local/etc/3proxy/log/log D
+rotate 60
+counter /usr/local/etc/3proxy/3proxy.3cf
+
+users $/usr/local/etc/3proxy/passwd
+
+include /usr/local/etc/3proxy/counters
+include /usr/local/etc/3proxy/bandlimiters
+
+auth strong
+deny * * 127.0.0.1
+allow *
+proxy -n
+socks
+flush
+allow admin
+
+admin -p8080
+
+

scripts/add3proxyuser.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+if [ $4 ]; then  
+	echo $1:`/usr/local/etc/3proxy/bin/mycrypt $$ $2` >> /usr/local/etc/3proxy/passwd
+	echo countin \"`wc -l /usr/local/etc/3proxy/counters|awk '{print $1}'`/$1\" D $3 $1 >> /usr/local/etc/3proxy/counters
+	echo bandlimin $4 $1 >> /usr/local/etc/3proxy/bandlimiters
+else
+	echo usage: $0 username password day_limit bandwidth
+	echo "	"day_limit - traffic limit in MB per day
+	echo "	"bandwidth - bandwith in bits per second 1048576 = 1Mbps
+fi

scripts/install-unix.sh

@@ -0,0 +1,21 @@
+#!/bin/sh
+cd ..
+cp Makefile.unix Makefile
+make
+if [ ! -d /usr/local/etc/3proxy/bin ]; then mkdir -p /usr/local/etc/3proxy/bin/; fi
+install src/3proxy /usr/local/etc/3proxy/bin/3proxy
+install src/mycrypt /usr/local/etc/3proxy/bin/mycrypt
+install scripts/rc.d/proxy.sh /usr/local/etc/rc.d/proxy.sh
+install scripts/add3proxyuser.sh /usr/local/etc/3proxy/bin/
+if [ -s /usr/local/etc/3proxy/3proxy.cfg ]; then
+ echo /usr/local/etc/3proxy/3proxy.cfg already exists
+else
+ install scripts/3proxy.cfg /usr/local/etc/3proxy/
+ if [ ! -d /var/log/3proxy/ ]; then
+  mkdir /var/log/3proxy/
+ fi
+ touch /usr/local/etc/3proxy/passwd
+ touch /usr/local/etc/3proxy/counters
+ touch /usr/local/etc/3proxy/bandlimiters
+ echo Run /usr/local/etc/3proxy/bin/add3proxyuser.sh to add \'admin\' user
+fi

scripts/rc.d/proxy.sh

@@ -0,0 +1,48 @@
+#!/bin/sh
+#
+# chkconfig: 2345 20 80
+# description: 3proxy tiny proxy server
+#              
+#
+# 
+#
+
+case "$1" in
+   start)    
+       echo Starting 3Proxy
+   
+       /usr/local/etc/3proxy/bin/3proxy /usr/local/etc/3proxy/3proxy.cfg
+   
+       RETVAL=$?
+       echo
+       [ $RETVAL ]    
+       ;;
+
+   stop)
+       echo Stopping 3Proxy
+       if [ /usr/local/etc/3proxy/3proxy.pid ]; then
+	       /bin/kill `cat /usr/local/etc/3proxy/3proxy.pid`
+       else
+               /usr/bin/killall 3proxy
+       fi
+   
+       RETVAL=$?
+       echo
+       [ $RETVAL ]
+       ;;
+
+   restart|reload)
+       echo Reloading 3Proxy
+       if [ /usr/local/etc/3proxy/3proxy.pid ]; then
+	       /bin/kill -s USR1 `cat /usr/local/etc/3proxy/3proxy.pid`
+       else
+               /usr/bin/killall -s USR1 3proxy
+       fi
+       ;;
+
+
+   *)
+       echo Usage: $0 "{start|stop|restart}"
+       exit 1
+esac
+exit 0 

src/3proxy.c

@@ -0,0 +1,2027 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: 3proxy.c,v 1.132 2011-08-15 19:52:26 vlad Exp $
+*/
+
+#include "proxy.h"
+#ifndef _WIN32
+#ifndef NOPLUGINS
+#include <dlfcn.h>
+#endif
+#endif
+
+#ifndef DEFAULTCONFIG
+#define DEFAULTCONFIG conf.stringtable[25]
+#endif
+
+typedef int (*MAINFUNC)(int, char**);
+
+pthread_mutex_t bandlim_mutex;
+pthread_mutex_t tc_mutex;
+pthread_mutex_t pwl_mutex;
+pthread_mutex_t hash_mutex;
+
+#ifndef NOODBC
+pthread_mutex_t odbc_mutex;
+#endif
+
+int readconfig(FILE * fp);
+
+
+int haveerror = 0;
+int linenum = 0;
+
+time_t basetime = 0;
+
+void doschedule(void);
+
+struct counter_header {
+	unsigned char sig[4];
+	time_t updated;
+} cheader = {"3CF", (time_t)0};
+
+struct counter_record {
+	unsigned long traf;
+	unsigned long trafgb;
+	time_t cleared;
+	time_t updated;
+} crecord;
+
+
+int mainfunc (int argc, char** argv);
+
+struct proxydef childdef = {NULL, 0, 0, S_NOSERVICE, ""};
+
+#define STRINGBUF 65535
+#define NPARAMS	  4096
+
+unsigned char tmpbuf[1024];
+FILE *writable;
+
+extern unsigned char *strings[];
+
+#ifndef _WIN32
+char *chrootp = NULL;
+#endif
+char * curconf = NULL;
+
+FILE * confopen(){
+	curconf = conf.conffile;
+#ifndef _WIN32
+	if(chrootp){
+		if(strstr(curconf, chrootp) == curconf)
+			curconf += strlen(chrootp);
+	}
+#endif
+	if(writable) {
+		rewind(writable);
+		return writable;
+	}
+	return fopen(curconf, "r");
+}
+
+
+void clearall(){
+ freeconf(&conf);
+}
+
+#ifdef _WIN32
+OSVERSIONINFO osv;
+int service = 0;
+
+void cyclestep(void);
+#ifndef _WINCE
+SERVICE_STATUS_HANDLE hSrv;
+DWORD dwCurrState;
+int SetStatus( DWORD dwState, DWORD dwExitCode, DWORD dwProgress )
+{
+    SERVICE_STATUS srvStatus;
+    srvStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
+    srvStatus.dwCurrentState = dwCurrState = dwState;
+    srvStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP | SERVICE_ACCEPT_PAUSE_CONTINUE | SERVICE_ACCEPT_SHUTDOWN;
+    srvStatus.dwWin32ExitCode = dwExitCode;
+    srvStatus.dwServiceSpecificExitCode = 0;
+    srvStatus.dwCheckPoint = dwProgress;
+    srvStatus.dwWaitHint = 3000;
+    return SetServiceStatus( hSrv, &srvStatus );
+}
+
+void __stdcall CommandHandler( DWORD dwCommand )
+{
+    FILE *fp;
+    int error;
+    switch( dwCommand )
+    {
+    case SERVICE_CONTROL_STOP:
+    case SERVICE_CONTROL_SHUTDOWN:
+        SetStatus( SERVICE_STOP_PENDING, 0, 1 );
+	conf.paused++;
+	conf.timetoexit = 1;
+	Sleep(2000);
+        SetStatus( SERVICE_STOPPED, 0, 0 );
+#ifndef NOODBC
+	pthread_mutex_lock(&odbc_mutex);
+	close_sql();
+	pthread_mutex_unlock(&odbc_mutex);
+#endif
+        break;
+    case SERVICE_CONTROL_PAUSE:
+        SetStatus( SERVICE_PAUSE_PENDING, 0, 1 );
+	conf.paused++;
+        SetStatus( SERVICE_PAUSED, 0, 0 );
+        break;
+    case SERVICE_CONTROL_CONTINUE:
+        SetStatus( SERVICE_CONTINUE_PENDING, 0, 1 );
+	clearall();
+	fp = confopen();
+	if(fp){
+		error = readconfig(fp);
+		if(error) {
+			clearall();
+		}
+		if(!writable)fclose(fp);
+	}
+        SetStatus( SERVICE_RUNNING, 0, 0 );
+        break;
+    default: ;
+    }
+}
+
+
+void __stdcall ServiceMain(int argc, unsigned char* argv[] )
+{
+
+    hSrv = RegisterServiceCtrlHandler(conf.stringtable[1], (LPHANDLER_FUNCTION)CommandHandler);
+    if( hSrv == 0 ) return;
+
+    SetStatus( SERVICE_START_PENDING, 0, 1 );
+    SetStatus( SERVICE_RUNNING, 0, 0 );
+    cyclestep();
+}
+#endif
+
+#else
+
+
+void mysigusr1 (int sig){
+	conf.needreload = 1;
+}
+
+int even = 0;
+
+void mysigpause (int sig){
+
+	conf.paused++;
+	even = !even;
+	if(!even){
+		conf.needreload = 1;
+	}
+}
+
+void mysigterm (int sig){
+	conf.paused++;
+	usleep(999*SLEEPTIME);
+	usleep(999*SLEEPTIME);
+#ifndef NOODBC
+	pthread_mutex_lock(&odbc_mutex);
+	close_sql();
+	pthread_mutex_unlock(&odbc_mutex);
+#endif
+	conf.timetoexit = 1;
+}
+
+#endif
+
+void dumpmem(void);
+
+
+int reload (void){
+	FILE *fp;
+	int error = -2;
+
+	conf.paused++;
+	clearall();
+	conf.paused++;
+
+	fp = confopen();
+	if(fp){
+		error = readconfig(fp);
+		if(error) {
+			clearall();
+		}
+		if(!writable)fclose(fp);
+	}
+	return error;
+}
+
+struct schedule *schedule;
+
+#ifdef _WIN32
+DWORD WINAPI startsrv(LPVOID data) {
+#else
+void * startsrv(void * data) {
+#endif
+  struct child *d = (struct child *)data;
+  mainfunc(d->argc, (char **)d->argv);
+  return 0;
+}
+
+int included =0;
+
+int getrotate(char c){
+	switch(c){
+	case 'c':
+	case 'C':
+		return MINUTELY;
+	case 'h':
+	case 'H':
+		return HOURLY;
+	case 'd':
+	case 'D':
+		return DAILY;
+	case 'w':
+	case 'W':
+		return WEEKLY;
+	case 'y':
+	case 'Y':
+		return ANNUALLY;
+	case 'm':
+	case 'M':
+		return MONTHLY;
+	default:
+		return NEVER;
+	}
+}
+
+int parsestr (unsigned char *str, unsigned char **argm, int nitems, unsigned char ** buff, int *inbuf, int *bufsize){
+#define buf (*buff)
+	int argc = 0;
+	int space = 1;
+	int comment = 0;
+	unsigned char * incbegin = 0;
+	int fd;
+	int res, len;
+	int i = 1;
+	unsigned char *str1;
+
+	for(;;str++){
+	 if(*str == '\"'){
+		str1 = str;
+		do {
+			*str1 = *(str1 + 1);
+		}while(*(str1++));
+		if(!comment || *str != '\"'){
+			comment = !comment;
+		}
+	 }
+         switch(*str){
+		case '\0': 
+			if(comment) return -1;
+			argm[argc] = 0;
+			return argc;
+		case '$':
+			if(!comment && !included){
+				incbegin = str;
+				*str = 0;
+			}
+			break;
+		case '\r':
+		case '\n':
+		case '\t':
+		case ' ':
+			if(!comment){
+				*str = 0;
+				space = 1;
+				i = 0;
+				if(incbegin){
+					argc--;
+					if((fd = open((char *)incbegin+1, O_RDONLY)) <= 0){
+						fprintf(stderr, "Failed to open %s\n", incbegin+1);
+						break;
+					}
+					if((*bufsize - *inbuf) <STRINGBUF){
+						*bufsize += STRINGBUF;
+						if(!(buf = myrealloc(buf, *bufsize))){
+							fprintf(stderr, "Failed to allocate memory for %s\n", incbegin+1);
+							close(fd);
+							break;
+						}
+					}
+					len = 0;
+					if(argm[argc]!=(incbegin+1)) {
+						len = (int)strlen((char *)argm[argc]);
+						memcpy(buf+*inbuf, argm[argc], len);
+					}
+					if((res = read(fd, buf+*inbuf+len, STRINGBUF-(1+len))) <= 0) {
+						perror((char *)incbegin+1);
+						close(fd);
+						break;
+					}
+					close(fd);
+					buf[*inbuf+res+len] = 0;
+					incbegin = buf + *inbuf;
+					(*inbuf) += (res + len + 1);
+					included++;
+					argc+=parsestr(incbegin, argm + argc, nitems - argc, buff, inbuf, bufsize);
+					included--;
+					incbegin = NULL;
+
+				}
+				break;
+			}
+		default:
+			i++;
+			if(space) {
+				if(comment && *str == '\"' && str[1] != '\"'){
+					str++;
+					comment = 0;
+				}
+				argm[argc++] = str;
+				if(argc >= nitems) return argc;
+				space = 0;
+			}
+	 }
+	}
+#undef buf
+}
+
+
+unsigned char * dologname (unsigned char *buf, unsigned char *name, const unsigned char *ext, ROTATION lt, time_t t) {
+	struct tm *ts;
+
+	ts = localtime(&t);
+	if(strchr((char *)name, '%')){
+		struct clientparam fakecli;
+
+		memset(&fakecli, 0, sizeof(fakecli));
+		dobuf2(&fakecli, buf, NULL, NULL, ts, (char *)name);
+		return buf;
+	}
+	switch(lt){
+		case NONE:
+			sprintf((char *)buf, "%s", name);
+			break;
+		case ANNUALLY:
+			sprintf((char *)buf, "%s.%04d", name, ts->tm_year+1900);
+			break;
+		case MONTHLY:
+			sprintf((char *)buf, "%s.%04d.%02d", name, ts->tm_year+1900, ts->tm_mon+1);
+			break;
+		case WEEKLY:
+			t = t - (ts->tm_wday * (60*60*24));
+			ts = localtime(&t);
+			sprintf((char *)buf, "%s.%04d.%02d.%02d", name, ts->tm_year+1900, ts->tm_mon+1, ts->tm_mday);
+			break;
+		case DAILY:
+			sprintf((char *)buf, "%s.%04d.%02d.%02d", name, ts->tm_year+1900, ts->tm_mon+1, ts->tm_mday);
+			break;
+		case HOURLY:
+			sprintf((char *)buf, "%s.%04d.%02d.%02d-%02d", name, ts->tm_year+1900, ts->tm_mon+1, ts->tm_mday, ts->tm_hour);
+			break;
+		case MINUTELY:
+			sprintf((char *)buf, "%s.%04d.%02d.%02d-%02d.%02d", name, ts->tm_year+1900, ts->tm_mon+1, ts->tm_mday, ts->tm_hour, ts->tm_min);
+			break;
+		default:
+			break;
+	}
+	if(ext){
+		strcat((char *)buf, ".");
+		strcat((char *)buf, (char *)ext);
+	}
+	return buf;
+}
+
+int wday = 0;
+
+int timechanged (time_t oldtime, time_t newtime, ROTATION lt){
+	struct tm tmold;
+	struct tm *tm;
+	tm = localtime(&oldtime);
+	memcpy(&tmold, tm, sizeof(tmold));
+	tm = localtime(&newtime);
+	switch(lt){
+		case MINUTELY:
+			if(tm->tm_min != tmold.tm_min)return 1;
+			break;
+		case HOURLY:
+			if(tm->tm_hour != tmold.tm_hour)return 1;
+			break;
+		case DAILY:
+			if(tm->tm_yday != tmold.tm_yday)return 1;
+			break;
+		case MONTHLY:
+			if(tm->tm_mon != tmold.tm_mon)return 1;
+			break;
+		case ANNUALLY:
+			if(tm->tm_year != tmold.tm_year)return 1;
+			break;
+		case WEEKLY:
+			if(((newtime - oldtime) > (60*60*24*7))
+				|| tm->tm_wday < tmold.tm_wday
+				|| (tm->tm_wday == tmold.tm_wday && (newtime - oldtime) > (60*60*24*6))
+				)return 1;
+			break;
+		default:
+			break;	
+	}
+	return 0;
+}
+
+void doschedule(void){
+	struct schedule *sched, *prevsched = NULL, *nextsched;
+	int res;
+
+	conf.time = time(0);
+	for(sched=schedule; sched; sched=sched->next){
+		if(conf.needreload || conf.timetoexit || (conf.time > sched->start_time && timechanged(sched->start_time, conf.time, sched->type))){
+			sched->start_time = conf.time;
+			nextsched = sched->next;
+			res = (*sched->function)(sched->data);
+			switch(res){
+			case 1:
+				if(prevsched) prevsched->next = nextsched;
+				else schedule = nextsched;
+				break;
+			}
+		}
+		prevsched = sched;
+	}
+}
+
+void dumpcounters(struct trafcount *tlin, int counterd){
+
+ struct trafcount *tl;
+ if(counterd >= 0 && tlin) {
+
+	conf.time = time(0);
+	if(cheader.updated && conf.countertype && timechanged(cheader.updated, conf.time, conf.countertype)){
+		FILE * cfp;
+				
+		cfp = fopen((char *)dologname(tmpbuf, (unsigned char *)conf.counterfile, NULL, conf.countertype, cheader.updated), "w");
+		if(cfp){
+			for(tl = tlin; cfp && tl; tl = tl->next){
+				if(tl->type >= conf.countertype)
+					fprintf(cfp, "%05d %010lu %010lu%s%s\n", tl->number, tl->trafgb, tl->traf, tl->comment?" #" : "", tl->comment? tl->comment : "");
+			}
+			fclose(cfp);
+		}
+	}
+
+
+	cheader.updated = conf.time;
+	lseek(counterd, 0, SEEK_SET);
+	write(counterd, &cheader, sizeof(struct counter_header));			
+	for(tl=tlin; tl; tl = tl->next){
+		if(tl->number){
+			lseek(counterd, 
+				sizeof(struct counter_header) + (tl->number - 1) * sizeof(struct counter_record),
+				SEEK_SET);
+			crecord.traf = tl->traf;
+			crecord.trafgb = tl->trafgb;
+			crecord.cleared = tl->cleared;
+			crecord.updated = tl->updated;
+			write(counterd, &crecord, sizeof(struct counter_record));
+		}
+		if(tl->type!=NEVER && timechanged(tl->cleared, conf.time, tl->type)){
+			tl->cleared = conf.time;
+			tl->traf = 0;
+			tl->trafgb = 0;
+		}
+	}
+ }
+}
+
+void cyclestep(void){
+ struct tm *tm;
+ time_t minutecounter;
+
+ minutecounter = time(0);
+ for(;;){
+	usleep(SLEEPTIME*999);
+	
+	conf.time = time(0);
+	if(conf.needreload) {
+		doschedule();
+		reload();
+		conf.needreload = 0;
+	}
+	doschedule();
+	if(conf.stdlog)fflush(conf.stdlog);
+	if(timechanged(minutecounter, conf.time, MINUTELY)) {
+		struct filemon *fm;
+		struct stat sb;
+
+		for(fm=conf.fmon; fm; fm=fm->next){
+			if(!stat(fm->path, &sb)){
+				if(fm->sb.st_mtime != sb.st_mtime || fm->sb.st_size != sb.st_size){
+					stat(fm->path, &fm->sb);
+					conf.needreload = 1;
+				}
+			}
+		}
+		
+	}
+	if(timechanged(basetime, conf.time, DAILY)) {
+		tm = localtime(&conf.time);
+		wday = (1 << tm->tm_wday);
+		tm->tm_hour = tm->tm_min = tm->tm_sec = 0;
+		basetime = mktime(tm);
+	}
+	if(conf.logname) {
+		if(timechanged(conf.logtime, conf.time, conf.logtype)) {
+			FILE *fp, *fp1;
+			fp = fopen((char *)dologname (tmpbuf, conf.logname, NULL, conf.logtype, conf.time), "a");
+			if (fp) {
+				fp1 = conf.stdlog;
+				conf.stdlog = fp;
+				if(fp1) fclose(fp1);
+			}
+			fseek(stdout, 0L, SEEK_END);
+			usleep(SLEEPTIME);
+			conf.logtime = conf.time;
+			if(conf.logtype != NONE && conf.rotate) {
+				int t;
+				t = 1;
+				switch(conf.logtype){
+					case ANNUALLY:
+						t = t * 12;
+					case MONTHLY:
+						t = t * 4;
+					case WEEKLY:
+						t = t * 7;
+					case DAILY:
+						t = t * 24;
+					case HOURLY:
+						t = t * 60;
+					case MINUTELY:
+						t = t * 60;
+					default:
+						break;
+				}
+				dologname (tmpbuf, conf.logname, (conf.archiver)?conf.archiver[1]:NULL, conf.logtype, (conf.logtime - t * conf.rotate));
+				remove ((char *) tmpbuf);
+				if(conf.archiver) {
+					int i;
+					*tmpbuf = 0;
+					for(i = 2; i < conf.archiverc && strlen((char *)tmpbuf) < 512; i++){
+						strcat((char *)tmpbuf, " ");
+						if(!strcmp((char *)conf.archiver[i], "%A")){
+							strcat((char *)tmpbuf, "\"");
+							dologname (tmpbuf + strlen((char *)tmpbuf), conf.logname, conf.archiver[1], conf.logtype, (conf.logtime - t));
+							strcat((char *)tmpbuf, "\"");
+						}
+						else if(!strcmp((char *)conf.archiver[i], "%F")){
+							strcat((char *)tmpbuf, "\"");
+							dologname (tmpbuf+strlen((char *)tmpbuf), conf.logname, NULL, conf.logtype, (conf.logtime-t));
+							strcat((char *)tmpbuf, "\"");
+						}
+						else
+							strcat((char *)tmpbuf, (char *)conf.archiver[i]);
+					}
+					system((char *)tmpbuf+1);
+				}
+			}
+		}
+	}
+	if(conf.counterd >= 0 && conf.trafcounter) {
+		if(timechanged(cheader.updated, conf.time, MINUTELY)){
+			dumpcounters(conf.trafcounter, conf.counterd);
+		}
+	}
+	if(conf.timetoexit){
+		conf.paused++;
+		doschedule();
+		usleep(SLEEPTIME*999);
+		usleep(SLEEPTIME*999);
+		usleep(SLEEPTIME*999);
+		return;
+	}
+		
+ }
+}
+
+
+#define RETURN(x) {res = x; goto CLEARRETURN;}
+
+
+int start_proxy_thread(struct child * chp){
+  pthread_t thread;
+#ifdef _WIN32
+  HANDLE h;
+#endif
+
+	conf.threadinit = 1;
+#ifdef _WIN32
+#ifndef _WINCE
+	h = (HANDLE)_beginthreadex((LPSECURITY_ATTRIBUTES )NULL, 16384, startsrv, (void *) chp, (DWORD)0, &thread);
+#else
+	h = (HANDLE)CreateThread((LPSECURITY_ATTRIBUTES )NULL, 16384, startsrv, (void *) chp, (DWORD)0, &thread);
+#endif
+	if(h)CloseHandle(h);
+#else
+	pthread_attr_init(&pa);
+	pthread_attr_setstacksize(&pa,PTHREAD_STACK_MIN + 16384);
+	pthread_attr_setdetachstate(&pa,PTHREAD_CREATE_DETACHED);
+	pthread_create(&thread, &pa, startsrv, (void *)chp);
+#endif
+	while(conf.threadinit)usleep(SLEEPTIME);
+	if(haveerror)  {
+		fprintf(stderr, "Service not started on line: %d\n", linenum);
+		return(40);
+	}
+	return 0;
+}
+
+static int h_proxy(int argc, unsigned char ** argv){
+  struct child ch;
+
+	ch.argc = argc;
+	ch.argv = argv;
+	if(!strcmp((char *)argv[0], "proxy")) {
+		childdef.pf = proxychild;
+		childdef.port = 3128;
+		childdef.isudp = 0;
+		childdef.service = S_PROXY;
+		childdef.helpmessage = " -n - no NTLM support\n";
+	}
+	else if(!strcmp((char *)argv[0], "pop3p")) {
+		childdef.pf = pop3pchild;
+		childdef.port = 110;
+		childdef.isudp = 0;
+		childdef.service = S_POP3P;
+		childdef.helpmessage = " -hdefault_host[:port] - use this host and port as default if no host specified\n";
+	}
+	else if(!strcmp((char *)argv[0], "smtpp")) {
+		childdef.pf = smtppchild;
+		childdef.port = 25;
+		childdef.isudp = 0;
+		childdef.service = S_SMTPP;
+		childdef.helpmessage = " -hdefault_host[:port] - use this host and port as default if no host specified\n";
+	}
+	else if(!strcmp((char *)argv[0], "ftppr")) {
+		childdef.pf = ftpprchild;
+		childdef.port = 21;
+		childdef.isudp = 0;
+		childdef.service = S_FTPPR;
+		childdef.helpmessage = " -hdefault_host[:port] - use this host and port as default if no host specified\n";
+	}
+	else if(!strcmp((char *)argv[0], "socks")) {
+		childdef.pf = sockschild;
+		childdef.port = 1080;
+		childdef.isudp = 0;
+		childdef.service = S_SOCKS;
+		childdef.helpmessage = " -n - no NTLM support\n";
+	}
+	else if(!strcmp((char *)argv[0], "tcppm")) {
+		childdef.pf = tcppmchild;
+		childdef.port = 0;
+		childdef.isudp = 0;
+		childdef.service = S_TCPPM;
+		childdef.helpmessage = "";
+	}
+	else if(!strcmp((char *)argv[0], "icqpr")) {
+		childdef.pf = icqprchild;
+		childdef.port = 0;
+		childdef.isudp = 0;
+		childdef.service = S_ICQPR;
+		childdef.helpmessage = "";
+	}
+	else if(!strcmp((char *)argv[0], "msnpr")) {
+		childdef.pf = msnprchild;
+		childdef.port = 0;
+		childdef.isudp = 0;
+		childdef.service = S_MSNPR;
+		childdef.helpmessage = "";
+	}
+	else if(!strcmp((char *)argv[0], "udppm")) {
+		childdef.pf = udppmchild;
+		childdef.port = 0;
+		childdef.isudp = 1;
+		childdef.service = S_UDPPM;
+		childdef.helpmessage = " -s single packet UDP service for request/reply (DNS-like) services\n";
+	}
+	else if(!strcmp((char *)argv[0], "admin")) {
+		childdef.pf = adminchild;
+		childdef.port = 80;
+		childdef.isudp = 0;
+		childdef.service = S_ADMIN;
+	}
+	else if(!strcmp((char *)argv[0], "dnspr")) {
+		childdef.pf = dnsprchild;
+		childdef.port = 53;
+		childdef.isudp = 1;
+		childdef.service = S_DNSPR;
+	}
+	return start_proxy_thread(&ch);
+}
+
+static int h_internal(int argc, unsigned char ** argv){
+	conf.intip = getip(argv[1]);
+	return 0;
+}
+
+static int h_external(int argc, unsigned char ** argv){
+	conf.extip = getip(argv[1]);
+	return 0;
+}
+
+static int h_log(int argc, unsigned char ** argv){ 
+	conf.logfunc = logstdout;
+	if(conf.logtarget){
+		myfree(conf.logtarget);
+		conf.logtarget = NULL;
+	}
+	if(argc > 1) {
+		conf.logtarget = (unsigned char *)mystrdup((char *)argv[1]);
+		if(*argv[1]=='@'){
+#ifndef _WIN32
+			openlog((char *)conf.logtarget+1, LOG_PID, LOG_DAEMON);
+			conf.logfunc = logsyslog;
+#endif
+		}
+#ifndef NOODBC
+		else if(*argv[1]=='&'){
+			pthread_mutex_lock(&odbc_mutex);
+			close_sql();
+			init_sql((char *)argv[1]+1);
+			pthread_mutex_unlock(&odbc_mutex);
+			conf.logfunc = logsql;
+		}
+#endif
+		else {
+			FILE *fp, *fp1;
+			if(argc > 2) {
+				conf.logtype = getrotate(*argv[2]);
+			}
+			conf.logtime = time(0);
+			if(conf.logname)myfree(conf.logname);
+			conf.logname = (unsigned char *)mystrdup((char *)argv[1]);
+			fp = fopen((char *)dologname (tmpbuf, conf.logname, NULL, conf.logtype, conf.logtime), "a");
+			if(!fp){
+				perror("fopen()");
+				return 1;
+			}
+			else {
+				fp1 = conf.stdlog;
+				conf.stdlog = fp;
+				if(fp1) fclose(fp1);
+#ifdef _WINCE
+				freopen(tmpbuf, "w", stdout);
+				freopen(tmpbuf, "w", stderr);
+#endif
+			}
+		}
+	}
+	return 0;
+}
+
+static int h_service(int argc, unsigned char **argv){
+#ifdef _WIN32
+	if(osv.dwPlatformId  == VER_PLATFORM_WIN32_NT) service = 1;
+	else {
+		if(!conf.demon)daemonize();
+		conf.demon = 1;
+	}
+#endif
+	return 0;
+}
+
+static int h_daemon(int argc, unsigned char **argv){
+	if(!conf.demon)daemonize();
+	conf.demon = 1;
+	return 0;
+}
+
+static int h_config(int argc, unsigned char **argv){
+	if(conf.conffile)myfree(conf.conffile);
+	conf.conffile = mystrdup((char *)argv[1]);
+	return 0;
+}
+
+static int h_include(int argc, unsigned char **argv){
+	int res;
+	FILE *fp1;
+
+	fp1 = fopen((char *)argv[1], "r");
+	if(!fp1){
+		fprintf(stderr, "Unable to open included file: %s\n", argv[1]);
+		return 1;
+	}
+	res = readconfig(fp1);
+	fclose(fp1);
+	return res;
+}
+
+static int h_archiver(int argc, unsigned char **argv){
+	int j;
+
+	conf.archiver = myalloc(argc * sizeof(char *));
+	if(conf.archiver) {
+		conf.archiverc = argc;
+		for(j = 0; j < conf.archiverc; j++) conf.archiver[j] = (unsigned char *)mystrdup((char *)argv[j]);
+	}
+	return 0;
+}
+
+static int h_counter(int argc, unsigned char **argv){
+	struct counter_header ch1;
+	if(conf.counterd >=0)close(conf.counterd);
+	if(!conf.trafcountfunc) conf.trafcountfunc = trafcountfunc;
+	conf.counterd = open((char *)argv[1], O_BINARY|O_RDWR|O_CREAT, 0660);
+	if(conf.counterd<0){
+		fprintf(stderr, "Unable to open counter file %s, line %d\n", argv[1], linenum);
+		return 1;
+	}
+	if(read(conf.counterd, &ch1, sizeof(ch1))==sizeof(ch1)){
+		if(memcmp(&ch1, &cheader, 4)){
+			fprintf(stderr, "Not a counter file %s, line %d\n", argv[1], linenum);
+			return 2;
+		}
+#ifdef  _MSC_VER
+#ifdef _TIME64_T_DEFINED
+#ifndef _MAX__TIME64_T
+#define _MAX__TIME64_T     0x793406fffi64
+#endif 
+#endif
+		if(ch1.updated >= _MAX__TIME64_T){
+			fprintf(stderr, "Invalid or corrupted counter file %s. Use countersutil utility to convert from older version\n", argv[1]);
+			return 3;
+		}
+#endif
+		cheader.updated = ch1.updated;
+	}
+	if(argc >=4) {
+		conf.countertype = getrotate(*argv[2]);
+		if(conf.counterfile) myfree(conf.counterfile);
+		conf.counterfile = mystrdup((char *)argv[3]);
+	}
+	return 0;
+}
+
+static int h_rotate(int argc, unsigned char **argv){
+	conf.rotate = atoi((char *)argv[1]);
+	return 0;
+}
+
+static int h_logformat(int argc, unsigned char **argv){
+	if(conf.logformat) myfree(conf.logformat);
+	conf.logformat = (unsigned char *)mystrdup((char *)argv[1]);
+	return 0;
+}
+
+static int h_timeouts(int argc, unsigned char **argv){
+	int j;
+
+	for(j = 0; conf.timeouts[j] && j + 1 < argc; j++) {
+		if((conf.timeouts[j] = atoi((char *)argv[j + 1])) <= 0 || conf.timeouts[j] > 2000000){
+			fprintf(stderr, "Invalid timeout: %s, line %d\n", argv[j + 1], linenum);
+			return(1);
+		}
+	}
+	return 0;
+}
+
+static int h_noop(int argc, unsigned char **argv){
+	return 0;
+}
+
+static int h_auth(int argc, unsigned char **argv){
+	struct auth *au, * newau;
+	
+	freeauth(conf.authfuncs);
+	conf.authfuncs = NULL;
+	if(!conf.bandlimfunc)conf.bandlimfunc = bandlimitfunc;
+	for(argc--; argc; argc--){
+	  for(au = authfuncs; au; au=au->next){
+		if(!strcmp((char *)argv[argc], au->desc)){
+			newau = myalloc(sizeof(struct auth));
+			newau->next = conf.authfuncs;
+			conf.authfuncs = newau;
+			conf.authfuncs->desc = au->desc;
+			conf.authfuncs->authenticate = au->authenticate;
+			conf.authfuncs->authorize = au->authorize;
+			break;
+		}
+	  }
+	  if(!au) return 1;
+	}
+	conf.authfunc = doauth;
+	return 0;
+}
+
+static int h_users(int argc, unsigned char **argv){
+  int j;
+  unsigned char *arg;
+  struct passwords *pwl = NULL;
+
+	for (j = 1; j<argc; j++) {
+		if(!(pwl = myalloc(sizeof(struct passwords)))) {
+			fprintf(stderr, "No memory for PWL entry, line %d\n", linenum);
+			return(1);
+		}
+		memset(pwl, 0, sizeof(struct passwords));
+		pwl->next = conf.pwl;
+		conf.pwl = pwl;
+		arg = (unsigned char *)strchr((char *)argv[j], ':');
+		if(!arg||!arg[1]||!arg[2]||arg[3]!=':')	{
+			pwl->user = (unsigned char *)mystrdup((char *)argv[j]);
+			pwl->pwtype = SYS;
+			continue;
+		}
+		*arg = 0;
+		pwl->user = (unsigned char *)mystrdup((char *)argv[j]);
+		if((arg[1] == 'C' && arg[2] == 'L' && (pwl->pwtype = CL)) ||
+			(arg[1] == 'C' && arg[2] == 'R' && (pwl->pwtype = CR)) ||
+			(arg[1] == 'N' && arg[2] == 'T' && (pwl->pwtype = NT)) ||
+			(arg[1] == 'L' && arg[2] == 'M' && (pwl->pwtype = LM))){
+			pwl->password = (unsigned char *)mystrdup((char *)arg+4);
+		}
+		else {
+			pwl->password = (unsigned char *) mystrdup((char *)arg + 1);
+			pwl->pwtype = UN;
+		}
+
+	}
+	return 0;
+}
+
+static int h_maxconn(int argc, unsigned char **argv){
+	conf.maxchild = atoi((char *)argv[1]);
+	if(!conf.maxchild) {
+		return(1);
+	}
+	return 0;
+}
+
+static int h_flush(int argc, unsigned char **argv){
+	freeacl(conf.acl);
+	conf.acl = NULL;
+	return 0;
+}
+
+/*
+static int h_flushusers(int argc, unsigned char **argv){
+	freepwl(conf.pwl);
+	conf.pwl = NULL;
+	return 0;
+}
+*/
+
+static int h_nserver(int argc, unsigned char **argv){
+  int res;
+
+	for(res = 0; nservers[res] && res < MAXNSERVERS; res++);
+	if(res < MAXNSERVERS) {
+		nservers[res] = getip(argv[1]);
+	}
+	resolvfunc = myresolver;
+	return 0;
+}
+
+static int h_authnserver(int argc, unsigned char **argv){
+
+	authnserver = getip(argv[1]);
+	return 0;
+}
+
+static int h_fakeresolve(int argc, unsigned char **argv){
+	resolvfunc = fakeresolver;
+	return 0;
+}
+
+static int h_nscache(int argc, unsigned char **argv){
+  int res;
+
+	res = atoi((char *)argv[1]);
+	if(res < 256) {
+		fprintf(stderr, "Invalid NS cache size: %d\n", res);
+		return 1;
+	}
+	if(initdnshashtable((unsigned)res)){
+		fprintf(stderr, "Failed to initialize NS cache\n");
+		return 2;
+	}
+	return 0;
+}
+
+static int h_nsrecord(int argc, unsigned char **argv){
+	hashadd(&dns_table, argv[1], getip(argv[2]), (time_t)0xffffffff);
+	return 0;
+}
+
+static int h_dialer(int argc, unsigned char **argv){
+	if(conf.demanddialprog) myfree(conf.demanddialprog);
+	conf.demanddialprog = mystrdup((char *)argv[1]);
+	return 0;
+}
+
+static int h_system(int argc, unsigned char **argv){
+  int res;
+
+	if((res = system((char *)argv[1])) == -1){
+		fprintf(stderr, "Failed to start %s\n", argv[1]);
+		return(1);
+	}
+	return 0;
+}
+
+static int h_pidfile(int argc, unsigned char **argv){
+  FILE *pidf;
+
+	if(!(pidf = fopen((char *)argv[1], "w"))){
+		fprintf(stderr, "Failed to open pid file %s\n", argv[1]);
+		return(1);
+	}
+	fprintf(pidf,"%u", (unsigned)getpid());
+	fclose(pidf);
+	return 0;
+}
+
+static int h_monitor(int argc, unsigned char **argv){
+  struct filemon * fm;
+
+	fm = myalloc(sizeof (struct filemon));
+	if(stat((char *)argv[1], &fm->sb)){
+		myfree(fm);
+		fprintf(stderr, "Warning: file %s doesn't exist on line %d\n", argv[1], linenum);
+	}
+	else {
+		fm->path = mystrdup((char *)argv[1]);
+		fm->next = conf.fmon;
+		conf.fmon = fm;
+	}
+	return 0;
+}
+
+static int h_parent(int argc, unsigned char **argv){
+  struct ace *acl = NULL;
+  struct chain *chains;
+
+	acl = conf.acl;
+	while(acl && acl->next) acl = acl->next;
+	if(!acl || (acl->action && acl->action != 2)) {
+		fprintf(stderr, "Chaining error: last ACL entry was not \"allow\" or \"redirect\" on line %d\n", linenum);
+		return(1);
+	}
+	acl->action = 2;
+
+	chains = NULL;
+	if(!acl->chains) {
+		chains = acl->chains = myalloc(sizeof(struct chain));
+	}
+	else {
+		chains = acl->chains;
+		while(chains->next)chains = chains->next;
+		chains->next = myalloc(sizeof(struct chain));
+		chains = chains->next;
+	}
+	memset(chains, 0, sizeof(struct chain));
+	if(!chains){
+		fprintf(stderr, "Chainig error: unable to allocate memory for chain\n");
+		return(2);
+	}
+	chains->weight = (unsigned)atoi((char *)argv[1]);
+	if(chains->weight == 0 || chains->weight >1000) {
+		fprintf(stderr, "Chaining error: bad chain weight %u line %d\n", chains->weight, linenum);
+		return(3);
+	}
+	if(!strcmp((char *)argv[2], "tcp"))chains->type = R_TCP;
+	else if(!strcmp((char *)argv[2], "http"))chains->type = R_HTTP;
+	else if(!strcmp((char *)argv[2], "connect"))chains->type = R_CONNECT;
+	else if(!strcmp((char *)argv[2], "socks4"))chains->type = R_SOCKS4;
+	else if(!strcmp((char *)argv[2], "socks5"))chains->type = R_SOCKS5;
+	else if(!strcmp((char *)argv[2], "connect+"))chains->type = R_CONNECTP;
+	else if(!strcmp((char *)argv[2], "socks4+"))chains->type = R_SOCKS4P;
+	else if(!strcmp((char *)argv[2], "socks5+"))chains->type = R_SOCKS5P;
+	else if(!strcmp((char *)argv[2], "socks4b"))chains->type = R_SOCKS4B;
+	else if(!strcmp((char *)argv[2], "socks5b"))chains->type = R_SOCKS5B;
+	else if(!strcmp((char *)argv[2], "pop3"))chains->type = R_POP3;
+	else if(!strcmp((char *)argv[2], "ftp"))chains->type = R_FTP;
+	else if(!strcmp((char *)argv[2], "admin"))chains->type = R_ADMIN;
+	else if(!strcmp((char *)argv[2], "icq"))chains->type = R_ICQ;
+	else if(!strcmp((char *)argv[2], "msn"))chains->type = R_MSN;
+	else {
+		fprintf(stderr, "Chaining error: bad chain type (%s)\n", argv[2]);
+		return(4);
+	}
+	chains->redirip = getip(argv[3]);
+	chains->redirport = htons((unsigned short)atoi((char *)argv[4]));
+	if(argc > 5) chains->extuser = (unsigned char *)mystrdup((char *)argv[5]);
+	if(argc > 6) chains->extpass = (unsigned char *)mystrdup((char *)argv[6]);
+	return 0;
+	
+}
+
+static int h_nolog(int argc, unsigned char **argv){
+  struct ace *acl = NULL;
+
+	acl = conf.acl;
+	if(!acl) {
+		fprintf(stderr, "Chaining error: last ACL entry was not \"allow/deny\" on line %d\n", linenum);
+		return(1);
+	}
+	while(acl->next) acl = acl->next;
+	if(!strcmp(argv[0],"nolog")) acl->nolog = 1;
+	else acl->weight = atoi((char*)argv[1]);
+	return 0;
+}
+
+struct ace * make_ace (int argc, unsigned char ** argv){
+	struct ace * acl;
+	unsigned char *arg;
+	struct iplist *ipl=NULL;
+	struct portlist *portl=NULL;
+	struct userlist *userl=NULL;
+	struct hostname *hostnamel=NULL;
+	int res;
+
+	acl = myalloc(sizeof(struct ace));
+	if(!acl) return acl;
+	memset(acl, 0, sizeof(struct ace));
+		if(argc > 0 && strcmp("*", (char *)argv[0])) {
+			arg = argv[0];
+			arg = (unsigned char *)strtok((char *)arg, ",");
+			do {
+				if(!acl->users) {
+					acl->users = userl = myalloc(sizeof(struct userlist));
+				}
+				else {
+					userl->next = myalloc(sizeof(struct userlist));
+					userl = userl -> next;
+				}
+				if(!userl) {
+					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
+					return(NULL);
+				}
+				memset(userl, 0, sizeof(struct userlist));
+				userl->user=(unsigned char*)mystrdup((char *)arg);
+			} while((arg = (unsigned char *)strtok((char *)NULL, ",")));
+		}
+		if(argc > 1  && strcmp("*", (char *)argv[1])) {
+			arg = (unsigned char *)strtok((char *)argv[1], ",");
+			do {
+				if(!acl->src) {
+					acl->src = ipl = myalloc(sizeof(struct iplist));
+				}
+				else {
+					ipl->next = myalloc(sizeof(struct iplist));
+					ipl = ipl -> next;
+				}
+				if(!ipl) {
+					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
+					return(NULL);
+				}
+				memset(ipl, 0, sizeof(struct iplist));
+				if (!scanaddr(arg, &ipl->ip, &ipl->mask)) {
+					if((ipl->ip = getip(arg)) == 0){
+						fprintf(stderr, "Invalid IP or CIDR, line %d\n", linenum);
+						return(NULL);
+					}
+					ipl->mask = 0xFFFFFFFF;
+				}
+			} while((arg = (unsigned char *)strtok((char *)NULL, ",")));
+		}
+		if(argc > 2 && strcmp("*", (char *)argv[2])) {
+			arg = (unsigned char *)strtok((char *)argv[2], ",");
+			do {
+			 int arglen;
+			 unsigned char *pattern;
+			 
+			 arglen = (int)strlen((char *)arg);
+			 if(arglen > 0 && (arg[arglen-1] < '0' || arg[arglen-1] > '9')){
+				if(!acl->dstnames) {
+					acl->dstnames = hostnamel = myalloc(sizeof(struct hostname));
+				}
+				else {
+					hostnamel->next = myalloc(sizeof(struct hostname));
+					hostnamel = hostnamel -> next;
+				}
+				if(!hostnamel){
+					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
+					return(NULL);
+				}
+				memset(hostnamel, 0, sizeof(struct hostname));
+				hostnamel->matchtype = 3;
+				pattern = arg;
+				if(pattern[arglen-1] == '*'){
+					arglen --;
+					pattern[arglen] = 0;
+					hostnamel->matchtype ^= MATCHEND;
+				}
+				if(pattern[0] == '*'){
+					pattern++;
+					arglen--;
+					hostnamel->matchtype ^= MATCHBEGIN;
+				}
+				hostnamel->name = (unsigned char *) mystrdup( (char *)pattern);
+				if(!hostnamel->name) {
+					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
+					return(NULL);
+				}
+			 }
+			 else {
+				
+				if(!acl->dst) {
+					acl->dst = ipl = myalloc(sizeof(struct iplist));
+				}
+				else {
+					ipl->next = myalloc(sizeof(struct iplist));
+					ipl = ipl -> next;
+				}
+				if(!ipl) {
+					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
+					return(NULL);
+				}
+				memset(ipl, 0, sizeof(struct iplist));
+				if (!scanaddr(arg, &ipl->ip, &ipl->mask)) {
+						fprintf(stderr, "Invalid IP or CIDR, line %d\n", linenum);
+						return(NULL);
+				}
+			 }
+			}while((arg = (unsigned char *)strtok((char *)NULL, ",")));
+		}
+		if(argc > 3 && strcmp("*", (char *)argv[3])) {
+			arg = (unsigned char *)strtok((char *)argv[3], ",");
+			do {
+				if(!acl->ports) {
+					acl->ports = portl = myalloc(sizeof(struct portlist));
+				}
+				else {
+					portl->next = myalloc(sizeof(struct portlist));
+					portl = portl -> next;
+				}
+				if(!portl) {
+					fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
+					return(NULL);
+				}
+				memset(portl, 0, sizeof(struct portlist));
+				res = sscanf((char *)arg, "%hu-%hu", &portl->startport, &portl->endport);
+				if(res < 1) {
+					fprintf(stderr, "Invalid port or port range, line %d\n", linenum);
+					return(NULL);
+				}
+				if (res == 1) portl->endport = portl->startport;
+			} while((arg = (unsigned char *)strtok((char *)NULL, ",")));
+		}
+		if(argc > 4 && strcmp("*", (char *)argv[4])) {
+			arg = (unsigned char *)strtok((char *)argv[4], ",");	
+			do {
+				if(!strcmp((char *)arg, "CONNECT")){
+					acl->operation |= CONNECT;
+				}
+				else if(!strcmp((char *)arg, "BIND")){
+					acl->operation |= BIND;
+				}
+				else if(!strcmp((char *)arg, "UDPASSOC")){
+					acl->operation |= UDPASSOC;
+				}
+				else if(!strcmp((char *)arg, "ICMPASSOC")){
+					acl->operation |= ICMPASSOC;
+				}
+				else if(!strcmp((char *)arg, "HTTP_GET")){
+					acl->operation |= HTTP_GET;
+				}
+				else if(!strcmp((char *)arg, "HTTP_PUT")){
+					acl->operation |= HTTP_PUT;
+				}
+				else if(!strcmp((char *)arg, "HTTP_POST")){
+					acl->operation |= HTTP_POST;
+				}
+				else if(!strcmp((char *)arg, "HTTP_HEAD")){
+					acl->operation |= HTTP_HEAD;
+				}
+				else if(!strcmp((char *)arg, "HTTP_OTHER")){
+					acl->operation |= HTTP_OTHER;
+				}
+				else if(!strcmp((char *)arg, "HTTP_CONNECT")){
+					acl->operation |= HTTP_CONNECT;
+				}
+				else if(!strcmp((char *)arg, "HTTP")){
+					acl->operation |= HTTP;
+				}
+				else if(!strcmp((char *)arg, "HTTPS")){
+					acl->operation |= HTTPS;
+				}
+				else if(!strcmp((char *)arg, "FTP_GET")){
+					acl->operation |= FTP_GET;
+				}
+				else if(!strcmp((char *)arg, "FTP_PUT")){
+					acl->operation |= FTP_PUT;
+				}
+				else if(!strcmp((char *)arg, "FTP_LIST")){
+					acl->operation |= FTP_LIST;
+				}
+				else if(!strcmp((char *)arg, "FTP_DATA")){
+					acl->operation |= FTP_DATA;
+				}
+				else if(!strcmp((char *)arg, "FTP")){
+					acl->operation |= FTP;
+				}
+				else if(!strcmp((char *)arg, "ADMIN")){
+					acl->operation |= ADMIN;
+				}
+				else if(!strcmp((char *)arg, "DNSRESOLVE")){
+					acl->operation |= DNSRESOLVE;
+				}
+				else if(!strcmp((char *)arg, "ICQ")){
+					acl->operation |= IM_ICQ;
+				}
+				else {
+					fprintf(stderr, "Unknown operation type: %s line %d\n", arg, linenum);
+					return(NULL);
+				}
+			} while((arg = (unsigned char *)strtok((char *)NULL, ",")));
+		}
+		if(argc > 5){
+			for(arg = argv[5]; *arg;){
+				int val, val1;
+
+				if(!isnumber(*arg)){
+					arg++;
+					continue;
+				}
+				val1 = val = (*arg - '0');
+				arg++;
+				if(*arg == '-' && isnumber(*(arg+1)) && (*(arg+1) - '0') > val) {
+					val1 = (*(arg+1) - '0');
+					arg+=2;
+				}
+				for(; val<=val1; val++) acl->wdays |= (1 << (val % 7));
+			}
+			
+		}
+		if(argc > 6){
+			for(arg = argv[6]; strlen((char *)arg) >= 17 &&
+							isdigit(arg[0]) &&
+							isdigit(arg[1]) &&
+							isdigit(arg[3]) &&
+							isdigit(arg[4]) &&
+							isdigit(arg[6]) &&
+							isdigit(arg[7]) &&
+							isdigit(arg[9]) &&
+							isdigit(arg[10]) &&
+							isdigit(arg[12]) &&
+							isdigit(arg[13]) &&
+							isdigit(arg[15]) &&
+							isdigit(arg[16])
+							; arg+=18){
+
+				int t1, t2;
+				struct period *sp;
+
+				t1 = (arg[0] - '0') * 10 + (arg[1] - '0');
+				t1 = (t1 * 60) + (arg[3] - '0') * 10 + (arg[4] - '0');
+				t1 = (t1 * 60) + (arg[6] - '0') * 10 + (arg[7] - '0');
+				t2 = (arg[9] - '0') * 10 + (arg[10] - '0');
+				t2 = (t2 * 60) + (arg[12] - '0') * 10 + (arg[13] - '0');
+				t2 = (t2 * 60) + (arg[15] - '0') * 10 + (arg[16] - '0');
+				if(t2 < t1) break;
+				sp = myalloc(sizeof(struct period));
+				if(sp){
+					sp->fromtime = t1;
+					sp->totime = t2;
+					sp->next = acl->periods;
+					acl->periods = sp;
+				}
+				if(arg[17]!=',') break;
+			}
+		}
+	if (argc > 7){
+		acl->weight = atoi((char *)argv[7]);
+	}
+
+	return acl;
+}
+
+
+static int h_ace(int argc, unsigned char **argv){
+  int res = 0;
+  int offset = 0;
+  struct ace *acl = NULL;
+  struct bandlim * nbl;
+  struct trafcount * tl;
+
+	if(!strcmp((char *)argv[0], "allow")){
+		res = ALLOW;
+	}
+	else if(!strcmp((char *)argv[0], "deny")){
+		res = DENY;
+	}
+	else if(!strcmp((char *)argv[0], "redirect")){
+		res = REDIRECT;
+		offset = 2;
+	}
+	else if(!strcmp((char *)argv[0], "bandlimin")||!strcmp((char *)argv[0], "bandlimout")){
+		res = BANDLIM;
+		offset = 1;
+	}
+	else if(!strcmp((char *)argv[0], "nobandlimin")||!strcmp((char *)argv[0], "nobandlimout")){
+		res = NOBANDLIM;
+	}
+	else if(!strcmp((char *)argv[0], "countin")){
+		res = COUNTIN;
+		offset = 3;
+	}
+	else if(!strcmp((char *)argv[0], "nocountin")){
+		res = NOCOUNTIN;
+	}
+	else if(!strcmp((char *)argv[0], "countout")){
+		res = COUNTOUT;
+		offset = 3;
+	}
+	else if(!strcmp((char *)argv[0], "nocountout")){
+		res = NOCOUNTOUT;
+	}
+	acl = make_ace(argc - (offset+1), argv + (offset + 1));
+	if(!acl) {
+		fprintf(stderr, "Unable to parse ACL entry, line %d\n", linenum);
+		return(1);
+	}
+	acl->action = res;
+	switch(acl->action){
+	case REDIRECT:
+		acl->chains = myalloc(sizeof(struct chain));
+		if(!acl->chains) {
+			fprintf(stderr, "No memory for ACL entry, line %d\n", linenum);
+			return(2);
+		}
+		acl->chains->type = R_HTTP;
+		acl->chains->redirip = getip(argv[1]);
+		acl->chains->redirport = htons((unsigned short)atoi((char *)argv[2]));
+		acl->chains->weight = 1000;
+		acl->chains->extuser = NULL;
+		acl->chains->extpass = NULL;
+		acl->chains->next = NULL;
+	case ALLOW:
+	case DENY:
+		if(!conf.acl){
+			conf.acl = acl;
+		}
+		else {
+			struct ace * acei;
+
+			for(acei = conf.acl; acei->next; acei = acei->next);
+			acei->next = acl;
+		}
+		break;
+	case BANDLIM:
+	case NOBANDLIM:
+
+		nbl = myalloc(sizeof(struct bandlim));
+		if(!nbl) {
+			fprintf(stderr, "No memory to create band limit filter\n");
+			return(3);
+		}
+		memset(nbl, 0, sizeof(struct bandlim));
+		nbl->ace = acl;
+		if(acl->action == BANDLIM) {
+			sscanf((char *)argv[1], "%u", &nbl->rate);
+			if(nbl->rate < 300) {
+				fprintf(stderr, "Wrong bandwidth specified, line %d\n", linenum);
+				return(4);
+			}
+		}
+		pthread_mutex_lock(&bandlim_mutex);
+		if(!strcmp((char *)argv[0], "bandlimin") || !strcmp((char *)argv[0], "nobandlimin")){
+			if(!conf.bandlimiter){
+				conf.bandlimiter = nbl;
+			}
+			else {
+				struct bandlim * bli;
+
+				for(bli = conf.bandlimiter; bli->next; bli = bli->next);
+				bli->next = nbl;
+			}
+		}
+		else {
+			if(!conf.bandlimiterout){
+				conf.bandlimiterout = nbl;
+			}
+			else {
+				struct bandlim * bli;
+
+				for(bli = conf.bandlimiterout; bli->next; bli = bli->next);
+				bli->next = nbl;
+			}
+		}
+
+		pthread_mutex_unlock(&bandlim_mutex);			
+		break;
+
+	case COUNTIN:
+	case NOCOUNTIN:
+	case COUNTOUT:
+	case NOCOUNTOUT:
+		tl = myalloc(sizeof(struct trafcount));
+		if(!tl) {
+			fprintf(stderr, "No memory to create traffic limit filter\n");
+			return(5);
+		}
+		memset(tl, 0, sizeof(struct trafcount));
+		tl->ace = acl;
+	
+		if((acl->action == COUNTIN)||(acl->action == COUNTOUT)) {
+			unsigned long lim;
+
+			tl->comment = ( char *)argv[1];
+			while(isdigit(*tl->comment))tl->comment++;
+			if(*tl->comment== '/')tl->comment++;
+			tl->comment = mystrdup(tl->comment);
+
+			sscanf((char *)argv[1], "%u", &tl->number);
+			sscanf((char *)argv[3], "%lu", &lim);
+			tl->traflimgb = (lim/(1024*4));
+			tl->traflim = ((lim - (tl->traflimgb*(1024*4)))*(1024*1024));
+			tl->type = getrotate(*argv[2]);
+			if(!tl->traflim && !tl->traflimgb) {
+				fprintf(stderr, "Wrong traffic limit specified, line %d\n", linenum);
+				return(6);
+			}
+			if(tl->number != 0 && conf.counterd >= 0) {
+				lseek(conf.counterd, 
+					sizeof(struct counter_header) + (tl->number - 1) * sizeof(struct counter_record),
+					SEEK_SET);
+				memset(&crecord, 0, sizeof(struct counter_record));
+				read(conf.counterd, &crecord, sizeof(struct counter_record));
+				tl->traf = crecord.traf;
+				tl->trafgb = crecord.trafgb;
+				tl->cleared = crecord.cleared;
+				tl->updated = crecord.updated;
+#ifdef _MAX__TIME64_T
+				if(tl->cleared >=  _MAX__TIME64_T || tl->updated >=  _MAX__TIME64_T){
+					fprintf(stderr, "Invalid or corrupted counter file. Use countersutil utility to convert from older version\n");
+					return(6);
+				}
+#endif
+			}
+		}
+		pthread_mutex_lock(&tc_mutex);
+		if(!conf.trafcounter){
+			conf.trafcounter = tl;
+		}
+		else {
+			struct trafcount * ntl;
+
+			for(ntl = conf.trafcounter; ntl->next; ntl = ntl->next);
+			ntl->next = tl;
+		}
+		pthread_mutex_unlock(&tc_mutex);
+			
+	}
+	return 0;
+}
+
+static int h_logdump(int argc, unsigned char **argv){
+	conf.logdumpsrv = (unsigned) atoi((char *) *(argv + 1));
+	if(argc > 2) conf.logdumpcli = (unsigned) atoi((char *) *(argv + 2));
+	return 0;
+}
+
+
+static int h_filtermaxsize(int argc, unsigned char **argv){
+	conf.filtermaxsize = atoi((char *) *(argv + 1));
+	return 0;
+}
+
+static int h_delimchar(int argc, unsigned char **argv){
+	conf.delimchar = *argv[1];
+	return 0;
+}
+
+static int h_authcache(int argc, unsigned char **argv){
+	conf.authcachetype = 0;
+	if(strstr((char *) *(argv + 1), "ip")) conf.authcachetype |= 1;
+	if(strstr((char *) *(argv + 1), "user")) conf.authcachetype |= 2;
+	if(strstr((char *) *(argv + 1), "pass")) conf.authcachetype |= 4;
+	if(argc > 2) conf.authcachetime = (unsigned) atoi((char *) *(argv + 2));
+	if(!conf.authcachetype) conf.authcachetype = 6;
+	if(!conf.authcachetime) conf.authcachetime = 600;
+	return 0;
+}
+
+static int h_plugin(int argc, unsigned char **argv){
+#ifdef NOPLUGINS
+	return 999;
+#else
+#ifdef _WIN32
+	HINSTANCE hi;
+	FARPROC fp;
+
+#ifdef _WINCE
+	hi = LoadLibraryW((LPCWSTR)CEToUnicode(argv[1]));
+#else
+	hi = LoadLibrary(argv[1]);
+#endif
+	if(!hi) {
+		fprintf(stderr, "Failed to load %s, code %d\n", argv[1], (int)GetLastError());
+		return 1;
+	}
+#ifdef _WINCE
+	fp = GetProcAddressW(hi, (LPCWSTR)CEToUnicode(argv[2]));
+#else
+	fp = GetProcAddress(hi, argv[2]);
+#endif
+	if(!fp) {
+		printf("%s not found in %s, code: %d\n", argv[2], argv[1], (int)GetLastError());
+		return 2;
+	}
+	return (*(PLUGINFUNC)fp)(&pluginlink, argc - 2, (char **)argv + 2);
+#else	
+	void *hi, *fp;
+	hi = dlopen((char *)argv[1], RTLD_LAZY);
+	if(!hi) return 1;
+	fp = dlsym(hi, (char *)argv[2]);
+	if(!fp) return 2;
+	return (*(PLUGINFUNC)fp)(&pluginlink, argc - 2, (char **)argv + 2);
+#endif
+#endif
+}
+
+#ifndef _WIN32
+static int h_setuid(int argc, unsigned char **argv){
+  int res;
+	res = atoi((char *)argv[1]);
+	if(!res || setuid(res)) {
+		fprintf(stderr, "Unable to set uid %d", res);
+		return(1);
+	}
+	return 0;
+}
+
+static int h_setgid(int argc, unsigned char **argv){
+  int res;
+
+	res = atoi((char *)argv[1]);
+	if(!res || setgid(res)) {
+		fprintf(stderr, "Unable to set gid %d", res);
+		return(1);
+	}
+	return 0;
+}
+
+
+static int h_chroot(int argc, unsigned char **argv){
+	if(!chrootp){
+		char *p;
+		if(chroot((char *)argv[1])) {
+			fprintf(stderr, "Unable to chroot %s", argv[1]);
+			return(1);
+		}
+		p = (char *)argv[1] + strlen((char *)argv[1]) ;
+		while (p > (char *)argv[1] && p[-1] == '/'){
+			p--;
+			*p = 0;
+		}
+		chrootp = mystrdup((char *)argv[1]);
+	}
+	return 0;
+}
+#endif
+
+
+struct commands specificcommands[]={
+#ifndef _WIN32
+	{specificcommands+1, "setuid", h_setuid, 2, 2},
+	{specificcommands+2, "setgid", h_setgid, 2, 2},
+	{specificcommands+3, "chroot", h_chroot, 2, 2},
+#endif
+	{NULL, 		"", h_noop, 1, 0}
+};
+
+struct commands commandhandlers[]={
+	{commandhandlers+1,  "", h_noop, 1, 0},
+	{commandhandlers+2,  "proxy", h_proxy, 1, 0},
+	{commandhandlers+3,  "pop3p", h_proxy, 1, 0},
+	{commandhandlers+4,  "ftppr", h_proxy, 1, 0},
+	{commandhandlers+5,  "socks", h_proxy, 1, 0},
+	{commandhandlers+6,  "tcppm", h_proxy, 4, 0},
+	{commandhandlers+7,  "udppm", h_proxy, 4, 0},
+	{commandhandlers+8,  "admin", h_proxy, 1, 0},
+	{commandhandlers+9,  "dnspr", h_proxy, 1, 0},
+	{commandhandlers+10,  "internal", h_internal, 2, 2},
+	{commandhandlers+11, "external", h_external, 2, 2},
+	{commandhandlers+12, "log", h_log, 1, 0},
+	{commandhandlers+13, "service", h_service, 1, 1},
+	{commandhandlers+14, "daemon", h_daemon, 1, 1},
+	{commandhandlers+15, "config", h_config, 2, 2},
+	{commandhandlers+16, "include", h_include, 2, 2},
+	{commandhandlers+17, "archiver", h_archiver, 3, 0},
+	{commandhandlers+18, "counter", h_counter, 2, 4},
+	{commandhandlers+19, "rotate", h_rotate, 2, 2},
+	{commandhandlers+20, "logformat", h_logformat, 2, 2},
+	{commandhandlers+21, "timeouts", h_timeouts, 2, 0},
+	{commandhandlers+22, "auth", h_auth, 2, 0},
+	{commandhandlers+23, "users", h_users, 2, 0},
+	{commandhandlers+24, "maxconn", h_maxconn, 2, 2},
+	{commandhandlers+25, "flush", h_flush, 1, 1},
+	{commandhandlers+26, "nserver", h_nserver, 2, 2},
+	{commandhandlers+27, "fakeresolve", h_fakeresolve, 1, 1},
+	{commandhandlers+28, "nscache", h_nscache, 2, 2},
+	{commandhandlers+29, "nsrecord", h_nsrecord, 3, 3},
+	{commandhandlers+30, "dialer", h_dialer, 2, 2},
+	{commandhandlers+31, "system", h_system, 2, 2},
+	{commandhandlers+32, "pidfile", h_pidfile, 2, 2},
+	{commandhandlers+33, "monitor", h_monitor, 2, 2},
+	{commandhandlers+34, "parent", h_parent, 5, 0},
+	{commandhandlers+35, "allow", h_ace, 1, 0},
+	{commandhandlers+36, "deny", h_ace, 1, 0},
+	{commandhandlers+37, "redirect", h_ace, 3, 0},
+	{commandhandlers+38, "bandlimin", h_ace, 2, 0},
+	{commandhandlers+39, "bandlimout", h_ace, 2, 0},
+	{commandhandlers+40, "nobandlimin", h_ace, 1, 0},
+	{commandhandlers+41, "nobandlimout", h_ace, 1, 0},
+	{commandhandlers+42, "countin", h_ace, 4, 0},
+	{commandhandlers+43, "nocountin", h_ace, 1, 0},
+	{commandhandlers+44, "countout", h_ace, 4, 0},
+	{commandhandlers+45, "nocountout", h_ace, 1, 0},
+	{commandhandlers+46, "plugin", h_plugin, 3, 0},
+	{commandhandlers+47, "logdump", h_logdump, 2, 3},
+	{commandhandlers+48, "filtermaxsize", h_filtermaxsize, 2, 2},
+	{commandhandlers+49, "nolog", h_nolog, 1, 1},
+	{commandhandlers+50, "weight", h_nolog, 2, 2},
+	{commandhandlers+51, "authcache", h_authcache, 2, 3},
+	{commandhandlers+52, "smtpp", h_proxy, 1, 0},
+	{commandhandlers+53, "icqpr", h_proxy, 4, 0},
+	{commandhandlers+54, "msnpr", h_proxy, 4, 0},
+	{commandhandlers+55, "delimchar",h_delimchar, 2, 2},
+	{commandhandlers+56, "authnserver", h_authnserver, 2, 2},
+	{specificcommands, 	 "", h_noop, 1, 0}
+};
+
+int readconfig(FILE * fp){
+ unsigned char ** argv = NULL;
+ unsigned char * buf = NULL;
+  int bufsize = STRINGBUF*2;
+  int inbuf = 0;
+  int argc;
+  struct commands * cm;
+  int res = 0;
+
+  if( !(buf = myalloc(bufsize)) || ! (argv = myalloc(NPARAMS * sizeof(unsigned char *) + 1)) ) {
+		fprintf(stderr, "No memory for configuration");
+		return(10);
+  }
+  for (linenum = 1; fgets((char *)buf, STRINGBUF, fp); linenum++){
+	if(!*buf || isspace(*buf) || (*buf) == '#')continue;
+
+	inbuf = (int)(strlen((char *)buf) + 1);
+	argc = parsestr (buf, argv, NPARAMS-1, &buf, &inbuf, &bufsize);
+	if(argc < 1) {
+		fprintf(stderr, "Parse error line %d\n", linenum);
+		return(21);
+	}
+	argv[argc] = NULL;
+	if(!strcmp((char *)argv[0], "end") && argc == 1) {	
+		break;
+	}
+	else if(!strcmp((char *)argv[0], "writable") && argc == 1) {	
+		if(!writable){
+			writable = freopen(curconf, "r+", fp);
+			if(!writable){
+				fprintf(stderr, "Unable to reopen config for writing: %s\n", curconf);
+				return 1;
+			}
+		}
+		continue;
+	}
+
+	res = 1;
+	for(cm = commandhandlers; cm; cm = cm->next){
+		if(!strcmp((char *)argv[0], (char *)cm->command) && argc >= cm->minargs && (!cm->maxargs || argc <= cm->maxargs)){
+			res = (*cm->handler)(argc, argv);
+			if(res > 0){
+				fprintf(stderr, "Command: '%s' failed with code %d, line %d\n", argv[0], res, linenum);
+				return(linenum);
+			}
+			if(!res) break;
+		}
+	}
+	if(res != 1)continue;
+	fprintf(stderr, "Unknown command: '%s' line %d\n", argv[0], linenum);
+	return(linenum);
+  }
+  myfree(buf);
+  myfree(argv);
+  return 0;
+
+}
+
+
+#ifndef _WINCE
+int main(int argc, char * argv[]) {
+#else
+int WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nCmdShow){
+ int argc;
+ char ** argv;
+ WNDCLASS wc;
+ HWND hwnd = 0;
+#endif
+
+  int res = 0;
+  FILE * fp = NULL;
+
+#ifdef _WIN32
+  unsigned char * arg;
+  WSADATA wd;
+
+  WSAStartup(MAKEWORD( 1, 1 ), &wd);
+  osv.dwOSVersionInfoSize = sizeof(osv);
+  GetVersionEx(&osv);
+#endif
+
+
+#ifdef _WINCE
+	argc = ceparseargs((char *)lpCmdLine);
+	argv = ceargv;
+	if(FindWindow(L"3proxy", L"3proxy")) return 0;
+	ZeroMemory(&wc,sizeof(wc));
+	wc.hbrBackground=(HBRUSH)GetStockObject(BLACK_BRUSH);
+	wc.hInstance=hInstance;
+	wc.hCursor=LoadCursor(NULL,IDC_ARROW);
+	wc.lpfnWndProc=DefWindowProc;
+	wc.style=CS_HREDRAW|CS_VREDRAW;
+	wc.lpszClassName=L"3proxy";
+	RegisterClass(&wc);
+
+	hwnd = CreateWindowEx(0,L"3proxy",L"3proxy",WS_VISIBLE|WS_POPUP,0,0,0,0,0,0,hInstance,0);
+#endif
+
+  conf.stringtable = strings;
+#ifdef _WIN32
+#ifndef _WINCE
+  if((argc == 2 || argc == 3)&& !strcmp((char *)argv[1], "--install")) {
+
+	sprintf((char *)tmpbuf, "%s will be installed and started.\n"
+			"By clicking Yes you confirm you read and accepted License Agreement.\n"
+			"You can use Administration/Services to control %s service.", 
+			conf.stringtable[1], conf.stringtable[2]);
+	if(MessageBox(NULL, (char *)tmpbuf, conf.stringtable[2], MB_YESNO|MB_ICONASTERISK) != IDYES) return 1;
+
+	
+	*tmpbuf = '\"';
+	if (!(res = SearchPath(NULL, argv[0], ".exe", 256, (char *)tmpbuf+1, (LPTSTR*)&arg))) {
+		perror("Failed to find executable filename");
+		RETURN(102);
+	}
+	strcat((char *)tmpbuf, "\" \"");
+	if(!(res = GetFullPathName ((argc == 3)?argv[2]:(char*)DEFAULTCONFIG, 256, (char *)tmpbuf+res+4, (char **)&arg))){
+		perror("Failed to find config filename");
+		RETURN(103);
+	}
+	strcat((char *)tmpbuf, "\" --service");
+	if(osv.dwPlatformId  == VER_PLATFORM_WIN32_NT){
+		SC_HANDLE sch;
+
+		if(!(sch = OpenSCManager(NULL, NULL, GENERIC_WRITE|SERVICE_START ))){
+			perror("Failed to open Service Manager");
+			RETURN(101);
+		}
+		if (!(sch = CreateService(sch, conf.stringtable[1], conf.stringtable[2], GENERIC_EXECUTE, SERVICE_WIN32_OWN_PROCESS, SERVICE_AUTO_START, SERVICE_ERROR_IGNORE, (char *)tmpbuf, NULL, NULL, NULL, NULL, NULL))){
+			perror("Failed to create service");
+			RETURN(103);
+		}
+		if (!StartService(sch, 0, NULL)) {
+			perror("Failed to start service");
+			RETURN(103);
+		}
+	}
+	else {
+		HKEY runsrv;
+
+		if(RegOpenKeyEx( HKEY_LOCAL_MACHINE, 
+				"Software\\Microsoft\\Windows\\CurrentVersion\\RunServices",
+				0,
+				KEY_ALL_ACCESS,
+				&runsrv) != ERROR_SUCCESS){
+			perror("Failed to open registry");
+			RETURN(104);
+		}
+		if(RegSetValueEx(  runsrv,
+				conf.stringtable[1],
+				0,
+				REG_EXPAND_SZ,
+				(char *)tmpbuf,
+				(int)strlen((char *)tmpbuf)+1)!=ERROR_SUCCESS){
+			perror("Failed to set registry value");
+			RETURN(105);
+		}
+
+	}
+	return 0;
+  }
+  if((argc == 2 || argc == 3)&& !strcmp((char *)argv[1], "--remove")) {
+
+	if(osv.dwPlatformId  == VER_PLATFORM_WIN32_NT){
+		SC_HANDLE sch;
+
+		if(!(sch = OpenSCManager(NULL, NULL, GENERIC_WRITE))){
+			perror("Failed to open Service Manager\n");
+			RETURN(106);
+		}
+		if (!(sch = OpenService(sch, conf.stringtable[1], DELETE))){
+			perror("Failed to open service");
+			RETURN(107);
+		}
+		if (!DeleteService(sch)){
+			perror("Failed to delete service");
+			RETURN(108);
+		}
+	}
+	else {
+		HKEY runsrv;
+		if(RegOpenKeyEx( HKEY_LOCAL_MACHINE, 
+				"Software\\Microsoft\\Windows\\CurrentVersion\\RunServices",
+				0,
+				KEY_ALL_ACCESS,
+				&runsrv) != ERROR_SUCCESS){
+			perror("Failed to open registry");
+			RETURN(109);
+		}
+		if(RegDeleteValue(runsrv, conf.stringtable[1]) != ERROR_SUCCESS){
+			perror("Failed to clear registry");
+			RETURN(110);
+		}
+	}
+	RETURN(0);
+  }
+  if(argc==3 && !strcmp(argv[2], "--service")){
+	service = 1;
+	argc = 2;
+  }
+#endif
+#endif
+  conf.conffile = mystrdup((argc==2)?argv[1]:(char*)DEFAULTCONFIG);
+  if(conf.conffile && *conf.conffile != '-') {
+	fp = confopen();
+#ifndef _WIN32
+	if(!fp) fp = stdin;
+#endif
+  }
+  if(argc > 2 || !(fp)) {
+
+	fprintf(stderr, "Usage: %s [conffile]\n", argv[0]);
+#ifdef _WIN32
+	fprintf(stderr, "\n\t%s --install [conffile]\n\tto install as service\n"
+			"\n\t%s --remove\n\tto remove service\n", argv[0], argv[0]);
+#else
+	fprintf(stderr,	"\n if conffile is missing, configuration is expected from stdin\n");
+#endif
+	fprintf(stderr, "\n%s %s\n%s\n", conf.stringtable[2], conf.stringtable[3], copyright);
+
+	return 1;
+  }
+
+  pthread_mutex_init(&bandlim_mutex, NULL);
+  pthread_mutex_init(&hash_mutex, NULL);
+  pthread_mutex_init(&tc_mutex, NULL);
+  pthread_mutex_init(&pwl_mutex, NULL);
+#ifndef NOODBC
+  pthread_mutex_init(&odbc_mutex, NULL);
+#endif
+
+  {
+	char * args[] = {"auth", "iponly", NULL};
+  	h_auth(2, args);
+  }
+
+  res = readconfig(fp);
+
+  if(res) RETURN(res);
+  if(!writable)fclose(fp);
+
+#ifdef _WIN32
+  
+#ifndef _WINCE
+  if(service){
+	SERVICE_TABLE_ENTRY ste[] = 
+	{
+        	{ conf.stringtable[1], (LPSERVICE_MAIN_FUNCTION)ServiceMain},
+	        { NULL, NULL }
+	};	
+ 	if(!StartServiceCtrlDispatcher( ste ))cyclestep();
+  }
+  else 
+#endif
+  {
+	cyclestep();
+  }
+  
+
+#else
+	 signal(SIGCONT, mysigpause);
+	 signal(SIGTERM, mysigterm);
+	 signal(SIGUSR1, mysigusr1);
+	 signal(SIGPIPE, SIG_IGN);
+	 cyclestep();
+
+#endif
+
+CLEARRETURN:
+
+ return 0;
+
+}

src/Makefile

@@ -0,0 +1 @@
+include Makefile.var

src/Makefile.inc

@@ -0,0 +1,181 @@
+#$Id: Makefile.inc,v 1.19 2008/12/10 13:12:10 vlad Exp $
+#
+# 3 proxy common Makefile
+#
+
+all:	pre $(BUILDDIR)3proxy$(EXESUFFICS) $(BUILDDIR)mycrypt$(EXESUFFICS) $(BUILDDIR)dighosts$(EXESUFFICS) $(BUILDDIR)pop3p$(EXESUFFICS) $(BUILDDIR)smtpp$(EXESUFFICS) $(BUILDDIR)ftppr$(EXESUFFICS) $(BUILDDIR)tcppm$(EXESUFFICS) $(BUILDDIR)icqpr$(EXESUFFICS) $(BUILDDIR)msnpr$(EXESUFFICS) $(BUILDDIR)udppm$(EXESUFFICS) $(BUILDDIR)socks$(EXESUFFICS) $(BUILDDIR)proxy$(EXESUFFICS) $(BUILDDIR)countersutil$(EXESUFFICS) allplugins
+
+
+pre:
+	-cd .. && $(TYPECOMMAND) copying
+	$(PREMAKE)
+
+
+sockmap$(OBJSUFFICS): sockmap.c proxy.h structures.h
+	$(CC) $(CFLAGS) sockmap.c
+
+common$(OBJSUFFICS): common.c proxy.h structures.h
+	$(CC) $(CFLAGS) common.c
+
+myalloc$(OBJSUFFICS): myalloc.c proxy.h structures.h
+	$(CC) $(CFLAGS) myalloc.c
+
+plugins$(OBJSUFFICS): plugins.c proxy.h structures.h
+	$(CC) $(CFLAGS) plugins.c
+
+base64$(OBJSUFFICS): base64.c
+	$(CC) $(CFLAGS) base64.c
+
+ftp$(OBJSUFFICS): ftp.c proxy.h structures.h
+	$(CC) $(CFLAGS) ftp.c
+
+#$(COMPATLIBS): 
+#	$(CC) $(CFLAGS) strncasecmp.c
+
+sockgetchar$(OBJSUFFICS): sockgetchar.c proxy.h structures.h
+	$(CC) $(CFLAGS) sockgetchar.c
+
+proxy$(OBJSUFFICS): proxy.c proxy.h structures.h proxymain.c
+	$(CC) $(CFLAGS) $(DEFINEOPTION)WITHMAIN $(DEFINEOPTION)NOPORTMAP $(DEFINEOPTION)ANONYMOUS proxy.c
+
+pop3p$(OBJSUFFICS): pop3p.c proxy.h structures.h proxymain.c
+	$(CC) $(CFLAGS) $(DEFINEOPTION)WITHMAIN $(DEFINEOPTION)NOPORTMAP pop3p.c
+
+smtpp$(OBJSUFFICS): smtpp.c proxy.h structures.h proxymain.c
+	$(CC) $(CFLAGS) $(DEFINEOPTION)WITHMAIN $(DEFINEOPTION)NOPORTMAP smtpp.c
+
+ftppr$(OBJSUFFICS): ftppr.c proxy.h structures.h proxymain.c
+	$(CC) $(CFLAGS) $(DEFINEOPTION)WITHMAIN $(DEFINEOPTION)NOPORTMAP ftppr.c
+
+tcppm$(OBJSUFFICS): tcppm.c proxy.h structures.h proxymain.c
+	$(CC) $(CFLAGS) $(DEFINEOPTION)WITHMAIN $(DEFINEOPTION)PORTMAP tcppm.c
+
+icqpr$(OBJSUFFICS): icqpr.c proxy.h structures.h proxymain.c
+	$(CC) $(CFLAGS) $(DEFINEOPTION)WITHMAIN $(DEFINEOPTION)PORTMAP icqpr.c
+
+msnpr$(OBJSUFFICS): msnpr.c proxy.h structures.h proxymain.c
+	$(CC) $(CFLAGS) $(DEFINEOPTION)WITHMAIN $(DEFINEOPTION)PORTMAP msnpr.c
+
+socks$(OBJSUFFICS): socks.c proxy.h structures.h proxymain.c
+	$(CC) $(CFLAGS) $(DEFINEOPTION)WITHMAIN $(DEFINEOPTION)NOPORTMAP socks.c
+
+udppm$(OBJSUFFICS): udppm.c proxy.h structures.h proxymain.c
+	$(CC) $(CFLAGS) $(DEFINEOPTION)WITHMAIN $(DEFINEOPTION)PORTMAP udppm.c
+
+3proxy$(OBJSUFFICS): 3proxy.c proxy.h structures.h
+	$(CC) $(CFLAGS) 3proxy.c
+
+$(BUILDDIR)proxy$(EXESUFFICS): sockmap$(OBJSUFFICS) proxy$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) $(COMPATLIBS)
+	$(LN) $(LNOUT)$(BUILDDIR)proxy$(EXESUFFICS) $(LDFLAGS) $(VERFILE) sockmap$(OBJSUFFICS) proxy$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
+
+$(BUILDDIR)pop3p$(EXESUFFICS): sockmap$(OBJSUFFICS) pop3p$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(COMPATLIBS)
+	$(LN) $(LNOUT)$(BUILDDIR)pop3p$(EXESUFFICS) $(LDFLAGS) $(VERFILE) sockmap$(OBJSUFFICS) pop3p$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
+
+$(BUILDDIR)smtpp$(EXESUFFICS): sockmap$(OBJSUFFICS) smtpp$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) base64$(OBJSUFFICS) $(COMPATLIBS)
+	$(LN) $(LNOUT)$(BUILDDIR)smtpp$(EXESUFFICS) $(LDFLAGS) $(VERFILE) sockmap$(OBJSUFFICS) smtpp$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) base64$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
+
+$(BUILDDIR)ftppr$(EXESUFFICS): sockmap$(OBJSUFFICS) ftppr$(OBJSUFFICS) ftp$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(COMPATLIBS)
+	$(LN) $(LNOUT)$(BUILDDIR)ftppr$(EXESUFFICS) $(LDFLAGS) $(VERFILE) sockmap$(OBJSUFFICS) ftppr$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) ftp$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
+
+$(BUILDDIR)socks$(EXESUFFICS): sockmap$(OBJSUFFICS) socks$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS)
+	$(LN) $(LNOUT)$(BUILDDIR)socks$(EXESUFFICS) $(LDFLAGS) $(VERFILE) sockmap$(OBJSUFFICS) socks$(OBJSUFFICS) sockgetchar$(OBJSUFFICS)  myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(LIBS)
+
+$(BUILDDIR)tcppm$(EXESUFFICS): sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) tcppm$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS)
+	$(LN) $(LNOUT)$(BUILDDIR)tcppm$(EXESUFFICS) $(LDFLAGS) $(VERFILE) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) tcppm$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(LIBS)
+
+$(BUILDDIR)icqpr$(EXESUFFICS): sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) icqpr$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS)
+	$(LN) $(LNOUT)$(BUILDDIR)icqpr$(EXESUFFICS) $(LDFLAGS) $(VERFILE) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) icqpr$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(LIBS)
+
+$(BUILDDIR)msnpr$(EXESUFFICS): sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) msnpr$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS)
+	$(LN) $(LNOUT)$(BUILDDIR)msnpr$(EXESUFFICS) $(LDFLAGS) $(VERFILE) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) msnpr$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(LIBS)
+
+$(BUILDDIR)udppm$(EXESUFFICS): sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) udppm$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS)
+	$(LN) $(LNOUT)$(BUILDDIR)udppm$(EXESUFFICS) $(LDFLAGS) $(VERFILE) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) udppm$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(LIBS)
+
+mainfunc$(OBJSUFFICS): proxy.h structures.h proxymain.c
+	$(CC) $(COUT)mainfunc$(OBJSUFFICS) $(CFLAGS) $(DEFINEOPTION)MODULEMAINFUNC=mainfunc proxymain.c
+
+
+
+srvproxy$(OBJSUFFICS): proxy.c proxy.h structures.h
+	$(CC) $(COUT)srvproxy$(OBJSUFFICS) $(CFLAGS) proxy.c
+
+srvpop3p$(OBJSUFFICS): pop3p.c proxy.h structures.h
+	$(CC) $(COUT)srvpop3p$(OBJSUFFICS) $(CFLAGS) pop3p.c
+
+srvsmtpp$(OBJSUFFICS): smtpp.c proxy.h structures.h
+	$(CC) $(COUT)srvsmtpp$(OBJSUFFICS) $(CFLAGS) smtpp.c
+
+srvftppr$(OBJSUFFICS): ftppr.c proxy.h structures.h
+	$(CC) $(COUT)srvftppr$(OBJSUFFICS) $(CFLAGS) ftppr.c
+
+srvtcppm$(OBJSUFFICS): tcppm.c proxy.h structures.h
+	$(CC) $(COUT)srvtcppm$(OBJSUFFICS) $(CFLAGS) tcppm.c
+
+srvicqpr$(OBJSUFFICS): icqpr.c proxy.h structures.h
+	$(CC) $(COUT)srvicqpr$(OBJSUFFICS) $(CFLAGS) icqpr.c
+
+srvmsnpr$(OBJSUFFICS): msnpr.c proxy.h structures.h
+	$(CC) $(COUT)srvmsnpr$(OBJSUFFICS) $(CFLAGS) msnpr.c
+
+srvsocks$(OBJSUFFICS): socks.c proxy.h structures.h
+	$(CC) $(COUT)srvsocks$(OBJSUFFICS) $(CFLAGS) socks.c
+
+srvwebadmin$(OBJSUFFICS): webadmin.c proxy.h structures.h
+	$(CC) $(COUT)srvwebadmin$(OBJSUFFICS) $(CFLAGS) webadmin.c
+
+srvudppm$(OBJSUFFICS): udppm.c proxy.h structures.h
+	$(CC) $(COUT)srvudppm$(OBJSUFFICS) $(CFLAGS) udppm.c
+
+srvdnspr$(OBJSUFFICS): dnspr.c proxy.h structures.h
+	$(CC) $(COUT)srvdnspr$(OBJSUFFICS) $(CFLAGS) dnspr.c
+
+auth$(OBJSUFFICS): auth.c proxy.h structures.h
+	$(CC) $(COUT)auth$(OBJSUFFICS) $(CFLAGS) auth.c
+
+datatypes$(OBJSUFFICS): datatypes.c proxy.h structures.h
+	$(CC) $(COUT)datatypes$(OBJSUFFICS) $(CFLAGS) datatypes.c
+
+mycrypt$(OBJSUFFICS): mycrypt.c
+	$(CC) $(COUT)mycrypt$(OBJSUFFICS) $(CFLAGS) mycrypt.c
+
+dighosts$(OBJSUFFICS): dighosts.c
+	$(CC) $(COUT)dighosts$(OBJSUFFICS) $(CFLAGS) dighosts.c
+
+$(BUILDDIR)dighosts$(EXESUFFICS): dighosts$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS)  $(COMPATLIBS)
+	$(LN) $(LNOUT)$(BUILDDIR)dighosts$(EXESUFFICS) $(LDFLAGS) $(VERFILE) dighosts$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
+
+countersutil$(OBJSUFFICS): countersutil.c
+	$(CC) $(COUT)countersutil$(OBJSUFFICS) $(CFLAGS) countersutil.c
+
+$(BUILDDIR)countersutil$(EXESUFFICS): countersutil$(OBJSUFFICS) $(COMPATLIBS)
+	$(LN) $(LNOUT)$(BUILDDIR)countersutil$(EXESUFFICS) $(LDFLAGS) $(VERFILE) countersutil$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
+
+
+mycryptmain$(OBJSUFFICS): mycrypt.c
+	$(CC) $(COUT)mycryptmain$(OBJSUFFICS) $(CFLAGS) $(DEFINEOPTION)WITHMAIN mycrypt.c
+
+$(BUILDDIR)mycrypt$(EXESUFFICS): md4$(OBJSUFFICS) md5$(OBJSUFFICS) mycryptmain$(OBJSUFFICS) base64$(OBJSUFFICS)
+	$(LN) $(LNOUT)$(BUILDDIR)mycrypt$(EXESUFFICS) $(VERFILE) $(LDFLAGS) md4$(OBJSUFFICS) md5$(OBJSUFFICS) base64$(OBJSUFFICS) mycryptmain$(OBJSUFFICS)
+
+
+md4$(OBJSUFFICS):  libs/md4.h libs/md4.c
+	$(CC) $(COUT)md4$(OBJSUFFICS) $(CFLAGS) libs/md4.c
+
+smbdes$(OBJSUFFICS):  libs/smbdes.c
+	$(CC) $(COUT)smbdes$(OBJSUFFICS) $(CFLAGS) libs/smbdes.c
+
+md5$(OBJSUFFICS):  libs/md5.h libs/md5.c
+	$(CC) $(COUT)md5$(OBJSUFFICS) $(CFLAGS) libs/md5.c
+
+ntlm$(OBJSUFFICS):  ntlm.c
+	$(CC) $(COUT)ntlm$(OBJSUFFICS) $(CFLAGS) ntlm.c
+
+stringtable$(OBJSUFFICS):  stringtable.c
+	$(CC) $(COUT)stringtable$(OBJSUFFICS) $(CFLAGS) stringtable.c
+
+$(BUILDDIR)3proxy$(EXESUFFICS): 3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvicqpr$(OBJSUFFICS) srvmsnpr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) auth$(OBJSUFFICS) datatypes$(OBJSUFFICS) md4$(OBJSUFFICS) md5$(OBJSUFFICS) mycrypt$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) smbdes$(OBJSUFFICS) ntlm$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS)
+	$(LN) $(LNOUT)$(BUILDDIR)3proxy$(EXESUFFICS) $(LDFLAGS) $(VERFILE)  3proxy$(OBJSUFFICS) mainfunc$(OBJSUFFICS) auth$(OBJSUFFICS) datatypes$(OBJSUFFICS) srvproxy$(OBJSUFFICS) srvpop3p$(OBJSUFFICS) srvsmtpp$(OBJSUFFICS) srvftppr$(OBJSUFFICS) srvsocks$(OBJSUFFICS) srvtcppm$(OBJSUFFICS) srvicqpr$(OBJSUFFICS) srvmsnpr$(OBJSUFFICS) srvudppm$(OBJSUFFICS) sockmap$(OBJSUFFICS) sockgetchar$(OBJSUFFICS) myalloc$(OBJSUFFICS) common$(OBJSUFFICS) mycrypt$(OBJSUFFICS) md5$(OBJSUFFICS) md4$(OBJSUFFICS) base64$(OBJSUFFICS) ftp$(OBJSUFFICS) smbdes$(OBJSUFFICS) ntlm$(OBJSUFFICS) stringtable$(OBJSUFFICS) srvwebadmin$(OBJSUFFICS) srvdnspr$(OBJSUFFICS) plugins$(OBJSUFFICS) $(COMPATLIBS) $(LIBS)
+
+clean:
+	@$(REMOVECOMMAND) *$(OBJSUFFICS) $(COMPFILES)

src/auth.c

@@ -0,0 +1,1329 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: auth.c,v 1.108 2012-04-11 23:01:18 vlad Exp $
+*/
+
+#include "proxy.h"
+
+#define HEADERSIZE 57
+#define RECORDSIZE  18
+
+unsigned char request[] = {	
+		0xa2, 0x48, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x20, 0x43, 0x4b, 0x41, 
+		0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 
+		0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 
+		0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 
+		0x41, 0x41, 0x41, 0x41, 0x41, 0x00, 0x00, 0x21, 
+		0x00, 0x01};
+
+unsigned char * getNetBIOSnamebyip(unsigned long ip){
+ unsigned char buf[1024];
+ struct sockaddr_in sins;
+ int res;
+ SOCKET sock;
+ unsigned char * username = NULL;
+ int i;
+ int j;
+ int nnames;
+ int type;
+
+ if ( (sock=so._socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP)) == INVALID_SOCKET) return NULL;
+ memset(&sins, 0, sizeof(sins));
+ sins.sin_family = AF_INET;
+ sins.sin_port = htons(0);
+ sins.sin_addr.s_addr = INADDR_ANY;
+ if(so._bind(sock,(struct sockaddr *)&sins,sizeof(sins))) {
+	so._closesocket(sock);
+	return NULL;
+ }
+ sins.sin_family = AF_INET;
+ sins.sin_addr.s_addr = ip;
+ sins.sin_port = htons(137);
+ res=socksendto(sock, &sins, request, sizeof(request), conf.timeouts[SINGLEBYTE_L]*1000);
+ if(res <= 0) {
+	so._closesocket(sock);
+	return NULL;
+ }
+ res = sockrecvfrom(sock, &sins, buf, sizeof(buf), conf.timeouts[SINGLEBYTE_L]*1000);
+ so._closesocket(sock);
+ if(res < (HEADERSIZE + RECORDSIZE)) {
+	return NULL;
+ }
+ nnames = buf[HEADERSIZE-1];
+ if (res < (HEADERSIZE + (nnames * RECORDSIZE))) return NULL;
+ for (i = 0; i < nnames; i++){
+	type = buf[HEADERSIZE + (i*RECORDSIZE) + 15];
+	if( type == 3) {
+		for(j = 14; j && buf[HEADERSIZE + (i*RECORDSIZE) + j] == ' '; j--)
+			buf[HEADERSIZE + (i*RECORDSIZE) + j] = 0;
+		if(username)myfree(username);
+		username = (unsigned char *)mystrdup((char *)buf + HEADERSIZE + i*RECORDSIZE);
+	}
+	buf[HEADERSIZE + (i*RECORDSIZE) + 15] = 0;
+ }
+ return username;
+} 
+
+int clientnegotiate(struct chain * redir, struct clientparam * param, unsigned long ip, unsigned short port){
+	unsigned char buf[1024];
+	struct in_addr ina;
+	int res;
+	int len=0;
+	unsigned char * user, *pass;
+
+	ina.s_addr = ip;
+
+	
+	user = redir->extuser;
+	pass = redir->extpass;
+	if(user) {
+		if (*user == '*') {
+			if(!param->username) return 4;
+			user = param->username;
+			pass = param->password;
+		}
+	}
+	switch(redir->type){
+		case R_TCP:
+		case R_HTTP:
+			return 0;
+		case R_CONNECT:
+		case R_CONNECTP:
+		{
+			sprintf((char *)buf, "CONNECT ");
+			if(redir->type == R_CONNECTP && param->hostname) {
+				len = 8 + sprintf((char *)buf + 8, "%.256s", param->hostname);
+			}
+			else {
+				len = 8 + myinet_ntoa(ina, (char *)buf+8);
+			}
+			len += sprintf((char *)buf + len,
+				":%hu HTTP/1.0\r\nProxy-Connection: keep-alive\r\n", ntohs(port));
+			if(user){
+				unsigned char username[256];
+				len += sprintf((char *)buf + len, "Proxy-authorization: basic ");
+				sprintf((char *)username, "%.128s:%.64s", user, pass?pass:(unsigned char *)"");
+				en64(username, buf+len, (int)strlen((char *)username));
+				len = (int)strlen((char *)buf);
+				len += sprintf((char *)buf + len, "\r\n");
+			}
+			len += sprintf((char *)buf + len, "\r\n");
+			if(socksend(param->remsock, buf, len, conf.timeouts[CHAIN_TO]) != (int)strlen((char *)buf))
+				return 31;
+			param->statssrv+=len;
+			param->nwrites++;
+			if((res = sockgetlinebuf(param, SERVER,buf,13,'\n',conf.timeouts[CHAIN_TO])) < 13)
+				return 32;
+			if(buf[9] != '2') return 33;
+			while((res = sockgetlinebuf(param, SERVER,buf,1023,'\n', conf.timeouts[CHAIN_TO])) > 2);
+			if(res <= 0) return 34;
+			return 0;
+		}
+		case R_SOCKS4:
+		case R_SOCKS4P:
+		case R_SOCKS4B:
+		{
+
+			buf[0] = 4;
+			buf[1] = 1;
+			memcpy(buf+2, &port, 2);
+			if(redir->type == R_SOCKS4P && param->hostname) {
+				buf[4] = buf[5] = buf[6] = 0;
+				buf[7] = 3;
+			}
+			else memcpy(buf+4, &ip, 4);
+			if(!user)user = (unsigned char *)"anonymous";
+			len = (int)strlen((char *)user) + 1;
+			memcpy(buf+8, user, len);
+			len += 8;
+			if(redir->type == R_SOCKS4P && param->hostname) {
+				int hostnamelen;
+
+				hostnamelen = (int)strlen((char *)param->hostname) + 1;
+				if(hostnamelen > 255) hostnamelen = 255;
+				memcpy(buf+len, param->hostname, hostnamelen);
+				len += hostnamelen;
+			}
+			if(socksend(param->remsock, buf, len, conf.timeouts[CHAIN_TO]) < len){
+				return 41;
+			}
+			param->statssrv+=len;
+			param->nwrites++;
+			if((len = sockgetlinebuf(param, SERVER, buf, (redir->type == R_SOCKS4B)? 3:8, EOF, conf.timeouts[CHAIN_TO])) != ((redir->type == R_SOCKS4B)? 3:8)){
+				return 42;
+			}
+			if(buf[1] != 90) {
+				return 43;
+			}
+
+		}
+		return 0;
+
+		case R_SOCKS5:
+		case R_SOCKS5P:
+		case R_SOCKS5B:
+		{
+		 int inbuf = 0;
+			buf[0] = 5;
+			buf[1] = 1;
+			buf[2] = user? 2 : 0;
+			if(socksend(param->remsock, buf, 3, conf.timeouts[CHAIN_TO]) != 3){
+				return 51;
+			}
+			param->statssrv+=len;
+			param->nwrites++;
+			if(sockgetlinebuf(param, SERVER, buf, 2, EOF, conf.timeouts[CHAIN_TO]) != 2){
+				return 52;
+			}
+			if(buf[0] != 5) {
+				return 53;
+			}
+			if(buf[1] != 0 && !(buf[1] == 2 && user)){
+				return 54;
+			}
+			if(buf[1] == 2){
+				buf[inbuf++] = 1;
+				buf[inbuf] = (unsigned char)strlen((char *)user);
+				memcpy(buf+inbuf+1, user, buf[inbuf]);
+				inbuf += buf[inbuf] + 1;
+				buf[inbuf] = pass?(unsigned char)strlen((char *)pass):0;
+				if(pass)memcpy(buf+inbuf+1, pass, buf[inbuf]);
+				inbuf += buf[inbuf] + 1;
+				if(socksend(param->remsock, buf, inbuf, conf.timeouts[CHAIN_TO]) != inbuf){
+					return 51;
+				}
+				param->statssrv+=inbuf;
+				param->nwrites++;
+				if(sockgetlinebuf(param, SERVER, buf, 2, EOF, 60) != 2){
+					return 55;
+				}
+				if(buf[0] != 1 || buf[1] != 0) {
+					return 56;
+				}
+			}
+			buf[0] = 5;
+			buf[1] = 1;
+			buf[2] = 0;
+			if(redir->type == R_SOCKS5P && param->hostname) {
+				buf[3] = 3;
+				len = (int)strlen((char *)param->hostname);
+				if(len > 255) len = 255;
+				buf[4] = len;
+				memcpy(buf + 5, param->hostname, len);
+				len += 5;
+			}
+			else {
+				buf[3] = 1;
+				memcpy(buf+4, &ip, 4);
+				len = 8;
+			}
+			memcpy(buf+len, &port, 2);
+			len += 2;
+			if(socksend(param->remsock, buf, len, conf.timeouts[CHAIN_TO]) != len){
+				return 51;
+			}
+			param->statssrv+=len;
+			param->nwrites++;
+			if(sockgetlinebuf(param, SERVER, buf, 4, EOF, conf.timeouts[CHAIN_TO]) != 4){
+				return 57;
+			}
+			if(buf[0] != 5) {
+				return 53;
+			}
+			if(buf[1] != 0) {
+				return 60 + (buf[1] % 10);
+			}
+			if(buf[3] != 1) {
+				return 58;
+			}
+			if (redir->type != R_SOCKS5B && sockgetlinebuf(param, SERVER, buf, 6, EOF, conf.timeouts[CHAIN_TO]) != 6){
+				return 59;
+			}
+			return 0;
+		}
+
+		default:
+
+			return 30;
+	}
+}
+
+
+int handleredirect(struct clientparam * param, struct ace * acentry){
+	int connected = 0;
+	int weight = 1000;
+	int res;
+	int done = 0;
+	struct chain * cur;
+	struct chain * redir = NULL;
+	unsigned long targetip;
+	unsigned short targetport;
+	int r2;
+
+	if(param->remsock != INVALID_SOCKET) {
+		return 0;
+	}
+	targetip = param->req.sin_addr.s_addr;
+	targetport = param->req.sin_port;
+	if(!targetip || !targetport) return 100;
+
+	r2 = (myrand(param, sizeof(struct clientparam))%1000);
+
+	for(cur = acentry->chains; cur; cur=cur->next){
+		if(((weight = weight - cur->weight) > r2)|| done) {
+			if(weight <= 0) {
+				weight += 1000;
+				done = 0;
+				r2 = (myrand(param, sizeof(struct clientparam))%1000);
+			}
+			continue;
+		}
+		param->redirected++;
+		done = 1;
+		if(weight <= 0) {
+			weight += 1000;
+			done = 0;
+			r2 = (myrand(param, sizeof(struct clientparam))%1000);
+		}
+		if(!connected){
+			if(!cur->redirip && !cur->redirport){
+				if(cur->extuser){
+					if(param->extusername)
+						myfree(param->extusername);
+					param->extusername = (unsigned char *)mystrdup((char *)((*cur->extuser == '*' && param->username)? param->username : cur->extuser));
+					if(cur->extpass){
+						if(param->extpassword)
+							myfree(param->extpassword);
+						param->extpassword = (unsigned char *)mystrdup((char *)((*cur->extuser == '*' && param->password)?param->password : cur->extpass));
+					}
+					if(*cur->extuser == '*' && !param->username) return 4;
+				}
+				switch(cur->type){
+					case R_POP3:
+						param->redirectfunc = pop3pchild;
+						break;
+					case R_FTP:
+						param->redirectfunc = ftpprchild;
+						break;
+					case R_ADMIN:
+						param->redirectfunc = adminchild;
+						break;
+					case R_ICQ:
+						param->redirectfunc = icqprchild;
+						break;
+					case R_MSN:
+						param->redirectfunc = msnprchild;
+						break;
+					default:
+						param->redirectfunc = proxychild;
+				}
+				return 0;
+			}
+			else if(!cur->redirip && cur->redirport) param->extport = cur->redirport;
+			else if(!cur->redirport && cur->redirip) param->extip = cur->redirip;
+			else {
+				param->sins.sin_port = cur->redirport;
+				param->sins.sin_addr.s_addr = cur->redirip;
+			}
+
+			if((res = alwaysauth(param))){
+				return (res == 10)? res : 60+res;
+			}
+		}
+		else {
+			res = redir?clientnegotiate(redir, param, cur->redirip, cur->redirport):0;
+			if(res) return res;
+		}
+		redir = cur;
+		param->redirtype = redir->type;
+		if(redir->type == R_TCP || redir->type ==R_HTTP) {
+			if(cur->extuser){
+				if(*cur -> extuser == '*' && !param->username) return 4;
+				if(param->extusername)
+					myfree(param->extusername);
+				param->extusername = (unsigned char *)mystrdup((char *)((*cur->extuser == '*' && param->username)? param->username : cur->extuser));
+				if(cur->extpass){
+					if(param->extpassword)
+						myfree(param->extpassword);
+					param->extpassword = (unsigned char *)mystrdup((char *)((*cur->extuser == '*' && param->password)?param->password : cur->extpass));
+				}
+			}
+			return 0;
+		}
+		connected = 1;
+	}
+
+	if(!connected) return 9;
+	return redir?clientnegotiate(redir, param, targetip, targetport):0;
+}
+
+
+int ACLmatches(struct ace* acentry, struct clientparam * param){
+	struct userlist * userentry;
+	struct iplist *ipentry;
+	struct portlist *portentry;
+	struct period *periodentry;
+	unsigned char * username;
+	struct hostname * hstentry=NULL;
+	int i;
+	int match = 0;
+	
+	username = param->username?param->username:(unsigned char *)"-";
+	if(acentry->src) {
+	 for(ipentry = acentry->src; ipentry; ipentry = ipentry->next)
+		if(ipentry->ip == (param->sinc.sin_addr.s_addr & ipentry->mask)) {
+			break;
+		}
+		if(!ipentry) return 0;
+	}
+	if((acentry->dst && param->req.sin_addr.s_addr) || (acentry->dstnames && param->hostname)) {
+	 for(ipentry = acentry->dst; ipentry; ipentry = ipentry->next)
+		if(ipentry->ip == (param->req.sin_addr.s_addr & ipentry->mask)) {
+			break;
+		}
+	 if(!ipentry) {
+		 if(acentry->dstnames && param->hostname){
+			for(i=0; param->hostname[i]; i++){
+				param->hostname[i] = tolower(param->hostname[i]);
+			}
+			while(i > 5 && param->hostname[i-1] == '.') param->hostname[i-1] = 0;
+			for(hstentry = acentry->dstnames; hstentry; hstentry = hstentry->next){
+				switch(hstentry->matchtype){
+					case 0:
+					if(strstr(param->hostname, hstentry->name)) match = 1;
+					break;
+
+					case 1:
+					if(strstr(param->hostname, hstentry->name) == (char *)param->hostname) match = 1;
+					break;
+
+					case 2:
+					if(strstr(param->hostname, hstentry->name) == (char *)(param->hostname + i - (strlen(hstentry->name)))) match = 1;
+					break;
+
+					default:
+					if(!strcmp(param->hostname, hstentry->name)) match = 1;
+					break;
+        			}
+				if(match) break;
+			}
+		 }
+	 }
+	 if(!ipentry && !hstentry) return 0;
+	}
+	if(acentry->ports && param->req.sin_port) {
+	 for (portentry = acentry->ports; portentry; portentry = portentry->next)
+		if(ntohs(param->req.sin_port) >= portentry->startport &&
+			   ntohs(param->req.sin_port) <= portentry->endport) {
+			break;
+		}
+		if(!portentry) return 0;
+	}
+	if(acentry->wdays){
+		if(!(acentry -> wdays & wday)) return 0;
+	}
+	if(acentry->periods){
+	 int start_time = (int)(param->time_start - basetime);
+	 for(periodentry = acentry->periods; periodentry; periodentry = periodentry -> next)
+		if(start_time >= periodentry->fromtime && start_time < periodentry->totime){
+			break;
+		}
+		if(!periodentry) return 0;
+	}
+	if(acentry->users){
+	 for(userentry = acentry->users; userentry; userentry = userentry->next)
+		if(!strcmp((char *)username, (char *)userentry->user)){
+			break;
+		}
+	 if(!userentry) return 0;
+	}
+	if(acentry->operation) {
+		if((acentry->operation & param->operation) != param->operation){
+				 return 0;
+		}
+	}
+	if(acentry->weight && (acentry->weight < param->weight)) return 0;
+	return 1;
+}
+
+static void initbandlims (struct clientparam *param){
+	struct bandlim * be;
+	int i;
+	for(i=0, be = conf.bandlimiter; be && i<MAXBANDLIMS; be = be->next) {
+		if(ACLmatches(be->ace, param)){
+			if(be->ace->action == NOBANDLIM) {
+				break;
+			}
+			param->bandlims[i++] = be;
+			param->bandlimfunc = conf.bandlimfunc;
+		}
+	}
+	if(i<MAXBANDLIMS)param->bandlims[i] = NULL;
+	for(i=0, be = conf.bandlimiterout; be && i<MAXBANDLIMS; be = be->next) {
+		if(ACLmatches(be->ace, param)){
+			if(be->ace->action == NOBANDLIM) {
+				break;
+			}
+			param->bandlimsout[i++] = be;
+			param->bandlimfunc = conf.bandlimfunc;
+		}
+	}
+	if(i<MAXBANDLIMS)param->bandlimsout[i] = NULL;
+}
+
+unsigned bandlimitfunc(struct clientparam *param, unsigned nbytesin, unsigned nbytesout){
+	unsigned sleeptime = 0, nsleeptime;
+	unsigned long sec;
+	unsigned msec;
+	unsigned now;
+	int i;
+
+#ifdef _WIN32
+	struct timeb tb;
+
+	ftime(&tb);
+	sec = (unsigned)tb.time;
+	msec = (unsigned)tb.millitm*1000;
+#else
+	struct timeval tv;
+	gettimeofday(&tv, NULL);
+
+	sec = tv.tv_sec;
+	msec = tv.tv_usec;
+#endif
+	if(!nbytesin && !nbytesout) return 0;
+	pthread_mutex_lock(&bandlim_mutex);
+	if(param->srv->version != conf.paused){
+		initbandlims(param);
+	}
+	for(i=0; nbytesin&& i<MAXBANDLIMS && param->bandlims[i]; i++){
+		if( !param->bandlims[i]->basetime || 
+			param->bandlims[i]->basetime > sec ||
+			param->bandlims[i]->basetime < (sec - 120)
+		  )
+		{
+			param->bandlims[i]->basetime = sec;
+			param->bandlims[i]->nexttime = 0;
+			continue;
+		}
+		now = ((sec - param->bandlims[i]->basetime) * 1000000) + msec;
+		nsleeptime = (param->bandlims[i]->nexttime > now)?
+			param->bandlims[i]->nexttime - now : 0;
+		sleeptime = (nsleeptime > sleeptime)? nsleeptime : sleeptime;
+		param->bandlims[i]->basetime = sec;
+		param->bandlims[i]->nexttime = msec + nsleeptime + ((param->bandlims[i]->rate > 1000000)? ((nbytesin/32)*(256000000/param->bandlims[i]->rate)) : (nbytesin * (8000000/param->bandlims[i]->rate)));
+	}
+	for(i=0; nbytesout && i<MAXBANDLIMS && param->bandlimsout[i]; i++){
+		if( !param->bandlimsout[i]->basetime || 
+			param->bandlimsout[i]->basetime > sec ||
+			param->bandlimsout[i]->basetime < (sec - 120)
+		  )
+		{
+			param->bandlimsout[i]->basetime = sec;
+			param->bandlimsout[i]->nexttime = 0;
+			continue;
+		}
+		now = ((sec - param->bandlimsout[i]->basetime) * 1000000) + msec;
+		nsleeptime = (param->bandlimsout[i]->nexttime > now)?
+			param->bandlimsout[i]->nexttime - now : 0;
+		sleeptime = (nsleeptime > sleeptime)? nsleeptime : sleeptime;
+		param->bandlimsout[i]->basetime = sec;
+		param->bandlimsout[i]->nexttime = msec + nsleeptime + ((param->bandlimsout[i]->rate > 1000000)? ((nbytesout/32)*(256000000/param->bandlimsout[i]->rate)) : (nbytesout * (8000000/param->bandlimsout[i]->rate)));
+	}
+	pthread_mutex_unlock(&bandlim_mutex);
+	return sleeptime/1000;
+}
+
+void trafcountfunc(struct clientparam *param){
+	struct trafcount * tc;
+	unsigned long val;
+	int countout = 0;
+
+	pthread_mutex_lock(&tc_mutex);
+	for(tc = conf.trafcounter; tc; tc = tc->next) {
+		if(ACLmatches(tc->ace, param)){
+			time_t t;
+			if(tc->ace->action == NOCOUNTIN) break;
+			if(tc->ace->action != COUNTIN) {
+				countout = 1;
+				continue;
+			}
+			val = tc->traf + param->statssrv;
+			if(val < tc->traf) tc->trafgb++;
+			tc->traf = val;
+			time(&t);
+			tc->updated = t;
+		}
+	}
+	if(countout) for(tc = conf.trafcounter; tc; tc = tc->next) {
+		if(ACLmatches(tc->ace, param)){
+			time_t t;
+			if(tc->ace->action == NOCOUNTOUT) break;
+			if(tc->ace->action != COUNTOUT) {
+				continue;
+			}
+			val = tc->traf + param->statscli;
+			if(val < tc->traf) tc->trafgb++;
+			tc->traf = val;
+			time(&t);
+			tc->updated = t;
+		}
+	}
+
+	pthread_mutex_unlock(&tc_mutex);
+}
+
+int alwaysauth(struct clientparam * param){
+	int res;
+	struct trafcount * tc;
+	int countout = 0;
+
+	res = doconnect(param);
+	if(!res){
+		if(param->srv->version != conf.paused) return 333;
+		initbandlims(param);
+		for(tc = conf.trafcounter; tc; tc = tc->next) {
+			if(tc->disabled) continue;
+			if(ACLmatches(tc->ace, param)){
+				if(tc->ace->action == NOCOUNTIN) break;
+				if(tc->ace->action != COUNTIN) {
+					countout = 1;
+					continue;
+				}
+			
+				if((tc->traflimgb < tc->trafgb) ||
+					((tc->traflimgb == tc->trafgb) && (tc->traflim < tc->traf))
+				) return 10;
+				param->trafcountfunc = conf.trafcountfunc;
+				if(tc->traflimgb - tc->trafgb < 1 || ((tc->traflimgb - tc->trafgb) == 1 && tc->traf > tc->traflim)){
+					unsigned maxtraf = tc->traflim - tc->traf;
+					if(!param->maxtrafin || param->maxtrafin > maxtraf) param->maxtrafin = maxtraf;
+				}
+				if((tc->trafgb > tc->traflimgb) || (tc->trafgb == tc->traflimgb && tc->traf >= tc->traflim)) param->maxtrafin = 1; 
+			}
+		}
+		if(countout)for(tc = conf.trafcounter; tc; tc = tc->next) {
+			if(tc->disabled) continue;
+			if(ACLmatches(tc->ace, param)){
+				if(tc->ace->action == NOCOUNTOUT) break;
+				if(tc->ace->action != COUNTOUT) {
+					continue;
+				}
+			
+				if((tc->traflimgb < tc->trafgb) ||
+					((tc->traflimgb == tc->trafgb) && (tc->traflim < tc->traf))
+				) return 10;
+				param->trafcountfunc = conf.trafcountfunc;
+				if(tc->traflimgb - tc->trafgb < 1 || ((tc->traflimgb - tc->trafgb) == 1 && tc->traf > tc->traflim)){
+					unsigned maxtraf = tc->traflim - tc->traf;
+					if(!param->maxtrafout || param->maxtrafout > maxtraf) param->maxtrafout = maxtraf;
+				}
+				if((tc->trafgb > tc->traflimgb) || (tc->trafgb == tc->traflimgb && tc->traf >= tc->traflim)) param->maxtrafout = 1; 
+			}
+		}
+
+	}
+	return res;
+}
+
+int checkACL(struct clientparam * param){
+	struct ace* acentry;
+
+	if(!param->srv->acl) {
+		return alwaysauth(param);
+	}
+	for(acentry = param->srv->acl; acentry; acentry = acentry->next) {
+		if(ACLmatches(acentry, param)) {
+			param->nolog = acentry->nolog;
+			param->weight = acentry->weight;
+			if(acentry->action == 2) {
+				struct ace dup;
+
+				if(param->operation < 256 && !(param->operation & CONNECT)){
+					continue;
+				}
+				if(param->redirected && acentry->chains && !acentry->chains->redirip && !acentry->chains->redirport) {
+					continue;
+				}
+				memcpy(&dup, acentry, sizeof(struct ace));
+				return handleredirect(param, &dup);
+			}
+			return acentry->action;
+		}
+	}
+	return 3;
+}
+
+struct authcache {
+	char * username;
+	char * password;
+	time_t expires;
+	unsigned long ip;	
+	struct authcache *next;
+} *authc = NULL;
+
+
+int cacheauth(struct clientparam * param){
+	struct authcache *ac, *last=NULL;
+
+	pthread_mutex_lock(&hash_mutex);
+	for(ac = authc; ac; ){
+		if(ac->expires <= conf.time){
+			if(ac->username)myfree(ac->username);
+			if(ac->password)myfree(ac->password);
+			if(!last){
+				authc = ac->next;
+				myfree(ac);
+				ac = authc;
+			}
+			else {
+				last->next = ac->next;
+				myfree(ac);
+				ac = last->next;
+			}
+			continue;
+			
+		}
+		if(((!(conf.authcachetype&2)) || (param->username && ac->username && !strcmp(ac->username, param->username))) &&
+		   ((!(conf.authcachetype&1)) || ac->ip == param->sinc.sin_addr.s_addr) && 
+		   (!(conf.authcachetype&4) || (ac->password && param->password && !strcmp(ac->password, param->password)))) {
+			if(param->username){
+				myfree(param->username);
+			}
+			param->username = mystrdup(ac->username);
+			pthread_mutex_unlock(&hash_mutex);
+			return 0;
+		}
+		last = ac;
+		ac = ac->next;
+	}
+
+	pthread_mutex_unlock(&hash_mutex);
+	return 4;
+}
+
+int doauth(struct clientparam * param){
+	int res = 0;
+	struct auth *authfuncs;
+	struct authcache *ac;
+	char * tmp;
+	int ret = 0;
+
+	for(authfuncs=param->srv->authfuncs; authfuncs; authfuncs=authfuncs->next){
+		res = authfuncs->authenticate?(*authfuncs->authenticate)(param):0;
+		if(!res) {
+			if(authfuncs->authorize &&
+				(res = (*authfuncs->authorize)(param)))
+					return res;
+			if(conf.authcachetype && authfuncs->authenticate && authfuncs->authenticate != cacheauth && param->username && (!(conf.authcachetype&4) || (!param->pwtype && param->password))){
+				pthread_mutex_lock(&hash_mutex);
+				for(ac = authc; ac; ac = ac->next){
+					if((!(conf.authcachetype&2) || !strcmp(ac->username, param->username)) &&
+					   (!(conf.authcachetype&1) || ac->ip == param->sinc.sin_addr.s_addr)  &&
+					   (!(conf.authcachetype&4) || (ac->password && !strcmp(ac->password, param->password)))) {
+						ac->expires = conf.time + conf.authcachetime;
+						if(strcmp(ac->username, param->username)){
+							tmp = ac->username;
+							ac->username = mystrdup(param->username);
+							myfree(tmp);
+						}
+						if((conf.authcachetype&4)){
+							tmp = ac->password;
+							ac->password = mystrdup(param->password);
+							myfree(tmp);
+						}
+						ac->ip = param->sinc.sin_addr.s_addr;
+						break;
+					}
+				}
+				if(!ac){
+					ac = myalloc(sizeof(struct authcache));
+					if(ac){
+						ac->expires = conf.time + conf.authcachetime;
+						ac->username = mystrdup(param->username);
+						ac->ip = param->sinc.sin_addr.s_addr;
+						ac->password = NULL;
+						if((conf.authcachetype&4) && param->password) ac->password = mystrdup(param->password);
+					}
+					ac->next = authc;
+					authc = ac;
+				}
+				pthread_mutex_unlock(&hash_mutex);
+			}
+			break;
+		}
+		if(res > ret) ret = res;
+	}
+	if(!res){
+		return alwaysauth(param);
+	}
+
+	return ret;
+}
+
+
+int ipauth(struct clientparam * param){
+	int res;
+	unsigned char *username;
+	username = param->username;
+	param->username = NULL;
+	res = checkACL(param);
+	param->username = username;
+	return res;
+}
+
+int userauth(struct clientparam * param){
+	return (param->username)? 0:4;
+}
+
+int nbnameauth(struct clientparam * param){
+	unsigned char * name = getNetBIOSnamebyip(param->sinc.sin_addr.s_addr);
+
+	if (param->username) myfree (param->username);
+	param->username = name;
+	return name? 0:4;
+}
+
+int dnsauth(struct clientparam * param){
+        char buf[32];
+	unsigned u = ntohl(param->sinc.sin_addr.s_addr);
+
+	sprintf(buf, "%u.%u.%u.%u.in-addr.arpa", 
+
+
+	((u&0x000000FF)),
+	((u&0x0000FF00)>>8),
+	((u&0x00FF0000)>>16),
+	((u&0xFF000000)>>24));
+	
+
+	if(param->sinc.sin_addr.s_addr != udpresolve(buf, NULL, param, 1)) return 6;
+
+	return param->username? 0:4;
+}
+
+int strongauth(struct clientparam * param){
+	struct passwords * pwl;
+	unsigned char buf[256];
+
+
+	if(!param->username) return 4;
+	pthread_mutex_lock(&pwl_mutex);
+	for(pwl = conf.pwl; pwl; pwl=pwl->next){
+		if(!strcmp((char *)pwl->user, (char *)param->username)) switch(pwl->pwtype) {
+			case CL:
+				if(!pwl->password || !*pwl->password){
+					break;
+				}
+				else if (!param->pwtype && param->password && !strcmp((char *)param->password, (char *)pwl->password)){
+					break;
+				}
+#ifndef NOCRYPT
+				else if (param->pwtype == 2 && param->password) {
+					ntpwdhash(buf, pwl->password, 0);
+					mschap(buf, param->password, buf + 16);
+					if(!memcmp(buf+16, param->password+8, 24)) {
+						break;
+					}
+				}
+#endif
+				pthread_mutex_unlock(&pwl_mutex);
+				return 6;
+#ifndef NOCRYPT
+			case CR:
+				if(param->password && !param->pwtype && !strcmp((char *)pwl->password, (char *)mycrypt(param->password, pwl->password,buf))) {
+					break;
+				}
+				pthread_mutex_unlock(&pwl_mutex);
+				return 7;
+			case NT:
+				if(param->password && !param->pwtype && !memcmp(pwl->password, ntpwdhash(buf,param->password, 1), 32)) {
+					break;
+				}
+				else if (param->pwtype == 2){
+					fromhex(pwl->password, buf, 16);
+					mschap(buf, param->password, buf + 16);
+					if(!memcmp(buf + 16, param->password+8, 24)) {
+						break;
+					}
+				}
+				pthread_mutex_unlock(&pwl_mutex);
+				return 8;
+#endif				
+			default:
+				pthread_mutex_unlock(&pwl_mutex);
+				return 999;
+		}
+		else continue;
+		pthread_mutex_unlock(&pwl_mutex);
+		return 0;
+	}
+	pthread_mutex_unlock(&pwl_mutex);
+	return 5;
+}
+
+
+struct auth authfuncs[] = {
+	{authfuncs+1, NULL, NULL, ""},
+	{authfuncs+2, ipauth, NULL, "iponly"},
+	{authfuncs+3, userauth, checkACL, "useronly"},
+	{authfuncs+4, nbnameauth, checkACL, "nbname"},
+	{authfuncs+5, dnsauth, checkACL, "dnsname"},
+	{authfuncs+6, strongauth, checkACL, "strong"},
+	{authfuncs+7, cacheauth, checkACL, "cache"},
+	{authfuncs+8, NULL, NULL, "none"},
+
+	{NULL, NULL, NULL, ""}
+};
+
+
+struct hashentry {
+	unsigned char hash[sizeof(unsigned)*4];
+	unsigned long value;
+	time_t expires;
+	struct hashentry *next;
+};
+
+struct hashtable {
+	unsigned hashsize;
+	struct hashentry ** hashtable;
+	struct hashentry * hashvalues;
+	struct hashentry * hashempty;
+};
+
+struct hashtable dns_table = {0, NULL, NULL, NULL};
+
+
+void nametohash(const unsigned char * name, unsigned char *hash){
+	unsigned i, j;
+	memset(hash, 0, sizeof(unsigned)*4);
+	for(i=0, j=0; name[j]; j++){
+		hash[i] += toupper(name[j]) - 32;
+		if(++i == sizeof(unsigned)*4) i = 0;
+	}
+}
+
+unsigned hashindex(struct hashtable *ht, const unsigned char* hash){
+	unsigned t1, t2, t3, t4;
+	t1 = *(unsigned *)hash;
+	t2 = *(unsigned *)(hash + sizeof(unsigned));
+	t3 = *(unsigned *)(hash + (2*sizeof(unsigned)));
+	t4 = *(unsigned *)(hash + (3*sizeof(unsigned)));
+	return (t1 + (t2 * 7) + (t3 * 17) + (t4 * 29) ) % (ht->hashsize >> 2);
+}
+
+
+void destroyhashtable(struct hashtable *ht){
+	pthread_mutex_lock(&hash_mutex);
+	if(ht->hashtable){
+		myfree(ht->hashtable);
+		ht->hashtable = NULL;
+	}
+	if(ht->hashvalues){
+		myfree(ht->hashvalues);
+		ht->hashvalues = NULL;
+	}
+	ht->hashsize = 0;
+	pthread_mutex_unlock(&hash_mutex);
+}
+
+int inithashtable(struct hashtable *ht, unsigned nhashsize){
+	unsigned i;
+
+	if(nhashsize<4) return 1;
+	if(ht->hashtable){
+		myfree(ht->hashtable);
+		ht->hashtable = NULL;
+	}
+	if(ht->hashvalues){
+		myfree(ht->hashvalues);
+		ht->hashvalues = NULL;
+	}
+	ht->hashsize = 0;
+	if(!(ht->hashtable = myalloc((nhashsize>>2) * sizeof(struct hashentry *)))){
+		return 2;
+	}
+	if(!(ht->hashvalues = myalloc(nhashsize * sizeof(struct hashentry)))){
+		myfree(ht->hashtable);
+		ht->hashtable = NULL;
+		return 3;
+	}
+	ht->hashsize = nhashsize;
+	memset(ht->hashtable, 0, (ht->hashsize>>2) * sizeof(struct hashentry *));
+	memset(ht->hashvalues, 0, ht->hashsize * sizeof(struct hashentry));
+	for(i = 0; i< (ht->hashsize - 1); i++) {
+		(ht->hashvalues + i)->next = ht->hashvalues + i + 1;
+	}
+	ht->hashempty = ht->hashvalues;
+	return 0;
+}
+
+int initdnshashtable(unsigned nhashsize){
+	return inithashtable(&dns_table, nhashsize);
+}
+
+void hashadd(struct hashtable *ht, const unsigned char* name, unsigned long value, time_t expires){
+        struct hashentry * he;
+	unsigned index;
+	
+	if(!value||!name||!ht->hashtable||!ht->hashempty) return;
+	pthread_mutex_lock(&hash_mutex);
+	he = ht->hashempty;
+	ht->hashempty = ht->hashempty->next;
+	nametohash(name, he->hash);
+	he->value = value;
+	he->expires = expires;
+	he->next = NULL;
+	index = hashindex(ht, he->hash);
+	if(!ht->hashtable[index] || !memcmp(he->hash, ht->hashtable[index]->hash, sizeof(he->hash))){
+		he->next = ht->hashtable[index];
+		ht->hashtable[index] = he;
+	}
+	else {
+		memset(he, 0, sizeof(struct hashentry));
+		he->next = ht->hashempty;
+		ht->hashempty = he;
+	}
+	pthread_mutex_unlock(&hash_mutex);
+}
+
+unsigned long hashresolv(struct hashtable *ht, const unsigned char* name, unsigned *ttl){
+	unsigned char hash[sizeof(unsigned)*4];
+        struct hashentry ** hep;
+	struct hashentry *he;
+	unsigned index;
+	time_t t;
+
+	if(!ht->hashtable || !name) return 0;
+	time(&t);
+	nametohash(name, hash);
+	index = hashindex(ht, hash);
+	pthread_mutex_lock(&hash_mutex);
+	for(hep = ht->hashtable + index; (he = *hep)!=NULL; ){
+		if((unsigned long)he->expires < (unsigned long)t) {
+			(*hep) = he->next;
+			he->expires = 0;
+			he->next = ht->hashempty;
+			ht->hashempty = he;
+		}
+		else if(!memcmp(hash, he->hash, sizeof(unsigned)*4)){
+			pthread_mutex_unlock(&hash_mutex);
+			if(ttl) *ttl = (unsigned)(he->expires - t);
+			return he->value;
+		}
+		else hep=&(he->next);
+	}
+	pthread_mutex_unlock(&hash_mutex);
+	return 0;
+}
+
+unsigned long nservers[MAXNSERVERS] = {0, 0, 0, 0, 0};
+
+unsigned long authnserver;
+
+
+unsigned long udpresolve(unsigned char * name, unsigned *retttl, struct clientparam* param, int makeauth){
+
+	int i;
+	unsigned long retval;
+
+	if((retval = hashresolv(&dns_table, name, retttl))) {
+		return retval;
+	}
+	
+	for(i=0; (i<(makeauth && authnserver)? 1 : MAXNSERVERS) && ((makeauth && authnserver) || nservers[i]); i++){
+		unsigned short nquery, nq, na;
+		unsigned char buf[4096], *s1, *s2;
+		int j, k, len, flen;
+		SOCKET sock;
+		unsigned ttl;
+		time_t t;
+		struct sockaddr_in sin, *sinsp;
+
+		memset(&sin, 0, sizeof(sin));
+		sinsp = (param && !makeauth)? &param->sins : &sin;
+		
+
+		if((sock=so._socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == INVALID_SOCKET) break;
+		sinsp->sin_family = AF_INET;
+		sinsp->sin_port = htons(0);
+		sinsp->sin_addr.s_addr = htonl(0);
+		if(so._bind(sock,(struct sockaddr *)sinsp,sizeof(struct sockaddr_in))) {
+			so._shutdown(sock, SHUT_RDWR);
+			so._closesocket(sock);
+			break;
+		}
+		sinsp->sin_addr.s_addr = (makeauth && authnserver)?authnserver : nservers[i];
+		sinsp->sin_port = htons(53);
+
+		len = (int)strlen((char *)name);
+		nquery = myrand(name, len);
+		*(unsigned short*)buf = nquery; /* query id */
+		buf[2] = 1; 			/* recursive */
+		buf[3] = 0;
+		buf[4] = 0;
+		buf[5] = 1;			/* 1 request */
+		buf[6] = buf[7] = 0;		/* no replies */
+		buf[8] = buf[9] = 0;		/* no ns count */
+		buf[10] = buf[11] = 0;		/* no additional */
+		if(len > 255) {
+			len = 255;
+		}
+		memcpy(buf + 13, name, len);
+		len += 13;
+		buf[len] = 0;
+		for(s2 = buf + 12; (s1 = (unsigned char *)strchr((char *)s2 + 1, '.')); s2 = s1)*s2 = (unsigned char)((s1 - s2) - 1);
+		*s2 = (len - (int)(s2 - buf)) - 1;
+		len++;
+		buf[len++] = 0;
+		buf[len++] = (makeauth == 1)? 0x0c : 0x01;	/* PTR:host address */
+		buf[len++] = 0;
+		buf[len++] = 1;			/* INET */
+		if(socksendto(sock, sinsp, buf, len, conf.timeouts[SINGLEBYTE_L]*1000) != len){
+			so._shutdown(sock, SHUT_RDWR);
+			so._closesocket(sock);
+			continue;
+		}
+		if(param) param->statscli += len;
+		len = sockrecvfrom(sock, sinsp, buf, 4096, 15000);
+		so._shutdown(sock, SHUT_RDWR);
+		so._closesocket(sock);
+		if(len <= 13) continue;
+		if(param) param->statssrv += len;
+		if(*(unsigned short *)buf != nquery)continue;
+		if((na = buf[7] + (((unsigned short)buf[6])<<8)) < 1) {
+			return 0;
+		}
+		nq = buf[5] + (((unsigned short)buf[4])<<8);
+		if (nq != 1) {
+			continue;			/* we did only 1 request */
+		}
+		for(k = 13; k<len && buf[k]; k++) {
+		}
+		k++;
+		if( (k+4) >= len) {
+			continue;
+		}
+		k += 4;
+		if(na > 255) na = 255;			/* somebody is very evil */
+		for (j = 0; j < na; j++) {		/* now there should be answers */
+			if((k+16) > len) {
+				break;
+			}
+			flen = buf[k+11] + (((unsigned short)buf[k+10])<<8);
+			if((k+12+flen) > len) break;
+			if(makeauth != 1){
+				if(buf[k+2] != 0 || buf[k+3] != 0x01 || flen != 4) {
+					k+= (12 + flen);
+					continue; 		/* we need A IPv4 */
+				}
+				retval = *(unsigned long *)(buf + k + 12);
+				ttl = ntohl(*(unsigned long *)(buf + k + 6));
+				t = time(0);
+				if(ttl < 60 || ((unsigned)t)+ttl < ttl) ttl = 300;
+				if(ttl){
+					hashadd(&dns_table, name, retval, ((unsigned)t)+ttl);
+				}
+				if(retttl) *retttl = ttl;
+				return retval;
+			}
+			else {
+				
+				if(buf[k+2] != 0 || buf[k+3] != 0x0c) {
+					k+= (12 + flen);
+					continue; 		/* we need A PTR */
+				}
+				for (s2 = buf + k + 12; s2 < (buf + k + 12 + len) && *s2; ){
+					s1 = s2 + ((unsigned)*s2) + 1;
+					*s2 = '.';
+					s2 = s1;
+				}
+				*s2 = 0;
+				if(param->username)myfree(param->username);
+				param->username = mystrdup (buf + k + 13);
+				
+				return udpresolve(param->username, NULL, NULL, 2);
+			}
+		}
+	}
+	return 0;
+}
+
+unsigned long myresolver(unsigned char * name){
+ return udpresolve(name, NULL, NULL, 0);
+}
+
+unsigned long fakeresolver (unsigned char *name){
+ return htonl(0x7F000002);
+}
+
+#ifndef NOODBC
+
+SQLHENV  henv = NULL;
+SQLHSTMT hstmt = NULL;
+SQLHDBC hdbc = NULL;
+char * sqlstring = NULL;
+
+
+void close_sql(){
+	if(hstmt) {
+		SQLFreeHandle(SQL_HANDLE_STMT, hstmt);
+		hstmt = NULL;
+	}
+	if(hdbc){
+		SQLDisconnect(hdbc);
+		SQLFreeHandle(SQL_HANDLE_DBC, hdbc);
+		hdbc = NULL;
+	}
+	if(henv) {
+		SQLFreeHandle(SQL_HANDLE_ENV, henv);
+		henv = NULL;
+	}
+}
+
+int attempt = 0;
+time_t attempt_time = 0;
+
+int init_sql(char * s){
+	SQLRETURN  retcode;
+	char * datasource;
+	char * username;
+	char * password;
+	char * string;
+
+	if(!s) return 0;
+	if(!sqlstring || strcmp(sqlstring, s)){
+		string = sqlstring;
+		sqlstring=mystrdup(s);
+		if(string)myfree(string);
+	}
+
+	if(hstmt || hdbc || henv) close_sql();
+	attempt++;
+	attempt_time = time(0);
+	if(!henv){
+		retcode = SQLAllocHandle(SQL_HANDLE_ENV, SQL_NULL_HANDLE, &henv);
+		if (!henv || (retcode != SQL_SUCCESS && retcode != SQL_SUCCESS_WITH_INFO)){
+			henv = NULL;
+			return 0;
+		}
+		retcode = SQLSetEnvAttr(henv, SQL_ATTR_ODBC_VERSION, (void*)SQL_OV_ODBC3, 0); 
+
+		if (retcode != SQL_SUCCESS && retcode != SQL_SUCCESS_WITH_INFO) {
+			return 0;
+		}
+	}
+	if(!hdbc){
+		retcode = SQLAllocHandle(SQL_HANDLE_DBC, henv, &hdbc); 
+		if (!hdbc || (retcode != SQL_SUCCESS && retcode != SQL_SUCCESS_WITH_INFO)) {
+			hdbc = NULL;
+			SQLFreeHandle(SQL_HANDLE_ENV, henv);
+			henv = NULL;
+			return 0;
+		}
+	       	SQLSetConnectAttr(hdbc, SQL_LOGIN_TIMEOUT, (void*)15, 0);
+	}
+	string = mystrdup(sqlstring);
+	if(!string) return 0;
+	datasource = strtok(string, ",");
+	username = strtok(NULL, ",");
+	password = strtok(NULL, ",");
+	
+
+         /* Connect to data source */
+        retcode = SQLConnect(hdbc, (SQLCHAR*) datasource, (SQLSMALLINT)strlen(datasource),
+                (SQLCHAR*) username, (SQLSMALLINT)((username)?strlen(username):0),
+                (SQLCHAR*) password, (SQLSMALLINT)((password)?strlen(password):0));
+
+	myfree(string);
+	if (retcode != SQL_SUCCESS && retcode != SQL_SUCCESS_WITH_INFO){
+		SQLFreeHandle(SQL_HANDLE_DBC, hdbc);
+		hdbc = NULL;
+		SQLFreeHandle(SQL_HANDLE_ENV, henv);
+		henv = NULL;
+		return 0;
+	}
+        retcode = SQLAllocHandle(SQL_HANDLE_STMT, hdbc, &hstmt); 
+        if (retcode != SQL_SUCCESS && retcode != SQL_SUCCESS_WITH_INFO){
+		close_sql();
+		return 0;
+	}
+	return 1;
+}
+
+void sqlerr (char *buf){
+	if(conf.stdlog){
+		fprintf(conf.stdlog, "%s\n", buf);
+		fflush(conf.stdlog);
+	}
+	pthread_mutex_unlock(&odbc_mutex);
+}
+
+void logsql(struct clientparam * param, const unsigned char *s) {
+	unsigned char buf[4096];
+	SQLRETURN ret;
+	int len;
+
+	len = dobuf(param, buf, s, "\'");
+
+	if(param->nolog) return;
+	pthread_mutex_lock(&odbc_mutex);
+
+	if(attempt > 5){
+		time_t t;
+
+		t = time(0);
+		if (t - attempt_time < 180){
+			sqlerr(buf);
+			return;
+		}
+	}
+	if(!hstmt){
+		if(!init_sql(sqlstring)) {
+			sqlerr(buf);
+			return;
+		}
+	}
+	if(hstmt){
+		ret = SQLExecDirect(hstmt, (SQLCHAR *)buf, (SQLINTEGER)len);
+		if(ret != SQL_SUCCESS && ret != SQL_SUCCESS_WITH_INFO){
+			close_sql();
+			if(!init_sql(sqlstring)){
+				sqlerr(buf);
+				return;
+			}
+			if(hstmt) {
+				ret = SQLExecDirect(hstmt, (SQLCHAR *)buf, (SQLINTEGER)len);
+				if(ret != SQL_SUCCESS && ret != SQL_SUCCESS_WITH_INFO){
+					sqlerr(buf);
+					return;
+				}
+				attempt = 0;
+			}
+		}
+		attempt = 0;
+	}
+	pthread_mutex_unlock(&odbc_mutex);
+}
+
+#endif
+ 
+#ifdef WITHMAIN
+int main(int argc, unsigned char * argv[]) {
+	unsigned ip = 0;
+ WSADATA wd;
+ WSAStartup(MAKEWORD( 1, 1 ), &wd);
+	if(argc == 2)ip=getip(argv[1]);
+	if(!hp) {
+		printf("Not found");
+		return 0;
+	}
+	printf("Name: '%s'\n", getnamebyip(ip);
+	return 0;
+}
+#endif

src/base64.c

@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2000-2008 3APA3A
+ *
+ * please read License Agreement
+ *
+ * $Id: base64.c,v 1.6 2008/01/08 21:46:36 vlad Exp $
+ */
+
+#include <string.h>
+
+static const unsigned char base64digits[] =
+   "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+
+#define BAD 255
+static const unsigned char base64val[] = {
+    BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD,
+    BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD,
+    BAD,BAD,BAD,BAD, BAD,BAD,BAD,BAD, BAD,BAD,BAD, 62, BAD,BAD,BAD, 63,
+     52, 53, 54, 55,  56, 57, 58, 59,  60, 61,BAD,BAD, BAD,BAD,BAD,BAD,
+    BAD,  0,  1,  2,   3,  4,  5,  6,   7,  8,  9, 10,  11, 12, 13, 14,
+     15, 16, 17, 18,  19, 20, 21, 22,  23, 24, 25,BAD, BAD,BAD,BAD,BAD,
+    BAD, 26, 27, 28,  29, 30, 31, 32,  33, 34, 35, 36,  37, 38, 39, 40,
+     41, 42, 43, 44,  45, 46, 47, 48,  49, 50, 51,BAD, BAD,BAD,BAD,BAD
+};
+#define DECODE64(c)  ((c > 32 && c<127)? base64val[(int)c] : BAD)
+
+unsigned char* en64 (const unsigned char *in, unsigned char *out, int inlen)
+{
+    for (; inlen > 0; inlen -= 3, in+=3)
+    {
+	
+	*out++ = base64digits[in[0] >> 2];
+	*out++ = base64digits[((in[0]&3)<<4) | ((inlen > 1)?(in[1]>>4):0)];
+	*out++ = (inlen > 1)? base64digits[((in[1] << 2) & 0x3c) | ((inlen > 2)? (in[2] >> 6) : 0)]: '=';
+	*out++ = (inlen > 2)? base64digits[in[2] & 0x3f] : '=';
+    }
+    *out = '\0';
+    return out;
+}
+
+int de64 (const char *in, char *out, int maxlen)
+{
+    int len = 0;
+    register unsigned char digit1, digit2, digit3, digit4;
+
+    if (in[0] == '+' && in[1] == ' ')
+	in += 2;
+    if (*in == '\r')
+	return(0);
+
+    do {
+	digit1 = in[0];
+	if (DECODE64(digit1) == BAD)
+	    return(-1);
+	digit2 = in[1];
+	if (DECODE64(digit2) == BAD)
+	    return(-1);
+	digit3 = in[2];
+	if (digit3 != '=' && DECODE64(digit3) == BAD)
+	    return(-1); 
+	digit4 = in[3];
+	if (digit4 != '=' && DECODE64(digit4) == BAD)
+	    return(-1);
+	in += 4;
+	*out++ = (DECODE64(digit1) << 2) | (DECODE64(digit2) >> 4);
+	++len;
+	if (digit3 != '=')
+	{
+	    *out++ = ((DECODE64(digit2) << 4) & 0xf0) | (DECODE64(digit3) >> 2);
+	    ++len;
+	    if (digit4 != '=')
+	    {
+		*out++ = ((DECODE64(digit3) << 6) & 0xc0) | DECODE64(digit4);
+		++len;
+	    }
+	}
+    } while 
+	(*in && *in != '\r' && digit4 != '=' && (maxlen-=4) >= 4);
+
+    return (len);
+}
+
+unsigned char hex[] = "0123456789ABCDEF";
+
+void tohex(unsigned char *in, unsigned char *out, int len){
+	int i;
+
+	for (i=0; i<len; i++) {
+		out[(i<<1)] = hex[(in[i]>>4)];
+ 		out[(i<<1) + 1] = hex[(in[i]&0x0F)];
+	}
+	out[(i<<1)] = 0;
+}
+
+void fromhex(unsigned char *in, unsigned char *out, int len){
+	char *c1, *c2;
+	for (; len > 0; len--) {
+		c1 = strchr((char *)hex, *in++);
+		c2 = strchr((char *)hex, *in++);
+		if(c1 && c2){
+			*out++ = ((unsigned char)((unsigned char *)c1 - hex) << 4) + (unsigned char)((unsigned char *)c2 - hex);
+		}
+	}
+}

src/common.c

@@ -0,0 +1,721 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: common.c,v 1.94 2014-04-07 21:24:45 vlad Exp $
+*/
+
+
+
+#include "proxy.h"
+
+
+char * copyright = COPYRIGHT;
+
+int randomizer = 1;
+
+#ifndef _WIN32
+ pthread_attr_t pa;
+#endif
+
+unsigned char **stringtable = NULL;
+
+int myinet_ntoa(struct in_addr in, char * buf){
+ unsigned u = ntohl(in.s_addr);
+ return sprintf(buf, "%u.%u.%u.%u", 
+	((u&0xFF000000)>>24), 
+	((u&0x00FF0000)>>16),
+	((u&0x0000FF00)>>8),
+	((u&0x000000FF)));
+}
+
+char *rotations[] = {
+	"",
+	"/min",
+	"/hour",
+	"/day",
+	"/week",
+	"/month",
+	"/year",
+	"",
+};
+
+
+struct extparam conf = {
+	{1, 5, 30, 60, 180, 1800, 15, 60, 0, 0},
+	NULL,
+	NULL,
+	NULL, NULL,
+	NULL,
+	NULL,
+	0, -1, 0, 0, 0, 0, 0, 500, 0, 0, 0,
+	6, 600,
+	1048576,
+	NULL, NULL,
+	NONE, NONE,
+	NULL,
+	INADDR_ANY, INADDR_ANY, 
+	0, 0,
+	NULL,
+	NULL,
+	doconnect,
+	lognone,
+	NULL,
+	NULL,
+	NULL, NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	(time_t)0, (time_t)0,
+	0,0,
+	'@'
+};
+
+int myrand(void * entropy, int len){
+	int i;
+	unsigned short init;
+
+	init = randomizer;
+	for(i=0; i < len/2; i++){
+		init ^= ((unsigned short *)entropy)[i];
+	}
+	srand(init);
+	randomizer = rand();
+	return rand();
+	
+}
+
+#ifndef WITH_POLL
+int  
+#ifdef _WIN32
+ WINAPI
+#endif
+
+    mypoll(struct mypollfd *fds, unsigned int nfds, int timeout){
+	fd_set readfd;
+	fd_set writefd;
+	fd_set oobfd;
+	struct timeval tv;
+	unsigned i;
+	int num;
+	SOCKET maxfd = 0;
+
+	tv.tv_sec = timeout/1000;
+	tv.tv_usec = (timeout%1000)*1000;
+	FD_ZERO(&readfd);
+	FD_ZERO(&writefd);
+	FD_ZERO(&oobfd);
+	for(i=0; i<nfds; i++){
+		if((fds[i].events&POLLIN))FD_SET(fds[i].fd, &readfd);
+		if((fds[i].events&POLLOUT))FD_SET(fds[i].fd, &writefd);
+		if((fds[i].events&POLLPRI))FD_SET(fds[i].fd, &oobfd);
+		fds[i].revents = 0;
+		if(fds[i].fd > maxfd) maxfd = fds[i].fd;
+	}
+	if((num = select(((int)(maxfd))+1, &readfd, &writefd, &oobfd, &tv)) < 1) return num;
+	for(i=0; i<nfds; i++){
+		if(FD_ISSET(fds[i].fd, &readfd)) fds[i].revents |= POLLIN;
+		if(FD_ISSET(fds[i].fd, &writefd)) fds[i].revents |= POLLOUT;
+		if(FD_ISSET(fds[i].fd, &oobfd)) fds[i].revents |= POLLPRI;
+	}
+	return num;
+}
+#endif
+
+struct sockfuncs so = {
+	socket,
+	accept,
+	bind,
+	listen,
+	connect,
+	getpeername,
+	getsockname,
+	getsockopt,
+	setsockopt,
+#ifdef WITH_POLL
+	poll,
+#else
+	mypoll,
+#endif
+	send,
+	sendto,
+	recv,
+	recvfrom,
+	shutdown,
+#ifdef _WIN32
+	closesocket
+#else
+	close
+#endif
+};
+
+#ifdef _WINCE
+
+static char cebuf[1024];
+static char ceargbuf[256];
+char * ceargv[32];
+
+char * CEToUnicode (const char *str){
+	int i;
+
+	for(i=0; i<510 && str[i]; i++){
+		cebuf[(i*2)] = str[i];
+		cebuf[(i*2)+1] = 0;
+	}
+	cebuf[(i*2)] = 0;
+	cebuf[(i*2)+1] = 0;
+	return cebuf;
+};
+
+int cesystem(const char *str){
+	STARTUPINFO startupInfo = {0};
+	startupInfo.cb = sizeof(startupInfo);
+
+	PROCESS_INFORMATION processInformation;
+
+	return CreateProcessW((LPWSTR)CEToUnicode(str), NULL, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS, NULL, NULL, &startupInfo, &processInformation);
+}
+
+int ceparseargs(const char *str){
+	int argc = 0, i;
+	int space = 1;
+
+	for(i=0; i<250 && argc<30 && str[2*i]; i++){
+		ceargbuf[i] = str[2*i];
+		if(space && ceargbuf[i]!=' '&& ceargbuf[i]!='\t'&& ceargbuf[i]!='\r'&& ceargbuf[i]!='\n'){
+			ceargv[argc++] = ceargbuf + i;
+			space = 0;
+		}
+		else if(!space && (ceargbuf[i]==' ' || ceargbuf[i]=='\t' || ceargbuf[i]=='\r' || ceargbuf[i]=='\n')){
+			ceargbuf[i] = 0;
+			space = 1;
+		}
+	}
+	return argc;
+}
+
+#endif
+
+int parsehostname(char *hostname, struct clientparam *param, unsigned short port){
+	char *sp;
+
+	if(!hostname || !*hostname)return 1;
+	if ( (sp = strchr(hostname, ':')) ) *sp = 0;
+	if(hostname != param->hostname){
+		if(param->hostname) myfree(param->hostname);
+		param->hostname = (unsigned char *)mystrdup(hostname);
+	}
+	if(sp){
+		port = atoi(sp+1);
+		*sp = ':';
+	}
+	param->req.sin_port=htons(port);
+	param->req.sin_addr.s_addr = getip(param->hostname);
+	param->sins.sin_addr.s_addr = 0;
+	param->sins.sin_port = 0;
+	return 0;
+}
+
+int parseusername(char *username, struct clientparam *param, int extpasswd){
+	char *sb = NULL, *se = NULL, *sp = NULL;
+
+	if(!username || !*username) return 1;
+	if(!param->srv->nouser && (sb = strchr(username, ':')) && (se = strchr(sb + 1, ':')) && (!extpasswd || (sp = strchr(se + 1, ':')))){
+		*sb = 0;
+		*se = 0;
+		if(sp) *sp = 0;
+		if(*(sb+1)) {
+			if(param->password) myfree(param->password);
+			param->password = (unsigned char *)mystrdup(sb+1);
+		}
+		if(*username) {
+			if(param->username) myfree(param->username);
+			param->username = (unsigned char *)mystrdup(username);
+		}
+		username = se+1;
+	 }
+	if(extpasswd){
+		if(!sp) sp = strchr(username, ':');
+		if(sp){
+			*sp = 0;
+			if(param->extpassword) myfree(param->extpassword);
+			param->extpassword = (unsigned char *) mystrdup(sp+1);
+		}
+	}
+	if(param->extusername) myfree(param->extusername);
+	param->extusername = (unsigned char *)mystrdup(username);
+	if(sb) *sb = ':';
+	if(se) *se = ':';
+	if(sp) *sp = ':';
+	return 0;
+}
+
+int parseconnusername(char *username, struct clientparam *param, int extpasswd, unsigned short port){
+	char *sb, *se;
+	if(!username || !*username) return 1;
+        if ((sb=strchr(username, conf.delimchar)) == NULL){
+		if(!param->hostname && param->remsock == INVALID_SOCKET) return 2;
+		return parseusername(username, param, extpasswd);
+	}
+	while ((se=strchr(sb+1, conf.delimchar)))sb=se;
+	*(sb) = 0;
+	if(parseusername(username, param, extpasswd)) return 3;
+	*(sb) = conf.delimchar;
+	if(parsehostname(sb+1, param, port)) return 4;
+	return 0;
+}
+
+void clearstat(struct clientparam * param) {
+
+#ifdef _WIN32
+	struct timeb tb;
+
+	ftime(&tb);
+	param->time_start = (time_t)tb.time;
+	param->msec_start = (unsigned)tb.millitm;
+
+#else
+	struct timeval tv;
+	struct timezone tz;
+	gettimeofday(&tv, &tz);
+
+	param->time_start = (time_t)tv.tv_sec;
+	param->msec_start = (tv.tv_usec / 1000);
+#endif
+	param->statscli = param->statssrv = param->nreads = param->nwrites =
+		param->nconnects = 0;
+}
+
+
+char months[12][4] = {
+	"Jan", "Feb", "Mar", "Apr", "May", "Jun",
+	"Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
+};
+
+
+int dobuf2(struct clientparam * param, unsigned char * buf, const unsigned char *s, const unsigned char * doublec, struct tm* tm, char * format){
+	int i, j;
+	int len;
+	time_t sec;
+	unsigned msec;
+
+	long timezone;
+	unsigned delay;
+	struct in_addr tmpia;
+
+
+
+#ifdef _WIN32
+	struct timeb tb;
+
+	ftime(&tb);
+	sec = (time_t)tb.time;
+	msec = (unsigned)tb.millitm;
+	timezone = tm->tm_isdst*60 - tb.timezone;
+
+#else
+	struct timeval tv;
+	struct timezone tz;
+	gettimeofday(&tv, &tz);
+
+	sec = (time_t)tv.tv_sec;
+	msec = tv.tv_usec / 1000;
+#ifdef _SOLARIS
+	timezone = -altzone / 60;
+#else
+	timezone = tm->tm_gmtoff / 60;
+#endif
+#endif
+
+	delay = param->time_start?((unsigned) ((sec - param->time_start))*1000 + msec) - param->msec_start : 0;
+	*buf = 0;
+	for(i=0, j=0; format[j] && i < 4040; j++){
+		if(format[j] == '%' && format[j+1]){
+			j++;
+			switch(format[j]){
+				case '%':
+				 buf[i++] = '%';
+				 break;
+				case 'y':
+				 sprintf((char *)buf+i, "%.2d", tm->tm_year%100);
+				 i+=2;
+				 break;
+				case 'Y':
+				 sprintf((char *)buf+i, "%.4d", tm->tm_year+1900);
+				 i+=4;
+				 break;
+				case 'm':
+				 sprintf((char *)buf+i, "%.2d", tm->tm_mon+1);
+				 i+=2;
+				 break;
+				case 'o':
+				 sprintf((char *)buf+i, "%s", months[tm->tm_mon]);
+				 i+=3;
+				 break;
+				case 'd':
+				 sprintf((char *)buf+i, "%.2d", tm->tm_mday);
+				 i+=2;
+				 break;
+				case 'H':
+				 sprintf((char *)buf+i, "%.2d", tm->tm_hour);
+				 i+=2;
+				 break;
+				case 'M':
+				 sprintf((char *)buf+i, "%.2d", tm->tm_min);
+				 i+=2;
+				 break;
+				case 'S':
+				 sprintf((char *)buf+i, "%.2d", tm->tm_sec);
+				 i+=2;
+				 break;
+				case 't':
+				 sprintf((char *)buf+i, "%.10u", (unsigned)sec);
+				 i+=10;
+				 break;
+				case 'b':
+				 i+=sprintf((char *)buf+i, "%u", delay?(unsigned)(param->statscli * 1000./delay):0);
+				 break;
+				case 'B':
+				 i+=sprintf((char *)buf+i, "%u", delay?(unsigned)(param->statssrv * 1000./delay):0);
+				 break;				 
+				case 'D':
+				 i+=sprintf((char *)buf+i, "%u", delay);
+				 break;
+				case '.':
+				 sprintf((char *)buf+i, "%.3u", msec);
+				 i+=3;
+				 break;
+				case 'z':
+				 sprintf((char *)buf+i, "%+.2ld%.2u", timezone / 60, (unsigned)(timezone%60));
+				 i+=5;
+				 break;
+				case 'U':
+				 if(param->username && *param->username){
+					for(len = 0; i< 4000 && param->username[len]; len++){
+					 buf[i] = param->username[len];
+					 if(param->srv->nonprintable && (buf[i] < 0x20 || strchr((char *)param->srv->nonprintable, buf[i]))) buf[i] = param->srv->replace;
+					 if(doublec && strchr((char *)doublec, buf[i])) {
+						buf[i+1] = buf[i];
+						i++;
+					 }
+					 i++;
+					}
+				 }
+				 else {
+					buf[i++] = '-';
+				 }
+				 break;
+				case 'n':
+					len = param->hostname? (int)strlen((char *)param->hostname) : 0;
+					if (len > 0) for(len = 0; param->hostname[len] && i < 4000; len++, i++){
+						buf[i] = param->hostname[len];
+					 	if(param->srv->nonprintable && (buf[i] < 0x20 || strchr((char *)param->srv->nonprintable, buf[i]))) buf[i] = param->srv->replace;
+						if(doublec && strchr((char *)doublec, buf[i])) {
+							buf[i+1] = buf[i];
+							i++;
+						}
+					}
+					else i += myinet_ntoa(param->sins.sin_addr, (char *)buf + i);
+					break;
+
+				case 'N':
+				 if(param->service >=0 && param->service < 15) {
+					 len = (conf.stringtable)? (int)strlen((char *)conf.stringtable[SERVICES + param->service]) : 0;
+					 if(len > 20) len = 20;
+					 memcpy(buf+i, (len)?conf.stringtable[SERVICES + param->service]:(unsigned char*)"-", (len)?len:1);
+					 i += (len)?len:1;
+				 }
+				 break;
+				case 'E':
+				 sprintf((char *)buf+i, "%.05d", param->res);
+				 i += 5;
+				 break;
+				case 'T':
+				 if(s){
+					for(len = 0; i<4000 && s[len]; len++){
+					 buf[i] = s[len];
+					 if(param->srv->nonprintable && (buf[i] < 0x20 || strchr((char *)param->srv->nonprintable, buf[i]))) buf[i] = param->srv->replace;
+					 if(doublec && strchr((char *)doublec, buf[i])) {
+						buf[i+1] = buf[i];
+						i++;
+					 }
+					 i++;
+					}
+				 }
+				 break;
+				case 'e':
+				 tmpia.s_addr = param->extip;
+				 i += myinet_ntoa(tmpia, (char *)buf + i);
+				 break;
+				case 'C':
+				 i += myinet_ntoa(param->sinc.sin_addr, (char *)buf + i);
+				 break;
+				case 'R':
+				 i += myinet_ntoa(param->sins.sin_addr, (char *)buf + i);
+				 break;
+				case 'Q':
+				 i += myinet_ntoa(param->req.sin_addr, (char *)buf + i);
+				 break;
+				case 'p':
+				 sprintf((char *)buf+i, "%hu", ntohs(param->srv->intport));
+				 i += (int)strlen((char *)buf+i);
+				 break;
+				case 'c':
+				 sprintf((char *)buf+i, "%hu", ntohs(param->sinc.sin_port));
+				 i += (int)strlen((char *)buf+i);
+				 break;
+				case 'r':
+				 sprintf((char *)buf+i, "%hu", ntohs(param->sins.sin_port));
+				 i += (int)strlen((char *)buf+i);
+				 break;
+				case 'q':
+				 sprintf((char *)buf+i, "%hu", ntohs(param->req.sin_port));
+				 i += (int)strlen((char *)buf+i);
+				 break;
+				case 'I':
+				 sprintf((char *)buf+i, "%lu", param->statssrv);
+				 i += (int)strlen((char *)buf+i);
+				 break;
+				case 'O':
+				 sprintf((char *)buf+i, "%lu", param->statscli);
+				 i += (int)strlen((char *)buf+i);
+				 break;
+				case 'h':
+				 sprintf((char *)buf+i, "%d", param->redirected);
+				 i += (int)strlen((char *)buf+i);
+				 break;
+				case '1':
+				case '2':
+				case '3':
+				case '4':
+				case '5':
+				case '6':
+				case '7':
+				case '8':
+				case '9':
+					{
+						int k, pmin=0, pmax=0;
+						for (k = j; isnumber(format[k]); k++);
+						if(format[k] == '-' && isnumber(format[k+1])){
+							pmin = atoi(format + j) - 1;
+							k++;
+							pmax = atoi(format + k) -1;
+							for (; isnumber(format[k]); k++);
+							j = k;
+						}
+						if(!s || format[k]!='T') break;
+						for(k = 0, len = 0; s[len] && i < 4000; len++){
+							if(isspace(s[len])){
+								k++;
+								while(isspace(s[len+1]))len++;
+								if(k == pmin) continue;
+							}
+							if(k>=pmin && k<=pmax) {
+								buf[i] = s[len];
+								if(param->srv->nonprintable && (buf[i] < 0x20 || strchr((char *)param->srv->nonprintable, buf[i]))) buf[i] = param->srv->replace;
+								if(doublec && strchr((char *)doublec, buf[i])) {
+									buf[i+1] = buf[i];
+									i++;
+				 				}
+								i++;
+							}
+						}
+						break;
+
+					}
+				default:
+				 buf[i++] = format[j];
+			}
+		}
+		else buf[i++] = format[j];
+	}
+	buf[i] = 0;
+	return i;
+}
+
+int dobuf(struct clientparam * param, unsigned char * buf, const unsigned char *s, const unsigned char * doublec){
+	struct tm* tm;
+	int i;
+	char * format;
+	time_t t;
+
+	time(&t);
+	if(!param) return 0;
+	if(param->trafcountfunc)(*param->trafcountfunc)(param);
+	format = (char *)param->srv->logformat;
+	if(!format) format = "G%y%m%d%H%M%S.%. %p %E %U %C:%c %R:%r %O %I %h %T";
+	tm = (*format == 'G' || *format == 'g')?
+		gmtime(&t) : localtime(&t);
+	i = dobuf2(param, buf, s, doublec, tm, format + 1);
+	clearstat(param);
+	return i;
+}
+
+void lognone(struct clientparam * param, const unsigned char *s) {
+	if(param->trafcountfunc)(*param->trafcountfunc)(param);
+	clearstat(param);
+}
+
+
+void logstdout(struct clientparam * param, const unsigned char *s) {
+	unsigned char buf[4096];
+	FILE *log;
+
+	log = param->srv->stdlog?param->srv->stdlog:conf.stdlog?conf.stdlog:stdout;
+	dobuf(param, buf, s, NULL);
+	if(!param->nolog)if(fprintf(log, "%s\n", buf) < 0) {
+		perror("printf()");
+	};
+	if(log != conf.stdlog)fflush(log);
+}
+#ifndef _WIN32
+void logsyslog(struct clientparam * param, const unsigned char *s) {
+	unsigned char buf[4096];
+
+	dobuf(param, buf, s, NULL);
+	if(!param->nolog)syslog(LOG_INFO, "%s", buf);
+}
+#endif
+
+int doconnect(struct clientparam * param){
+ SASIZETYPE size = sizeof(param->sins);
+ struct sockaddr_in bindsa;
+ if (param->operation == ADMIN || param->operation == DNSRESOLVE || param->operation == BIND || param->operation == UDPASSOC)
+	return 0;
+ if (param->remsock != INVALID_SOCKET){
+	if(so._getpeername(param->remsock, (struct sockaddr *)&param->sins, &size)==-1) {return (15);}
+ }
+ else {
+	struct linger lg;
+
+	if(!param->sins.sin_addr.s_addr)
+		if(!(param->sins.sin_addr.s_addr = param->req.sin_addr.s_addr)) return 100;
+	if(!param->sins.sin_port)param->sins.sin_port = param->req.sin_port;
+	if ((param->remsock=so._socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == INVALID_SOCKET) {return (11);}
+	so._setsockopt(param->remsock, SOL_SOCKET, SO_LINGER, (unsigned char *)&lg, sizeof(lg));
+	memset(&bindsa, 0, sizeof(bindsa));
+	bindsa.sin_family = AF_INET;
+	bindsa.sin_port = param->extport;
+	bindsa.sin_addr.s_addr = param->extip;
+	if (param->srv->targetport && !bindsa.sin_port && ntohs(param->sinc.sin_port) > 1023) bindsa.sin_port = param->sinc.sin_port;
+	if(so._bind(param->remsock, (struct sockaddr*)&bindsa, sizeof(bindsa))==-1) {
+		memset(&bindsa, 0, sizeof(bindsa));
+		bindsa.sin_family = AF_INET;
+		bindsa.sin_addr.s_addr = param->extip;
+		bindsa.sin_port = 0;
+		if(so._bind(param->remsock, (struct sockaddr*)&bindsa, sizeof(bindsa))==-1) {
+			return 12;
+		}
+	}
+	
+	param->sins.sin_family = AF_INET;
+	if(param->operation >= 256 || (param->operation & CONNECT)){
+#ifdef _WIN32
+		unsigned long ul = 1;
+#endif
+		if(so._connect(param->remsock,(struct sockaddr *)&param->sins,sizeof(param->sins))) {return (13);}
+		param->nconnects++;
+#ifdef _WIN32
+		ioctlsocket(param->remsock, FIONBIO, &ul);
+#else
+		fcntl(param->remsock,F_SETFL,O_NONBLOCK);
+#endif
+		if(so._getsockname(param->remsock, (struct sockaddr *)&bindsa, &size)==-1) {return (15);}
+		param->extip = bindsa.sin_addr.s_addr;
+	}
+	else {
+		if(so._getsockname(param->remsock, (struct sockaddr *)&param->sins, &size)==-1) {return (15);}
+	}
+ }
+ return 0;
+}
+
+int scanaddr(const unsigned char *s, unsigned long * ip, unsigned long * mask) {
+	unsigned d1, d2, d3, d4, m;
+	int res;
+	if ((res = sscanf((char *)s, "%u.%u.%u.%u/%u", &d1, &d2, &d3, &d4, &m)) < 4) return 0;
+	if(mask && res == 4) *mask = 0xFFFFFFFF;
+	else if (mask) *mask = htonl(0xFFFFFFFF << (32 - m));
+	*ip = htonl ((d1<<24) ^ (d2<<16) ^ (d3<<8) ^ d4);
+	return res;
+}
+
+RESOLVFUNC resolvfunc = NULL;
+#ifndef _WIN32
+pthread_mutex_t gethostbyname_mutex;
+int ghbn_init = 0;
+#endif
+
+
+#ifdef GETHOSTBYNAME_R
+struct hostent * my_gethostbyname(char *name, char *buf, struct hostent *hp){
+	struct hostent *result;
+	int gherrno;
+
+#ifdef _SOLARIS
+	return gethostbyname_r(name, hp, buf, 1024, &gherrno);
+#else
+	if(gethostbyname_r(name, hp, buf, 1024, &result, &gherrno) != 0)
+		return NULL;
+	return result;
+#endif
+}
+#endif
+
+unsigned long getip(unsigned char *name){
+	unsigned long retval;
+	int i;
+	int ndots = 0;
+	struct hostent *hp=NULL;
+
+#ifdef GETHOSTBYNAME_R
+	struct hostent he;
+	char ghbuf[1024];
+#define gethostbyname(NAME) my_gethostbyname(NAME, ghbuf, &he)
+#endif
+
+	if(strlen((char *)name)>255)name[255] = 0;
+	for(i=0; name[i]; i++){
+		if(name[i] == '.'){
+			if(++ndots > 3) break;
+			continue;
+		}
+		if(name[i] <'0' || name[i] >'9') break;
+	}
+	if(!name[i] && ndots == 3){
+		unsigned long ip;
+		if(scanaddr(name, &ip, NULL) == 4){
+			return ip;
+		}
+	}
+	if(resolvfunc){
+		if((retval = (*resolvfunc)(name))) return retval;
+		if(conf.demanddialprog) system(conf.demanddialprog);
+		return (*resolvfunc)(name);
+	}
+#if !defined(_WIN32) && !defined(GETHOSTBYNAME_R)
+	if(!ghbn_init){
+		pthread_mutex_init(&gethostbyname_mutex, NULL);
+		ghbn_init++;
+	}
+	pthread_mutex_lock(&gethostbyname_mutex);
+#endif
+	hp=gethostbyname((char *)name);
+	if (!hp && conf.demanddialprog) {
+		system(conf.demanddialprog);
+		hp=gethostbyname((char *)name);
+	}
+	retval = hp?*(unsigned long *)hp->h_addr:0;
+#if !defined(_WIN32) && !defined(GETHOSTBYNAME_R)
+	pthread_mutex_unlock(&gethostbyname_mutex);
+#endif
+#ifdef GETHOSTBYNAME_R
+#undef gethostbyname
+#endif
+	return retval;
+}

src/countersutil.c

@@ -0,0 +1,145 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: common.c,v 1.81 2007/12/18 09:26:44 vlad Exp $
+*/
+
+#include "proxy.h"
+
+struct counter_header {
+	unsigned char sig[4];
+	time_t updated;
+} cheader = {"3CF", (time_t)0};
+
+
+struct counter_record {
+	unsigned long traf;
+	unsigned long trafgb;
+	time_t cleared;
+	time_t updated;
+} crecord;
+
+#ifdef _WIN32
+struct counter_header_old {
+	unsigned char sig[4];
+	DWORD updated;
+} cheader_old = {"3CF", (time_t)0};
+
+
+struct counter_record_old {
+	unsigned long traf;
+	unsigned long trafgb;
+	DWORD cleared;
+	DWORD updated;
+} crecord_old;
+#endif
+
+int main(int argc, char *argv[]){
+	FILE *txt;
+	int bin;
+	int i;
+	long unsigned lu1, lu2;
+	char buf[256];
+	if(argc!=4){
+		fprintf(stderr, "Usage: %s command binary_file text_file\n"
+				" commands are:\n"
+				"\texport - dump counterfile to text\n"
+#ifdef _WIN32
+				"\toldexport - export counterfile from older 3proxy version\n"
+#endif
+				"\timport- import counterfile from text\n"
+				"Examples:\n"
+#ifdef _WIN32
+				" %s oldexport counterfile.3cf tmpfile\n"
+#else
+				" %s export counterfilenew.3cf tmpfile\n"
+#endif
+				" %s import counterfilenew.3cf tmpfile\n"
+				"text file record format:\n"
+				"%%d %%10lu %%10lu %%lu %%lu\n"
+				" 1 - counter number\n"
+				" 2 - traffic (Bytes)\n"
+				" 3 - traffic (GB)\n"
+				" 4 - time counter reset (time_t)\n"
+				" 5 - time counter updated (time_t)\n"
+				,argv[0] , argv[0], argv[0]);
+		return 1;
+	}
+	if(!strcmp(argv[1], "export")){
+		bin = open((char *)argv[2], O_BINARY|O_RDONLY, 0660);
+		if(bin < 0){
+			fprintf(stderr, "Failed to open %s\n", argv[2]);
+			return 2;
+		}
+		if(read(bin, &cheader, sizeof(cheader)) != sizeof(cheader) ||
+		   memcmp(&cheader, "3CF", 4)){
+			fprintf(stderr, "Invalid counter file\n");
+			return 3;
+		}
+		txt = fopen(argv[3], "w");
+		if(!txt) txt = stdout;
+		for(i=1; read(bin, &crecord, sizeof(crecord))==sizeof(crecord); i++)
+			fprintf(txt,"%d %10lu %10lu %lu %lu\n", i, 
+				crecord.trafgb,
+				crecord.traf,
+				(unsigned long) crecord.cleared,
+				(unsigned long) crecord.updated);
+	}
+#ifdef _WIN32
+	else if(!strcmp(argv[1], "oldexport")){
+		bin = open((char *)argv[2], O_BINARY|O_RDONLY, 0660);
+		if(bin < 0){
+			fprintf(stderr, "Failed to open %s\n", argv[2]);
+			return 2;
+		}
+		if(read(bin, &cheader_old, sizeof(cheader_old)) != sizeof(cheader_old) ||
+		   memcmp(&cheader, "3CF", 4)){
+			fprintf(stderr, "Invalid counter file\n");
+			return 3;
+		}
+		txt = fopen(argv[3], "w");
+		if(!txt) txt = stdout;
+		for(i=1; read(bin, &crecord_old, sizeof(crecord_old))==sizeof(crecord_old); i++)
+			fprintf(txt, "%d %10lu %10lu %lu %lu\n", i, 
+				crecord_old.trafgb,
+				crecord_old.traf,
+				(unsigned long) crecord_old.cleared,
+				(unsigned long) crecord_old.updated);
+	}
+#endif
+	else if(!strcmp(argv[1], "import")){
+		bin = open((char *)argv[2], O_BINARY|O_WRONLY|O_CREAT|O_EXCL, 0660);
+		if(bin < 0){
+			fprintf(stderr, "Failed to open %s\n", argv[2]);
+			return 2;
+		}
+		txt = fopen(argv[3], "r");
+		if(!txt) {
+			fprintf(stderr, "Failed to open %s\n", argv[3]);
+			return 3;
+		}
+		cheader.updated = time(0);
+		write(bin, &cheader, sizeof(cheader));
+		while(fgets(buf, 256, txt) &&
+			sscanf(buf, "%d %10lu %10lu %lu %lu\n",
+				&i, &crecord.trafgb, &crecord.traf,
+				&lu1, &lu2) == 5){
+
+			crecord.cleared = (time_t) lu1;
+			crecord.updated = (time_t) lu1;
+			lseek(bin,
+			 sizeof(struct counter_header) + (i-1) * sizeof(crecord),
+			 SEEK_SET);
+			write(bin, &crecord, sizeof(crecord));
+
+		}
+	}
+	else {
+		fprintf(stderr, "Unknown command: %s\n", argv[1]);
+		return 5;
+	}
+	return 0;
+}

src/datatypes.c

@@ -0,0 +1,834 @@
+/*
+ * Copyright (c) 2000-2008 3APA3A
+ *
+ * please read License Agreement
+ *
+ * $Id: datatypes.c,v 1.28 2009/08/14 09:56:21 v.dubrovin Exp $
+ */
+
+#include "proxy.h"
+
+static void pr_integer(struct node *node, CBFUNC cbf, void*cb){
+	char buf[16];
+	if(node->value)(*cbf)(cb, buf, sprintf(buf, "%d", *(int *)node->value));
+}
+
+static void pr_short(struct node *node, CBFUNC cbf, void*cb){
+	char buf[8];
+	if(node->value)(*cbf)(cb, buf, sprintf(buf, "%hu", *(unsigned short*)node->value));
+}
+
+static void pr_char(struct node *node, CBFUNC cbf, void*cb){
+	if(node->value)(*cbf)(cb, (char *)node->value, 1);
+}
+
+
+static void pr_unsigned(struct node *node, CBFUNC cbf, void*cb){
+	char buf[16];
+	if(node->value)(*cbf)(cb, buf, sprintf(buf, "%u", *(unsigned *)node->value));
+}
+
+static void pr_traffic(struct node *node, CBFUNC cbf, void*cb){
+	char buf[16];
+	unsigned long u1, u2;
+	if(node->value){
+		u1 = ((unsigned long *)node->value)[0];
+		u2 = ((unsigned long *)node->value)[0];
+		(*cbf)(cb, buf, sprintf(buf, "%lu", (u1>>20) + (u2<<10)));
+	}
+}
+
+static void pr_port(struct node *node, CBFUNC cbf, void*cb){
+	char buf[8];
+	if(node->value)(*cbf)(cb, buf, sprintf(buf, "%hu", ntohs(*(unsigned short*)node->value)));
+}
+
+static void pr_datetime(struct node *node, CBFUNC cbf, void*cb){
+	char *s;
+	if(node->value){
+		s = ctime((time_t *)node->value);
+
+		(*cbf)(cb, s, (int)strlen(s)-1);
+	}
+}
+
+int ipprint(char *buf, unsigned uu){
+	unsigned u = ntohl(uu);
+
+	return sprintf(buf, "%u.%u.%u.%u", 
+		((u&0xFF000000)>>24), 
+		((u&0x00FF0000)>>16),
+		((u&0x0000FF00)>>8),
+		((u&0x000000FF)));
+}
+
+static void pr_ip(struct node *node, CBFUNC cbf, void*cb){
+	char buf[16];
+	if(node->value)(*cbf)(cb, buf, ipprint(buf, *(unsigned *)node -> value));
+}
+
+static void pr_wdays(struct node *node, CBFUNC cbf, void*cb){
+	char buf[16];
+	int i, found = 0;
+	if(node -> value)for(i = 0; i<8; i++){
+		if( (1<<i) & *(int *)node -> value ) {
+			sprintf(buf, "%s%d", found?",":"", i);
+			(*cbf)(cb, buf, found? 2:1);
+			found = 1;
+		}
+	}
+}
+
+static void pr_time(struct node *node, CBFUNC cbf, void*cb){
+	char buf[16];
+	int t = *(int *)node;
+	
+	(*cbf)(cb, buf, sprintf(buf, "%02d:%02d:%02d", (t/3600)%24, (t/60)%60, t%60));
+}
+
+int cidrprint(char *buf, unsigned long u){
+	unsigned long u1 = 0xffffffff;
+	int i;
+
+	u = ntohl(u);
+	for(i = 32; i && (u1!=u); i--){
+		u1 = (u1 << 1);
+	}
+	if (i == 32) {
+		return 0;
+	}
+	return sprintf(buf, "/%d", i);
+}
+
+static void pr_cidr(struct node *node, CBFUNC cbf, void*cb){
+	char buf[4];
+	int i;
+
+	if(node->value){
+		if ((i = cidrprint(buf, *(unsigned *)node -> value)))
+		 (*cbf)(cb, buf, i);
+		else (*cbf)(cb, "/32", 3);
+	}
+}
+
+static void pr_string(struct node *node, CBFUNC cbf, void*cb){
+	if(node->value){
+		(*cbf)(cb, (char*)node->value, (int)strlen((char*)node->value));
+	}
+	else (*cbf)(cb, "(NULL)", 6);
+}
+
+static void pr_rotation(struct node *node, CBFUNC cbf, void*cb){
+	char * lstrings[] = {
+		"N", "C", "H", "D", "W", "M", "Y", "N"
+	};
+	int i;
+
+	if(node->value && (i = *(int*)node->value) > 1 && i < 6){
+	 (*cbf)(cb, lstrings[i], 1);
+	}
+}
+
+static void pr_operations(struct node *node, CBFUNC cbf, void*cb){
+	char buf[64];
+	int operation;
+	int delim = 0;
+
+	*buf = 0;
+	if(!node->value || !(operation = *(int*)node->value)){
+		(*cbf)(cb, "*", 1);
+		return;
+	}
+	if(operation & HTTP){
+		if((operation & HTTP) == HTTP)
+		 (*cbf)(cb, buf, sprintf(buf, "HTTP"));
+		else 
+		 (*cbf)(cb, buf, sprintf(buf, "%s%s%s%s%s%s%s%s%s",
+			(operation & HTTP_GET)? "HTTP_GET" : "",
+			((operation & HTTP_GET) && (operation & (HTTP_PUT|HTTP_POST|HTTP_HEAD|HTTP_OTHER)))? "," : "",
+			(operation & HTTP_PUT)? "HTTP_PUT" : "",
+			((operation & HTTP_PUT) && (operation & (HTTP_POST|HTTP_HEAD|HTTP_OTHER)))? "," : "",
+			(operation & HTTP_POST)? "HTTP_POST" : "",
+			((operation & HTTP_POST) && (operation & (HTTP_HEAD|HTTP_OTHER)))? "," : "",
+			(operation & HTTP_HEAD)? "HTTP_HEAD" : "",
+			((operation & HTTP_HEAD) && (operation & HTTP_OTHER))? "," : "",
+			(operation & HTTP_OTHER)? "HTTP_OTHER" : ""));
+		delim = 1;
+	}
+	if(operation & HTTP_CONNECT){
+		(*cbf)(cb, buf, sprintf(buf, "%s%s", delim?",":"", "HTTP_CONNECT"));
+		delim = 1;
+	}
+	if(operation & FTP) {
+		if((operation & FTP) == FTP)
+		 (*cbf)(cb, buf, sprintf(buf, "%s%s", delim?",":"", "FTP"));
+		else
+		 (*cbf)(cb, buf, sprintf(buf, "%s%s%s%s%s%s",
+			delim? ",":"",
+			(operation & FTP_GET)? "FTP_GET" : "",
+			((operation & FTP_GET) && (operation & (FTP_PUT|FTP_LIST)))? ",":"",
+			(operation & FTP_PUT)? "FTP_PUT" : "",
+			((operation & FTP_PUT) && (operation & FTP_LIST))? ",":"",
+			(operation & FTP_LIST)? "FTP_LIST" : ""));
+		delim = 1;
+	}
+	if(operation & CONNECT){
+		(*cbf)(cb, buf, sprintf(buf, "%s%s", delim?",":"", "CONNECT"));
+		delim = 1;
+	}
+	if(operation & BIND){
+		(*cbf)(cb, buf, sprintf(buf, "%s%s", delim?",":"", "BIND"));
+		delim = 1;
+	}
+	if(operation & UDPASSOC){
+		(*cbf)(cb, buf, sprintf(buf, "%s%s", delim?",":"", "UDPASSOC"));
+		delim = 1;
+	}
+	if(operation & ICMPASSOC){
+		(*cbf)(cb, buf, sprintf(buf, "%s%s", delim?",":"", "ICMPASSOC"));
+		delim = 1;
+	}
+	if(operation & DNSRESOLVE){
+		(*cbf)(cb, buf, sprintf(buf, "%s%s", delim?",":"", "DNSRESOLVE"));
+		delim = 1;
+	}
+	if(operation & ADMIN){
+		(*cbf)(cb, buf, sprintf(buf, "%s%s", delim?",":"", "ADMIN"));
+	}
+}
+
+static void pr_portlist(struct node *node, CBFUNC cbf, void*cb){
+	struct portlist *pl= (struct portlist *)node->value;
+	char buf[16];
+	if(!pl) {
+		(*cbf)(cb, "*", 1);
+		return;
+	}
+	for(; pl; pl = pl->next) {
+		if(pl->startport == pl->endport)
+		 (*cbf)(cb, buf, sprintf(buf, "%hu", pl->startport));
+		else
+		 (*cbf)(cb, buf, sprintf(buf, "%hu-%hu", pl->startport, pl->endport));
+		if(pl->next)(*cbf)(cb, ",", 1);
+	}
+}
+
+static void pr_userlist(struct node *node, CBFUNC cbf, void*cb){
+	struct userlist *ul= (struct userlist *)node->value;
+	if(!ul) {
+		(*cbf)(cb, "*", 1);
+		return;
+	}
+	for(; ul; ul = ul->next){
+	 (*cbf)(cb, (char *)ul->user, (int)strlen((char *)ul->user));
+	 if(ul->next)(*cbf)(cb, ",", 1);
+	}
+}
+
+static void pr_iplist(struct node *node, CBFUNC cbf, void*cb){
+	char buf[20];
+	int i;
+	struct iplist *il = (struct iplist *)node->value;
+
+	if(!il) {
+		(*cbf)(cb, "*", 1);
+		return;
+	}
+	for(; il; il = il->next){
+	 i = ipprint(buf, il->ip);
+	 i += cidrprint(buf+i, il->mask);
+	 if(il->next)buf[i++] = ',';
+	 (*cbf)(cb, buf, i);
+	}
+}
+
+static void * ef_portlist_next(struct node *node){
+	return (((struct portlist *)node->value) -> next);
+}
+
+
+static void * ef_portlist_start(struct node *node){
+	return &(((struct portlist *)node->value) -> startport);
+}
+
+static void * ef_portlist_end(struct node *node){
+	return &(((struct portlist *)node->value) -> endport);
+}
+
+static void * ef_iplist_next(struct node *node){
+	return (((struct iplist *)node->value) -> next);
+}
+
+static void * ef_iplist_ip(struct node *node){
+	return &(((struct iplist *)node->value) -> ip);
+}
+
+static void * ef_iplist_cidr(struct node *node){
+	return &(((struct iplist *)node->value) -> mask);
+}
+
+static void * ef_iplist_mask(struct node *node){
+	return &(((struct iplist *)node->value) -> mask);
+}
+
+static void * ef_userlist_next(struct node * node){
+	return (((struct userlist *)node->value) -> next);
+}
+
+static void * ef_userlist_user(struct node * node){
+	return (((struct userlist *)node->value) -> user);
+}
+
+static void * ef_pwlist_next(struct node * node){
+	return (((struct passwords *)node->value) -> next);
+}
+
+static void * ef_pwlist_user(struct node * node){
+	return (((struct passwords *)node->value) -> user);
+}
+
+static void * ef_pwlist_password(struct node * node){
+	return (((struct passwords *)node->value) -> password);
+}
+
+static void * ef_pwlist_type(struct node * node){
+	switch (((struct passwords *)node->value) -> pwtype) {
+		case SYS:
+			return "SYS";
+		case CL:
+			return "CL";
+		case CR:
+			return "CR";
+		case NT:
+			return "NT";
+		case LM:
+			return "LM";
+		default:
+			return "UNKNOWN";
+	}
+}
+
+static void * ef_chain_next(struct node * node){
+	return ((struct chain *)node->value) -> next;
+}
+
+static void * ef_chain_type(struct node * node){
+	switch (((struct chain *)node->value) -> type) {
+		case R_TCP:
+			return "tcp";
+		case R_CONNECT:
+			return "connect";
+		case R_SOCKS4:
+			return "socks4";
+		case R_SOCKS5:
+			return "socks5";
+		case R_HTTP:
+			return "http";
+		case R_FTP:
+			return "ftp";
+		case R_POP3:
+			return "pop3";
+		default:
+			return "";
+	}
+}
+
+static void * ef_chain_ip(struct node * node){
+	return &((struct chain *)node->value) -> redirip;
+}
+
+static void * ef_chain_port(struct node * node){
+	return &((struct chain *)node->value) -> redirport;
+}
+
+static void * ef_chain_weight(struct node * node){
+	return &((struct chain *)node->value) -> weight;
+}
+
+static void * ef_chain_user(struct node * node){
+	return ((struct chain *)node->value) -> extuser;
+}
+
+static void * ef_chain_password(struct node * node){
+	return ((struct chain *)node->value) -> extpass;
+}
+
+static void * ef_ace_next(struct node * node){
+	return ((struct ace *)node->value) -> next;
+}
+
+static void * ef_ace_type(struct node * node){
+	switch (((struct ace *)node->value) -> action) {
+		case ALLOW:
+		case REDIRECT:
+			return "allow";
+		case DENY:
+			return "deny";
+		case BANDLIM:
+			return "bandlim";
+		case NOBANDLIM:
+			return "nobandlim";
+		case COUNTIN:
+			return "countin";
+		case NOCOUNTIN:
+			return "nocountin";
+		case COUNTOUT:
+			return "countout";
+		case NOCOUNTOUT:
+			return "nocountout";
+		default:
+			return "unknown";
+	}
+}
+
+
+static void * ef_ace_operations(struct node * node){
+	if(!((struct ace *)node->value) -> operation) return NULL;
+	return &((struct ace *)node->value) -> operation;
+}
+
+static void * ef_ace_users(struct node * node){
+	return ((struct ace *)node->value) -> users;
+}
+
+static void * ef_ace_src(struct node * node){
+	return ((struct ace *)node->value) -> src;
+}
+
+
+static void * ef_ace_dst(struct node * node){
+	return ((struct ace *)node->value) -> dst;
+}
+
+
+static void * ef_ace_ports(struct node * node){
+	return ((struct ace *)node->value) -> ports;
+}
+
+static void * ef_ace_chain(struct node * node){
+	return ((struct ace *)node->value) -> chains;
+}
+
+static void * ef_ace_weekdays(struct node * node){
+	return (((struct ace *)node->value) -> wdays) ? &((struct ace *)node->value) -> wdays : NULL;
+}
+
+static void * ef_ace_period(struct node * node){
+	return ((struct ace *)node->value) -> periods;
+}
+
+
+static void * ef_bandlimit_next(struct node * node){
+	return ((struct bandlim *)node->value) -> next;
+}
+
+static void * ef_bandlimit_ace(struct node * node){
+	return ((struct bandlim *)node->value) -> ace;
+}
+
+static void * ef_bandlimit_rate(struct node * node){
+	return &((struct bandlim *)node->value) -> rate;
+}
+
+static void * ef_trafcounter_next(struct node * node){
+	return ((struct trafcount *)node->value) -> next;
+}
+
+static void * ef_trafcounter_ace(struct node * node){
+	return ((struct trafcount *)node->value) -> ace;
+}
+
+static void * ef_trafcounter_number(struct node * node){
+	return &((struct trafcount *)node->value) -> number;
+}
+
+static void * ef_trafcounter_type(struct node * node){
+	return &((struct trafcount *)node->value) -> type;
+}
+
+static void * ef_trafcounter_traffic(struct node * node){
+	return &((struct trafcount *)node->value) -> traf;
+}
+
+static void * ef_trafcounter_limit(struct node * node){
+	return &((struct trafcount *)node->value) -> traflim;
+}
+
+static void * ef_trafcounter_cleared(struct node * node){
+	return &((struct trafcount *)node->value) -> cleared;
+}
+
+static void * ef_trafcounter_updated(struct node * node){
+	return &((struct trafcount *)node->value) -> updated;
+}
+
+static void * ef_trafcounter_comment(struct node * node){
+	return ((struct trafcount *)node->value) -> comment;
+}
+
+static void * ef_trafcounter_disabled(struct node * node){
+	return &((struct trafcount *)node->value) -> disabled;
+}
+
+static void * ef_server_next(struct node * node){
+	return ((struct srvparam *)node->value) -> next;
+}
+
+static void * ef_server_type(struct node * node){
+	int service = ((struct srvparam *)node->value) -> service;
+	return (service>=0 && service < 15)? (void *)conf.stringtable[SERVICES + service] : (void *)"unknown";
+}
+
+static void * ef_server_child(struct node * node){
+	return ((struct srvparam *)node->value) -> child;
+}
+
+static void * ef_server_auth(struct node * node){
+	AUTHFUNC af = ((struct srvparam *)node->value) -> authfunc;
+
+	if(af == alwaysauth) return "none";
+	if(af == nbnameauth) return "nbname";
+	if(af == ipauth) return "iponly";
+	if(af == strongauth) return "strong";
+	return "uknown";
+}
+
+static void * ef_server_childcount(struct node * node){
+	return &((struct srvparam *)node->value) -> childcount;
+}
+
+static void * ef_server_log(struct node * node){
+	if(((struct srvparam *)node->value) -> logfunc == lognone)	return "none";
+	else if(((struct srvparam *)node->value) -> logfunc == logstdout)
+		return (((struct srvparam *)node->value) -> logtarget)?"file":"stdout";
+#ifndef _WIN32
+	else if(((struct srvparam *)node->value) -> logfunc == logsyslog)	return "syslog";
+#endif
+#ifndef NOODBC
+	else if(((struct srvparam *)node->value) -> logfunc == logsql)	return "odbc";
+#endif
+	return NULL;
+}
+
+static void * ef_server_logformat(struct node * node){
+	return ((struct srvparam *)node->value) -> logformat;
+}
+
+static void * ef_server_nonprintable(struct node * node){
+	return ((struct srvparam *)node->value) -> nonprintable;
+}
+
+static void * ef_server_replacement(struct node * node){
+	if(((struct srvparam *)node->value) -> nonprintable)return &((struct srvparam *)node->value) -> replace;
+	return NULL;
+}
+
+static void * ef_server_logtarget(struct node * node){
+	return ((struct srvparam *)node->value) -> logtarget;
+}
+
+
+static void * ef_server_target(struct node * node){
+	return ((struct srvparam *)node->value) -> target;
+}
+
+static void * ef_server_targetport(struct node * node){
+	return &((struct srvparam *)node->value) -> targetport;
+}
+
+static void * ef_server_intip(struct node * node){
+	return &((struct srvparam *)node->value) -> intip;
+}
+
+static void * ef_server_extip(struct node * node){
+	return &((struct srvparam *)node->value) -> extip;
+}
+
+static void * ef_server_intport(struct node * node){
+	return &((struct srvparam *)node->value) -> intport;
+}
+
+static void * ef_server_extport(struct node * node){
+	return &((struct srvparam *)node->value) -> extport;
+}
+
+static void * ef_server_acl(struct node * node){
+	return ((struct srvparam *)node->value) -> acl;
+}
+
+static void * ef_server_singlepacket(struct node * node){
+	return &((struct srvparam *)node->value) -> singlepacket;
+}
+
+static void * ef_server_usentlm(struct node * node){
+	return &((struct srvparam *)node->value) -> usentlm;
+}
+
+static void * ef_server_starttime(struct node * node){
+	return &((struct srvparam *)node->value) -> time_start;
+}
+
+
+static void * ef_client_next(struct node * node){
+	return ((struct clientparam *)node->value) -> next;
+}
+
+static void * ef_client_maxtrafin(struct node * node){
+	return &((struct clientparam *)node->value) -> maxtrafin;
+}
+
+static void * ef_client_maxtrafout(struct node * node){
+	return &((struct clientparam *)node->value) -> maxtrafout;
+}
+
+static void * ef_client_type(struct node * node){
+	int service = ((struct clientparam *)node->value) -> service;
+	return (service>=0 && service < 15)? (void *)conf.stringtable[SERVICES + service] : (void *)"unknown";
+}
+
+static void * ef_client_operation(struct node * node){
+	if(!((struct clientparam *)node->value) -> operation) return NULL;
+	return &((struct clientparam *)node->value) -> operation;
+	
+}
+
+static void * ef_client_redirected(struct node * node){
+	return &((struct clientparam *)node->value) -> redirected;
+	
+}
+
+static void * ef_client_hostname(struct node * node){
+	return ((struct clientparam *)node->value) -> hostname;
+}
+
+static void * ef_client_username(struct node * node){
+	return ((struct clientparam *)node->value) -> username;
+}
+
+static void * ef_client_password(struct node * node){
+	return ((struct clientparam *)node->value) -> password;
+}
+
+static void * ef_client_extusername(struct node * node){
+	return ((struct clientparam *)node->value) -> extusername;
+}
+
+static void * ef_client_extpassword(struct node * node){
+	return ((struct clientparam *)node->value) -> extpassword;
+}
+
+static void * ef_client_cliip(struct node * node){
+	return &((struct clientparam *)node->value) -> sinc.sin_addr.s_addr;
+}
+
+static void * ef_client_srvip(struct node * node){
+	return &((struct clientparam *)node->value) -> sins.sin_addr.s_addr;
+}
+
+static void * ef_client_reqip(struct node * node){
+	return &((struct clientparam *)node->value) -> req.sin_addr.s_addr;
+}
+
+static void * ef_client_reqport(struct node * node){
+	return &((struct clientparam *)node->value) -> req.sin_port;
+}
+
+static void * ef_client_srvport(struct node * node){
+	return &((struct clientparam *)node->value) -> sins.sin_port;
+}
+
+static void * ef_client_cliport(struct node * node){
+	return &((struct clientparam *)node->value) -> sinc.sin_port;
+}
+
+static void * ef_client_bytesin(struct node * node){
+	return &((struct clientparam *)node->value) -> statssrv;
+}
+
+static void * ef_client_bytesout(struct node * node){
+	return &((struct clientparam *)node->value) -> statscli;
+}
+
+static void * ef_client_pwtype(struct node * node){
+	return &((struct clientparam *)node->value) -> pwtype;
+}
+
+static void * ef_client_threadid(struct node * node){
+	return &((struct clientparam *)node->value) -> threadid;
+}
+
+static void * ef_client_starttime(struct node * node){
+	return &((struct clientparam *)node->value) -> time_start;
+}
+
+static void * ef_client_starttime_msec(struct node * node){
+	return &((struct clientparam *)node->value) -> msec_start;
+}
+
+static void * ef_period_fromtime(struct node * node){
+	return &((struct period *)node->value) -> fromtime;
+}
+
+static void * ef_period_totime(struct node * node){
+	return &((struct period *)node->value) -> totime;
+}
+
+static void * ef_period_next(struct node * node){
+	return ((struct period *)node->value) -> next;
+}
+
+static struct property prop_portlist[] = {
+	{prop_portlist + 1, "start", ef_portlist_start, TYPE_PORT, "port range start"},
+	{prop_portlist + 2, "end", ef_portlist_end, TYPE_PORT, "port range end"},
+	{NULL, "next", ef_portlist_next, TYPE_PORTLIST, "next"}
+};
+
+static struct property prop_userlist[] = {
+	{prop_userlist+1, "user", ef_userlist_user, TYPE_STRING, "user name"},
+	{NULL, "next", ef_userlist_next, TYPE_USERLIST, "next"}
+};
+
+static struct property prop_pwlist[] = {
+	{prop_pwlist + 1, "user", ef_pwlist_user, TYPE_STRING, "user name"},
+	{prop_pwlist + 2, "password", ef_pwlist_password, TYPE_STRING, "password string"},
+	{prop_pwlist + 3, "type", ef_pwlist_type, TYPE_STRING, "password type"},
+	{NULL, "next", ef_pwlist_next, TYPE_PWLIST, "next"}
+};
+
+static struct property prop_iplist[] = {
+	{prop_iplist + 1, "ip", ef_iplist_ip, TYPE_IP, "ip address"},
+	{prop_iplist + 2, "cidr", ef_iplist_cidr, TYPE_CIDR, "ip mask length"},
+	{prop_iplist + 3, "mask", ef_iplist_mask, TYPE_IP, "ip mask"},
+	{NULL, "next", ef_iplist_next, TYPE_IPLIST, "next"}
+};
+
+static struct property prop_chain[] = {
+	{prop_chain + 1, "ip", ef_chain_ip, TYPE_IP, "parent ip address"},
+	{prop_chain + 2, "port", ef_chain_port, TYPE_PORT, "parent port"},
+	{prop_chain + 3, "type", ef_chain_type, TYPE_STRING, "parent type"},
+	{prop_chain + 4, "weight", ef_chain_weight, TYPE_SHORT, "parent weight 0-1000"},
+	{prop_chain + 5, "user", ef_chain_user, TYPE_STRING, "parent login"},
+	{prop_chain + 6, "password", ef_chain_password, TYPE_STRING, "parent password"},
+	{NULL, "next", ef_chain_next, TYPE_CHAIN, "next"}
+};
+
+static struct property prop_period[] = {
+	{prop_period + 1, "fromtime", ef_period_fromtime, TYPE_TIME, "from time" },
+	{prop_period + 2, "totime", ef_period_totime, TYPE_TIME, "to time" },
+	{NULL, "next", ef_period_next, TYPE_PERIOD, "next"}
+};
+
+static struct property prop_ace[] = {
+	{prop_ace + 1, "type", ef_ace_type, TYPE_STRING, "ace action"},
+	{prop_ace + 2, "operations", ef_ace_operations, TYPE_OPERATIONS, "request type"},
+	{prop_ace + 3, "users", ef_ace_users, TYPE_USERLIST, "list of users"},
+	{prop_ace + 4, "src", ef_ace_src, TYPE_IPLIST, "list of source ips"},
+	{prop_ace + 5, "dst", ef_ace_dst, TYPE_IPLIST, "list of destination ips"},
+	{prop_ace + 6, "ports", ef_ace_ports, TYPE_PORTLIST, "list of destination ports"},
+	{prop_ace + 7, "chain", ef_ace_chain, TYPE_CHAIN, "redirect to parent(s)"},
+	{prop_ace + 8, "wdays", ef_ace_weekdays, TYPE_WEEKDAYS, "days of week"},
+	{prop_ace + 9, "periods", ef_ace_period, TYPE_PERIOD, "time of the day"},
+	{NULL, "next", ef_ace_next, TYPE_ACE, "next"}
+};
+
+static struct property prop_bandlimit[] = {
+	{prop_bandlimit + 1, "ace", ef_bandlimit_ace, TYPE_ACE, "acl to apply"},
+	{prop_bandlimit + 2, "rate", ef_bandlimit_rate, TYPE_UNSIGNED, "max allowed bandwidth"},
+	{NULL, "next", ef_bandlimit_next, TYPE_BANDLIMIT, "next"}
+};
+
+static struct property prop_trafcounter[] = {
+	{prop_trafcounter + 1, "disabled", ef_trafcounter_disabled, TYPE_INTEGER, "counter status"},
+	{prop_trafcounter + 2, "ace", ef_trafcounter_ace, TYPE_ACE, "traffic to count"},
+	{prop_trafcounter + 3, "number", ef_trafcounter_number, TYPE_UNSIGNED, "counter number"},
+	{prop_trafcounter + 4, "type", ef_trafcounter_type, TYPE_ROTATION, "rotation type"},
+	{prop_trafcounter + 5, "traffic", ef_trafcounter_traffic, TYPE_TRAFFIC, "counter value"},
+	{prop_trafcounter + 6, "limit", ef_trafcounter_limit, TYPE_TRAFFIC, "counter limit"},
+	{prop_trafcounter + 7, "cleared", ef_trafcounter_cleared, TYPE_DATETIME, "last rotated"},
+	{prop_trafcounter + 8, "updated", ef_trafcounter_updated, TYPE_DATETIME, "last updated"},
+	{prop_trafcounter + 9, "comment", ef_trafcounter_comment, TYPE_STRING, "counter comment"},
+	{NULL, "next", ef_trafcounter_next, TYPE_TRAFCOUNTER}
+};
+
+/*
+*/
+
+static struct property prop_server[] = {
+	{prop_server + 1, "servicetype", ef_server_type, TYPE_STRING, "type of the service/client"},
+	{prop_server + 2, "target", ef_server_target, TYPE_STRING, "portmapper target ip"},
+	{prop_server + 3, "targetport", ef_server_targetport, TYPE_PORT, "portmapper target port"},
+	{prop_server + 4, "starttime", ef_server_starttime, TYPE_DATETIME, "service started seconds"},
+	{prop_server + 5, "intip", ef_server_intip, TYPE_IP, "ip address of internal interface"},
+	{prop_server + 6, "extip", ef_server_extip, TYPE_IP, "ip address of external interface"},
+	{prop_server + 7, "intport", ef_server_intport, TYPE_PORT, "port to listen"},
+	{prop_server + 8, "extport", ef_server_extport, TYPE_PORT, "port to use for outgoing connection"},
+	{prop_server + 9, "auth", ef_server_auth, TYPE_STRING, "service authentication type"},
+	{prop_server + 10, "acl", ef_server_acl, TYPE_ACE, "access control list"},
+	{prop_server + 11, "singlepacket", ef_server_singlepacket, TYPE_INTEGER, "is single packet redirection"},
+	{prop_server + 12, "usentlm", ef_server_usentlm, TYPE_INTEGER, "allow NTLM authentication"},
+	{prop_server + 13, "log", ef_server_log, TYPE_STRING, "type of logging"},
+	{prop_server + 14, "logtarget", ef_server_logtarget, TYPE_STRING, "log target options"},
+	{prop_server + 15, "logformat", ef_server_logformat, TYPE_STRING, "logging format string"},
+	{prop_server + 16, "nonprintable", ef_server_nonprintable, TYPE_STRING, "non printable characters"},
+	{prop_server + 17, "replacement", ef_server_replacement, TYPE_CHAR, "replacement character"},
+	{prop_server + 18, "childcount", ef_server_childcount, TYPE_INTEGER, "number of servers connected"},
+	{prop_server + 19, "child", ef_server_child, TYPE_CLIENT, "connected clients"},
+	{NULL, "next", ef_server_next, TYPE_SERVER, "next"}
+};
+
+
+static struct property prop_client[] = {
+	{prop_client + 1, "servicetype", ef_client_type, TYPE_STRING, "type of the client"},
+	{prop_client + 2, "threadid", ef_client_threadid, TYPE_INTEGER, "process thread id"},
+	{prop_client + 3, "starttime", ef_client_starttime, TYPE_DATETIME, "client started seconds"},
+	{prop_client + 4, "starttime_msec", ef_client_starttime_msec, TYPE_UNSIGNED, "client started milliseconds"},
+	{prop_client + 5, "redirected", ef_client_redirected, TYPE_INTEGER, "number of redirections"},
+	{prop_client + 6, "operation", ef_client_operation, TYPE_OPERATIONS, "action requested by client"},
+	{prop_client + 7, "hostname", ef_client_hostname, TYPE_STRING, "name of the requested host"},
+	{prop_client + 8, "extusername", ef_client_extusername, TYPE_STRING, "username for requested host"},
+	{prop_client + 9, "extpassword", ef_client_extpassword, TYPE_STRING, "password for requested host"},
+	{prop_client + 10, "username", ef_client_username, TYPE_STRING, "client username"},
+	{prop_client + 11, "password", ef_client_password, TYPE_STRING, "client password"},
+	{prop_client + 12, "cliip", ef_client_cliip, TYPE_IP, "client ip"},
+	{prop_client + 13, "cliport", ef_client_cliport, TYPE_PORT, "client port"},
+	{prop_client + 14, "srvip", ef_client_srvip, TYPE_IP, "target server ip"},
+	{prop_client + 15, "srvport", ef_client_srvport, TYPE_PORT, "target server port"},
+	{prop_client + 16, "reqip", ef_client_reqip, TYPE_IP, "requested server ip"},
+	{prop_client + 17, "reqport", ef_client_reqport, TYPE_PORT, "requested server port"},
+	{prop_client + 18, "bytesin", ef_client_bytesin, TYPE_UNSIGNED, "bytes from server to client"},
+	{prop_client + 19, "bytesout", ef_client_bytesout, TYPE_UNSIGNED, "bytes from client to server"},
+	{prop_client + 20, "pwtype", ef_client_pwtype, TYPE_INTEGER, "type of client password"},
+	{prop_client + 21, "maxtrafin", ef_client_maxtrafin, TYPE_UNSIGNED, "maximum traffic allowed for download"},
+	{prop_client + 22, "maxtrafout", ef_client_maxtrafout, TYPE_UNSIGNED, "maximum traffic allowed for upload"},
+	{NULL, "next", ef_client_next, TYPE_CLIENT, "next"}
+
+	
+};
+
+struct datatype datatypes[64] = {
+	{"integer", NULL, pr_integer, NULL},
+	{"short", NULL, pr_short, NULL},
+	{"char", NULL, pr_char, NULL},
+	{"unsigned", NULL, pr_unsigned, NULL},
+	{"traffic", NULL, pr_traffic, NULL},
+	{"port", NULL, pr_port, NULL},
+	{"ip", NULL, pr_ip, NULL},
+	{"cidr", NULL, pr_cidr, NULL},
+	{"string", NULL, pr_string, NULL},
+	{"datetime", NULL, pr_datetime, NULL},
+	{"operations", NULL, pr_operations, NULL},
+	{"rotation", NULL, pr_rotation, NULL},
+	{"portlist", ef_portlist_next, pr_portlist, prop_portlist},
+	{"iplist", ef_iplist_next, pr_iplist, prop_iplist},
+	{"userlist", ef_userlist_next, pr_userlist, prop_userlist},
+	{"pwlist", ef_pwlist_next, NULL, prop_pwlist},
+	{"chain", ef_chain_next, NULL, prop_chain},
+	{"ace", ef_ace_next, NULL, prop_ace},
+	{"bandlimit", ef_bandlimit_next, NULL, prop_bandlimit},
+	{"trafcounter", ef_trafcounter_next, NULL, prop_trafcounter},
+	{"client", ef_client_next, NULL, prop_client},
+	{"weekdays", NULL, pr_wdays, NULL},
+	{"time", NULL, pr_time, NULL},
+	{"period", ef_period_next, NULL, prop_period},
+	{"server", ef_server_next, NULL, prop_server}
+};

src/dighosts.c

@@ -0,0 +1,142 @@
+/*
+ * Copyright (c) 2000-2008 3APA3A
+ *
+ * please read License Agreement
+ *
+ * $Id: dighosts.c,v 1.10 2009/10/06 08:38:00 v.dubrovin Exp $
+ */
+
+#include "proxy.h"
+
+
+int sockgetchar(SOCKET sock, int timeosec, int timeousec){
+ unsigned char buf;
+ fd_set fds;
+ struct timeval tv;
+
+ tv.tv_sec = timeosec;
+ tv.tv_usec = timeousec;
+ FD_ZERO(&fds);
+ FD_SET(sock, &fds);
+ if (select (((int)sock)+1, &fds, NULL, NULL, &tv)!=1) return EOF;
+ if (recv(sock, &buf, 1, 0)!=1) return EOF;
+ return((int)buf);
+}
+
+
+int sockgetline(SOCKET sock, unsigned char * buf, int bufsize, int delim, int to){
+ int c;
+ int i=0, tos, tou;
+ if(bufsize<2) return 0;
+ c = sockgetchar(sock, to, 0);
+ if (c == EOF) {
+	return 0;
+ }
+ tos = to/16;
+ tou = ((to * 1000) / bufsize)%1000;
+ do {
+	buf[i++] = c;
+	if(delim != EOF && c == delim) break;
+ }while(i < bufsize && (c = sockgetchar(sock, tos, tou)) != EOF);
+ return i;
+}
+
+
+unsigned char request[] = "GET %.1024s HTTP/1.0\r\nHost: %.256s\r\n\r\n";
+
+int main(int argc, char *argv[]){
+	unsigned char *host, *hostend;
+	SOCKET sock;
+	struct sockaddr_in sa;
+	FILE *fp;
+	unsigned char buf[16000];
+	int i;
+	unsigned x,y,z,w,cidr, x1,y1,z1,w1, mask;
+	int first = 1;
+
+#ifdef _WIN32
+ WSADATA wd;
+ WSAStartup(MAKEWORD( 1, 1 ), &wd);
+#endif
+
+	if(argc < 3 || argc > 4 || (argc == 4 && (argv[1][0] != '-' || argv[1][1] != 'm'))) {
+		fprintf(stderr, "Usage: %s [-m] <URL> <FILE>\n"
+				" program retrieves requested <URL> and builds comma delimited list of networks\n"
+				" list than stored in <FILE>\n"
+				" networks are searched in xxx.yyy.zzz.www/cidr format\n"
+				" switches:\n"
+				"  -m networks are searched in xxx.yyy.zzz.www mmm.mmm.mmm.mmm format\n"
+				"\n(c)2002 by 3APA3A\n",
+				argv[0]);
+		return 1;
+	}
+	if(strncasecmp(argv[argc-2], "http://", 7)) {
+		fprintf(stderr, "URL must be HTTP://\n");
+		return 2;
+	}
+	hostend = (unsigned char *)strchr((char *)argv[argc-2] + 7, '/');
+	if(!hostend) {
+		fprintf(stderr, "Wrong URL syntaxis\n");
+		return 3;
+	}
+	*hostend = 0;
+	if(!(host = (unsigned char *)strdup((char *)argv[argc-2] + 7))) {
+		return 4;
+	}
+	*hostend = '/';
+	if(!(sa.sin_addr.s_addr = getip(host))) {
+		fprintf(stderr, "Unable to resolve %s\n", host);
+		return 5;
+	}
+	sa.sin_port = htons(80);
+	sa.sin_family = AF_INET;
+	if((sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == INVALID_SOCKET) return 6;
+	sprintf((char *)buf, (char *)request, hostend, host);
+	if(connect(sock,(struct sockaddr *)&sa,sizeof(sa))) {
+		fprintf(stderr, "Unable to connect: %s\n", host);
+		return 8;
+	}
+	if(send(sock, buf, (int)strlen((char *)buf), 0) != (int)strlen((char *)buf)) return 9;
+	while( (i = sockgetline(sock, buf, sizeof(buf) - 1, '\n', 30)) > 2);
+	if(i<1) return 9;
+	if(!(fp = fopen(argv[argc-1], "w"))) {
+		fprintf(stderr, "Unable to open: %s\n", argv[2]);
+		return 7;
+	}
+	while( (i = sockgetline(sock, buf, sizeof(buf) - 1, '\n', 30)) > 0){
+		buf[i] = 0;
+		for(i = 0; buf[i]; i++){
+			if((buf[i]<'0' || buf[i] > '9') && buf[i] != '.' && buf[i] != '/')buf[i] = ' ';
+		}
+		if(argc == 3){
+			if((i=sscanf((char *)buf, "%u.%u.%u.%u/%u", &x, &y, &z, &w, &cidr)) == 5 &&
+					x<256 && y<256 && z<256 && w<256 &&
+					cidr <= 32){
+				if(!first)fprintf(fp, ",");
+				fprintf(fp, "%u.%u.%u.%u/%u", x, y, z, w, cidr);
+				first = 0;
+			}
+		}
+		else{
+			if((i = sscanf((char *)buf, "%u.%u.%u.%u %u.%u.%u.%u", &x, &y, &z, &w, &x1, &y1, &z1, &w1)) == 8 &&
+					x<256 && y<256 && z<256 && w<256 &&
+					x1<256 && y1<256 && z1<256 && w1<256
+					){
+				mask = (x1<<24)|(y1<<16)|(z1<<8)|w1;
+				for(cidr = 0; cidr <= 32; cidr++)if((((unsigned long)(0xFFFFFFFF))<<(32-cidr)) == mask) break;
+				if(cidr > 32) continue;
+				if(!first)fprintf(fp, ",");
+				fprintf(fp, "%u.%u.%u.%u/%u", x, y, z, w, cidr);
+				first = 0;
+			}
+		}
+	}
+	shutdown(sock, SHUT_RDWR);
+#ifdef _WIN32
+	closesocket(sock);
+#else
+	close(sock);
+#endif
+	fclose(fp);
+	return 0;
+}

src/dnspr.c

@@ -0,0 +1,196 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: dnspr.c,v 1.22 2009/09/17 12:21:05 v.dubrovin Exp $
+*/
+
+#include "proxy.h"
+
+#ifndef UDP
+#define UDP
+#endif
+#define RETURN(xxx) { param->res = xxx; goto CLEANRET; }
+
+#define BUFSIZE 4096
+
+
+void * dnsprchild(struct clientparam* param) {
+ unsigned long ip = 0;
+ unsigned char *buf, *s1, *s2;
+ char * host = NULL;
+ unsigned char c;
+ SASIZETYPE size;
+ int res, i;
+ int len;
+ unsigned type=0;
+ unsigned ttl;
+#ifdef _WIN32
+	unsigned long ul = 1;
+#endif
+
+
+ if(!(buf = myalloc(BUFSIZE))){
+	param->srv->fds.events = POLLIN;
+	RETURN (21);
+ }
+ size = sizeof(struct sockaddr_in);
+ i = so._recvfrom(param->srv->srvsock, buf, BUFSIZE, 0, (struct sockaddr *)&param->sinc, &size); 
+#ifdef _WIN32
+	if((param->clisock=so._socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == INVALID_SOCKET) {
+		RETURN(818);
+	}
+	ioctlsocket(param->clisock, FIONBIO, &ul);
+	size = sizeof(struct sockaddr_in);
+	if(so._getsockname(param->srv->srvsock, (struct sockaddr *)&param->sins, &size)) {RETURN(21);};
+	if(so._setsockopt(param->clisock, SOL_SOCKET, SO_REUSEADDR, (unsigned char *)&ul, sizeof(int))) {RETURN(820);};
+	if(so._bind(param->clisock,(struct sockaddr *)&param->sins,sizeof(struct sockaddr_in))) {
+		RETURN(822);
+	}
+
+#else
+	param->clisock = param->srv->srvsock;
+#endif
+ param->srv->fds.events = POLLIN;
+
+ if(i < 0) {
+	RETURN(813);
+ }
+ buf[BUFSIZE - 1] = 0;
+ if(i<=13 || i>1000){
+	RETURN (814);
+ }
+ param->operation = DNSRESOLVE;
+ if((res = (*param->srv->authfunc)(param))) {RETURN(res);}
+ 
+ if(buf[4]!=0 || buf[5]!=1) RETURN(816);
+ for(len = 12; len<i; len+=(c+1)){
+	c = buf[len];
+	if(!c)break;
+	buf[len] = '.';
+ }
+ if(len > (i-4)) {RETURN(817);}
+
+ host = mystrdup((char *)buf+13);
+ if(!host) {RETURN(21);}
+
+ for(s2 = buf + 12; (s1 = (unsigned char *)strchr((char *)s2 + 1, '.')); s2 = s1)*s2 = (unsigned char)((s1 - s2) - 1); 
+ *s2 = (len - (int)(s2 - buf)) - 1;
+
+ type = ((unsigned)buf[len+1])*256 + (unsigned)buf[len+2];
+ if(type==1){
+ 	 ip = udpresolve((unsigned char *)host, &ttl, param, 0);
+ }
+
+ len+=5;
+
+ if(ip){
+	buf[2] = 0x85;
+	buf[3] = 0x80;
+	buf[6] = 0;
+	buf[7] = 1;
+	buf[8] = buf[9] = buf[10] = buf[11] = 0;
+ 	memset(buf+len, 0, 16);
+	buf[len] = 0xc0;
+	buf[len+1] = 0x0c;
+	buf[len+3] = 1;
+	buf[len+5] = 1;
+	ttl = htonl(ttl);
+	memcpy(buf + len + 6, &ttl, 4);
+	buf[len+11] = 4;
+	memcpy(buf+len+12,(void *)&ip,4);
+	len+=16;
+ }
+ if(type == 0x0c) {
+	unsigned a, b, c, d;
+	sscanf(host, "%u.%u.%u.%u", &a, &b, &c, &d);
+	ip = htonl((d<<24) ^ (c<<16) ^ (b<<8) ^ a);
+	if(ip == param->srv->intip){
+		buf[2] = 0x85;
+		buf[3] = 0x80;
+		buf[6] = 0;
+		buf[7] = 1;
+		buf[8] = buf[9] = buf[10] = buf[11] = 0;
+	 	memset(buf+len, 0, 20);
+		buf[len] = 0xc0;
+		buf[len+1] = 0x0c;
+		buf[len+3] = 0x0c;
+		buf[len+5] = 1;
+		ttl = htonl(3600);
+		memcpy(buf + len + 6, &ttl, 4);
+		buf[len+11] = 7;
+		buf[len+12] = 6;
+		memcpy(buf+len+13,(void *)"3proxy",6);
+		len+=20;
+	}
+	else ip = 0;
+ }
+ if(!ip && nservers[0] && type!=1){
+	if((param->remsock=so._socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == INVALID_SOCKET) {
+		RETURN(818);
+	}
+#ifdef _WIN32
+	ioctlsocket(param->remsock, FIONBIO, &ul);
+#else
+	fcntl(param->remsock,F_SETFL,O_NONBLOCK);
+#endif
+	param->sins.sin_family = AF_INET;
+	param->sins.sin_port = htons(0);
+	param->sins.sin_addr.s_addr = htonl(0);
+	if(so._bind(param->remsock,(struct sockaddr *)&param->sins,sizeof(struct sockaddr_in))) {
+		RETURN(819);
+	}
+	param->sins.sin_addr.s_addr = nservers[0];
+	param->sins.sin_port = htons(53);
+	if(socksendto(param->remsock, &param->sins, buf, i, conf.timeouts[SINGLEBYTE_L]*1000) != i){
+		RETURN(820);
+	}
+	param->statscli += i;
+	param->nwrites++;
+	len = sockrecvfrom(param->remsock, &param->sins, buf, BUFSIZE, 15000);
+	if(len <= 13) {
+		RETURN(821);
+	}
+	param->statssrv += len;
+	param->nreads++;
+	if(buf[6] || buf[7]){
+		if(socksendto(param->clisock, &param->sinc, buf, len, conf.timeouts[SINGLEBYTE_L]*1000) != len){
+			RETURN(822);
+		}
+		RETURN(0);
+	}
+
+ }
+ if(!ip) {
+	buf[2] = 0x85;
+	buf[3] = 0x83;
+ }
+ usleep(SLEEPTIME);
+ res = socksendto(param->clisock, &param->sinc, buf, len, conf.timeouts[SINGLEBYTE_L]*1000); 
+ if(res != len){RETURN(819);}
+ if(!ip) {RETURN(888);}
+
+CLEANRET:
+
+ if(param->res!=813){
+	sprintf((char *)buf, "%04x/%s(%u.%u.%u.%u)", 
+			(unsigned)type,
+			host?host:"",
+			(unsigned)(ntohl(ip)&0xff000000)>>24,
+			(unsigned)(ntohl(ip)&0x00ff0000)>>16,
+			(unsigned)(ntohl(ip)&0x0000ff00)>>8,
+			(unsigned)(ntohl(ip)&0x000000ff)
+	);
+	(*param->srv->logfunc)(param, buf);
+ }
+ if(buf)myfree(buf);
+ if(host)myfree(host);
+#ifndef _WIN32
+ param->clisock = INVALID_SOCKET;
+#endif
+ freeparam(param);
+ return (NULL);
+}
+

src/ftp.c

@@ -0,0 +1,233 @@
+/*
+ * Copyright (c) 2002-2008 3APA3A
+ *
+ * please read License Agreement
+ *
+ * $Id: ftp.c,v 1.34 2009/09/17 12:21:06 v.dubrovin Exp $
+ */
+
+#include "proxy.h"
+
+
+int ftplogin(struct clientparam *param, char *nbuf, int *innbuf) {
+	char tbuf[1024];
+	int i;
+	char *buf;
+	int len;
+	int res;
+
+	buf = nbuf?nbuf:tbuf;
+	len = nbuf?*innbuf:1024;
+
+	if(innbuf)*innbuf = 0;
+	if(len < 48) return 707;
+	while((i = sockgetlinebuf(param, SERVER, (unsigned char *)buf, len - 1, '\n', conf.timeouts[STRING_L])) > 0 && (i < 3 || !isnumber(*buf) || buf[3] == '-')){
+	}
+	if(i < 3) return 706;
+	buf[i] = 0;
+	if(atoi(buf)/100 != 2) {
+		*innbuf = i;
+		return 702;
+	}
+	sprintf(buf, "USER %.32s\r\n", param->extusername?param->extusername:(unsigned char *)"anonymous");
+	if((int)socksend(param->remsock, (unsigned char *)buf, (int)strlen(buf), conf.timeouts[STRING_S]) != (int)strlen(buf)){
+		return 703;
+	}
+	param->statscli += (int)strlen(buf);
+	param->nwrites++;
+	while((i = sockgetlinebuf(param, SERVER, (unsigned char *)buf, len - 1, '\n', conf.timeouts[STRING_L])) > 0 && (i < 3 || !isnumber(*buf) || buf[3] == '-')){
+	}
+	if(i < 3) return 704;
+	buf[i] = 0;
+	res = atoi(buf)/100;
+	if(res == 3){
+		sprintf(buf, "PASS %.32s\r\n", 
+			param->extusername?
+				(param->extpassword?
+					param->extpassword:(unsigned char *)"")
+				:(unsigned char *)"3proxy@");
+		res = (int)strlen(buf);
+		if((int)socksend(param->remsock, (unsigned char *)buf, res, conf.timeouts[STRING_S]) != (int)strlen(buf)){
+			return 705;
+		}
+		param->statscli += res;
+		param->nwrites++;
+		while((i = sockgetlinebuf(param, SERVER, (unsigned char *)buf, len - 1, '\n', conf.timeouts[STRING_L])) > 0){
+			buf[i] = 0;
+			res = (i>3 && buf[3] != '-')? atoi(buf)/100 : 0;
+			if(res || (nbuf && (len-i) > 256 && i > 3)) {
+				buf += i;
+				len -= i;
+				if(innbuf)*innbuf += i;
+			}
+			if(res) break;
+		}
+		if(i < 3) {
+			return 701;
+		}
+	}
+	if(res != 2) {
+		return 700;
+	}
+	return 0;
+}
+
+int ftpcd(struct clientparam *param, unsigned char* path, char *nbuf, int *innbuf){
+	char buf[1024];
+	int i;
+	int inbuf = 0;
+
+	sprintf(buf, "CWD %.512s\r\n", path);
+	if((int)socksend(param->remsock, (unsigned char *)buf, (int)strlen(buf), conf.timeouts[STRING_S]) != (int)strlen(buf)){
+		return 711;
+	}
+	param->statscli += (int)strlen(buf);
+	param->nwrites++;
+	while((i = sockgetlinebuf(param, SERVER, (unsigned char *)buf, sizeof(buf) - 1, '\n', conf.timeouts[STRING_L])) > 0 && (i < 3 || !isnumber(*buf) || buf[3] == '-')){
+		if(nbuf && innbuf && inbuf + i < *innbuf && i > 6) {
+			memcpy(nbuf + inbuf, buf, i);
+			inbuf += i;
+		}
+	}
+	if(innbuf)*innbuf = inbuf;
+	if(i < 3) return 712;
+	buf[3] = 0;
+	if(buf[0] != '2') return 710;
+	return 0;
+}
+
+int ftpres(struct clientparam *param, unsigned char * buf, int l){
+	int i;
+
+	if (l < 16) return 755;
+	while((i = sockgetlinebuf(param, SERVER, buf, l - 1, '\n', conf.timeouts[STRING_L])) > 0 && (i < 3 || !isnumber(*buf) || buf[3] == '-')){
+	}
+	buf[i] = 0;
+	if(i < 3) return 751;
+	if(buf[0] != '2' && buf[0] != '1') return 750;
+	return 0;
+}
+
+int ftpsyst(struct clientparam *param, unsigned char *buf, unsigned len){
+	int i;
+
+	if(socksend(param->remsock, (unsigned char *)"SYST\r\n", 6, conf.timeouts[STRING_S]) != 6){
+		return 721;
+	}
+	param->statscli+=6;
+	param->nwrites++;
+	while((i = sockgetlinebuf(param, SERVER, buf, len - 1, '\n', conf.timeouts[STRING_L])) > 0 && (i < 3 || !isnumber(*buf) || buf[3] == '-')){
+	}
+	if(i < 7) return 722;
+	buf[3] = 0;
+	if(atoi((char *)buf)/100 != 2) return 723;
+	buf[i-2] = 0;
+	strcpy((char *)buf, (char *)buf+4);
+	return 0;
+}
+
+int ftppwd(struct clientparam *param, unsigned char *buf, unsigned len){
+	int i;
+	char *b, *e;
+
+	if(socksend(param->remsock, (unsigned char *)"PWD\r\n", 5, conf.timeouts[STRING_S]) != 5){
+		return 731;
+	}
+	param->statscli += 5;
+	param->nwrites++;
+	while((i = sockgetlinebuf(param, SERVER, buf, len - 1, '\n', conf.timeouts[STRING_L])) > 0 && (i < 3 || !isnumber(*buf) || buf[3] == '-')){
+	}
+	if(i < 7) return 732;
+	buf[3] = 0;
+	if(atoi((char *)buf)/100 != 2) return 733;
+	buf[i-2] = 0;
+	b = (char *)buf+4;
+	if(*b == '\"' && (e = strchr(b+1, '\"'))){
+		b++;
+		*e = 0;
+	}
+	strcpy((char *)buf, b);
+	return 0;
+}
+
+int ftptype(struct clientparam *param, unsigned char* f_type){
+	char buf[1024];
+	int i;
+
+	sprintf(buf, "TYPE %.512s\r\n", f_type);
+	if((int)socksend(param->remsock, (unsigned char *)buf, (int)strlen(buf), conf.timeouts[STRING_S]) != (int)strlen(buf)){
+		return 741;
+	}
+	param->statscli += (int)strlen(buf);
+	param->nwrites++;
+	while((i = sockgetlinebuf(param, SERVER, (unsigned char *)buf, sizeof(buf) - 1, '\n', conf.timeouts[STRING_L])) > 0 && (i < 3 || !isnumber(*buf) || buf[3] == '-')){
+	}
+	if(i < 3) return 742;
+	if(buf[0] != '2') return 740;
+	return 0;
+}
+
+
+SOCKET ftpdata(struct clientparam *param){
+	char buf[1024];
+	int i;
+	char *sb, *se;
+	SOCKET s = INVALID_SOCKET, rem;
+	unsigned long b1, b2, b3, b4;
+	unsigned short b5, b6;
+
+	if(socksend(param->remsock, (unsigned char *)"PASV\r\n", 6, conf.timeouts[STRING_S]) != 6){
+		return INVALID_SOCKET;
+	}
+	param->statscli+=6;
+	param->nwrites++;
+	while((i = sockgetlinebuf(param, SERVER, (unsigned char *)buf, sizeof(buf) - 1, '\n', conf.timeouts[STRING_L])) > 0 && (i < 3 || !isnumber(*buf) || buf[3] == '-')){
+	}
+	if(i < 7) return INVALID_SOCKET;
+	if(buf[0] != '2') return INVALID_SOCKET;
+	buf[i-2] = 0;
+	if(!(sb = strchr(buf+4, '(')) || !(se= strchr(sb, ')'))) return INVALID_SOCKET;
+	if(sscanf(sb+1, "%lu,%lu,%lu,%lu,%hu,%hu", &b1, &b2, &b3, &b4, &b5, &b6)!=6) return INVALID_SOCKET;
+	rem = param->remsock;
+	param->remsock = INVALID_SOCKET;
+	param->req.sin_family = AF_INET;
+	param->req.sin_port = param->sins.sin_port = htons((unsigned short)((b5<<8)^b6));
+	param->req.sin_addr.s_addr = param->sins.sin_addr.s_addr = htonl((b1<<24)^(b2<<16)^(b3<<8)^b4);
+	i = param->operation;
+	param->operation = FTP_DATA;
+	if((param->res = (*param->srv->authfunc)(param))) return INVALID_SOCKET;
+	param->operation = i;
+	s = param->remsock;
+	param->remsock = rem;
+	return s;
+}
+
+SOCKET ftpcommand(struct clientparam *param, unsigned char * command, unsigned char  *arg) {
+	char buf[1024];
+	int i;
+	SOCKET s;
+
+
+	s = ftpdata(param);
+	if(s==INVALID_SOCKET) return INVALID_SOCKET;
+	sprintf(buf, "%.15s%s%.512s\r\n", command, arg?
+		(unsigned char *)" ":(unsigned char *)"", 
+		arg?arg:(unsigned char *)"");
+	if((int)socksend(param->remsock, (unsigned char *)buf, (int)strlen(buf), conf.timeouts[STRING_S]) != (int)strlen(buf)){
+		so._closesocket(s);
+		return INVALID_SOCKET;
+	}
+	param->statscli += (int)strlen(buf);
+	param->nwrites++;
+	while((i = sockgetlinebuf(param, SERVER, (unsigned char *)buf, sizeof(buf) - 1, '\n', conf.timeouts[STRING_L])) > 0 && (i < 3 || !isnumber(*buf) || buf[3] == '-')){
+	}
+	if(i < 3) {
+		so._closesocket(s);
+		return INVALID_SOCKET;
+	}
+	if(buf[0] != '1') {
+		so._closesocket(s);
+		return INVALID_SOCKET;
+	}
+	return s;
+}

src/ftppr.c

@@ -0,0 +1,329 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: ftppr.c,v 1.45 2011-08-15 19:52:27 vlad Exp $
+*/
+
+#include "proxy.h"
+
+#define RETURN(xxx) { param->res = xxx; goto CLEANRET; }
+#define BUFSIZE 2048
+
+void * ftpprchild(struct clientparam* param) {
+ int i=0, res;
+ unsigned char *buf;
+ unsigned char *se;
+ int status = 0;
+ int inbuf;
+ int pasv = 0;
+ SOCKET sc = INVALID_SOCKET, ss = INVALID_SOCKET, clidatasock = INVALID_SOCKET;
+ SASIZETYPE sasize;
+ char * req = NULL;
+ struct linger lg;
+ struct pollfd fds;
+
+ if(!(buf = myalloc(BUFSIZE))) RETURN(876);
+ param->ctrlsock = param->clisock;
+ param->operation = CONNECT;
+ lg.l_onoff = 1;
+ lg.l_linger = conf.timeouts[STRING_L];;
+ if(socksend(param->ctrlsock, (unsigned char *)"220 Ready\r\n", 11, conf.timeouts[STRING_S])!=11) {RETURN (801);}
+ for(;;){
+	i = sockgetlinebuf(param, CLIENT, buf, BUFSIZE - 10, '\n', conf.timeouts[CONNECTION_S]);
+	if(!i) {
+		RETURN(0);
+	}
+	if(i<4) {RETURN(802);}
+	buf[i] = 0;
+	if ((se=(unsigned char *)strchr((char *)buf, '\r'))) *se = 0;
+	if (req) myfree (req);
+	req = NULL;
+
+(*param->srv->logfunc)(param, buf);
+
+	if (!strncasecmp((char *)buf, "OPEN ", 5)){
+		if(parsehostname((char *)buf+5, param, 21)){RETURN(803);}
+		if(param->remsock != INVALID_SOCKET) {
+			so._shutdown(param->remsock, SHUT_RDWR);
+			so._closesocket(param->remsock);
+			param->remsock = INVALID_SOCKET;
+		}
+		if((res = (*param->srv->authfunc)(param))) {RETURN(res);}
+		param->ctrlsocksrv = param->remsock;
+		if(socksend(param->ctrlsock, (unsigned char *)"220 Ready\r\n", 11, conf.timeouts[STRING_S])!=11) {RETURN (801);}
+		status = 1;
+	}
+	else if (!strncasecmp((char *)buf, "USER ", 5)){
+		if(parseconnusername((char *)buf +5, param, 0, 21)){RETURN(804);}
+		if(!status){
+			if((res = (*param->srv->authfunc)(param))) {RETURN(res);}
+			param->ctrlsocksrv = param->remsock;
+		}
+		if(socksend(param->ctrlsock, (unsigned char *)"331 ok\r\n", 8, conf.timeouts[STRING_S])!=8) {RETURN (807);}
+		status = 2;
+
+	}
+	else if (!strncasecmp((char *)buf, "PASS ", 5)){
+		param->extpassword = (unsigned char *)mystrdup((char *)buf+5);
+		inbuf = BUFSIZE;
+		res = ftplogin(param, (char *)buf, &inbuf);
+		param->res = res;
+		if(inbuf && inbuf != BUFSIZE && socksend(param->ctrlsock, buf, inbuf, conf.timeouts[STRING_S])!=inbuf) {RETURN (807);}
+		if(!res) status = 3;
+		sprintf((char *)buf, "%.64s@%.128s%c%hu", param->extusername, param->hostname, (ntohs(param->sins.sin_port)==21)?0:':', ntohs(param->sins.sin_port));
+		req = mystrdup((char *)buf);
+#ifndef WITHMAIN
+		{
+			int action, reqbufsize, reqsize;
+			reqbufsize = BUFSIZE;
+			reqsize = (int)strlen(buf) + 1;
+			
+			action = handlereqfilters(param, &buf, &reqbufsize, 0, &reqsize);
+			if(action == HANDLED){
+				RETURN(0);
+			}
+			if(action != PASS) RETURN(877);
+		}
+#endif
+	}
+	else if (status >= 3 && (
+			(!strncasecmp((char *)buf, "PASV", 4) && (pasv = 1)) ||
+			(!strncasecmp((char *)buf, "PORT ", 5) && !(pasv = 0))
+		)){
+#ifndef WITHMAIN
+		{
+			int action, reqbufsize, reqsize;
+			reqbufsize = BUFSIZE;
+			reqsize = (int)strlen(buf) + 1;
+			
+			action = handlehdrfilterscli(param, &buf, &reqbufsize, 0, &reqsize);
+			if(action == HANDLED){
+				RETURN(0);
+			}
+			if(action != PASS) RETURN(878);
+		}
+#endif
+		if(sc != INVALID_SOCKET) {
+			so._shutdown(sc, SHUT_RDWR);
+			so._closesocket(sc);
+			sc = INVALID_SOCKET;
+		}
+		if(ss != INVALID_SOCKET) {
+			so._shutdown(ss, SHUT_RDWR);
+			so._closesocket(ss);
+			ss = INVALID_SOCKET;
+		}
+		if(clidatasock != INVALID_SOCKET) {
+			so._shutdown(clidatasock, SHUT_RDWR);
+			so._closesocket(clidatasock);
+			clidatasock = INVALID_SOCKET;
+		}
+		if ((clidatasock=socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == INVALID_SOCKET) {RETURN(821);}
+		sasize = sizeof(struct sockaddr_in);
+		if (pasv) {
+			if(so._getsockname(param->ctrlsock, (struct sockaddr *)&param->sinc, &sasize)){RETURN(824);}
+			param->sinc.sin_port = 0;
+			if(so._bind(clidatasock, (struct sockaddr *)&param->sinc, sasize)){RETURN(822);}
+			if(so._listen(clidatasock, 1)) {RETURN(823);}
+			if(so._getsockname(clidatasock, (struct sockaddr *)&param->sinc, &sasize)){RETURN(824);}
+			sprintf((char *)buf, "227 OK (%u,%u,%u,%u,%u,%u)\r\n",
+				 (unsigned)(((unsigned char *)(&param->sinc.sin_addr.s_addr))[0]),
+				 (unsigned)(((unsigned char *)(&param->sinc.sin_addr.s_addr))[1]),
+				 (unsigned)(((unsigned char *)(&param->sinc.sin_addr.s_addr))[2]),
+				 (unsigned)(((unsigned char *)(&param->sinc.sin_addr.s_addr))[3]),
+				 (unsigned)(((unsigned char *)(&param->sinc.sin_port))[0]),
+				 (unsigned)(((unsigned char *)(&param->sinc.sin_port))[1])
+				);
+param->srv->logfunc(param,buf);
+		}
+		else {
+			unsigned long b1, b2, b3, b4;
+			unsigned short b5, b6;
+
+			if(sscanf((char *)buf+5, "%lu,%lu,%lu,%lu,%hu,%hu", &b1, &b2, &b3, &b4, &b5, &b6)!=6) {RETURN(828);}
+			param->sinc.sin_family = AF_INET;
+			param->sinc.sin_port = htons((unsigned short)((b5<<8)^b6));
+			param->sinc.sin_addr.s_addr = htonl((b1<<24)^(b2<<16)^(b3<<8)^b4);
+			if(so._connect(clidatasock, (struct sockaddr *)&param->sinc, sasize)) {
+				so._closesocket(clidatasock);
+				clidatasock = INVALID_SOCKET;
+				RETURN(826);
+			}
+			sprintf(buf, "200 OK\r\n");
+		}
+#ifndef WITHMAIN
+		{
+			int action, reqbufsize, reqsize;
+			reqbufsize = BUFSIZE;
+			reqsize = (int)strlen(buf) + 1;
+			
+			action = handlehdrfilterssrv(param, &buf, &reqbufsize, 0, &reqsize);
+			if(action == HANDLED){
+				RETURN(0);
+			}
+			if(action != PASS) RETURN(879);
+		}
+#endif
+		if(socksend(param->ctrlsock, buf, (int)strlen((char *)buf), conf.timeouts[STRING_S])!=(int)strlen((char *)buf)) {RETURN (825);}
+		status = 4;
+	}
+	else if (status == 4 && (
+		!(strncasecmp((char *)buf, "RETR ", 5) && (param->operation = FTP_GET)) ||
+		!(strncasecmp((char *)buf, "LIST", 4) && (param->operation = FTP_LIST))||
+		!(strncasecmp((char *)buf, "NLST ", 5) && (param->operation = FTP_LIST)) ||
+		!(strncasecmp((char *)buf, "APPE ", 5) && (param->operation = FTP_PUT)) ||
+		!(strncasecmp((char *)buf, "STOR ", 5) && (param->operation = FTP_PUT))
+	)){
+		int arg = (buf[4] && buf[5])? 1:0;
+		int ressent = 0;
+
+
+#ifndef WITHMAIN
+		{
+			int action, reqbufsize, reqsize;
+			reqbufsize = BUFSIZE;
+			reqsize = (int)strlen(buf) + 1;
+			
+			action = handlehdrfilterscli(param, &buf, &reqbufsize, 0, &reqsize);
+			if(action == HANDLED){
+				RETURN(0);
+			}
+			if(action != PASS) RETURN(880);
+		}
+#endif
+		if(clidatasock == INVALID_SOCKET) { RETURN (829);}
+		if(pasv){
+
+			memset(&fds, 0, sizeof(fds));
+			fds.fd = clidatasock;
+			fds.events = POLLIN;
+
+			res = so._poll (&fds, 1, conf.timeouts[STRING_L]*1000);
+			if(res != 1) {
+				RETURN(857);
+			}
+			sasize = sizeof(struct sockaddr_in);
+			ss = so._accept(clidatasock, (struct sockaddr *)&param->sinc, &sasize);
+			if (ss == INVALID_SOCKET) { RETURN (858);}
+			so._shutdown(clidatasock, SHUT_RDWR);
+			so._closesocket(clidatasock);
+			clidatasock = ss;
+			ss = INVALID_SOCKET;
+		}
+		if(clidatasock == INVALID_SOCKET){RETURN(828);}
+		req = mystrdup((char *)buf);
+		buf[4] = 0;
+		status = 3;
+		ss = ftpcommand(param, buf, arg? buf+5 : NULL);
+		if (ss == INVALID_SOCKET) {
+			so._shutdown(clidatasock, SHUT_RDWR);
+			so._closesocket(clidatasock);
+			clidatasock = INVALID_SOCKET;
+			
+			if(socksend(param->ctrlsock, (unsigned char *)"550 err\r\n", 9, conf.timeouts[STRING_S])!=9) {RETURN (831);}
+			continue;
+		}
+
+		if(socksend(param->ctrlsock, (unsigned char *)"125 data\r\n", 10, conf.timeouts[STRING_S]) != 10) {
+			param->remsock = INVALID_SOCKET;
+			RETURN (832);
+		}
+		if(param->srvoffset < param->srvinbuf)while((i = sockgetlinebuf(param, SERVER, buf, BUFSIZE, '\n', 0)) > 3){
+			if(socksend(param->ctrlsock, buf, i, conf.timeouts[STRING_S])!=i) {RETURN(833);}
+			if(isnumber(*buf) && buf[3] != '-') {
+				ressent = 1;
+				break;
+			}
+		}
+		sc = param->remsock;
+		param->remsock = ss;
+		so._setsockopt(param->remsock, SOL_SOCKET, SO_LINGER, (unsigned char *)&lg, sizeof(lg));
+		so._setsockopt(clidatasock, SOL_SOCKET, SO_LINGER, (unsigned char *)&lg, sizeof(lg));
+		param->clisock = clidatasock;
+		res = sockmap(param, conf.timeouts[CONNECTION_S]);
+		if(param->remsock != INVALID_SOCKET) {
+			so._shutdown (param->remsock, SHUT_RDWR);
+			so._closesocket(param->remsock);
+		}
+		if(param->clisock != INVALID_SOCKET) {
+			so._shutdown (param->clisock, SHUT_RDWR);
+			so._closesocket(param->clisock);
+		}
+		param->clisock = param->ctrlsock;
+		param->remsock = sc;
+		sc = INVALID_SOCKET;
+		ss = INVALID_SOCKET;
+		clidatasock = INVALID_SOCKET;
+		if(!ressent){
+			while((i = sockgetlinebuf(param, SERVER, buf, BUFSIZE, '\n', conf.timeouts[STRING_L])) > 3){
+				if(socksend(param->ctrlsock, buf, i, conf.timeouts[STRING_S])!=i) {RETURN(833);}
+				if(isnumber(*buf) && buf[3] != '-') break;
+			}
+			if(i < 3) {RETURN(834);}
+		}
+	}
+	else {
+		if(status < 3) {
+			if(socksend(param->remsock, (unsigned char *)"530 login\r\n", 11, conf.timeouts[STRING_S])!=1) {RETURN (810);}
+			continue;
+		}
+		if(!strncasecmp((char *)buf, "QUIT", 4)) status = 5;
+		if(!strncasecmp((char *)buf, "CWD ", 4)) req = mystrdup((char *)buf);
+		i = (int)strlen((char *)buf);
+		buf[i++] = '\r';
+		buf[i++] = '\n';
+		if(socksend(param->remsock, buf, i, conf.timeouts[STRING_S])!=i) {RETURN (811);}
+		param->statscli += i;
+		param->nwrites++;
+		while((i = sockgetlinebuf(param, SERVER, buf, BUFSIZE, '\n', conf.timeouts[STRING_L])) > 0){
+			if(socksend(param->ctrlsock, buf, i, conf.timeouts[STRING_S])!=i) {RETURN (812);}
+			if(i > 4 && isnumber(*buf) && buf[3] != '-') break;
+		}
+		if(status == 5) {RETURN (0);}
+		if(i < 3) {RETURN (813);}
+	}
+	sasize = sizeof(struct sockaddr_in);
+	if(so._getpeername(param->ctrlsock, (struct sockaddr *)&param->sinc, &sasize)){RETURN(819);}
+	if(req && (param->statscli || param->statssrv)){
+		(*param->srv->logfunc)(param, (unsigned char *)req);
+	}
+ }
+
+CLEANRET:
+
+ if(sc != INVALID_SOCKET) {
+	so._shutdown(sc, SHUT_RDWR);
+	so._closesocket(sc);
+ }
+ if(ss != INVALID_SOCKET) {
+	so._shutdown(ss, SHUT_RDWR);
+	so._closesocket(ss);
+ }
+ if(clidatasock != INVALID_SOCKET) {
+	so._shutdown(clidatasock, SHUT_RDWR);
+	so._closesocket(clidatasock);
+ }
+ sasize = sizeof(struct sockaddr_in);
+ so._getpeername(param->ctrlsock, (struct sockaddr *)&param->sinc, &sasize);
+ if(param->res != 0 || param->statscli || param->statssrv ){
+	(*param->srv->logfunc)(param, (unsigned char *)((req && (param->res > 802))? req:NULL));
+ }
+ if(req) myfree(req);
+ if(buf) myfree(buf);
+ freeparam(param);
+ return (NULL);
+}
+
+#ifdef WITHMAIN
+struct proxydef childdef = {
+	ftpprchild,
+	21,
+	0,
+	S_FTPPR,
+	" -hdefault_host[:port] - use this host and port as default if no host specified\n"
+};
+#include "proxymain.c"
+#endif

src/icqpr.c

@@ -0,0 +1,533 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: icqpr.c,v 1.30 2012-04-11 23:01:19 vlad Exp $
+*/
+
+#include "proxy.h"
+
+#ifndef PORTMAP
+#define PORTMAP
+#endif
+#define RETURN(xxx) { param->res = xxx; goto CLEANRET; }
+
+static void hexdump(unsigned char *data, int len){
+	for(; len; data++, len--){
+		printf("%02x", (unsigned)*data);
+	}
+	printf("\n");
+}
+
+struct flap_header {
+	unsigned char id;
+	unsigned char chan;
+	unsigned short seq;
+	unsigned short size;
+	char data[0];
+};
+
+struct snack_header {
+	unsigned family;
+	unsigned short flags;
+	unsigned id;
+	char data[0];
+};
+
+struct tlv_header {
+	unsigned short type;
+	unsigned short size;
+	char data[0];
+};
+
+
+typedef enum {
+	ONBEGIN = 0,
+	ONCHAN,
+	ONSEQ1,
+	ONSEQ2,
+	ONSIZE1,
+	ONSIZE2,
+	ONDATA
+} ICQSTATE;
+
+struct icqstate {
+	ICQSTATE state;
+	int leftinstate;
+	unsigned short seq;
+	unsigned short srvseq;
+	unsigned short gotseq;
+	unsigned short resyncseq;
+	char channel;
+};
+
+
+
+
+
+typedef enum {
+	ICQUNKNOWN,
+	ICQCLEAR,
+	ICQMD5,
+	ICQCOOKIE
+} LOGINTYPE;
+
+
+struct icq_cookie {
+	struct icq_cookie *next;
+	char *id;
+	int size;
+	char * cookie;
+	char * connectstring;
+};
+
+static struct icq_cookie *icq_cookies = NULL;
+pthread_mutex_t icq_cookie_mutex;
+int icq_cookie_mutex_init = 0;
+
+
+static void icq_clear(void *fo){
+};
+
+static void addbuffer(int increment, struct clientparam * param, unsigned char ** buf_p, int * bufsize_p, int * length_p){
+	int bufsize = *length_p + increment + 40;
+	unsigned char *newbuf;
+	int len = 0;
+
+	
+	if(bufsize > *bufsize_p){
+		newbuf = myalloc(bufsize);
+		if(!newbuf) return;
+		memcpy(newbuf, *buf_p, *length_p);
+		myfree(*buf_p);
+		*buf_p = newbuf;
+		*bufsize_p = bufsize;
+	}
+	if(increment) len = sockrecvfrom(param->remsock, &param->sins, *buf_p + *length_p, increment, conf.timeouts[STRING_S]*1000);
+	if(len > 0) {
+		*length_p += len;
+		param->nreads++;
+		param->statssrv += len;
+	}
+	return;
+}
+
+
+
+static int searchcookie(struct clientparam *param, struct flap_header * flap, int len, int * dif, struct tlv_header *tlv, int extra){
+ struct icq_cookie *ic;
+ char smallbuf[32];
+ struct tlv_header *bostlv = NULL;
+ struct sockaddr_in sa;
+ SASIZETYPE size = sizeof(sa);
+ int movelen = 0;
+
+	if(!icq_cookie_mutex_init){
+		pthread_mutex_init(&icq_cookie_mutex, NULL);
+		icq_cookie_mutex_init = 1;
+	}
+	pthread_mutex_lock(&icq_cookie_mutex);
+	for(ic = icq_cookies; ic; ic = ic->next)if(!strcmp(param->username, ic->id))break;
+	if(!ic){
+		ic = myalloc(sizeof(struct icq_cookie));
+		memset(ic, 0, sizeof(struct icq_cookie));
+		ic->id = mystrdup(param->username);
+		ic->next = icq_cookies;
+		icq_cookies = ic;
+	}
+	for(; ntohs(tlv->size) < 65500 && len >= (ntohs(tlv->size) + 4); len -= (ntohs(tlv->size) + 4), tlv = (struct tlv_header *)(tlv->data + ntohs(tlv->size))){
+		if(ntohs(tlv->type) == 0x0006){
+			if(ic->cookie)myfree(ic->cookie);
+			ic->cookie = myalloc(ntohs(tlv->size));
+			memcpy(ic->cookie, tlv->data, ntohs(tlv->size));
+			ic->size = tlv->size;
+		}
+		else if(ntohs(tlv->type) == 0x0005){
+			if(ic->connectstring)myfree(ic->connectstring);
+			ic->connectstring = myalloc(ntohs(tlv->size)+1);
+			memcpy(ic->connectstring, tlv->data, ntohs(tlv->size));
+			ic->connectstring[ntohs(tlv->size)] = 0;
+			bostlv = tlv;
+			movelen = extra + (len - 4) - ntohs(bostlv->size);
+		}
+
+	}
+	if(!ic->connectstring || !ic->cookie){
+		if(ic->cookie)myfree(ic->cookie);
+		if(ic->connectstring)myfree(ic->connectstring);
+		ic->cookie = NULL;
+		ic->connectstring = NULL;
+		ic->size = 0;
+		bostlv = NULL;
+	}
+	pthread_mutex_unlock(&icq_cookie_mutex);
+	if(bostlv){
+		if(so._getsockname(param->clisock, (struct sockaddr *)&sa, &size)==-1) return 1;
+		len = myinet_ntoa(sa.sin_addr, smallbuf);
+		if(strchr(ic->connectstring, ':'))sprintf(smallbuf+len, ":%hu", ntohs(sa.sin_port));
+		len = (int)strlen(smallbuf);
+		*dif = len - (int)ntohs(bostlv->size);
+		if(*dif != 0 && movelen > 0){
+			memmove(bostlv->data + len, bostlv->data + ntohs(bostlv->size), movelen);
+		}
+		memcpy(bostlv->data, smallbuf, len);
+		bostlv->size = htons(len);
+		len = ((int)ntohs(flap->size)) + *dif;
+		flap->size = htons(len);
+	}
+	return 0;
+}
+
+
+static FILTER_ACTION icq_srv(void *fc, struct clientparam * param, unsigned char ** buf_p, int * bufsize_p, int ioffset, int * length_p){
+	unsigned char * start = *buf_p + ioffset;
+	int len = *length_p - ioffset;
+	struct icqstate *state = (struct icqstate *)fc;
+	int size;
+	int offset;
+
+	while (len > 0){
+		switch(state->state){
+		case ONBEGIN:
+
+			if((*start) == 0x2A) {
+				if(len < 6){
+					offset = (int)(start - *buf_p);
+					addbuffer(6-len, param, buf_p, bufsize_p, length_p);
+					start = *buf_p + offset;
+					len = (int)(*buf_p + *length_p - start);
+
+				}
+				state->state = ONCHAN;
+			}
+			else {
+				if(!state->leftinstate)param->srv->logfunc(param, "Warning: need resync");
+				state->leftinstate++;
+				if(state->leftinstate > 65535){
+					param->srv->logfunc(param, "Out of Sync");
+					return REJECT;
+				}
+			}
+			start++;
+			len--;
+			break;
+		case ONCHAN:
+			if (*start >= 10){
+				param->srv->logfunc(param, "Warning: Wrong channel");
+				state->state = ONBEGIN;
+			}
+			else {
+				state->state = ONSEQ1;
+				state->channel = *start;
+				start++;
+				len--;
+			}
+			break;
+		case ONSEQ1:
+			state->gotseq =  (((unsigned)*start) << 8);
+			state->state = ONSEQ2; 
+			*(start) = (state->seq>>8);
+			start++;
+			len--;
+			break;
+		case ONSEQ2:
+			state->gotseq += *start;
+			if(state->gotseq != state->srvseq){
+				char smallbuf[64];
+				if(((state->gotseq < state->srvseq) || ((state->gotseq - state->srvseq) > 10 )) && (!state->resyncseq || state->gotseq != state->resyncseq)){
+					sprintf(smallbuf, "Warning: Wrong sequence, expected: %04hx got: %04hx", state->srvseq, state->gotseq);
+					param->srv->logfunc(param, smallbuf);
+					state->state = ONBEGIN;
+					state->resyncseq = state->gotseq;
+					break;
+				}
+				sprintf(smallbuf, "Warning: %hu flaps are lost on resync", state->gotseq - state->srvseq );
+				param->srv->logfunc(param, smallbuf);
+				state->srvseq = state->gotseq;
+				*(start-1) = (state->seq>>8);
+			}
+			*start = (state->seq & 0x00FF);
+			state->srvseq = state->srvseq + 1;
+			state->seq = state->seq + 1;
+			state->state = ONSIZE1; 
+			start++;
+			len--;
+			break;
+		case ONSIZE1:
+			state->leftinstate = (((unsigned)(*start))<<8);
+			state->state = ONSIZE2;
+			start++;
+			len--;
+			break;
+		case ONSIZE2:
+			state->leftinstate += *start;
+			state->state = (state->leftinstate)?ONDATA:ONBEGIN;
+			start++;
+			len--;
+			if(state->leftinstate > 30 && state->channel == 2) {
+
+				if(len < state->leftinstate) {
+					offset = (int)(start - *buf_p);
+					addbuffer(state->leftinstate - len, param, buf_p, bufsize_p, length_p);
+					start = *buf_p + offset;
+					len = (int)(*length_p - offset);
+
+				}
+				size = 0;
+				if ((start[4] & 0x80)) {
+					size = htons(*(unsigned short *)(start+10)) + 2;
+					if(size > 8) size = 0;
+				}
+				if (start[0] == 0 && start[1] == 1 &&
+				    ((start[2] == 0 && start[3] == 5) || (start[2] == 1 && start[3] == 2))){
+					int dif = 0;
+
+					offset = (int)(start - *buf_p);
+					addbuffer(0, param, buf_p, bufsize_p, length_p);
+					start = *buf_p + offset;
+					searchcookie(param, (struct flap_header *) (start-6), state->leftinstate-(size+10), &dif, (struct tlv_header *) (start + size + 10), len - state->leftinstate);
+					*length_p += dif;
+					start += (state->leftinstate + dif);
+					len -= state->leftinstate;
+					state->leftinstate = 0;
+					state->state = ONBEGIN;
+				}
+			}
+			break;
+		
+		case ONDATA:
+			size = (state->leftinstate > len)? len : state->leftinstate;
+			
+			start += size;
+			len -= size;
+			state->leftinstate -= size;
+			if(!state->leftinstate) {
+				state->state = ONBEGIN;
+			}
+			break;
+		}
+	}
+	
+	return CONTINUE;
+}
+
+static struct filter icqfilter = {
+	NULL,
+	"icqfilter",
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	*icq_srv,
+	*icq_clear,
+	NULL
+};
+
+
+static int readflap(struct clientparam * param, int direction, unsigned char *buf, int buflen){
+ int i, len;
+
+ struct flap_header *flap = (struct flap_header *)buf;
+
+ i = sockgetlinebuf(param, direction, buf, 6, EOF, conf.timeouts[STRING_L]);
+ if(i!=6) return 1;
+ if(flap->id != 0x2a) return 2;
+ len = ntohs(flap->size);
+ if(len > buflen-6) return 3;
+ i = sockgetlinebuf(param, direction, flap->data, len, EOF, conf.timeouts[STRING_S]);
+ if(len != i) return 4;
+ return 0;
+
+}
+
+#define flap ((struct flap_header *)buf)
+#define snack ((struct snack_header *)(buf+6))
+void * icqprchild(struct clientparam* param) {
+ int res;
+ unsigned char tmpsend[1024];
+ unsigned char *buf;
+ int i,j,len,len1;
+ int offset = 0;
+ int buflen = 16384;
+ LOGINTYPE logintype = ICQUNKNOWN;
+ int greet = 0;
+ struct icq_cookie *ic;
+ struct tlv_header *tlv;
+ struct icqstate mystate =  {
+	ONBEGIN, 
+	0, 0, 0, 
+	0
+ };
+ struct filterp icqfilterp = {
+	&icqfilter,
+	(void *)&mystate
+ };
+ struct filterp  **newfilters;
+ char handshake[] = {'\052',  '\001', '\000', '\000', '\000', '\004', '\000', '\000', '\000', '\001'};
+
+ 
+
+ memcpy(tmpsend, handshake, 10);
+ if(socksend(param->clisock, tmpsend, 10, conf.timeouts[STRING_S])!=10) {RETURN (1101);}
+ buf = myalloc(65600);
+
+ if((res = readflap(param, CLIENT, buf, 1000))) {RETURN (1180 + res);}
+ if(ntohs(flap->size) == 4 || ntohs(flap->size) == 12){
+	tmpsend[2] = buf[2];
+	tmpsend[3] = buf[3];
+	greet = 1;
+	if(readflap(param, CLIENT, buf, 65550)) {RETURN (110);}
+ }
+ if(flap->chan != 1 && (flap->chan != 2 || snack->family != htonl(0x00170006))){
+	RETURN(1104);
+ }
+
+ len = ntohs(flap->size);
+ if(flap->chan == 1){
+	tlv = (struct tlv_header *)(flap->data + 4);
+	len -= 4;
+ }
+ else {
+	tlv = (struct tlv_header *)(flap->data + 10);
+	len -= 10;
+ } 
+
+ for(; len >= (ntohs(tlv->size) + 4); len -= (ntohs(tlv->size) + 4), tlv = (struct tlv_header *)(tlv->data + ntohs(tlv->size))){
+	switch(ntohs(tlv->type)){
+	case 0x0001:
+		if(flap->chan == 2 && !logintype)logintype = ICQMD5;
+		if(!param->username){
+			param->username = myalloc(ntohs(tlv->size) + 1);
+			for(i=0, j=0; i < ntohs(tlv->size); i++){
+				if(!isspace(tlv->data[i]))param->username[j++]=tolower(tlv->data[i]);
+			}
+			param->username[j] = 0;
+		}
+		break;
+	case 0x0002:
+		logintype = ICQCLEAR;
+		break;
+	case 0x0006:
+		logintype = ICQCOOKIE;
+
+		for(ic = icq_cookies; ic; ic=ic->next){
+			if(ic->size && ic->size == tlv->size && !memcmp(ic->cookie, tlv->data, ntohs(tlv->size))){
+				parsehostname((char *)ic->connectstring, param, ntohs(param->srv->targetport));
+				if(!param->username && ic->id) param->username = mystrdup(ic->id);
+				break;
+			}
+		}
+		if(!ic) RETURN(1132);
+		break;
+	}
+ }
+ if(!logintype) RETURN(1133);
+ if(logintype != ICQCOOKIE) {
+	parsehostname((char *)param->srv->target, param, ntohs(param->srv->targetport));
+ }
+ param->operation = CONNECT;
+ res = (*param->srv->authfunc)(param);
+ if(res) {RETURN(res);}
+
+ if(greet){
+	if(socksend(param->remsock, tmpsend, 10, conf.timeouts[STRING_S])!=10) {RETURN (1105);}
+	param->statscli += 10;
+ }
+ if(readflap(param, SERVER, tmpsend, 1024)) {RETURN (1111);}
+ param->statssrv += (ntohs(((struct flap_header *)tmpsend)->size) + 6);
+ mystate.srvseq = ntohs(((struct flap_header *)tmpsend)->seq) + 1;
+ mystate.seq = 1;
+ len = ntohs(flap->size) + 6;
+ if((res=handledatfltcli(param,  &buf, &buflen, offset, &len))!=PASS) RETURN(res);
+ if(socksend(param->remsock, buf+offset, len, conf.timeouts[STRING_S])!=(ntohs(flap->size)+6)) {RETURN (1106);}
+ offset = 0;
+ param->statscli += len;
+
+
+
+
+ if(logintype == ICQMD5) {
+	if(readflap(param, SERVER, buf, 65550)) {RETURN (1112);}
+	mystate.srvseq = ntohs(flap->seq) + 1;
+	flap->seq = htons(mystate.seq);
+	mystate.seq++;
+	len = ntohs(flap->size) + 6;
+	if((res=handledatfltsrv(param,  &buf, &buflen, offset, &len))!=PASS) RETURN(res);
+	if(socksend(param->clisock, buf+offset, len, conf.timeouts[STRING_S])!=len) {RETURN (1113);}
+	offset = 0;
+
+	if(readflap(param, CLIENT, buf, 65550)) {RETURN (1114);}
+	len = ntohs(flap->size) + 6;
+	if((res=handledatfltcli(param,  &buf, &buflen, offset, &len))!=PASS) RETURN(res);
+	if(socksend(param->remsock, buf+offset, len, conf.timeouts[STRING_S])!=len) {RETURN (1115);}
+	param->statscli += len;
+	offset = 0;
+ }
+ if(logintype != ICQCOOKIE) {
+	if(readflap(param, SERVER, buf, 65550)) {RETURN (1116);}
+	mystate.srvseq = ntohs(flap->seq) + 1;
+	flap->seq = htons(mystate.seq);
+	mystate.seq++;
+	len = ntohs(flap->size);
+
+	if(!param->username) {RETURN (1117);}
+	if(flap->chan == 1 || flap->chan == 4){
+		if(flap->data[0] == 0 && flap->data[1] == 0 && flap->data[2] == 0 && flap->data[3] == 1){
+			tlv = (struct tlv_header *)(flap->data + 4);
+			len -= 4;
+		}
+		else 
+			tlv = (struct tlv_header *)(flap->data);
+	}
+	else {
+		tlv = (struct tlv_header *)(flap->data + 10);
+		len -= 10;
+	} 
+
+	len1 = ntohs(flap->size);
+	if(searchcookie(param, flap, len, &len1, tlv, 0)){RETURN (1118);}
+
+	len = ntohs(flap->size) + 6;
+	if((res=handledatfltsrv(param,  &buf, &buflen, offset, &len))!=PASS) RETURN(res);
+	if(socksend(param->clisock, buf+offset, len, conf.timeouts[STRING_S])!=len) {RETURN (1117);}
+	offset = 0;
+ }
+
+ param->ndatfilterssrv++;
+ newfilters = myalloc(param->ndatfilterssrv * sizeof(struct filterp *));
+ if(param->ndatfilterssrv > 1){
+	memcpy(newfilters, param->datfilterssrv, (param->ndatfilterssrv - 1) * sizeof(struct filterp *));
+	myfree(param->datfilterssrv);
+ }
+ param->datfilterssrv = newfilters;
+ newfilters[param->ndatfilterssrv - 1] = &icqfilterp;
+
+ param->res = sockmap(param, conf.timeouts[CONNECTION_L]);
+
+ param->ndatfilterssrv--;
+
+CLEANRET:
+ 
+ 
+ (*param->srv->logfunc)(param, NULL);
+ freeparam(param);
+ if(buf) myfree(buf);
+ return (NULL);
+}
+
+#ifdef WITHMAIN
+struct proxydef childdef = {
+	icqprchild,
+	0,
+	0,
+	S_ICQPR,
+	""
+};
+#include "proxymain.c"
+#endif

src/libs/md4.c

@@ -0,0 +1,315 @@
+/*
+ * md4c.c	MD4 message-digest algorithm
+ *
+ * Version:	$Id: md4.c,v 1.1 2010-11-11 11:32:32 v.dubrovin Exp $
+ *
+ *   License to copy and use this software is granted provided that it
+ *   is identified as the "RSA Data Security, Inc. MD4 Message-Digest
+ *   Algorithm" in all material mentioning or referencing this software
+ *   or this function.
+ *
+ *   License is also granted to make and use derivative works provided
+ *   that such works are identified as "derived from the RSA Data
+ *   Security, Inc. MD4 Message-Digest Algorithm" in all material
+ *   mentioning or referencing the derived work.
+ *
+ *   RSA Data Security, Inc. makes no representations concerning either
+ *   the merchantability of this software or the suitability of this
+ *   software for any particular purpose. It is provided "as is"
+ *   without express or implied warranty of any kind.
+ *
+ *   These notices must be retained in any copies of any part of this
+ *   documentation and/or software.
+ *
+ * Copyright 1990,1991,1992  RSA Data Security, Inc.
+ */
+
+
+#include "md4.h"
+
+/* Constants for MD4Transform routine.
+ */
+#define S11 3
+#define S12 7
+#define S13 11
+#define S14 19
+#define S21 3
+#define S22 5
+#define S23 9
+#define S24 13
+#define S31 3
+#define S32 9
+#define S33 11
+#define S34 15
+
+static void MD4Transform PROTO_LIST ((UINT4 [4], unsigned char [64]));
+static void Encode PROTO_LIST
+  ((unsigned char *, UINT4 *, unsigned int));
+static void Decode PROTO_LIST
+  ((UINT4 *, unsigned char *, unsigned int));
+static void MD4_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int));
+static void MD4_memset PROTO_LIST ((POINTER, int, unsigned int));
+
+static unsigned char PADDING[64] = {
+  0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/* F, G and H are basic MD4 functions.
+ */
+#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
+#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+
+/* ROTATE_LEFT rotates x left n bits.
+ */
+#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
+
+/* FF, GG and HH are transformations for rounds 1, 2 and 3 */
+/* Rotation is separate from addition to prevent recomputation */
+
+#define FF(a, b, c, d, x, s) { \
+    (a) += F ((b), (c), (d)) + (x); \
+    (a) = ROTATE_LEFT ((a), (s)); \
+  }
+#define GG(a, b, c, d, x, s) { \
+    (a) += G ((b), (c), (d)) + (x) + (UINT4)0x5a827999; \
+    (a) = ROTATE_LEFT ((a), (s)); \
+  }
+#define HH(a, b, c, d, x, s) { \
+    (a) += H ((b), (c), (d)) + (x) + (UINT4)0x6ed9eba1; \
+    (a) = ROTATE_LEFT ((a), (s)); \
+  }
+
+void md4_calc(output, input, inlen)
+unsigned char *output;
+unsigned char *input;                                /* input block */
+unsigned int inlen;                     /* length of input block */
+{
+	MD4_CTX	context;
+
+	MD4Init(&context);
+	MD4Update(&context, input, inlen);
+	MD4Final(output, &context);
+}
+
+/* MD4 initialization. Begins an MD4 operation, writing a new context.
+ */
+void MD4Init (context)
+MD4_CTX *context;                                        /* context */
+{
+  context->count[0] = context->count[1] = 0;
+
+  /* Load magic initialization constants.
+   */
+  context->state[0] = 0x67452301;
+  context->state[1] = 0xefcdab89;
+  context->state[2] = 0x98badcfe;
+  context->state[3] = 0x10325476;
+}
+
+/* MD4 block update operation. Continues an MD4 message-digest
+     operation, processing another message block, and updating the
+     context.
+ */
+void MD4Update (context, input, inputLen)
+MD4_CTX *context;                                        /* context */
+unsigned char *input;                                /* input block */
+unsigned int inputLen;                     /* length of input block */
+{
+  unsigned int i, index, partLen;
+
+  /* Compute number of bytes mod 64 */
+  index = (unsigned int)((context->count[0] >> 3) & 0x3F);
+  /* Update number of bits */
+  if ((context->count[0] += ((UINT4)inputLen << 3))
+      < ((UINT4)inputLen << 3))
+    context->count[1]++;
+  context->count[1] += ((UINT4)inputLen >> 29);
+
+  partLen = 64 - index;
+
+  /* Transform as many times as possible.
+   */
+  if (inputLen >= partLen) {
+    MD4_memcpy
+      ((POINTER)&context->buffer[index], (POINTER)input, partLen);
+    MD4Transform (context->state, context->buffer);
+
+    for (i = partLen; i + 63 < inputLen; i += 64)
+      MD4Transform (context->state, &input[i]);
+
+    index = 0;
+  }
+  else
+    i = 0;
+
+  /* Buffer remaining input */
+  MD4_memcpy
+    ((POINTER)&context->buffer[index], (POINTER)&input[i],
+     inputLen-i);
+}
+
+/* MD4 finalization. Ends an MD4 message-digest operation, writing the
+     the message digest and zeroizing the context.
+ */
+void MD4Final (digest, context)
+unsigned char digest[16];                         /* message digest */
+MD4_CTX *context;                                        /* context */
+{
+  unsigned char bits[8];
+  unsigned int index, padLen;
+
+  /* Save number of bits */
+  Encode (bits, context->count, 8);
+
+  /* Pad out to 56 mod 64.
+   */
+  index = (unsigned int)((context->count[0] >> 3) & 0x3f);
+  padLen = (index < 56) ? (56 - index) : (120 - index);
+  MD4Update (context, PADDING, padLen);
+
+  /* Append length (before padding) */
+  MD4Update (context, bits, 8);
+  /* Store state in digest */
+  Encode (digest, context->state, 16);
+
+  /* Zeroize sensitive information.
+   */
+  MD4_memset ((POINTER)context, 0, sizeof (*context));
+}
+
+/* MD4 basic transformation. Transforms state based on block.
+ */
+static void MD4Transform (state, block)
+UINT4 state[4];
+unsigned char block[64];
+{
+  UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
+
+  Decode (x, block, 64);
+
+  /* Round 1 */
+  FF (a, b, c, d, x[ 0], S11); /* 1 */
+  FF (d, a, b, c, x[ 1], S12); /* 2 */
+  FF (c, d, a, b, x[ 2], S13); /* 3 */
+  FF (b, c, d, a, x[ 3], S14); /* 4 */
+  FF (a, b, c, d, x[ 4], S11); /* 5 */
+  FF (d, a, b, c, x[ 5], S12); /* 6 */
+  FF (c, d, a, b, x[ 6], S13); /* 7 */
+  FF (b, c, d, a, x[ 7], S14); /* 8 */
+  FF (a, b, c, d, x[ 8], S11); /* 9 */
+  FF (d, a, b, c, x[ 9], S12); /* 10 */
+  FF (c, d, a, b, x[10], S13); /* 11 */
+  FF (b, c, d, a, x[11], S14); /* 12 */
+  FF (a, b, c, d, x[12], S11); /* 13 */
+  FF (d, a, b, c, x[13], S12); /* 14 */
+  FF (c, d, a, b, x[14], S13); /* 15 */
+  FF (b, c, d, a, x[15], S14); /* 16 */
+
+  /* Round 2 */
+  GG (a, b, c, d, x[ 0], S21); /* 17 */
+  GG (d, a, b, c, x[ 4], S22); /* 18 */
+  GG (c, d, a, b, x[ 8], S23); /* 19 */
+  GG (b, c, d, a, x[12], S24); /* 20 */
+  GG (a, b, c, d, x[ 1], S21); /* 21 */
+  GG (d, a, b, c, x[ 5], S22); /* 22 */
+  GG (c, d, a, b, x[ 9], S23); /* 23 */
+  GG (b, c, d, a, x[13], S24); /* 24 */
+  GG (a, b, c, d, x[ 2], S21); /* 25 */
+  GG (d, a, b, c, x[ 6], S22); /* 26 */
+  GG (c, d, a, b, x[10], S23); /* 27 */
+  GG (b, c, d, a, x[14], S24); /* 28 */
+  GG (a, b, c, d, x[ 3], S21); /* 29 */
+  GG (d, a, b, c, x[ 7], S22); /* 30 */
+  GG (c, d, a, b, x[11], S23); /* 31 */
+  GG (b, c, d, a, x[15], S24); /* 32 */
+
+  /* Round 3 */
+  HH (a, b, c, d, x[ 0], S31); /* 33 */
+  HH (d, a, b, c, x[ 8], S32); /* 34 */
+  HH (c, d, a, b, x[ 4], S33); /* 35 */
+  HH (b, c, d, a, x[12], S34); /* 36 */
+  HH (a, b, c, d, x[ 2], S31); /* 37 */
+  HH (d, a, b, c, x[10], S32); /* 38 */
+  HH (c, d, a, b, x[ 6], S33); /* 39 */
+  HH (b, c, d, a, x[14], S34); /* 40 */
+  HH (a, b, c, d, x[ 1], S31); /* 41 */
+  HH (d, a, b, c, x[ 9], S32); /* 42 */
+  HH (c, d, a, b, x[ 5], S33); /* 43 */
+  HH (b, c, d, a, x[13], S34); /* 44 */
+  HH (a, b, c, d, x[ 3], S31); /* 45 */
+  HH (d, a, b, c, x[11], S32); /* 46 */
+  HH (c, d, a, b, x[ 7], S33); /* 47 */
+  HH (b, c, d, a, x[15], S34); /* 48 */
+
+  state[0] += a;
+  state[1] += b;
+  state[2] += c;
+  state[3] += d;
+
+  /* Zeroize sensitive information.
+   */
+  MD4_memset ((POINTER)x, 0, sizeof (x));
+}
+
+/* Encodes input (UINT4) into output (unsigned char). Assumes len is
+     a multiple of 4.
+ */
+static void Encode (output, input, len)
+unsigned char *output;
+UINT4 *input;
+unsigned int len;
+{
+  unsigned int i, j;
+
+  for (i = 0, j = 0; j < len; i++, j += 4) {
+    output[j] = (unsigned char)(input[i] & 0xff);
+    output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
+    output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
+    output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
+  }
+}
+
+/* Decodes input (unsigned char) into output (UINT4). Assumes len is
+     a multiple of 4.
+ */
+static void Decode (output, input, len)
+
+UINT4 *output;
+unsigned char *input;
+unsigned int len;
+{
+  unsigned int i, j;
+
+  for (i = 0, j = 0; j < len; i++, j += 4)
+    output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
+      (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
+}
+
+/* Note: Replace "for loop" with standard memcpy if possible.
+ */
+static void MD4_memcpy (output, input, len)
+POINTER output;
+POINTER input;
+unsigned int len;
+{
+  unsigned int i;
+
+  for (i = 0; i < len; i++)
+    output[i] = input[i];
+}
+
+/* Note: Replace "for loop" with standard memset if possible.
+ */
+static void MD4_memset (output, value, len)
+POINTER output;
+int value;
+unsigned int len;
+{
+  unsigned int i;
+
+  for (i = 0; i < len; i++)
+    ((char *)output)[i] = (char)value;
+}

src/libs/md4.h

@@ -0,0 +1,83 @@
+#ifndef _LRAD_MD4_H
+#define _LRAD_MD4_H
+
+#ifndef _LRAD_PROTO_H
+#define _LRAD_PROTO_H
+/* GLOBAL.H - RSAREF types and constants
+ */
+
+/* PROTOTYPES should be set to one if and only if the compiler supports
+  function argument prototyping.
+  The following makes PROTOTYPES default to 0 if it has not already
+  been defined with C compiler flags.
+ */
+#ifndef PROTOTYPES
+#  if __STDC__
+#    define PROTOTYPES 1
+#  else
+#    define PROTOTYPES 0
+#  endif
+#endif
+
+/* POINTER defines a generic pointer type */
+typedef unsigned char *POINTER;
+#define _POINTER_T
+
+/* UINT2 defines a two byte word */
+typedef unsigned short int UINT2;
+#define _UINT2_T
+
+/* UINT4 defines a four byte word */
+typedef unsigned int UINT4;
+#define _UINT4_T
+
+/* PROTO_LIST is defined depending on how PROTOTYPES is defined above.
+   If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
+  returns an empty list.
+ */
+#if PROTOTYPES
+#define PROTO_LIST(list) list
+#else
+#define PROTO_LIST(list) ()
+#endif
+#endif /* _LRAD_PROTO_H */
+
+/* MD4.H - header file for MD4C.C
+ */
+
+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+   rights reserved.
+
+   License to copy and use this software is granted provided that it
+   is identified as the "RSA Data Security, Inc. MD4 Message-Digest
+   Algorithm" in all material mentioning or referencing this software
+   or this function.
+
+   License is also granted to make and use derivative works provided
+   that such works are identified as "derived from the RSA Data
+   Security, Inc. MD4 Message-Digest Algorithm" in all material
+   mentioning or referencing the derived work.
+
+   RSA Data Security, Inc. makes no representations concerning either
+   the merchantability of this software or the suitability of this
+   software for any particular purpose. It is provided "as is"
+   without express or implied warranty of any kind.
+
+   These notices must be retained in any copies of any part of this
+   documentation and/or software.
+ */
+
+/* MD4 context. */
+typedef struct {
+  UINT4 state[4];                                   /* state (ABCD) */
+  UINT4 count[2];        /* number of bits, modulo 2^64 (lsb first) */
+  unsigned char buffer[64];                         /* input buffer */
+} MD4_CTX;
+
+void md4_calc (unsigned char *, unsigned char *, unsigned int);
+void MD4Init PROTO_LIST ((MD4_CTX *));
+void MD4Update PROTO_LIST
+  ((MD4_CTX *, unsigned char *, unsigned int));
+void MD4Final PROTO_LIST ((unsigned char [16], MD4_CTX *));
+
+#endif /* _LRAD_MD4_H */

src/libs/md5.c

@@ -0,0 +1,345 @@
+/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm
+ */
+
+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+rights reserved.
+
+License to copy and use this software is granted provided that it
+is identified as the "RSA Data Security, Inc. MD5 Message-Digest
+Algorithm" in all material mentioning or referencing this software
+or this function.
+
+License is also granted to make and use derivative works provided
+that such works are identified as "derived from the RSA Data
+Security, Inc. MD5 Message-Digest Algorithm" in all material
+mentioning or referencing the derived work.
+
+RSA Data Security, Inc. makes no representations concerning either
+the merchantability of this software or the suitability of this
+software for any particular purpose. It is provided "as is"
+without express or implied warranty of any kind.
+
+These notices must be retained in any copies of any part of this
+documentation and/or software.
+ */
+
+#include "md5.h"
+
+/* Constants for MD5Transform routine.
+ */
+#define S11 7
+#define S12 12
+#define S13 17
+#define S14 22
+#define S21 5
+#define S22 9
+#define S23 14
+#define S24 20
+#define S31 4
+#define S32 11
+#define S33 16
+#define S34 23
+#define S41 6
+#define S42 10
+#define S43 15
+#define S44 21
+
+void librad_md5_calc(unsigned char *output, unsigned char *input,
+		     unsigned int inputlen);
+static void MD5Transform PROTO_LIST ((UINT4 [4], const unsigned char [64]));
+static void Encode PROTO_LIST
+  ((unsigned char *, UINT4 *, unsigned int));
+static void Decode PROTO_LIST
+  ((UINT4 *, const unsigned char *, unsigned int));
+static void MD5_memcpy PROTO_LIST ((POINTER, CONSTPOINTER, unsigned int));
+static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int));
+
+static const unsigned char PADDING[64] = {
+  0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/* F, G, H and I are basic MD5 functions.
+ */
+#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
+#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
+#define H(x, y, z) ((x) ^ (y) ^ (z))
+#define I(x, y, z) ((y) ^ ((x) | (~z)))
+
+/* ROTATE_LEFT rotates x left n bits.
+ */
+#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
+
+/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
+Rotation is separate from addition to prevent recomputation.
+ */
+#define FF(a, b, c, d, x, s, ac) { \
+ (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+  }
+#define GG(a, b, c, d, x, s, ac) { \
+ (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+  }
+#define HH(a, b, c, d, x, s, ac) { \
+ (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+  }
+#define II(a, b, c, d, x, s, ac) { \
+ (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \
+ (a) = ROTATE_LEFT ((a), (s)); \
+ (a) += (b); \
+  }
+
+void librad_md5_calc(unsigned char *output, unsigned char *input,
+		     unsigned int inlen)
+{
+	MD5_CTX	context;
+
+	MD5Init(&context);
+	MD5Update(&context, input, inlen);
+	MD5Final(output, &context);
+}
+
+/* MD5 initialization. Begins an MD5 operation, writing a new context.
+ */
+void MD5Init (context)
+MD5_CTX *context;                                        /* context */
+{
+  context->count[0] = context->count[1] = 0;
+  /* Load magic initialization constants.
+*/
+  context->state[0] = 0x67452301;
+  context->state[1] = 0xefcdab89;
+  context->state[2] = 0x98badcfe;
+  context->state[3] = 0x10325476;
+}
+
+/* MD5 block update operation. Continues an MD5 message-digest
+  operation, processing another message block, and updating the
+  context.
+ */
+void MD5Update (context, input, inputLen)
+MD5_CTX *context;                                        /* context */
+const unsigned char *input;                                /* input block */
+unsigned int inputLen;                     /* length of input block */
+{
+  unsigned int i, index, partLen;
+
+  /* Compute number of bytes mod 64 */
+  index = (unsigned int)((context->count[0] >> 3) & 0x3F);
+
+  /* Update number of bits */
+  if ((context->count[0] += ((UINT4)inputLen << 3))
+   < ((UINT4)inputLen << 3))
+ context->count[1]++;
+  context->count[1] += ((UINT4)inputLen >> 29);
+
+  partLen = 64 - index;
+
+  /* Transform as many times as possible.
+*/
+  if (inputLen >= partLen) {
+ MD5_memcpy
+   ((POINTER)&context->buffer[index], (CONSTPOINTER)input, partLen);
+ MD5Transform (context->state, context->buffer);
+
+ for (i = partLen; i + 63 < inputLen; i += 64)
+   MD5Transform (context->state, &input[i]);
+
+ index = 0;
+  }
+  else
+ i = 0;
+
+  /* Buffer remaining input */
+  MD5_memcpy
+ ((POINTER)&context->buffer[index], (CONSTPOINTER)&input[i],
+  inputLen-i);
+}
+
+/* MD5 finalization. Ends an MD5 message-digest operation, writing the
+  the message digest and zeroizing the context.
+ */
+void MD5Final (digest, context)
+unsigned char digest[16];                         /* message digest */
+MD5_CTX *context;                                       /* context */
+{
+  unsigned char bits[8];
+  unsigned int index, padLen;
+
+  /* Save number of bits */
+  Encode (bits, context->count, 8);
+
+  /* Pad out to 56 mod 64.
+*/
+  index = (unsigned int)((context->count[0] >> 3) & 0x3f);
+  padLen = (index < 56) ? (56 - index) : (120 - index);
+  MD5Update (context, PADDING, padLen);
+
+  /* Append length (before padding) */
+  MD5Update (context, bits, 8);
+
+  /* Store state in digest */
+  Encode (digest, context->state, 16);
+
+  /* Zeroize sensitive information.
+*/
+  MD5_memset ((POINTER)context, 0, sizeof (*context));
+}
+
+/* MD5 basic transformation. Transforms state based on block.
+ */
+static void MD5Transform (state, block)
+UINT4 state[4];
+const unsigned char block[64];
+{
+  UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
+
+  Decode (x, block, 64);
+
+  /* Round 1 */
+  FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
+  FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
+  FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
+  FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
+  FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
+  FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
+  FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
+  FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
+  FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
+  FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
+  FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
+  FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
+  FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
+  FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
+  FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
+  FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
+
+ /* Round 2 */
+  GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
+  GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
+  GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
+  GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
+  GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
+  GG (d, a, b, c, x[10], S22,  0x2441453); /* 22 */
+  GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
+  GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
+  GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
+  GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
+  GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
+  GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
+  GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
+  GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
+  GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
+  GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
+
+  /* Round 3 */
+  HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
+  HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
+  HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
+  HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
+  HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
+  HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
+  HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
+  HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
+  HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
+  HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
+  HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
+  HH (b, c, d, a, x[ 6], S34,  0x4881d05); /* 44 */
+  HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
+  HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
+  HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
+  HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
+
+  /* Round 4 */
+  II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
+  II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
+  II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
+  II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
+  II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
+  II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
+  II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
+  II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
+  II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
+  II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
+  II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
+  II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
+  II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
+  II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
+  II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
+  II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
+
+  state[0] += a;
+  state[1] += b;
+  state[2] += c;
+  state[3] += d;
+
+  /* Zeroize sensitive information.
+*/
+  MD5_memset ((POINTER)x, 0, sizeof (x));
+}
+
+/* Encodes input (UINT4) into output (unsigned char). Assumes len is
+  a multiple of 4.
+ */
+static void Encode (output, input, len)
+unsigned char *output;
+UINT4 *input;
+unsigned int len;
+{
+  unsigned int i, j;
+
+  for (i = 0, j = 0; j < len; i++, j += 4) {
+ output[j] = (unsigned char)(input[i] & 0xff);
+ output[j+1] = (unsigned char)((input[i] >> 8) & 0xff);
+ output[j+2] = (unsigned char)((input[i] >> 16) & 0xff);
+ output[j+3] = (unsigned char)((input[i] >> 24) & 0xff);
+  }
+}
+
+/* Decodes input (unsigned char) into output (UINT4). Assumes len is
+  a multiple of 4.
+ */
+static void Decode (output, input, len)
+UINT4 *output;
+const unsigned char *input;
+unsigned int len;
+{
+  unsigned int i, j;
+
+  for (i = 0, j = 0; j < len; i++, j += 4)
+ output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) |
+   (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24);
+}
+
+/* Note: Replace "for loop" with standard memcpy if possible.
+ */
+
+static void MD5_memcpy (output, input, len)
+POINTER output;
+CONSTPOINTER input;
+unsigned int len;
+{
+  unsigned int i;
+
+  for (i = 0; i < len; i++)
+ output[i] = input[i];
+}
+
+/* Note: Replace "for loop" with standard memset if possible.
+ */
+static void MD5_memset (output, value, len)
+POINTER output;
+int value;
+unsigned int len;
+{
+  unsigned int i;
+
+  for (i = 0; i < len; i++)
+ ((char *)output)[i] = (char)value;
+}

src/libs/md5.h

@@ -0,0 +1,94 @@
+#ifndef _LRAD_MD5_H
+#define _LRAD_MD5_H
+
+#ifndef _LRAD_PROTO_H
+#define _LRAD_PROTO_H
+/* GLOBAL.H - RSAREF types and constants
+ */
+
+/* PROTOTYPES should be set to one if and only if the compiler supports
+  function argument prototyping.
+  The following makes PROTOTYPES default to 0 if it has not already
+  been defined with C compiler flags.
+ */
+#ifndef PROTOTYPES
+#  if __STDC__
+#    define PROTOTYPES 1
+#  else
+#    define PROTOTYPES 0
+#  endif
+#endif
+
+/* POINTER defines a generic pointer type */
+#ifndef _POINTER_T
+typedef unsigned char *POINTER;
+#endif
+typedef const unsigned char *CONSTPOINTER;
+
+/* UINT2 defines a two byte word */
+#ifndef _UINT2_T
+typedef unsigned short int UINT2;
+#endif
+
+/* UINT4 defines a four byte word */
+#ifndef _UINT4_T
+typedef unsigned int UINT4;
+#endif
+
+/* PROTO_LIST is defined depending on how PROTOTYPES is defined above.
+   If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it
+  returns an empty list.
+ */
+#if PROTOTYPES
+#define PROTO_LIST(list) list
+#else
+#define PROTO_LIST(list) ()
+#endif
+#endif /* _LRAD_PROTO_H */
+
+/*
+ *  FreeRADIUS defines to ensure globally unique MD5 function names,
+ *  so that we don't pick up vendor-specific broken MD5 libraries.
+ */
+#define MD5_CTX		librad_MD5_CTX
+#define MD5Init		librad_MD5Init
+#define MD5Update	librad_MD5Update
+#define MD5Final       	librad_MD5Final
+
+/* MD5.H - header file for MD5C.C
+ */
+
+/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All
+rights reserved.
+
+License to copy and use this software is granted provided that it
+is identified as the "RSA Data Security, Inc. MD5 Message-Digest
+Algorithm" in all material mentioning or referencing this software
+or this function.
+
+License is also granted to make and use derivative works provided
+that such works are identified as "derived from the RSA Data
+Security, Inc. MD5 Message-Digest Algorithm" in all material
+mentioning or referencing the derived work.
+
+RSA Data Security, Inc. makes no representations concerning either
+the merchantability of this software or the suitability of this
+software for any particular purpose. It is provided "as is"
+without express or implied warranty of any kind.
+
+These notices must be retained in any copies of any part of this
+documentation and/or software.
+ */
+
+/* MD5 context. */
+typedef struct {
+  UINT4 state[4];                                   /* state (ABCD) */
+  UINT4 count[2];        /* number of bits, modulo 2^64 (lsb first) */
+  unsigned char buffer[64];                         /* input buffer */
+} MD5_CTX;
+
+void MD5Init PROTO_LIST ((MD5_CTX *));
+void MD5Update PROTO_LIST
+  ((MD5_CTX *, const unsigned char *, unsigned int));
+void MD5Final PROTO_LIST ((unsigned char [16], MD5_CTX *));
+#endif /* _LRAD_MD5_H */

src/libs/regex.c

@@ -0,0 +1,3821 @@
+#include <sys/types.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <limits.h>
+#include <ctype.h>
+#include <assert.h>
+
+#include "regex.h"
+
+/* utility definitions */
+#ifdef _POSIX2_RE_DUP_MAX
+#define	DUPMAX	_POSIX2_RE_DUP_MAX
+#else
+#define	DUPMAX	255
+#endif
+#define	INFINITY	(DUPMAX + 1)
+#define	NC		(CHAR_MAX - CHAR_MIN + 1)
+typedef unsigned char uch;
+
+/* for old systems with bcopy() but no memmove() */
+#ifdef USEBCOPY
+#define	memmove(d, s, c)	bcopy(s, d, c)
+#endif
+
+#define	MAGIC1	((('r'^0200)<<8) | 'e')
+
+/*
+ * The internal representation is a *strip*, a sequence of
+ * operators ending with an endmarker.  (Some terminology etc. is a
+ * historical relic of earlier versions which used multiple strips.)
+ * Certain oddities in the representation are there to permit running
+ * the machinery backwards; in particular, any deviation from sequential
+ * flow must be marked at both its source and its destination.  Some
+ * fine points:
+ *
+ * - OPLUS_ and O_PLUS are *inside* the loop they create.
+ * - OQUEST_ and O_QUEST are *outside* the bypass they create.
+ * - OCH_ and O_CH are *outside* the multi-way branch they create, while
+ *   OOR1 and OOR2 are respectively the end and the beginning of one of
+ *   the branches.  Note that there is an implicit OOR2 following OCH_
+ *   and an implicit OOR1 preceding O_CH.
+ *
+ * In state representations, an operator's bit is on to signify a state
+ * immediately *preceding* "execution" of that operator.
+ */
+typedef long sop;		/* strip operator */
+typedef long sopno;
+#define	OPRMASK	0x7c000000
+#define	OPDMASK	0x03ffffff
+#define	OPSHIFT	(26)
+#define	OP(n)	((n)&OPRMASK)
+#define	OPND(n)	((n)&OPDMASK)
+#define	SOP(op, opnd)	((op)|(opnd))
+/* operators			   meaning	operand			*/
+/*						(back, fwd are offsets)	*/
+#define	OEND	(1<<OPSHIFT)	/* endmarker	-			*/
+#define	OCHAR	(2<<OPSHIFT)	/* character	unsigned char		*/
+#define	OBOL	(3<<OPSHIFT)	/* left anchor	-			*/
+#define	OEOL	(4<<OPSHIFT)	/* right anchor	-			*/
+#define	OANY	(5<<OPSHIFT)	/* .		-			*/
+#define	OANYOF	(6<<OPSHIFT)	/* [...]	set number		*/
+#define	OBACK_	(7<<OPSHIFT)	/* begin \d	paren number		*/
+#define	O_BACK	(8<<OPSHIFT)	/* end \d	paren number		*/
+#define	OPLUS_	(9<<OPSHIFT)	/* + prefix	fwd to suffix		*/
+#define	O_PLUS	(10<<OPSHIFT)	/* + suffix	back to prefix		*/
+#define	OQUEST_	(11<<OPSHIFT)	/* ? prefix	fwd to suffix		*/
+#define	O_QUEST	(12<<OPSHIFT)	/* ? suffix	back to prefix		*/
+#define	OLPAREN	(13<<OPSHIFT)	/* (		fwd to )		*/
+#define	ORPAREN	(14<<OPSHIFT)	/* )		back to (		*/
+#define	OCH_	(15<<OPSHIFT)	/* begin choice	fwd to OOR2		*/
+#define	OOR1	(16<<OPSHIFT)	/* | pt. 1	back to OOR1 or OCH_	*/
+#define	OOR2	(17<<OPSHIFT)	/* | pt. 2	fwd to OOR2 or O_CH	*/
+#define	O_CH	(18<<OPSHIFT)	/* end choice	back to OOR1		*/
+#define	OBOW	(19<<OPSHIFT)	/* begin word	-			*/
+#define	OEOW	(20<<OPSHIFT)	/* end word	-			*/
+
+/*
+ * Structure for [] character-set representation.  Character sets are
+ * done as bit vectors, grouped 8 to a byte vector for compactness.
+ * The individual set therefore has both a pointer to the byte vector
+ * and a mask to pick out the relevant bit of each byte.  A hash code
+ * simplifies testing whether two sets could be identical.
+ *
+ * This will get trickier for multicharacter collating elements.  As
+ * preliminary hooks for dealing with such things, we also carry along
+ * a string of multi-character elements, and decide the size of the
+ * vectors at run time.
+ */
+typedef struct {
+	uch *ptr;		/* -> uch [csetsize] */
+	uch mask;		/* bit within array */
+	uch hash;		/* hash code */
+	size_t smultis;
+	char *multis;		/* -> char[smulti]  ab\0cd\0ef\0\0 */
+} cset;
+/* note that CHadd and CHsub are unsafe, and CHIN doesn't yield 0/1 */
+#define	CHadd(cs, c)	((cs)->ptr[(uch)(c)] |= (cs)->mask, (cs)->hash += (c))
+#define	CHsub(cs, c)	((cs)->ptr[(uch)(c)] &= ~(cs)->mask, (cs)->hash -= (c))
+#define	CHIN(cs, c)	((cs)->ptr[(uch)(c)] & (cs)->mask)
+#define	MCadd(p, cs, cp)	mcadd(p, cs, cp)	/* regcomp() internal fns */
+
+/* stuff for character categories */
+typedef unsigned char cat_t;
+
+/*
+ * main compiled-expression structure
+ */
+struct re_guts {
+	int magic;
+#		define	MAGIC2	((('R'^0200)<<8)|'E')
+	sop *strip;		/* malloced area for strip */
+	int csetsize;		/* number of bits in a cset vector */
+	int ncsets;		/* number of csets in use */
+	cset *sets;		/* -> cset [ncsets] */
+	uch *setbits;		/* -> uch[csetsize][ncsets/CHAR_BIT] */
+	int cflags;		/* copy of regcomp() cflags argument */
+	sopno nstates;		/* = number of sops */
+	sopno firststate;	/* the initial OEND (normally 0) */
+	sopno laststate;	/* the final OEND */
+	int iflags;		/* internal flags */
+#		define	USEBOL	01	/* used ^ */
+#		define	USEEOL	02	/* used $ */
+#		define	BAD	04	/* something wrong */
+	int nbol;		/* number of ^ used */
+	int neol;		/* number of $ used */
+	int ncategories;	/* how many character categories */
+	cat_t *categories;	/* ->catspace[-CHAR_MIN] */
+	char *must;		/* match must contain this string */
+	int mlen;		/* length of must */
+	size_t nsub;		/* copy of re_nsub */
+	int backrefs;		/* does it use back references? */
+	sopno nplus;		/* how deep does it nest +s? */
+	/* catspace must be last */
+	cat_t catspace[1];	/* actually [NC] */
+};
+
+/* misc utilities */
+#define	OUT	(CHAR_MAX+1)	/* a non-character value */
+#define	ISWORD(c)	(isalnum(c) || (c) == '_')
+
+
+/* character-class table */
+static struct cclass {
+	char *name;
+	char *chars;
+	char *multis;
+} cclasses[] = {
+	{"alnum","ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",""},
+	{"alpha",	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz",	""},
+	{"blank"," \t",	""},
+	{"cntrl","\007\b\t\n\v\f\r\1\2\3\4\5\6\16\17\20\21\22\23\24\25\26\27\30\31\32\33\34\35\36\37\177",""},
+	{"digit","0123456789",""},
+	{"graph","ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~",""},
+	{"lower","abcdefghijklmnopqrstuvwxyz",""},
+	{"print","ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ ",""},
+	{"punct","!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~",""},
+	{"space","\t\n\v\f\r ",	""},
+	{"upper","ABCDEFGHIJKLMNOPQRSTUVWXYZ",""},
+	{"xdigit","0123456789ABCDEFabcdef",""},
+	{NULL,NULL,""}
+};
+
+/* character-name table */
+static struct cname {
+	char *name;
+	char code;
+} cnames[] = {
+	{"NUL",	'\0'},
+	{"SOH",	'\001'},
+	{"STX",	'\002'},
+	{"ETX",	'\003'},
+	{"EOT",	'\004'},
+	{"ENQ",	'\005'},
+	{"ACK",	'\006'},
+	{"BEL",	'\007'},
+	{"alert",	'\007'},
+	{"BS",		'\010'},
+	{"backspace",	'\b'},
+	{"HT",		'\011'},
+	{"tab",		'\t'},
+	{"LF",		'\012'},
+	{"newline",	'\n'},
+	{"VT",		'\013'},
+	{"vertical-tab",	'\v'},
+	{"FF",		'\014'},
+	{"form-feed",	'\f'},
+	{"CR",		'\015'},
+	{"carriage-return",	'\r'},
+	{"SO",	'\016'},
+	{"SI",	'\017'},
+	{"DLE",	'\020'},
+	{"DC1",	'\021'},
+	{"DC2",	'\022'},
+	{"DC3",	'\023'},
+	{"DC4",	'\024'},
+	{"NAK",	'\025'},
+	{"SYN",	'\026'},
+	{"ETB",	'\027'},
+	{"CAN",	'\030'},
+	{"EM",	'\031'},
+	{"SUB",	'\032'},
+	{"ESC",	'\033'},
+	{"IS4",	'\034'},
+	{"FS",	'\034'},
+	{"IS3",	'\035'},
+	{"GS",	'\035'},
+	{"IS2",	'\036'},
+	{"RS",	'\036'},
+	{"IS1",	'\037'},
+	{"US",	'\037'},
+	{"space",		' '},
+	{"exclamation-mark",	'!'},
+	{"quotation-mark",	'"'},
+	{"number-sign",		'#'},
+	{"dollar-sign",		'$'},
+	{"percent-sign",		'%'},
+	{"ampersand",		'&'},
+	{"apostrophe",		'\''},
+	{"left-parenthesis",	'('},
+	{"right-parenthesis",	')'},
+	{"asterisk",	'*'},
+	{"plus-sign",	'+'},
+	{"comma",	','},
+	{"hyphen",	'-'},
+	{"hyphen-minus",	'-'},
+	{"period",	'.'},
+	{"full-stop",	'.'},
+	{"slash",	'/'},
+	{"solidus",	'/'},
+	{"zero",		'0'},
+	{"one",		'1'},
+	{"two",		'2'},
+	{"three",	'3'},
+	{"four",		'4'},
+	{"five",		'5'},
+	{"six",		'6'},
+	{"seven",	'7'},
+	{"eight",	'8'},
+	{"nine",		'9'},
+	{"colon",	':'},
+	{"semicolon",	';'},
+	{"less-than-sign",	'<'},
+	{"equals-sign",		'='},
+	{"greater-than-sign",	'>'},
+	{"question-mark",	'?'},
+	{"commercial-at",	'@'},
+	{"left-square-bracket",	'['},
+	{"backslash",		'\\'},
+	{"reverse-solidus",	'\\'},
+	{"right-square-bracket",	']'},
+	{"circumflex",		'^'},
+	{"circumflex-accent",	'^'},
+	{"underscore",		'_'},
+	{"low-line",		'_'},
+	{"grave-accent",		'`'},
+	{"left-brace",		'{'},
+	{"left-curly-bracket",	'{'},
+	{"vertical-line",	'|'},
+	{"right-brace",		'}'},
+	{"right-curly-bracket",	'}'},
+	{"tilde",		'~'},
+	{"DEL",	'\177'},
+	{NULL,	0}
+};
+
+
+/*
+ * parse structure, passed up and down to avoid global variables and
+ * other clumsinesses
+ */
+struct parse {
+	char *next;		/* next character in RE */
+	char *end;		/* end of string (-> NUL normally) */
+	int error;		/* has an error been seen? */
+	sop *strip;		/* malloced strip */
+	sopno ssize;		/* malloced strip size (allocated) */
+	sopno slen;		/* malloced strip length (used) */
+	int ncsalloc;		/* number of csets allocated */
+	struct re_guts *g;
+#	define	NPAREN	10	/* we need to remember () 1-9 for back refs */
+	sopno pbegin[NPAREN];	/* -> ( ([0] unused) */
+	sopno pend[NPAREN];	/* -> ) ([0] unused) */
+};
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+static void p_ere(register struct parse *p, int stop);
+static void p_ere_exp(register struct parse *p);
+static void p_str(register struct parse *p);
+static void p_bre(register struct parse *p, register int end1, register int end2);
+static int p_simp_re(register struct parse *p, int starordinary);
+static int p_count(register struct parse *p);
+static void p_bracket(register struct parse *p);
+static void p_b_term(register struct parse *p, register cset *cs);
+static void p_b_cclass(register struct parse *p, register cset *cs);
+static void p_b_eclass(register struct parse *p, register cset *cs);
+static char p_b_symbol(register struct parse *p);
+static char p_b_coll_elem(register struct parse *p, int endc);
+static char othercase(int ch);
+static void bothcases(register struct parse *p, int ch);
+static void ordinary(register struct parse *p, register int ch);
+static void nonnewline(register struct parse *p);
+static void repeat(register struct parse *p, sopno start, int from, int to);
+static int seterr(register struct parse *p, int e);
+static cset *allocset(register struct parse *p);
+static void freeset(register struct parse *p, register cset *cs);
+static int freezeset(register struct parse *p, register cset *cs);
+static int firstch(register struct parse *p, register cset *cs);
+static int nch(register struct parse *p, register cset *cs);
+static void mcadd(register struct parse *p, register cset *cs, register char *cp);
+static void mcinvert(register struct parse *p, register cset *cs);
+static void mccase(register struct parse *p, register cset *cs);
+static int isinsets(register struct re_guts *g, int c);
+static int samesets(register struct re_guts *g, int c1, int c2);
+static void categorize(struct parse *p, register struct re_guts *g);
+static sopno dupl(register struct parse *p, sopno start, sopno finish);
+static void doemit(register struct parse *p, sop op, size_t opnd);
+static void doinsert(register struct parse *p, sop op, size_t opnd, sopno pos);
+static void dofwd(register struct parse *p, sopno pos, sop value);
+static void enlarge(register struct parse *p, sopno size);
+static void stripsnug(register struct parse *p, register struct re_guts *g);
+static void findmust(register struct parse *p, register struct re_guts *g);
+static sopno pluscount(register struct parse *p, register struct re_guts *g);
+
+#ifdef __cplusplus
+}
+#endif
+
+static char nuls[10];		/* place to point scanner in event of error */
+
+/*
+ * macros for use with parse structure
+ * BEWARE:  these know that the parse structure is named `p' !!!
+ */
+#define	PEEK()	(*p->next)
+#define	PEEK2()	(*(p->next+1))
+#define	MORE()	(p->next < p->end)
+#define	MORE2()	(p->next+1 < p->end)
+#define	SEE(c)	(MORE() && PEEK() == (c))
+#define	SEETWO(a, b)	(MORE() && MORE2() && PEEK() == (a) && PEEK2() == (b))
+#define	EAT(c)	((SEE(c)) ? (NEXT(), 1) : 0)
+#define	EATTWO(a, b)	((SEETWO(a, b)) ? (NEXT2(), 1) : 0)
+#define	NEXT()	(p->next++)
+#define	NEXT2()	(p->next += 2)
+#define	NEXTn(n)	(p->next += (n))
+#define	GETNEXT()	(*p->next++)
+#define	SETERROR(e)	seterr(p, (e))
+#define	REQUIRE(co, e)	((co) || SETERROR(e))
+#define	MUSTSEE(c, e)	(REQUIRE(MORE() && PEEK() == (c), e))
+#define	MUSTEAT(c, e)	(REQUIRE(MORE() && GETNEXT() == (c), e))
+#define	MUSTNOTSEE(c, e)	(REQUIRE(!MORE() || PEEK() != (c), e))
+#define	EMIT(op, sopnd)	doemit(p, (sop)(op), (size_t)(sopnd))
+#define	INSERT(op, pos)	doinsert(p, (sop)(op), HERE()-(pos)+1, pos)
+#define	AHEAD(pos)		dofwd(p, pos, HERE()-(pos))
+#define	ASTERN(sop, pos)	EMIT(sop, HERE()-pos)
+#define	HERE()		(p->slen)
+#define	THERE()		(p->slen - 1)
+#define	THERETHERE()	(p->slen - 2)
+#define	DROP(n)	(p->slen -= (n))
+
+#define	never	0		/* some <assert.h>s have bugs too */
+
+int				/* 0 success, otherwise REG_something */
+regcomp(preg, pattern, cflags)
+regex_t *preg;
+const char *pattern;
+int cflags;
+{
+	struct parse pa;
+	register struct re_guts *g;
+	register struct parse *p = &pa;
+	register int i;
+	register size_t len;
+#define	GOODFLAGS(f)	((f)&~REG_DUMP)
+
+	cflags = GOODFLAGS(cflags);
+	if ((cflags&REG_EXTENDED) && (cflags&REG_NOSPEC))
+		return(REG_INVARG);
+
+	if (cflags&REG_PEND) {
+		if (preg->re_endp < pattern)
+			return(REG_INVARG);
+		len = preg->re_endp - pattern;
+	} else
+		len = strlen((char *)pattern);
+
+	/* do the mallocs early so failure handling is easy */
+	g = (struct re_guts *)malloc(sizeof(struct re_guts) +
+							(NC-1)*sizeof(cat_t));
+	if (g == NULL)
+		return(REG_ESPACE);
+	p->ssize = len/(size_t)2*(size_t)3 + (size_t)1;	/* ugh */
+	p->strip = (sop *)malloc(p->ssize * sizeof(sop));
+	p->slen = 0;
+	if (p->strip == NULL) {
+		free((char *)g);
+		return(REG_ESPACE);
+	}
+
+	/* set things up */
+	p->g = g;
+	p->next = (char *)pattern;	/* convenience; we do not modify it */
+	p->end = p->next + len;
+	p->error = 0;
+	p->ncsalloc = 0;
+	for (i = 0; i < NPAREN; i++) {
+		p->pbegin[i] = 0;
+		p->pend[i] = 0;
+	}
+	g->csetsize = NC;
+	g->sets = NULL;
+	g->setbits = NULL;
+	g->ncsets = 0;
+	g->cflags = cflags;
+	g->iflags = 0;
+	g->nbol = 0;
+	g->neol = 0;
+	g->must = NULL;
+	g->mlen = 0;
+	g->nsub = 0;
+	g->ncategories = 1;	/* category 0 is "everything else" */
+	g->categories = &g->catspace[-(CHAR_MIN)];
+	(void) memset((char *)g->catspace, 0, NC*sizeof(cat_t));
+	g->backrefs = 0;
+
+	/* do it */
+	EMIT(OEND, 0);
+	g->firststate = THERE();
+	if (cflags&REG_EXTENDED)
+		p_ere(p, OUT);
+	else if (cflags&REG_NOSPEC)
+		p_str(p);
+	else
+		p_bre(p, OUT, OUT);
+	EMIT(OEND, 0);
+	g->laststate = THERE();
+
+	/* tidy up loose ends and fill things in */
+	categorize(p, g);
+	stripsnug(p, g);
+	findmust(p, g);
+	g->nplus = pluscount(p, g);
+	g->magic = MAGIC2;
+	preg->re_nsub = g->nsub;
+	preg->re_g = g;
+	preg->re_magic = MAGIC1;
+	/* not debugging, so can't rely on the assert() in regexec() */
+	if (g->iflags&BAD)
+		SETERROR(REG_ASSERT);
+
+	/* win or lose, we're done */
+	if (p->error != 0)	/* lose */
+		regfree(preg);
+	return(p->error);
+#undef GOODFLAGS
+}
+
+/*
+ - p_ere - ERE parser top level, concatenation and alternation
+ == static void p_ere(register struct parse *p, int stop);
+ */
+static void
+p_ere(p, stop)
+register struct parse *p;
+int stop;			/* character this ERE should end at */
+{
+	register char c;
+	register sopno prevback;
+	register sopno prevfwd;
+	register sopno conc;
+	register int first = 1;		/* is this the first alternative? */
+
+	for (;;) {
+		/* do a bunch of concatenated expressions */
+		conc = HERE();
+		while (MORE() && (c = PEEK()) != '|' && c != stop)
+			p_ere_exp(p);
+		REQUIRE(HERE() != conc, REG_EMPTY);	/* require nonempty */
+
+		if (!EAT('|'))
+			break;		/* NOTE BREAK OUT */
+
+		if (first) {
+			INSERT(OCH_, conc);	/* offset is wrong */
+			prevfwd = conc;
+			prevback = conc;
+			first = 0;
+		}
+		ASTERN(OOR1, prevback);
+		prevback = THERE();
+		AHEAD(prevfwd);			/* fix previous offset */
+		prevfwd = HERE();
+		EMIT(OOR2, 0);			/* offset is very wrong */
+	}
+
+	if (!first) {		/* tail-end fixups */
+		AHEAD(prevfwd);
+		ASTERN(O_CH, prevback);
+	}
+
+	assert(!MORE() || SEE(stop));
+}
+
+/*
+ - p_ere_exp - parse one subERE, an atom possibly followed by a repetition op
+ == static void p_ere_exp(register struct parse *p);
+ */
+static void
+p_ere_exp(p)
+register struct parse *p;
+{
+	register char c;
+	register sopno pos;
+	register int count;
+	register int count2;
+	register sopno subno;
+	int wascaret = 0;
+
+	assert(MORE());		/* caller should have ensured this */
+	c = GETNEXT();
+
+	pos = HERE();
+	switch (c) {
+	case '(':
+		REQUIRE(MORE(), REG_EPAREN);
+		p->g->nsub++;
+		subno = p->g->nsub;
+		if (subno < NPAREN)
+			p->pbegin[subno] = HERE();
+		EMIT(OLPAREN, subno);
+		if (!SEE(')'))
+			p_ere(p, ')');
+		if (subno < NPAREN) {
+			p->pend[subno] = HERE();
+			assert(p->pend[subno] != 0);
+		}
+		EMIT(ORPAREN, subno);
+		MUSTEAT(')', REG_EPAREN);
+		break;
+	case '^':
+		EMIT(OBOL, 0);
+		p->g->iflags |= USEBOL;
+		p->g->nbol++;
+		wascaret = 1;
+		break;
+	case '$':
+		EMIT(OEOL, 0);
+		p->g->iflags |= USEEOL;
+		p->g->neol++;
+		break;
+	case '|':
+		SETERROR(REG_EMPTY);
+		break;
+	case '*':
+	case '+':
+	case '?':
+		SETERROR(REG_BADRPT);
+		break;
+	case '.':
+		if (p->g->cflags&REG_NEWLINE)
+			nonnewline(p);
+		else
+			EMIT(OANY, 0);
+		break;
+	case '[':
+		p_bracket(p);
+		break;
+	case '\\':
+		REQUIRE(MORE(), REG_EESCAPE);
+		c = GETNEXT();
+		ordinary(p, c);
+		break;
+	case '{':		/* okay as ordinary except if digit follows */
+		REQUIRE(!MORE() || !isdigit(PEEK()), REG_BADRPT);
+		/* FALLTHROUGH */
+	default:
+		ordinary(p, c);
+		break;
+	}
+
+	if (!MORE())
+		return;
+	c = PEEK();
+	/* we call { a repetition if followed by a digit */
+	if (!( c == '*' || c == '+' || c == '?' ||
+				(c == '{' && MORE2() && isdigit(PEEK2())) ))
+		return;		/* no repetition, we're done */
+	NEXT();
+
+	REQUIRE(!wascaret, REG_BADRPT);
+	switch (c) {
+	case '*':	/* implemented as +? */
+		/* this case does not require the (y|) trick, noKLUDGE */
+		INSERT(OPLUS_, pos);
+		ASTERN(O_PLUS, pos);
+		INSERT(OQUEST_, pos);
+		ASTERN(O_QUEST, pos);
+		break;
+	case '+':
+		INSERT(OPLUS_, pos);
+		ASTERN(O_PLUS, pos);
+		break;
+	case '?':
+		/* KLUDGE: emit y? as (y|) until subtle bug gets fixed */
+		INSERT(OCH_, pos);		/* offset slightly wrong */
+		ASTERN(OOR1, pos);		/* this one's right */
+		AHEAD(pos);			/* fix the OCH_ */
+		EMIT(OOR2, 0);			/* offset very wrong... */
+		AHEAD(THERE());			/* ...so fix it */
+		ASTERN(O_CH, THERETHERE());
+		break;
+	case '{':
+		count = p_count(p);
+		if (EAT(',')) {
+			if (isdigit(PEEK())) {
+				count2 = p_count(p);
+				REQUIRE(count <= count2, REG_BADBR);
+			} else		/* single number with comma */
+				count2 = INFINITY;
+		} else		/* just a single number */
+			count2 = count;
+		repeat(p, pos, count, count2);
+		if (!EAT('}')) {	/* error heuristics */
+			while (MORE() && PEEK() != '}')
+				NEXT();
+			REQUIRE(MORE(), REG_EBRACE);
+			SETERROR(REG_BADBR);
+		}
+		break;
+	}
+
+	if (!MORE())
+		return;
+	c = PEEK();
+	if (!( c == '*' || c == '+' || c == '?' ||
+				(c == '{' && MORE2() && isdigit(PEEK2())) ) )
+		return;
+	SETERROR(REG_BADRPT);
+}
+
+/*
+ - p_str - string (no metacharacters) "parser"
+ == static void p_str(register struct parse *p);
+ */
+static void
+p_str(p)
+register struct parse *p;
+{
+	REQUIRE(MORE(), REG_EMPTY);
+	while (MORE())
+		ordinary(p, GETNEXT());
+}
+
+/*
+ - p_bre - BRE parser top level, anchoring and concatenation
+ == static void p_bre(register struct parse *p, register int end1, \
+ ==	register int end2);
+ * Giving end1 as OUT essentially eliminates the end1/end2 check.
+ *
+ * This implementation is a bit of a kludge, in that a trailing $ is first
+ * taken as an ordinary character and then revised to be an anchor.  The
+ * only undesirable side effect is that '$' gets included as a character
+ * category in such cases.  This is fairly harmless; not worth fixing.
+ * The amount of lookahead needed to avoid this kludge is excessive.
+ */
+static void
+p_bre(p, end1, end2)
+register struct parse *p;
+register int end1;		/* first terminating character */
+register int end2;		/* second terminating character */
+{
+	register sopno start = HERE();
+	register int first = 1;			/* first subexpression? */
+	register int wasdollar = 0;
+
+	if (EAT('^')) {
+		EMIT(OBOL, 0);
+		p->g->iflags |= USEBOL;
+		p->g->nbol++;
+	}
+	while (MORE() && !SEETWO(end1, end2)) {
+		wasdollar = p_simp_re(p, first);
+		first = 0;
+	}
+	if (wasdollar) {	/* oops, that was a trailing anchor */
+		DROP(1);
+		EMIT(OEOL, 0);
+		p->g->iflags |= USEEOL;
+		p->g->neol++;
+	}
+
+	REQUIRE(HERE() != start, REG_EMPTY);	/* require nonempty */
+}
+
+/*
+ - p_simp_re - parse a simple RE, an atom possibly followed by a repetition
+ == static int p_simp_re(register struct parse *p, int starordinary);
+ */
+static int			/* was the simple RE an unbackslashed $? */
+p_simp_re(p, starordinary)
+register struct parse *p;
+int starordinary;		/* is a leading * an ordinary character? */
+{
+	register int c;
+	register int count;
+	register int count2;
+	register sopno pos;
+	register int i;
+	register sopno subno;
+#	define	BACKSL	(1<<CHAR_BIT)
+
+	pos = HERE();		/* repetion op, if any, covers from here */
+
+	assert(MORE());		/* caller should have ensured this */
+	c = GETNEXT();
+	if (c == '\\') {
+		REQUIRE(MORE(), REG_EESCAPE);
+		c = BACKSL | (unsigned char)GETNEXT();
+	}
+	switch (c) {
+	case '.':
+		if (p->g->cflags&REG_NEWLINE)
+			nonnewline(p);
+		else
+			EMIT(OANY, 0);
+		break;
+	case '[':
+		p_bracket(p);
+		break;
+	case BACKSL|'{':
+		SETERROR(REG_BADRPT);
+		break;
+	case BACKSL|'(':
+		p->g->nsub++;
+		subno = p->g->nsub;
+		if (subno < NPAREN)
+			p->pbegin[subno] = HERE();
+		EMIT(OLPAREN, subno);
+		/* the MORE here is an error heuristic */
+		if (MORE() && !SEETWO('\\', ')'))
+			p_bre(p, '\\', ')');
+		if (subno < NPAREN) {
+			p->pend[subno] = HERE();
+			assert(p->pend[subno] != 0);
+		}
+		EMIT(ORPAREN, subno);
+		REQUIRE(EATTWO('\\', ')'), REG_EPAREN);
+		break;
+	case BACKSL|')':	/* should not get here -- must be user */
+	case BACKSL|'}':
+		SETERROR(REG_EPAREN);
+		break;
+	case BACKSL|'1':
+	case BACKSL|'2':
+	case BACKSL|'3':
+	case BACKSL|'4':
+	case BACKSL|'5':
+	case BACKSL|'6':
+	case BACKSL|'7':
+	case BACKSL|'8':
+	case BACKSL|'9':
+		i = (c&~BACKSL) - '0';
+		assert(i < NPAREN);
+		if (p->pend[i] != 0) {
+			assert(i <= p->g->nsub);
+			EMIT(OBACK_, i);
+			assert(p->pbegin[i] != 0);
+			assert(OP(p->strip[p->pbegin[i]]) == OLPAREN);
+			assert(OP(p->strip[p->pend[i]]) == ORPAREN);
+			(void) dupl(p, p->pbegin[i]+1, p->pend[i]);
+			EMIT(O_BACK, i);
+		} else
+			SETERROR(REG_ESUBREG);
+		p->g->backrefs = 1;
+		break;
+	case '*':
+		REQUIRE(starordinary, REG_BADRPT);
+		/* FALLTHROUGH */
+	default:
+		ordinary(p, (char)c);	/* takes off BACKSL, if any */
+		break;
+	}
+
+	if (EAT('*')) {		/* implemented as +? */
+		/* this case does not require the (y|) trick, noKLUDGE */
+		INSERT(OPLUS_, pos);
+		ASTERN(O_PLUS, pos);
+		INSERT(OQUEST_, pos);
+		ASTERN(O_QUEST, pos);
+	} else if (EATTWO('\\', '{')) {
+		count = p_count(p);
+		if (EAT(',')) {
+			if (MORE() && isdigit(PEEK())) {
+				count2 = p_count(p);
+				REQUIRE(count <= count2, REG_BADBR);
+			} else		/* single number with comma */
+				count2 = INFINITY;
+		} else		/* just a single number */
+			count2 = count;
+		repeat(p, pos, count, count2);
+		if (!EATTWO('\\', '}')) {	/* error heuristics */
+			while (MORE() && !SEETWO('\\', '}'))
+				NEXT();
+			REQUIRE(MORE(), REG_EBRACE);
+			SETERROR(REG_BADBR);
+		}
+	} else if (c == (unsigned char)'$')	/* $ (but not \$) ends it */
+		return(1);
+
+	return(0);
+}
+
+/*
+ - p_count - parse a repetition count
+ == static int p_count(register struct parse *p);
+ */
+static int			/* the value */
+p_count(p)
+register struct parse *p;
+{
+	register int count = 0;
+	register int ndigits = 0;
+
+	while (MORE() && isdigit(PEEK()) && count <= DUPMAX) {
+		count = count*10 + (GETNEXT() - '0');
+		ndigits++;
+	}
+
+	REQUIRE(ndigits > 0 && count <= DUPMAX, REG_BADBR);
+	return(count);
+}
+
+/*
+ - p_bracket - parse a bracketed character list
+ == static void p_bracket(register struct parse *p);
+ *
+ * Note a significant property of this code:  if the allocset() did SETERROR,
+ * no set operations are done.
+ */
+static void
+p_bracket(p)
+register struct parse *p;
+{
+	register cset *cs = allocset(p);
+	register int invert = 0;
+
+	/* Dept of Truly Sickening Special-Case Kludges */
+	if (p->next + 5 < p->end && strncmp(p->next, "[:<:]]", 6) == 0) {
+		EMIT(OBOW, 0);
+		NEXTn(6);
+		return;
+	}
+	if (p->next + 5 < p->end && strncmp(p->next, "[:>:]]", 6) == 0) {
+		EMIT(OEOW, 0);
+		NEXTn(6);
+		return;
+	}
+
+	if (EAT('^'))
+		invert++;	/* make note to invert set at end */
+	if (EAT(']'))
+		CHadd(cs, ']');
+	else if (EAT('-'))
+		CHadd(cs, '-');
+	while (MORE() && PEEK() != ']' && !SEETWO('-', ']'))
+		p_b_term(p, cs);
+	if (EAT('-'))
+		CHadd(cs, '-');
+	MUSTEAT(']', REG_EBRACK);
+
+	if (p->error != 0)	/* don't mess things up further */
+		return;
+
+	if (p->g->cflags&REG_ICASE) {
+		register int i;
+		register int ci;
+
+		for (i = p->g->csetsize - 1; i >= 0; i--)
+			if (CHIN(cs, i) && isalpha(i)) {
+				ci = othercase(i);
+				if (ci != i)
+					CHadd(cs, ci);
+			}
+		if (cs->multis != NULL)
+			mccase(p, cs);
+	}
+	if (invert) {
+		register int i;
+
+		for (i = p->g->csetsize - 1; i >= 0; i--)
+			if (CHIN(cs, i))
+				CHsub(cs, i);
+			else
+				CHadd(cs, i);
+		if (p->g->cflags&REG_NEWLINE)
+			CHsub(cs, '\n');
+		if (cs->multis != NULL)
+			mcinvert(p, cs);
+	}
+
+	assert(cs->multis == NULL);		/* xxx */
+
+	if (nch(p, cs) == 1) {		/* optimize singleton sets */
+		ordinary(p, firstch(p, cs));
+		freeset(p, cs);
+	} else
+		EMIT(OANYOF, freezeset(p, cs));
+}
+
+/*
+ - p_b_term - parse one term of a bracketed character list
+ == static void p_b_term(register struct parse *p, register cset *cs);
+ */
+static void
+p_b_term(p, cs)
+register struct parse *p;
+register cset *cs;
+{
+	register char c;
+	register char start, finish;
+	register int i;
+
+	/* classify what we've got */
+	switch ((MORE()) ? PEEK() : '\0') {
+	case '[':
+		c = (MORE2()) ? PEEK2() : '\0';
+		break;
+	case '-':
+		SETERROR(REG_ERANGE);
+		return;			/* NOTE RETURN */
+		break;
+	default:
+		c = '\0';
+		break;
+	}
+
+	switch (c) {
+	case ':':		/* character class */
+		NEXT2();
+		REQUIRE(MORE(), REG_EBRACK);
+		c = PEEK();
+		REQUIRE(c != '-' && c != ']', REG_ECTYPE);
+		p_b_cclass(p, cs);
+		REQUIRE(MORE(), REG_EBRACK);
+		REQUIRE(EATTWO(':', ']'), REG_ECTYPE);
+		break;
+	case '=':		/* equivalence class */
+		NEXT2();
+		REQUIRE(MORE(), REG_EBRACK);
+		c = PEEK();
+		REQUIRE(c != '-' && c != ']', REG_ECOLLATE);
+		p_b_eclass(p, cs);
+		REQUIRE(MORE(), REG_EBRACK);
+		REQUIRE(EATTWO('=', ']'), REG_ECOLLATE);
+		break;
+	default:		/* symbol, ordinary character, or range */
+/* xxx revision needed for multichar stuff */
+		start = p_b_symbol(p);
+		if (SEE('-') && MORE2() && PEEK2() != ']') {
+			/* range */
+			NEXT();
+			if (EAT('-'))
+				finish = '-';
+			else
+				finish = p_b_symbol(p);
+		} else
+			finish = start;
+/* xxx what about signed chars here... */
+		REQUIRE(start <= finish, REG_ERANGE);
+		for (i = start; i <= finish; i++)
+			CHadd(cs, i);
+		break;
+	}
+}
+
+/*
+ - p_b_cclass - parse a character-class name and deal with it
+ == static void p_b_cclass(register struct parse *p, register cset *cs);
+ */
+static void
+p_b_cclass(p, cs)
+register struct parse *p;
+register cset *cs;
+{
+	register char *sp = p->next;
+	register struct cclass *cp;
+	register size_t len;
+	register char *u;
+	register char c;
+
+	while (MORE() && isalpha(PEEK()))
+		NEXT();
+	len = p->next - sp;
+	for (cp = cclasses; cp->name != NULL; cp++)
+		if (strncmp(cp->name, sp, len) == 0 && cp->name[len] == '\0')
+			break;
+	if (cp->name == NULL) {
+		/* oops, didn't find it */
+		SETERROR(REG_ECTYPE);
+		return;
+	}
+
+	u = cp->chars;
+	while ((c = *u++) != '\0')
+		CHadd(cs, c);
+	for (u = cp->multis; *u != '\0'; u += strlen(u) + 1)
+		MCadd(p, cs, u);
+}
+
+/*
+ - p_b_eclass - parse an equivalence-class name and deal with it
+ == static void p_b_eclass(register struct parse *p, register cset *cs);
+ *
+ * This implementation is incomplete. xxx
+ */
+static void
+p_b_eclass(p, cs)
+register struct parse *p;
+register cset *cs;
+{
+	register char c;
+
+	c = p_b_coll_elem(p, '=');
+	CHadd(cs, c);
+}
+
+/*
+ - p_b_symbol - parse a character or [..]ed multicharacter collating symbol
+ == static char p_b_symbol(register struct parse *p);
+ */
+static char			/* value of symbol */
+p_b_symbol(p)
+register struct parse *p;
+{
+	register char value;
+
+	REQUIRE(MORE(), REG_EBRACK);
+	if (!EATTWO('[', '.'))
+		return(GETNEXT());
+
+	/* collating symbol */
+	value = p_b_coll_elem(p, '.');
+	REQUIRE(EATTWO('.', ']'), REG_ECOLLATE);
+	return(value);
+}
+
+/*
+ - p_b_coll_elem - parse a collating-element name and look it up
+ == static char p_b_coll_elem(register struct parse *p, int endc);
+ */
+static char			/* value of collating element */
+p_b_coll_elem(p, endc)
+register struct parse *p;
+int endc;			/* name ended by endc,']' */
+{
+	register char *sp = p->next;
+	register struct cname *cp;
+	register int len;
+
+	while (MORE() && !SEETWO(endc, ']'))
+		NEXT();
+	if (!MORE()) {
+		SETERROR(REG_EBRACK);
+		return(0);
+	}
+	len = p->next - sp;
+	for (cp = cnames; cp->name != NULL; cp++)
+		if (strncmp(cp->name, sp, len) == 0 && cp->name[len] == '\0')
+			return(cp->code);	/* known name */
+	if (len == 1)
+		return(*sp);	/* single character */
+	SETERROR(REG_ECOLLATE);			/* neither */
+	return(0);
+}
+
+/*
+ - othercase - return the case counterpart of an alphabetic
+ == static char othercase(int ch);
+ */
+static char			/* if no counterpart, return ch */
+othercase(ch)
+int ch;
+{
+	assert(isalpha(ch));
+	if (isupper(ch))
+		return(tolower(ch));
+	else if (islower(ch))
+		return(toupper(ch));
+	else			/* peculiar, but could happen */
+		return(ch);
+}
+
+/*
+ - bothcases - emit a dualcase version of a two-case character
+ == static void bothcases(register struct parse *p, int ch);
+ *
+ * Boy, is this implementation ever a kludge...
+ */
+static void
+bothcases(p, ch)
+register struct parse *p;
+int ch;
+{
+	register char *oldnext = p->next;
+	register char *oldend = p->end;
+	char bracket[3];
+
+	assert(othercase(ch) != ch);	/* p_bracket() would recurse */
+	p->next = bracket;
+	p->end = bracket+2;
+	bracket[0] = ch;
+	bracket[1] = ']';
+	bracket[2] = '\0';
+	p_bracket(p);
+	assert(p->next == bracket+2);
+	p->next = oldnext;
+	p->end = oldend;
+}
+
+/*
+ - ordinary - emit an ordinary character
+ == static void ordinary(register struct parse *p, register int ch);
+ */
+static void
+ordinary(p, ch)
+register struct parse *p;
+register int ch;
+{
+	register cat_t *cap = p->g->categories;
+
+	if ((p->g->cflags&REG_ICASE) && isalpha(ch) && othercase(ch) != ch)
+		bothcases(p, ch);
+	else {
+		EMIT(OCHAR, (unsigned char)ch);
+		if (cap[ch] == 0)
+			cap[ch] = p->g->ncategories++;
+	}
+}
+
+/*
+ - nonnewline - emit REG_NEWLINE version of OANY
+ == static void nonnewline(register struct parse *p);
+ *
+ * Boy, is this implementation ever a kludge...
+ */
+static void
+nonnewline(p)
+register struct parse *p;
+{
+	register char *oldnext = p->next;
+	register char *oldend = p->end;
+	char bracket[4];
+
+	p->next = bracket;
+	p->end = bracket+3;
+	bracket[0] = '^';
+	bracket[1] = '\n';
+	bracket[2] = ']';
+	bracket[3] = '\0';
+	p_bracket(p);
+	assert(p->next == bracket+3);
+	p->next = oldnext;
+	p->end = oldend;
+}
+
+/*
+ - repeat - generate code for a bounded repetition, recursively if needed
+ == static void repeat(register struct parse *p, sopno start, int from, int to);
+ */
+static void
+repeat(p, start, from, to)
+register struct parse *p;
+sopno start;			/* operand from here to end of strip */
+int from;			/* repeated from this number */
+int to;				/* to this number of times (maybe INFINITY) */
+{
+	register sopno finish = HERE();
+#	define	N	2
+#	define	INF	3
+#	define	REP(f, t)	((f)*8 + (t))
+#	define	MAP(n)	(((n) <= 1) ? (n) : ((n) == INFINITY) ? INF : N)
+	register sopno copy;
+
+	if (p->error != 0)	/* head off possible runaway recursion */
+		return;
+
+	assert(from <= to);
+
+	switch (REP(MAP(from), MAP(to))) {
+	case REP(0, 0):			/* must be user doing this */
+		DROP(finish-start);	/* drop the operand */
+		break;
+	case REP(0, 1):			/* as x{1,1}? */
+	case REP(0, N):			/* as x{1,n}? */
+	case REP(0, INF):		/* as x{1,}? */
+		/* KLUDGE: emit y? as (y|) until subtle bug gets fixed */
+		INSERT(OCH_, start);		/* offset is wrong... */
+		repeat(p, start+1, 1, to);
+		ASTERN(OOR1, start);
+		AHEAD(start);			/* ... fix it */
+		EMIT(OOR2, 0);
+		AHEAD(THERE());
+		ASTERN(O_CH, THERETHERE());
+		break;
+	case REP(1, 1):			/* trivial case */
+		/* done */
+		break;
+	case REP(1, N):			/* as x?x{1,n-1} */
+		/* KLUDGE: emit y? as (y|) until subtle bug gets fixed */
+		INSERT(OCH_, start);
+		ASTERN(OOR1, start);
+		AHEAD(start);
+		EMIT(OOR2, 0);			/* offset very wrong... */
+		AHEAD(THERE());			/* ...so fix it */
+		ASTERN(O_CH, THERETHERE());
+		copy = dupl(p, start+1, finish+1);
+		assert(copy == finish+4);
+		repeat(p, copy, 1, to-1);
+		break;
+	case REP(1, INF):		/* as x+ */
+		INSERT(OPLUS_, start);
+		ASTERN(O_PLUS, start);
+		break;
+	case REP(N, N):			/* as xx{m-1,n-1} */
+		copy = dupl(p, start, finish);
+		repeat(p, copy, from-1, to-1);
+		break;
+	case REP(N, INF):		/* as xx{n-1,INF} */
+		copy = dupl(p, start, finish);
+		repeat(p, copy, from-1, to);
+		break;
+	default:			/* "can't happen" */
+		SETERROR(REG_ASSERT);	/* just in case */
+		break;
+	}
+}
+
+/*
+ - seterr - set an error condition
+ == static int seterr(register struct parse *p, int e);
+ */
+static int			/* useless but makes type checking happy */
+seterr(p, e)
+register struct parse *p;
+int e;
+{
+	if (p->error == 0)	/* keep earliest error condition */
+		p->error = e;
+	p->next = nuls;		/* try to bring things to a halt */
+	p->end = nuls;
+	return(0);		/* make the return value well-defined */
+}
+
+/*
+ - allocset - allocate a set of characters for []
+ == static cset *allocset(register struct parse *p);
+ */
+static cset *
+allocset(p)
+register struct parse *p;
+{
+	register int no = p->g->ncsets++;
+	register size_t nc;
+	register size_t nbytes;
+	register cset *cs;
+	register size_t css = (size_t)p->g->csetsize;
+	register int i;
+
+	if (no >= p->ncsalloc) {	/* need another column of space */
+		p->ncsalloc += CHAR_BIT;
+		nc = p->ncsalloc;
+		assert(nc % CHAR_BIT == 0);
+		nbytes = nc / CHAR_BIT * css;
+		if (p->g->sets == NULL)
+			p->g->sets = (cset *)malloc(nc * sizeof(cset));
+		else
+			p->g->sets = (cset *)realloc((char *)p->g->sets,
+							nc * sizeof(cset));
+		if (p->g->setbits == NULL)
+			p->g->setbits = (uch *)malloc(nbytes);
+		else {
+			p->g->setbits = (uch *)realloc((char *)p->g->setbits,
+								nbytes);
+			/* xxx this isn't right if setbits is now NULL */
+			for (i = 0; i < no; i++)
+				p->g->sets[i].ptr = p->g->setbits + css*(i/CHAR_BIT);
+		}
+		if (p->g->sets != NULL && p->g->setbits != NULL)
+			(void) memset((char *)p->g->setbits + (nbytes - css),
+								0, css);
+		else {
+			no = 0;
+			SETERROR(REG_ESPACE);
+			/* caller's responsibility not to do set ops */
+		}
+	}
+
+	assert(p->g->sets != NULL);	/* xxx */
+	cs = &p->g->sets[no];
+	cs->ptr = p->g->setbits + css*((no)/CHAR_BIT);
+	cs->mask = 1 << ((no) % CHAR_BIT);
+	cs->hash = 0;
+	cs->smultis = 0;
+	cs->multis = NULL;
+
+	return(cs);
+}
+
+/*
+ - freeset - free a now-unused set
+ == static void freeset(register struct parse *p, register cset *cs);
+ */
+static void
+freeset(p, cs)
+register struct parse *p;
+register cset *cs;
+{
+	register int i;
+	register cset *top = &p->g->sets[p->g->ncsets];
+	register size_t css = (size_t)p->g->csetsize;
+
+	for (i = 0; i < css; i++)
+		CHsub(cs, i);
+	if (cs == top-1)	/* recover only the easy case */
+		p->g->ncsets--;
+}
+
+/*
+ - freezeset - final processing on a set of characters
+ == static int freezeset(register struct parse *p, register cset *cs);
+ *
+ * The main task here is merging identical sets.  This is usually a waste
+ * of time (although the hash code minimizes the overhead), but can win
+ * big if REG_ICASE is being used.  REG_ICASE, by the way, is why the hash
+ * is done using addition rather than xor -- all ASCII [aA] sets xor to
+ * the same value!
+ */
+static int			/* set number */
+freezeset(p, cs)
+register struct parse *p;
+register cset *cs;
+{
+	register uch h = cs->hash;
+	register int i;
+	register cset *top = &p->g->sets[p->g->ncsets];
+	register cset *cs2;
+	register size_t css = (size_t)p->g->csetsize;
+
+	/* look for an earlier one which is the same */
+	for (cs2 = &p->g->sets[0]; cs2 < top; cs2++)
+		if (cs2->hash == h && cs2 != cs) {
+			/* maybe */
+			for (i = 0; i < css; i++)
+				if (!!CHIN(cs2, i) != !!CHIN(cs, i))
+					break;		/* no */
+			if (i == css)
+				break;			/* yes */
+		}
+
+	if (cs2 < top) {	/* found one */
+		freeset(p, cs);
+		cs = cs2;
+	}
+
+	return((int)(cs - p->g->sets));
+}
+
+/*
+ - firstch - return first character in a set (which must have at least one)
+ == static int firstch(register struct parse *p, register cset *cs);
+ */
+static int			/* character; there is no "none" value */
+firstch(p, cs)
+register struct parse *p;
+register cset *cs;
+{
+	register int i;
+	register size_t css = (size_t)p->g->csetsize;
+
+	for (i = 0; i < css; i++)
+		if (CHIN(cs, i))
+			return((char)i);
+	assert(never);
+	return(0);		/* arbitrary */
+}
+
+/*
+ - nch - number of characters in a set
+ == static int nch(register struct parse *p, register cset *cs);
+ */
+static int
+nch(p, cs)
+register struct parse *p;
+register cset *cs;
+{
+	register int i;
+	register size_t css = (size_t)p->g->csetsize;
+	register int n = 0;
+
+	for (i = 0; i < css; i++)
+		if (CHIN(cs, i))
+			n++;
+	return(n);
+}
+
+/*
+ - mcadd - add a collating element to a cset
+ == static void mcadd(register struct parse *p, register cset *cs, \
+ ==	register char *cp);
+ */
+static void
+mcadd(p, cs, cp)
+register struct parse *p;
+register cset *cs;
+register char *cp;
+{
+	register size_t oldend = cs->smultis;
+
+	cs->smultis += strlen(cp) + 1;
+	if (cs->multis == NULL)
+		cs->multis = malloc(cs->smultis);
+	else
+		cs->multis = realloc(cs->multis, cs->smultis);
+	if (cs->multis == NULL) {
+		SETERROR(REG_ESPACE);
+		return;
+	}
+
+	(void) strcpy(cs->multis + oldend - 1, cp);
+	cs->multis[cs->smultis - 1] = '\0';
+}
+
+/*
+ - mcinvert - invert the list of collating elements in a cset
+ == static void mcinvert(register struct parse *p, register cset *cs);
+ *
+ * This would have to know the set of possibilities.  Implementation
+ * is deferred.
+ */
+static void
+mcinvert(p, cs)
+register struct parse *p;
+register cset *cs;
+{
+	assert(cs->multis == NULL);	/* xxx */
+}
+
+/*
+ - mccase - add case counterparts of the list of collating elements in a cset
+ == static void mccase(register struct parse *p, register cset *cs);
+ *
+ * This would have to know the set of possibilities.  Implementation
+ * is deferred.
+ */
+static void
+mccase(p, cs)
+register struct parse *p;
+register cset *cs;
+{
+	assert(cs->multis == NULL);	/* xxx */
+}
+
+/*
+ - isinsets - is this character in any sets?
+ == static int isinsets(register struct re_guts *g, int c);
+ */
+static int			/* predicate */
+isinsets(g, c)
+register struct re_guts *g;
+int c;
+{
+	register uch *col;
+	register int i;
+	register int ncols = (g->ncsets+(CHAR_BIT-1)) / CHAR_BIT;
+	register unsigned uc = (unsigned char)c;
+
+	for (i = 0, col = g->setbits; i < ncols; i++, col += g->csetsize)
+		if (col[uc] != 0)
+			return(1);
+	return(0);
+}
+
+/*
+ - samesets - are these two characters in exactly the same sets?
+ == static int samesets(register struct re_guts *g, int c1, int c2);
+ */
+static int			/* predicate */
+samesets(g, c1, c2)
+register struct re_guts *g;
+int c1;
+int c2;
+{
+	register uch *col;
+	register int i;
+	register int ncols = (g->ncsets+(CHAR_BIT-1)) / CHAR_BIT;
+	register unsigned uc1 = (unsigned char)c1;
+	register unsigned uc2 = (unsigned char)c2;
+
+	for (i = 0, col = g->setbits; i < ncols; i++, col += g->csetsize)
+		if (col[uc1] != col[uc2])
+			return(0);
+	return(1);
+}
+
+/*
+ - categorize - sort out character categories
+ == static void categorize(struct parse *p, register struct re_guts *g);
+ */
+static void
+categorize(p, g)
+struct parse *p;
+register struct re_guts *g;
+{
+	register cat_t *cats = g->categories;
+	register int c;
+	register int c2;
+	register cat_t cat;
+
+	/* avoid making error situations worse */
+	if (p->error != 0)
+		return;
+
+	for (c = CHAR_MIN; c <= CHAR_MAX; c++)
+		if (cats[c] == 0 && isinsets(g, c)) {
+			cat = g->ncategories++;
+			cats[c] = cat;
+			for (c2 = c+1; c2 <= CHAR_MAX; c2++)
+				if (cats[c2] == 0 && samesets(g, c, c2))
+					cats[c2] = cat;
+		}
+}
+
+/*
+ - dupl - emit a duplicate of a bunch of sops
+ == static sopno dupl(register struct parse *p, sopno start, sopno finish);
+ */
+static sopno			/* start of duplicate */
+dupl(p, start, finish)
+register struct parse *p;
+sopno start;			/* from here */
+sopno finish;			/* to this less one */
+{
+	register sopno ret = HERE();
+	register sopno len = finish - start;
+
+	assert(finish >= start);
+	if (len == 0)
+		return(ret);
+	enlarge(p, p->ssize + len);	/* this many unexpected additions */
+	assert(p->ssize >= p->slen + len);
+	(void) memcpy((char *)(p->strip + p->slen),
+		(char *)(p->strip + start), (size_t)len*sizeof(sop));
+	p->slen += len;
+	return(ret);
+}
+
+/*
+ - doemit - emit a strip operator
+ == static void doemit(register struct parse *p, sop op, size_t opnd);
+ *
+ * It might seem better to implement this as a macro with a function as
+ * hard-case backup, but it's just too big and messy unless there are
+ * some changes to the data structures.  Maybe later.
+ */
+static void
+doemit(p, op, opnd)
+register struct parse *p;
+sop op;
+size_t opnd;
+{
+	/* avoid making error situations worse */
+	if (p->error != 0)
+		return;
+
+	/* deal with oversize operands ("can't happen", more or less) */
+	assert(opnd < 1<<OPSHIFT);
+
+	/* deal with undersized strip */
+	if (p->slen >= p->ssize)
+		enlarge(p, (p->ssize+1) / 2 * 3);	/* +50% */
+	assert(p->slen < p->ssize);
+
+	/* finally, it's all reduced to the easy case */
+	p->strip[p->slen++] = SOP(op, opnd);
+}
+
+/*
+ - doinsert - insert a sop into the strip
+ == static void doinsert(register struct parse *p, sop op, size_t opnd, sopno pos);
+ */
+static void
+doinsert(p, op, opnd, pos)
+register struct parse *p;
+sop op;
+size_t opnd;
+sopno pos;
+{
+	register sopno sn;
+	register sop s;
+	register int i;
+
+	/* avoid making error situations worse */
+	if (p->error != 0)
+		return;
+
+	sn = HERE();
+	EMIT(op, opnd);		/* do checks, ensure space */
+	assert(HERE() == sn+1);
+	s = p->strip[sn];
+
+	/* adjust paren pointers */
+	assert(pos > 0);
+	for (i = 1; i < NPAREN; i++) {
+		if (p->pbegin[i] >= pos) {
+			p->pbegin[i]++;
+		}
+		if (p->pend[i] >= pos) {
+			p->pend[i]++;
+		}
+	}
+
+	memmove((char *)&p->strip[pos+1], (char *)&p->strip[pos],
+						(HERE()-pos-1)*sizeof(sop));
+	p->strip[pos] = s;
+}
+
+/*
+ - dofwd - complete a forward reference
+ == static void dofwd(register struct parse *p, sopno pos, sop value);
+ */
+static void
+dofwd(p, pos, value)
+register struct parse *p;
+register sopno pos;
+sop value;
+{
+	/* avoid making error situations worse */
+	if (p->error != 0)
+		return;
+
+	assert(value < 1<<OPSHIFT);
+	p->strip[pos] = OP(p->strip[pos]) | value;
+}
+
+/*
+ - enlarge - enlarge the strip
+ == static void enlarge(register struct parse *p, sopno size);
+ */
+static void
+enlarge(p, size)
+register struct parse *p;
+register sopno size;
+{
+	register sop *sp;
+
+	if (p->ssize >= size)
+		return;
+
+	sp = (sop *)realloc(p->strip, size*sizeof(sop));
+	if (sp == NULL) {
+		SETERROR(REG_ESPACE);
+		return;
+	}
+	p->strip = sp;
+	p->ssize = size;
+}
+
+/*
+ - stripsnug - compact the strip
+ == static void stripsnug(register struct parse *p, register struct re_guts *g);
+ */
+static void
+stripsnug(p, g)
+register struct parse *p;
+register struct re_guts *g;
+{
+	g->nstates = p->slen;
+	g->strip = (sop *)realloc((char *)p->strip, p->slen * sizeof(sop));
+	if (g->strip == NULL) {
+		SETERROR(REG_ESPACE);
+		g->strip = p->strip;
+	}
+}
+
+/*
+ - findmust - fill in must and mlen with longest mandatory literal string
+ == static void findmust(register struct parse *p, register struct re_guts *g);
+ *
+ * This algorithm could do fancy things like analyzing the operands of |
+ * for common subsequences.  Someday.  This code is simple and finds most
+ * of the interesting cases.
+ *
+ * Note that must and mlen got initialized during setup.
+ */
+static void
+findmust(p, g)
+struct parse *p;
+register struct re_guts *g;
+{
+	register sop *scan;
+	sop *start;
+	register sop *newstart;
+	register sopno newlen;
+	register sop s;
+	register char *cp;
+	register sopno i;
+
+	/* avoid making error situations worse */
+	if (p->error != 0)
+		return;
+
+	/* find the longest OCHAR sequence in strip */
+	newlen = 0;
+	scan = g->strip + 1;
+	do {
+		s = *scan++;
+		switch (OP(s)) {
+		case OCHAR:		/* sequence member */
+			if (newlen == 0)		/* new sequence */
+				newstart = scan - 1;
+			newlen++;
+			break;
+		case OPLUS_:		/* things that don't break one */
+		case OLPAREN:
+		case ORPAREN:
+			break;
+		case OQUEST_:		/* things that must be skipped */
+		case OCH_:
+			scan--;
+			do {
+				scan += OPND(s);
+				s = *scan;
+				/* assert() interferes w debug printouts */
+				if (OP(s) != O_QUEST && OP(s) != O_CH &&
+							OP(s) != OOR2) {
+					g->iflags |= BAD;
+					return;
+				}
+			} while (OP(s) != O_QUEST && OP(s) != O_CH);
+			/* fallthrough */
+		default:		/* things that break a sequence */
+			if (newlen > g->mlen) {		/* ends one */
+				start = newstart;
+				g->mlen = newlen;
+			}
+			newlen = 0;
+			break;
+		}
+	} while (OP(s) != OEND);
+
+	if (g->mlen == 0)		/* there isn't one */
+		return;
+
+	/* turn it into a character string */
+	g->must = malloc((size_t)g->mlen + 1);
+	if (g->must == NULL) {		/* argh; just forget it */
+		g->mlen = 0;
+		return;
+	}
+	cp = g->must;
+	scan = start;
+	for (i = g->mlen; i > 0; i--) {
+		while (OP(s = *scan++) != OCHAR)
+			continue;
+		assert(cp < g->must + g->mlen);
+		*cp++ = (char)OPND(s);
+	}
+	assert(cp == g->must + g->mlen);
+	*cp++ = '\0';		/* just on general principles */
+}
+
+/*
+ - pluscount - count + nesting
+ == static sopno pluscount(register struct parse *p, register struct re_guts *g);
+ */
+static sopno			/* nesting depth */
+pluscount(p, g)
+struct parse *p;
+register struct re_guts *g;
+{
+	register sop *scan;
+	register sop s;
+	register sopno plusnest = 0;
+	register sopno maxnest = 0;
+
+	if (p->error != 0)
+		return(0);	/* there may not be an OEND */
+
+	scan = g->strip + 1;
+	do {
+		s = *scan++;
+		switch (OP(s)) {
+		case OPLUS_:
+			plusnest++;
+			break;
+		case O_PLUS:
+			if (plusnest > maxnest)
+				maxnest = plusnest;
+			plusnest--;
+			break;
+		}
+	} while (OP(s) != OEND);
+	if (plusnest != 0)
+		g->iflags |= BAD;
+	return(maxnest);
+}
+
+static int nope = 0;		/* for use in asserts; shuts lint up */
+
+/* macros for manipulating states, small version */
+#define	states	unsigned
+#define	states1	unsigned	/* for later use in regexec() decision */
+#define	CLEAR(v)	((v) = 0)
+#define	SET0(v, n)	((v) &= ~((unsigned)1 << (n)))
+#define	SET1(v, n)	((v) |= (unsigned)1 << (n))
+#define	ISSET(v, n)	((v) & ((unsigned)1 << (n)))
+#define	ASSIGN(d, s)	((d) = (s))
+#define	EQ(a, b)	((a) == (b))
+#define	STATEVARS	int dummy	/* dummy version */
+#define	STATESETUP(m, n)	/* nothing */
+#define	STATETEARDOWN(m)	/* nothing */
+#define	SETUP(v)	((v) = 0)
+#define	onestate	unsigned
+#define	INIT(o, n)	((o) = (unsigned)1 << (n))
+#define	INC(o)	((o) <<= 1)
+#define	ISSTATEIN(v, o)	((v) & (o))
+/* some abbreviations; note that some of these know variable names! */
+/* do "if I'm here, I can also be there" etc without branches */
+#define	FWD(dst, src, n)	((dst) |= ((unsigned)(src)&(here)) << (n))
+#define	BACK(dst, src, n)	((dst) |= ((unsigned)(src)&(here)) >> (n))
+#define	ISSETBACK(v, n)	((v) & ((unsigned)here >> (n)))
+/* function names */
+#define SNAMES			/* engine.c looks after details */
+
+/*
+ * The matching engine and friends.  This file is #included by regexec.c
+ * after suitable #defines of a variety of macros used herein, so that
+ * different state representations can be used without duplicating masses
+ * of code.
+ */
+
+#ifdef SNAMES
+#define	matcher	smatcher
+#define	fast	sfast
+#define	slow	sslow
+#define	dissect	sdissect
+#define	backref	sbackref
+#define	step	sstep
+#define	print	sprint
+#define	at	sat
+#define	match	smat
+#endif
+#ifdef LNAMES
+#define	matcher	lmatcher
+#define	fast	lfast
+#define	slow	lslow
+#define	dissect	ldissect
+#define	backref	lbackref
+#define	step	lstep
+#define	print	lprint
+#define	at	lat
+#define	match	lmat
+#endif
+
+/* another structure passed up and down to avoid zillions of parameters */
+struct match {
+	struct re_guts *g;
+	int eflags;
+	regmatch_t *pmatch;	/* [nsub+1] (0 element unused) */
+	char *offp;		/* offsets work from here */
+	char *beginp;		/* start of string -- virtual NUL precedes */
+	char *endp;		/* end of string -- virtual NUL here */
+	char *coldp;		/* can be no match starting before here */
+	char **lastpos;		/* [nplus+1] */
+	STATEVARS;
+	states st;		/* current states */
+	states fresh;		/* states for a fresh start */
+	states tmp;		/* temporary */
+	states empty;		/* empty set of states */
+};
+
+static int matcher(register struct re_guts *g, char *string, size_t nmatch, regmatch_t pmatch[], int eflags);
+static char *dissect(register struct match *m, char *start, char *stop, sopno startst, sopno stopst);
+static char *backref(register struct match *m, char *start, char *stop, sopno startst, sopno stopst, sopno lev);
+static char *fast(register struct match *m, char *start, char *stop, sopno startst, sopno stopst);
+static char *slow(register struct match *m, char *start, char *stop, sopno startst, sopno stopst);
+static states step(register struct re_guts *g, sopno start, sopno stop, register states bef, int ch, register states aft);
+#define	BOL	(OUT+1)
+#define	EOL	(BOL+1)
+#define	BOLEOL	(BOL+2)
+#define	NOTHING	(BOL+3)
+#define	BOW	(BOL+4)
+#define	EOW	(BOL+5)
+#define	CODEMAX	(BOL+5)		/* highest code used */
+#define	NONCHAR(c)	((c) > CHAR_MAX)
+#define	NNONCHAR	(CODEMAX-CHAR_MAX)
+#define	SP(t, s, c)	/* nothing */
+#define	AT(t, p1, p2, s1, s2)	/* nothing */
+#define	NOTE(s)	/* nothing */
+
+/*
+ - matcher - the actual matching engine
+ == static int matcher(register struct re_guts *g, char *string, \
+ ==	size_t nmatch, regmatch_t pmatch[], int eflags);
+ */
+static int			/* 0 success, REG_NOMATCH failure */
+matcher(g, string, nmatch, pmatch, eflags)
+register struct re_guts *g;
+char *string;
+size_t nmatch;
+regmatch_t pmatch[];
+int eflags;
+{
+	register char *endp;
+	register int i;
+	struct match mv;
+	register struct match *m = &mv;
+	register char *dp;
+	const register sopno gf = g->firststate+1;	/* +1 for OEND */
+	const register sopno gl = g->laststate;
+	char *start;
+	char *stop;
+
+	/* simplify the situation where possible */
+	if (g->cflags&REG_NOSUB)
+		nmatch = 0;
+	if (eflags&REG_STARTEND) {
+		start = string + pmatch[0].rm_so;
+		stop = string + pmatch[0].rm_eo;
+	} else {
+		start = string;
+		stop = start + strlen(start);
+	}
+	if (stop < start)
+		return(REG_INVARG);
+
+	/* prescreening; this does wonders for this rather slow code */
+	if (g->must != NULL) {
+		for (dp = start; dp < stop; dp++)
+			if (*dp == g->must[0] && stop - dp >= g->mlen &&
+				memcmp(dp, g->must, (size_t)g->mlen) == 0)
+				break;
+		if (dp == stop)		/* we didn't find g->must */
+			return(REG_NOMATCH);
+	}
+
+	/* match struct setup */
+	m->g = g;
+	m->eflags = eflags;
+	m->pmatch = NULL;
+	m->lastpos = NULL;
+	m->offp = string;
+	m->beginp = start;
+	m->endp = stop;
+	STATESETUP(m, 4);
+	SETUP(m->st);
+	SETUP(m->fresh);
+	SETUP(m->tmp);
+	SETUP(m->empty);
+	CLEAR(m->empty);
+
+	/* this loop does only one repetition except for backrefs */
+	for (;;) {
+		endp = fast(m, start, stop, gf, gl);
+		if (endp == NULL) {		/* a miss */
+			STATETEARDOWN(m);
+			return(REG_NOMATCH);
+		}
+		if (nmatch == 0 && !g->backrefs)
+			break;		/* no further info needed */
+
+		/* where? */
+		assert(m->coldp != NULL);
+		for (;;) {
+			NOTE("finding start");
+			endp = slow(m, m->coldp, stop, gf, gl);
+			if (endp != NULL)
+				break;
+			assert(m->coldp < m->endp);
+			m->coldp++;
+		}
+		if (nmatch == 1 && !g->backrefs)
+			break;		/* no further info needed */
+
+		/* oh my, he wants the subexpressions... */
+		if (m->pmatch == NULL)
+			m->pmatch = (regmatch_t *)malloc((m->g->nsub + 1) *
+							sizeof(regmatch_t));
+		if (m->pmatch == NULL) {
+			STATETEARDOWN(m);
+			return(REG_ESPACE);
+		}
+		for (i = 1; i <= m->g->nsub; i++)
+			m->pmatch[i].rm_so = m->pmatch[i].rm_eo = -1;
+		if (!g->backrefs && !(m->eflags&REG_BACKR)) {
+			NOTE("dissecting");
+			dp = dissect(m, m->coldp, endp, gf, gl);
+		} else {
+			if (g->nplus > 0 && m->lastpos == NULL)
+				m->lastpos = (char **)malloc((g->nplus+1) *
+							sizeof(char *));
+			if (g->nplus > 0 && m->lastpos == NULL) {
+				free(m->pmatch);
+				STATETEARDOWN(m);
+				return(REG_ESPACE);
+			}
+			NOTE("backref dissect");
+			dp = backref(m, m->coldp, endp, gf, gl, (sopno)0);
+		}
+		if (dp != NULL)
+			break;
+
+		/* uh-oh... we couldn't find a subexpression-level match */
+		assert(g->backrefs);	/* must be back references doing it */
+		assert(g->nplus == 0 || m->lastpos != NULL);
+		for (;;) {
+			if (dp != NULL || endp <= m->coldp)
+				break;		/* defeat */
+			NOTE("backoff");
+			endp = slow(m, m->coldp, endp-1, gf, gl);
+			if (endp == NULL)
+				break;		/* defeat */
+			/* try it on a shorter possibility */
+			NOTE("backoff dissect");
+			dp = backref(m, m->coldp, endp, gf, gl, (sopno)0);
+		}
+		assert(dp == NULL || dp == endp);
+		if (dp != NULL)		/* found a shorter one */
+			break;
+
+		/* despite initial appearances, there is no match here */
+		NOTE("false alarm");
+		start = m->coldp + 1;	/* recycle starting later */
+		assert(start <= stop);
+	}
+
+	/* fill in the details if requested */
+	if (nmatch > 0) {
+		pmatch[0].rm_so = m->coldp - m->offp;
+		pmatch[0].rm_eo = endp - m->offp;
+	}
+	if (nmatch > 1) {
+		assert(m->pmatch != NULL);
+		for (i = 1; i < nmatch; i++)
+			if (i <= m->g->nsub)
+				pmatch[i] = m->pmatch[i];
+			else {
+				pmatch[i].rm_so = -1;
+				pmatch[i].rm_eo = -1;
+			}
+	}
+
+	if (m->pmatch != NULL)
+		free((char *)m->pmatch);
+	if (m->lastpos != NULL)
+		free((char *)m->lastpos);
+	STATETEARDOWN(m);
+	return(0);
+}
+
+/*
+ - dissect - figure out what matched what, no back references
+ == static char *dissect(register struct match *m, char *start, \
+ ==	char *stop, sopno startst, sopno stopst);
+ */
+static char *			/* == stop (success) always */
+dissect(m, start, stop, startst, stopst)
+register struct match *m;
+char *start;
+char *stop;
+sopno startst;
+sopno stopst;
+{
+	register int i;
+	register sopno ss;	/* start sop of current subRE */
+	register sopno es;	/* end sop of current subRE */
+	register char *sp;	/* start of string matched by it */
+	register char *stp;	/* string matched by it cannot pass here */
+	register char *rest;	/* start of rest of string */
+	register char *tail;	/* string unmatched by rest of RE */
+	register sopno ssub;	/* start sop of subsubRE */
+	register sopno esub;	/* end sop of subsubRE */
+	register char *ssp;	/* start of string matched by subsubRE */
+	register char *sep;	/* end of string matched by subsubRE */
+	register char *oldssp;	/* previous ssp */
+	register char *dp;
+
+	AT("diss", start, stop, startst, stopst);
+	sp = start;
+	for (ss = startst; ss < stopst; ss = es) {
+		/* identify end of subRE */
+		es = ss;
+		switch (OP(m->g->strip[es])) {
+		case OPLUS_:
+		case OQUEST_:
+			es += OPND(m->g->strip[es]);
+			break;
+		case OCH_:
+			while (OP(m->g->strip[es]) != O_CH)
+				es += OPND(m->g->strip[es]);
+			break;
+		}
+		es++;
+
+		/* figure out what it matched */
+		switch (OP(m->g->strip[ss])) {
+		case OEND:
+			assert(nope);
+			break;
+		case OCHAR:
+			sp++;
+			break;
+		case OBOL:
+		case OEOL:
+		case OBOW:
+		case OEOW:
+			break;
+		case OANY:
+		case OANYOF:
+			sp++;
+			break;
+		case OBACK_:
+		case O_BACK:
+			assert(nope);
+			break;
+		/* cases where length of match is hard to find */
+		case OQUEST_:
+			stp = stop;
+			for (;;) {
+				/* how long could this one be? */
+				rest = slow(m, sp, stp, ss, es);
+				assert(rest != NULL);	/* it did match */
+				/* could the rest match the rest? */
+				tail = slow(m, rest, stop, es, stopst);
+				if (tail == stop)
+					break;		/* yes! */
+				/* no -- try a shorter match for this one */
+				stp = rest - 1;
+				assert(stp >= sp);	/* it did work */
+			}
+			ssub = ss + 1;
+			esub = es - 1;
+			/* did innards match? */
+			if (slow(m, sp, rest, ssub, esub) != NULL) {
+				dp = dissect(m, sp, rest, ssub, esub);
+				assert(dp == rest);
+			} else		/* no */
+				assert(sp == rest);
+			sp = rest;
+			break;
+		case OPLUS_:
+			stp = stop;
+			for (;;) {
+				/* how long could this one be? */
+				rest = slow(m, sp, stp, ss, es);
+				assert(rest != NULL);	/* it did match */
+				/* could the rest match the rest? */
+				tail = slow(m, rest, stop, es, stopst);
+				if (tail == stop)
+					break;		/* yes! */
+				/* no -- try a shorter match for this one */
+				stp = rest - 1;
+				assert(stp >= sp);	/* it did work */
+			}
+			ssub = ss + 1;
+			esub = es - 1;
+			ssp = sp;
+			oldssp = ssp;
+			for (;;) {	/* find last match of innards */
+				sep = slow(m, ssp, rest, ssub, esub);
+				if (sep == NULL || sep == ssp)
+					break;	/* failed or matched null */
+				oldssp = ssp;	/* on to next try */
+				ssp = sep;
+			}
+			if (sep == NULL) {
+				/* last successful match */
+				sep = ssp;
+				ssp = oldssp;
+			}
+			assert(sep == rest);	/* must exhaust substring */
+			assert(slow(m, ssp, sep, ssub, esub) == rest);
+			dp = dissect(m, ssp, sep, ssub, esub);
+			assert(dp == sep);
+			sp = rest;
+			break;
+		case OCH_:
+			stp = stop;
+			for (;;) {
+				/* how long could this one be? */
+				rest = slow(m, sp, stp, ss, es);
+				assert(rest != NULL);	/* it did match */
+				/* could the rest match the rest? */
+				tail = slow(m, rest, stop, es, stopst);
+				if (tail == stop)
+					break;		/* yes! */
+				/* no -- try a shorter match for this one */
+				stp = rest - 1;
+				assert(stp >= sp);	/* it did work */
+			}
+			ssub = ss + 1;
+			esub = ss + OPND(m->g->strip[ss]) - 1;
+			assert(OP(m->g->strip[esub]) == OOR1);
+			for (;;) {	/* find first matching branch */
+				if (slow(m, sp, rest, ssub, esub) == rest)
+					break;	/* it matched all of it */
+				/* that one missed, try next one */
+				assert(OP(m->g->strip[esub]) == OOR1);
+				esub++;
+				assert(OP(m->g->strip[esub]) == OOR2);
+				ssub = esub + 1;
+				esub += OPND(m->g->strip[esub]);
+				if (OP(m->g->strip[esub]) == OOR2)
+					esub--;
+				else
+					assert(OP(m->g->strip[esub]) == O_CH);
+			}
+			dp = dissect(m, sp, rest, ssub, esub);
+			assert(dp == rest);
+			sp = rest;
+			break;
+		case O_PLUS:
+		case O_QUEST:
+		case OOR1:
+		case OOR2:
+		case O_CH:
+			assert(nope);
+			break;
+		case OLPAREN:
+			i = OPND(m->g->strip[ss]);
+			assert(0 < i && i <= m->g->nsub);
+			m->pmatch[i].rm_so = sp - m->offp;
+			break;
+		case ORPAREN:
+			i = OPND(m->g->strip[ss]);
+			assert(0 < i && i <= m->g->nsub);
+			m->pmatch[i].rm_eo = sp - m->offp;
+			break;
+		default:		/* uh oh */
+			assert(nope);
+			break;
+		}
+	}
+
+	assert(sp == stop);
+	return(sp);
+}
+
+/*
+ - backref - figure out what matched what, figuring in back references
+ == static char *backref(register struct match *m, char *start, \
+ ==	char *stop, sopno startst, sopno stopst, sopno lev);
+ */
+static char *			/* == stop (success) or NULL (failure) */
+backref(m, start, stop, startst, stopst, lev)
+register struct match *m;
+char *start;
+char *stop;
+sopno startst;
+sopno stopst;
+sopno lev;			/* PLUS nesting level */
+{
+	register int i;
+	register sopno ss;	/* start sop of current subRE */
+	register char *sp;	/* start of string matched by it */
+	register sopno ssub;	/* start sop of subsubRE */
+	register sopno esub;	/* end sop of subsubRE */
+	register char *ssp;	/* start of string matched by subsubRE */
+	register char *dp;
+	register size_t len;
+	register int hard;
+	register sop s;
+	register regoff_t offsave;
+	register cset *cs;
+
+	AT("back", start, stop, startst, stopst);
+	sp = start;
+
+	/* get as far as we can with easy stuff */
+	hard = 0;
+	for (ss = startst; !hard && ss < stopst; ss++)
+		switch (OP(s = m->g->strip[ss])) {
+		case OCHAR:
+			if (sp == stop || *sp++ != (char)OPND(s))
+				return(NULL);
+			break;
+		case OANY:
+			if (sp == stop)
+				return(NULL);
+			sp++;
+			break;
+		case OANYOF:
+			cs = &m->g->sets[OPND(s)];
+			if (sp == stop || !CHIN(cs, *sp++))
+				return(NULL);
+			break;
+		case OBOL:
+			if ( (sp == m->beginp && !(m->eflags&REG_NOTBOL)) ||
+					(sp < m->endp && *(sp-1) == '\n' &&
+						(m->g->cflags&REG_NEWLINE)) )
+				{ /* yes */ }
+			else
+				return(NULL);
+			break;
+		case OEOL:
+			if ( (sp == m->endp && !(m->eflags&REG_NOTEOL)) ||
+					(sp < m->endp && *sp == '\n' &&
+						(m->g->cflags&REG_NEWLINE)) )
+				{ /* yes */ }
+			else
+				return(NULL);
+			break;
+		case OBOW:
+			if (( (sp == m->beginp && !(m->eflags&REG_NOTBOL)) ||
+					(sp < m->endp && *(sp-1) == '\n' &&
+						(m->g->cflags&REG_NEWLINE)) ||
+					(sp > m->beginp &&
+							!ISWORD(*(sp-1))) ) &&
+					(sp < m->endp && ISWORD(*sp)) )
+				{ /* yes */ }
+			else
+				return(NULL);
+			break;
+		case OEOW:
+			if (( (sp == m->endp && !(m->eflags&REG_NOTEOL)) ||
+					(sp < m->endp && *sp == '\n' &&
+						(m->g->cflags&REG_NEWLINE)) ||
+					(sp < m->endp && !ISWORD(*sp)) ) &&
+					(sp > m->beginp && ISWORD(*(sp-1))) )
+				{ /* yes */ }
+			else
+				return(NULL);
+			break;
+		case O_QUEST:
+			break;
+		case OOR1:	/* matches null but needs to skip */
+			ss++;
+			s = m->g->strip[ss];
+			do {
+				assert(OP(s) == OOR2);
+				ss += OPND(s);
+			} while (OP(s = m->g->strip[ss]) != O_CH);
+			/* note that the ss++ gets us past the O_CH */
+			break;
+		default:	/* have to make a choice */
+			hard = 1;
+			break;
+		}
+	if (!hard) {		/* that was it! */
+		if (sp != stop)
+			return(NULL);
+		return(sp);
+	}
+	ss--;			/* adjust for the for's final increment */
+
+	/* the hard stuff */
+	AT("hard", sp, stop, ss, stopst);
+	s = m->g->strip[ss];
+	switch (OP(s)) {
+	case OBACK_:		/* the vilest depths */
+		i = OPND(s);
+		assert(0 < i && i <= m->g->nsub);
+		if (m->pmatch[i].rm_eo == -1)
+			return(NULL);
+		assert(m->pmatch[i].rm_so != -1);
+		len = m->pmatch[i].rm_eo - m->pmatch[i].rm_so;
+		assert(stop - m->beginp >= len);
+		if (sp > stop - len)
+			return(NULL);	/* not enough left to match */
+		ssp = m->offp + m->pmatch[i].rm_so;
+		if (memcmp(sp, ssp, len) != 0)
+			return(NULL);
+		while (m->g->strip[ss] != SOP(O_BACK, i))
+			ss++;
+		return(backref(m, sp+len, stop, ss+1, stopst, lev));
+		break;
+	case OQUEST_:		/* to null or not */
+		dp = backref(m, sp, stop, ss+1, stopst, lev);
+		if (dp != NULL)
+			return(dp);	/* not */
+		return(backref(m, sp, stop, ss+OPND(s)+1, stopst, lev));
+		break;
+	case OPLUS_:
+		assert(m->lastpos != NULL);
+		assert(lev+1 <= m->g->nplus);
+		m->lastpos[lev+1] = sp;
+		return(backref(m, sp, stop, ss+1, stopst, lev+1));
+		break;
+	case O_PLUS:
+		if (sp == m->lastpos[lev])	/* last pass matched null */
+			return(backref(m, sp, stop, ss+1, stopst, lev-1));
+		/* try another pass */
+		m->lastpos[lev] = sp;
+		dp = backref(m, sp, stop, ss-OPND(s)+1, stopst, lev);
+		if (dp == NULL)
+			return(backref(m, sp, stop, ss+1, stopst, lev-1));
+		else
+			return(dp);
+		break;
+	case OCH_:		/* find the right one, if any */
+		ssub = ss + 1;
+		esub = ss + OPND(s) - 1;
+		assert(OP(m->g->strip[esub]) == OOR1);
+		for (;;) {	/* find first matching branch */
+			dp = backref(m, sp, stop, ssub, esub, lev);
+			if (dp != NULL)
+				return(dp);
+			/* that one missed, try next one */
+			if (OP(m->g->strip[esub]) == O_CH)
+				return(NULL);	/* there is none */
+			esub++;
+			assert(OP(m->g->strip[esub]) == OOR2);
+			ssub = esub + 1;
+			esub += OPND(m->g->strip[esub]);
+			if (OP(m->g->strip[esub]) == OOR2)
+				esub--;
+			else
+				assert(OP(m->g->strip[esub]) == O_CH);
+		}
+		break;
+	case OLPAREN:		/* must undo assignment if rest fails */
+		i = OPND(s);
+		assert(0 < i && i <= m->g->nsub);
+		offsave = m->pmatch[i].rm_so;
+		m->pmatch[i].rm_so = sp - m->offp;
+		dp = backref(m, sp, stop, ss+1, stopst, lev);
+		if (dp != NULL)
+			return(dp);
+		m->pmatch[i].rm_so = offsave;
+		return(NULL);
+		break;
+	case ORPAREN:		/* must undo assignment if rest fails */
+		i = OPND(s);
+		assert(0 < i && i <= m->g->nsub);
+		offsave = m->pmatch[i].rm_eo;
+		m->pmatch[i].rm_eo = sp - m->offp;
+		dp = backref(m, sp, stop, ss+1, stopst, lev);
+		if (dp != NULL)
+			return(dp);
+		m->pmatch[i].rm_eo = offsave;
+		return(NULL);
+		break;
+	default:		/* uh oh */
+		assert(nope);
+		break;
+	}
+
+	/* "can't happen" */
+	assert(nope);
+	/* NOTREACHED */
+	return((char *)NULL);	/* dummy */
+}
+
+/*
+ - fast - step through the string at top speed
+ == static char *fast(register struct match *m, char *start, \
+ ==	char *stop, sopno startst, sopno stopst);
+ */
+static char *			/* where tentative match ended, or NULL */
+fast(m, start, stop, startst, stopst)
+register struct match *m;
+char *start;
+char *stop;
+sopno startst;
+sopno stopst;
+{
+	register states st = m->st;
+	register states fresh = m->fresh;
+	register states tmp = m->tmp;
+	register char *p = start;
+	register int c = (start == m->beginp) ? OUT : *(start-1);
+	register int lastc;	/* previous c */
+	register int flagch;
+	register int i;
+	register char *coldp;	/* last p after which no match was underway */
+
+	CLEAR(st);
+	SET1(st, startst);
+	st = step(m->g, startst, stopst, st, NOTHING, st);
+	ASSIGN(fresh, st);
+	SP("start", st, *p);
+	coldp = NULL;
+	for (;;) {
+		/* next character */
+		lastc = c;
+		c = (p == m->endp) ? OUT : *p;
+		if (EQ(st, fresh))
+			coldp = p;
+
+		/* is there an EOL and/or BOL between lastc and c? */
+		flagch = '\0';
+		i = 0;
+		if ( (lastc == '\n' && m->g->cflags&REG_NEWLINE) ||
+				(lastc == OUT && !(m->eflags&REG_NOTBOL)) ) {
+			flagch = BOL;
+			i = m->g->nbol;
+		}
+		if ( (c == '\n' && m->g->cflags&REG_NEWLINE) ||
+				(c == OUT && !(m->eflags&REG_NOTEOL)) ) {
+			flagch = (flagch == BOL) ? BOLEOL : EOL;
+			i += m->g->neol;
+		}
+		if (i != 0) {
+			for (; i > 0; i--)
+				st = step(m->g, startst, stopst, st, flagch, st);
+			SP("boleol", st, c);
+		}
+
+		/* how about a word boundary? */
+		if ( (flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
+					(c != OUT && ISWORD(c)) ) {
+			flagch = BOW;
+		}
+		if ( (lastc != OUT && ISWORD(lastc)) &&
+				(flagch == EOL || (c != OUT && !ISWORD(c))) ) {
+			flagch = EOW;
+		}
+		if (flagch == BOW || flagch == EOW) {
+			st = step(m->g, startst, stopst, st, flagch, st);
+			SP("boweow", st, c);
+		}
+
+		/* are we done? */
+		if (ISSET(st, stopst) || p == stop)
+			break;		/* NOTE BREAK OUT */
+
+		/* no, we must deal with this character */
+		ASSIGN(tmp, st);
+		ASSIGN(st, fresh);
+		assert(c != OUT);
+		st = step(m->g, startst, stopst, tmp, c, st);
+		SP("aft", st, c);
+		assert(EQ(step(m->g, startst, stopst, st, NOTHING, st), st));
+		p++;
+	}
+
+	assert(coldp != NULL);
+	m->coldp = coldp;
+	if (ISSET(st, stopst))
+		return(p+1);
+	else
+		return(NULL);
+}
+
+/*
+ - slow - step through the string more deliberately
+ == static char *slow(register struct match *m, char *start, \
+ ==	char *stop, sopno startst, sopno stopst);
+ */
+static char *			/* where it ended */
+slow(m, start, stop, startst, stopst)
+register struct match *m;
+char *start;
+char *stop;
+sopno startst;
+sopno stopst;
+{
+	register states st = m->st;
+	register states empty = m->empty;
+	register states tmp = m->tmp;
+	register char *p = start;
+	register int c = (start == m->beginp) ? OUT : *(start-1);
+	register int lastc;	/* previous c */
+	register int flagch;
+	register int i;
+	register char *matchp;	/* last p at which a match ended */
+
+	AT("slow", start, stop, startst, stopst);
+	CLEAR(st);
+	SET1(st, startst);
+	SP("sstart", st, *p);
+	st = step(m->g, startst, stopst, st, NOTHING, st);
+	matchp = NULL;
+	for (;;) {
+		/* next character */
+		lastc = c;
+		c = (p == m->endp) ? OUT : *p;
+
+		/* is there an EOL and/or BOL between lastc and c? */
+		flagch = '\0';
+		i = 0;
+		if ( (lastc == '\n' && m->g->cflags&REG_NEWLINE) ||
+				(lastc == OUT && !(m->eflags&REG_NOTBOL)) ) {
+			flagch = BOL;
+			i = m->g->nbol;
+		}
+		if ( (c == '\n' && m->g->cflags&REG_NEWLINE) ||
+				(c == OUT && !(m->eflags&REG_NOTEOL)) ) {
+			flagch = (flagch == BOL) ? BOLEOL : EOL;
+			i += m->g->neol;
+		}
+		if (i != 0) {
+			for (; i > 0; i--)
+				st = step(m->g, startst, stopst, st, flagch, st);
+			SP("sboleol", st, c);
+		}
+
+		/* how about a word boundary? */
+		if ( (flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
+					(c != OUT && ISWORD(c)) ) {
+			flagch = BOW;
+		}
+		if ( (lastc != OUT && ISWORD(lastc)) &&
+				(flagch == EOL || (c != OUT && !ISWORD(c))) ) {
+			flagch = EOW;
+		}
+		if (flagch == BOW || flagch == EOW) {
+			st = step(m->g, startst, stopst, st, flagch, st);
+			SP("sboweow", st, c);
+		}
+
+		/* are we done? */
+		if (ISSET(st, stopst))
+			matchp = p;
+		if (EQ(st, empty) || p == stop)
+			break;		/* NOTE BREAK OUT */
+
+		/* no, we must deal with this character */
+		ASSIGN(tmp, st);
+		ASSIGN(st, empty);
+		assert(c != OUT);
+		st = step(m->g, startst, stopst, tmp, c, st);
+		SP("saft", st, c);
+		assert(EQ(step(m->g, startst, stopst, st, NOTHING, st), st));
+		p++;
+	}
+
+	return(matchp);
+}
+
+
+/*
+ - step - map set of states reachable before char to set reachable after
+ == static states step(register struct re_guts *g, sopno start, sopno stop, \
+ ==	register states bef, int ch, register states aft);
+ == #define	BOL	(OUT+1)
+ == #define	EOL	(BOL+1)
+ == #define	BOLEOL	(BOL+2)
+ == #define	NOTHING	(BOL+3)
+ == #define	BOW	(BOL+4)
+ == #define	EOW	(BOL+5)
+ == #define	CODEMAX	(BOL+5)		// highest code used
+ == #define	NONCHAR(c)	((c) > CHAR_MAX)
+ == #define	NNONCHAR	(CODEMAX-CHAR_MAX)
+ */
+static states
+step(g, start, stop, bef, ch, aft)
+register struct re_guts *g;
+sopno start;			/* start state within strip */
+sopno stop;			/* state after stop state within strip */
+register states bef;		/* states reachable before */
+int ch;				/* character or NONCHAR code */
+register states aft;		/* states already known reachable after */
+{
+	register cset *cs;
+	register sop s;
+	register sopno pc;
+	register onestate here;		/* note, macros know this name */
+	register sopno look;
+	register long i;
+
+	for (pc = start, INIT(here, pc); pc != stop; pc++, INC(here)) {
+		s = g->strip[pc];
+		switch (OP(s)) {
+		case OEND:
+			assert(pc == stop-1);
+			break;
+		case OCHAR:
+			/* only characters can match */
+			assert(!NONCHAR(ch) || ch != (char)OPND(s));
+			if (ch == (char)OPND(s))
+				FWD(aft, bef, 1);
+			break;
+		case OBOL:
+			if (ch == BOL || ch == BOLEOL)
+				FWD(aft, bef, 1);
+			break;
+		case OEOL:
+			if (ch == EOL || ch == BOLEOL)
+				FWD(aft, bef, 1);
+			break;
+		case OBOW:
+			if (ch == BOW)
+				FWD(aft, bef, 1);
+			break;
+		case OEOW:
+			if (ch == EOW)
+				FWD(aft, bef, 1);
+			break;
+		case OANY:
+			if (!NONCHAR(ch))
+				FWD(aft, bef, 1);
+			break;
+		case OANYOF:
+			cs = &g->sets[OPND(s)];
+			if (!NONCHAR(ch) && CHIN(cs, ch))
+				FWD(aft, bef, 1);
+			break;
+		case OBACK_:		/* ignored here */
+		case O_BACK:
+			FWD(aft, aft, 1);
+			break;
+		case OPLUS_:		/* forward, this is just an empty */
+			FWD(aft, aft, 1);
+			break;
+		case O_PLUS:		/* both forward and back */
+			FWD(aft, aft, 1);
+			i = ISSETBACK(aft, OPND(s));
+			BACK(aft, aft, OPND(s));
+			if (!i && ISSETBACK(aft, OPND(s))) {
+				/* oho, must reconsider loop body */
+				pc -= OPND(s) + 1;
+				INIT(here, pc);
+			}
+			break;
+		case OQUEST_:		/* two branches, both forward */
+			FWD(aft, aft, 1);
+			FWD(aft, aft, OPND(s));
+			break;
+		case O_QUEST:		/* just an empty */
+			FWD(aft, aft, 1);
+			break;
+		case OLPAREN:		/* not significant here */
+		case ORPAREN:
+			FWD(aft, aft, 1);
+			break;
+		case OCH_:		/* mark the first two branches */
+			FWD(aft, aft, 1);
+			assert(OP(g->strip[pc+OPND(s)]) == OOR2);
+			FWD(aft, aft, OPND(s));
+			break;
+		case OOR1:		/* done a branch, find the O_CH */
+			if (ISSTATEIN(aft, here)) {
+				for (look = 1;
+						OP(s = g->strip[pc+look]) != O_CH;
+						look += OPND(s))
+					assert(OP(s) == OOR2);
+				FWD(aft, aft, look);
+			}
+			break;
+		case OOR2:		/* propagate OCH_'s marking */
+			FWD(aft, aft, 1);
+			if (OP(g->strip[pc+OPND(s)]) != O_CH) {
+				assert(OP(g->strip[pc+OPND(s)]) == OOR2);
+				FWD(aft, aft, OPND(s));
+			}
+			break;
+		case O_CH:		/* just empty */
+			FWD(aft, aft, 1);
+			break;
+		default:		/* ooooops... */
+			assert(nope);
+			break;
+		}
+	}
+
+	return(aft);
+}
+
+#undef	matcher
+#undef	fast
+#undef	slow
+#undef	dissect
+#undef	backref
+#undef	step
+#undef	print
+#undef	at
+#undef	match
+
+/* now undo things */
+#undef	states
+#undef	CLEAR
+#undef	SET0
+#undef	SET1
+#undef	ISSET
+#undef	ASSIGN
+#undef	EQ
+#undef	STATEVARS
+#undef	STATESETUP
+#undef	STATETEARDOWN
+#undef	SETUP
+#undef	onestate
+#undef	INIT
+#undef	INC
+#undef	ISSTATEIN
+#undef	FWD
+#undef	BACK
+#undef	ISSETBACK
+#undef	SNAMES
+
+/* macros for manipulating states, large version */
+#define	states	char *
+#define	CLEAR(v)	memset(v, 0, m->g->nstates)
+#define	SET0(v, n)	((v)[n] = 0)
+#define	SET1(v, n)	((v)[n] = 1)
+#define	ISSET(v, n)	((v)[n])
+#define	ASSIGN(d, s)	memcpy(d, s, m->g->nstates)
+#define	EQ(a, b)	(memcmp(a, b, m->g->nstates) == 0)
+#define	STATEVARS	int vn; char *space
+#define	STATESETUP(m, nv)	{ (m)->space = malloc((nv)*(m)->g->nstates); \
+				if ((m)->space == NULL) return(REG_ESPACE); \
+				(m)->vn = 0; }
+#define	STATETEARDOWN(m)	{ free((m)->space); }
+#define	SETUP(v)	((v) = &m->space[m->vn++ * m->g->nstates])
+#define	onestate	int
+#define	INIT(o, n)	((o) = (n))
+#define	INC(o)	((o)++)
+#define	ISSTATEIN(v, o)	((v)[o])
+/* some abbreviations; note that some of these know variable names! */
+/* do "if I'm here, I can also be there" etc without branches */
+#define	FWD(dst, src, n)	((dst)[here+(n)] |= (src)[here])
+#define	BACK(dst, src, n)	((dst)[here-(n)] |= (src)[here])
+#define	ISSETBACK(v, n)	((v)[here - (n)])
+/* function names */
+#define	LNAMES			/* flag */
+
+/*
+ * The matching engine and friends.  This file is #included by regexec.c
+ * after suitable #defines of a variety of macros used herein, so that
+ * different state representations can be used without duplicating masses
+ * of code.
+ */
+
+#ifdef SNAMES
+#define	matcher	smatcher
+#define	fast	sfast
+#define	slow	sslow
+#define	dissect	sdissect
+#define	backref	sbackref
+#define	step	sstep
+#define	print	sprint
+#define	at	sat
+#define	match	smat
+#endif
+#ifdef LNAMES
+#define	matcher	lmatcher
+#define	fast	lfast
+#define	slow	lslow
+#define	dissect	ldissect
+#define	backref	lbackref
+#define	step	lstep
+#define	print	lprint
+#define	at	lat
+#define	match	lmat
+#endif
+
+/* another structure passed up and down to avoid zillions of parameters */
+struct match {
+	struct re_guts *g;
+	int eflags;
+	regmatch_t *pmatch;	/* [nsub+1] (0 element unused) */
+	char *offp;		/* offsets work from here */
+	char *beginp;		/* start of string -- virtual NUL precedes */
+	char *endp;		/* end of string -- virtual NUL here */
+	char *coldp;		/* can be no match starting before here */
+	char **lastpos;		/* [nplus+1] */
+	STATEVARS;
+	states st;		/* current states */
+	states fresh;		/* states for a fresh start */
+	states tmp;		/* temporary */
+	states empty;		/* empty set of states */
+};
+
+static int matcher(register struct re_guts *g, char *string, size_t nmatch, regmatch_t pmatch[], int eflags);
+static char *dissect(register struct match *m, char *start, char *stop, sopno startst, sopno stopst);
+static char *backref(register struct match *m, char *start, char *stop, sopno startst, sopno stopst, sopno lev);
+static char *fast(register struct match *m, char *start, char *stop, sopno startst, sopno stopst);
+static char *slow(register struct match *m, char *start, char *stop, sopno startst, sopno stopst);
+static states step(register struct re_guts *g, sopno start, sopno stop, register states bef, int ch, register states aft);
+#define	BOL	(OUT+1)
+#define	EOL	(BOL+1)
+#define	BOLEOL	(BOL+2)
+#define	NOTHING	(BOL+3)
+#define	BOW	(BOL+4)
+#define	EOW	(BOL+5)
+#define	CODEMAX	(BOL+5)		/* highest code used */
+#define	NONCHAR(c)	((c) > CHAR_MAX)
+#define	NNONCHAR	(CODEMAX-CHAR_MAX)
+#define	SP(t, s, c)	/* nothing */
+#define	AT(t, p1, p2, s1, s2)	/* nothing */
+#define	NOTE(s)	/* nothing */
+
+/*
+ - matcher - the actual matching engine
+ == static int matcher(register struct re_guts *g, char *string, \
+ ==	size_t nmatch, regmatch_t pmatch[], int eflags);
+ */
+static int			/* 0 success, REG_NOMATCH failure */
+matcher(g, string, nmatch, pmatch, eflags)
+register struct re_guts *g;
+char *string;
+size_t nmatch;
+regmatch_t pmatch[];
+int eflags;
+{
+	register char *endp;
+	register int i;
+	struct match mv;
+	register struct match *m = &mv;
+	register char *dp;
+	const register sopno gf = g->firststate+1;	/* +1 for OEND */
+	const register sopno gl = g->laststate;
+	char *start;
+	char *stop;
+
+	/* simplify the situation where possible */
+	if (g->cflags&REG_NOSUB)
+		nmatch = 0;
+	if (eflags&REG_STARTEND) {
+		start = string + pmatch[0].rm_so;
+		stop = string + pmatch[0].rm_eo;
+	} else {
+		start = string;
+		stop = start + strlen(start);
+	}
+	if (stop < start)
+		return(REG_INVARG);
+
+	/* prescreening; this does wonders for this rather slow code */
+	if (g->must != NULL) {
+		for (dp = start; dp < stop; dp++)
+			if (*dp == g->must[0] && stop - dp >= g->mlen &&
+				memcmp(dp, g->must, (size_t)g->mlen) == 0)
+				break;
+		if (dp == stop)		/* we didn't find g->must */
+			return(REG_NOMATCH);
+	}
+
+	/* match struct setup */
+	m->g = g;
+	m->eflags = eflags;
+	m->pmatch = NULL;
+	m->lastpos = NULL;
+	m->offp = string;
+	m->beginp = start;
+	m->endp = stop;
+	STATESETUP(m, 4);
+	SETUP(m->st);
+	SETUP(m->fresh);
+	SETUP(m->tmp);
+	SETUP(m->empty);
+	CLEAR(m->empty);
+
+	/* this loop does only one repetition except for backrefs */
+	for (;;) {
+		endp = fast(m, start, stop, gf, gl);
+		if (endp == NULL) {		/* a miss */
+			STATETEARDOWN(m);
+			return(REG_NOMATCH);
+		}
+		if (nmatch == 0 && !g->backrefs)
+			break;		/* no further info needed */
+
+		/* where? */
+		assert(m->coldp != NULL);
+		for (;;) {
+			NOTE("finding start");
+			endp = slow(m, m->coldp, stop, gf, gl);
+			if (endp != NULL)
+				break;
+			assert(m->coldp < m->endp);
+			m->coldp++;
+		}
+		if (nmatch == 1 && !g->backrefs)
+			break;		/* no further info needed */
+
+		/* oh my, he wants the subexpressions... */
+		if (m->pmatch == NULL)
+			m->pmatch = (regmatch_t *)malloc((m->g->nsub + 1) *
+							sizeof(regmatch_t));
+		if (m->pmatch == NULL) {
+			STATETEARDOWN(m);
+			return(REG_ESPACE);
+		}
+		for (i = 1; i <= m->g->nsub; i++)
+			m->pmatch[i].rm_so = m->pmatch[i].rm_eo = -1;
+		if (!g->backrefs && !(m->eflags&REG_BACKR)) {
+			NOTE("dissecting");
+			dp = dissect(m, m->coldp, endp, gf, gl);
+		} else {
+			if (g->nplus > 0 && m->lastpos == NULL)
+				m->lastpos = (char **)malloc((g->nplus+1) *
+							sizeof(char *));
+			if (g->nplus > 0 && m->lastpos == NULL) {
+				free(m->pmatch);
+				STATETEARDOWN(m);
+				return(REG_ESPACE);
+			}
+			NOTE("backref dissect");
+			dp = backref(m, m->coldp, endp, gf, gl, (sopno)0);
+		}
+		if (dp != NULL)
+			break;
+
+		/* uh-oh... we couldn't find a subexpression-level match */
+		assert(g->backrefs);	/* must be back references doing it */
+		assert(g->nplus == 0 || m->lastpos != NULL);
+		for (;;) {
+			if (dp != NULL || endp <= m->coldp)
+				break;		/* defeat */
+			NOTE("backoff");
+			endp = slow(m, m->coldp, endp-1, gf, gl);
+			if (endp == NULL)
+				break;		/* defeat */
+			/* try it on a shorter possibility */
+			NOTE("backoff dissect");
+			dp = backref(m, m->coldp, endp, gf, gl, (sopno)0);
+		}
+		assert(dp == NULL || dp == endp);
+		if (dp != NULL)		/* found a shorter one */
+			break;
+
+		/* despite initial appearances, there is no match here */
+		NOTE("false alarm");
+		start = m->coldp + 1;	/* recycle starting later */
+		assert(start <= stop);
+	}
+
+	/* fill in the details if requested */
+	if (nmatch > 0) {
+		pmatch[0].rm_so = m->coldp - m->offp;
+		pmatch[0].rm_eo = endp - m->offp;
+	}
+	if (nmatch > 1) {
+		assert(m->pmatch != NULL);
+		for (i = 1; i < nmatch; i++)
+			if (i <= m->g->nsub)
+				pmatch[i] = m->pmatch[i];
+			else {
+				pmatch[i].rm_so = -1;
+				pmatch[i].rm_eo = -1;
+			}
+	}
+
+	if (m->pmatch != NULL)
+		free((char *)m->pmatch);
+	if (m->lastpos != NULL)
+		free((char *)m->lastpos);
+	STATETEARDOWN(m);
+	return(0);
+}
+
+/*
+ - dissect - figure out what matched what, no back references
+ == static char *dissect(register struct match *m, char *start, \
+ ==	char *stop, sopno startst, sopno stopst);
+ */
+static char *			/* == stop (success) always */
+dissect(m, start, stop, startst, stopst)
+register struct match *m;
+char *start;
+char *stop;
+sopno startst;
+sopno stopst;
+{
+	register int i;
+	register sopno ss;	/* start sop of current subRE */
+	register sopno es;	/* end sop of current subRE */
+	register char *sp;	/* start of string matched by it */
+	register char *stp;	/* string matched by it cannot pass here */
+	register char *rest;	/* start of rest of string */
+	register char *tail;	/* string unmatched by rest of RE */
+	register sopno ssub;	/* start sop of subsubRE */
+	register sopno esub;	/* end sop of subsubRE */
+	register char *ssp;	/* start of string matched by subsubRE */
+	register char *sep;	/* end of string matched by subsubRE */
+	register char *oldssp;	/* previous ssp */
+	register char *dp;
+
+	AT("diss", start, stop, startst, stopst);
+	sp = start;
+	for (ss = startst; ss < stopst; ss = es) {
+		/* identify end of subRE */
+		es = ss;
+		switch (OP(m->g->strip[es])) {
+		case OPLUS_:
+		case OQUEST_:
+			es += OPND(m->g->strip[es]);
+			break;
+		case OCH_:
+			while (OP(m->g->strip[es]) != O_CH)
+				es += OPND(m->g->strip[es]);
+			break;
+		}
+		es++;
+
+		/* figure out what it matched */
+		switch (OP(m->g->strip[ss])) {
+		case OEND:
+			assert(nope);
+			break;
+		case OCHAR:
+			sp++;
+			break;
+		case OBOL:
+		case OEOL:
+		case OBOW:
+		case OEOW:
+			break;
+		case OANY:
+		case OANYOF:
+			sp++;
+			break;
+		case OBACK_:
+		case O_BACK:
+			assert(nope);
+			break;
+		/* cases where length of match is hard to find */
+		case OQUEST_:
+			stp = stop;
+			for (;;) {
+				/* how long could this one be? */
+				rest = slow(m, sp, stp, ss, es);
+				assert(rest != NULL);	/* it did match */
+				/* could the rest match the rest? */
+				tail = slow(m, rest, stop, es, stopst);
+				if (tail == stop)
+					break;		/* yes! */
+				/* no -- try a shorter match for this one */
+				stp = rest - 1;
+				assert(stp >= sp);	/* it did work */
+			}
+			ssub = ss + 1;
+			esub = es - 1;
+			/* did innards match? */
+			if (slow(m, sp, rest, ssub, esub) != NULL) {
+				dp = dissect(m, sp, rest, ssub, esub);
+				assert(dp == rest);
+			} else		/* no */
+				assert(sp == rest);
+			sp = rest;
+			break;
+		case OPLUS_:
+			stp = stop;
+			for (;;) {
+				/* how long could this one be? */
+				rest = slow(m, sp, stp, ss, es);
+				assert(rest != NULL);	/* it did match */
+				/* could the rest match the rest? */
+				tail = slow(m, rest, stop, es, stopst);
+				if (tail == stop)
+					break;		/* yes! */
+				/* no -- try a shorter match for this one */
+				stp = rest - 1;
+				assert(stp >= sp);	/* it did work */
+			}
+			ssub = ss + 1;
+			esub = es - 1;
+			ssp = sp;
+			oldssp = ssp;
+			for (;;) {	/* find last match of innards */
+				sep = slow(m, ssp, rest, ssub, esub);
+				if (sep == NULL || sep == ssp)
+					break;	/* failed or matched null */
+				oldssp = ssp;	/* on to next try */
+				ssp = sep;
+			}
+			if (sep == NULL) {
+				/* last successful match */
+				sep = ssp;
+				ssp = oldssp;
+			}
+			assert(sep == rest);	/* must exhaust substring */
+			assert(slow(m, ssp, sep, ssub, esub) == rest);
+			dp = dissect(m, ssp, sep, ssub, esub);
+			assert(dp == sep);
+			sp = rest;
+			break;
+		case OCH_:
+			stp = stop;
+			for (;;) {
+				/* how long could this one be? */
+				rest = slow(m, sp, stp, ss, es);
+				assert(rest != NULL);	/* it did match */
+				/* could the rest match the rest? */
+				tail = slow(m, rest, stop, es, stopst);
+				if (tail == stop)
+					break;		/* yes! */
+				/* no -- try a shorter match for this one */
+				stp = rest - 1;
+				assert(stp >= sp);	/* it did work */
+			}
+			ssub = ss + 1;
+			esub = ss + OPND(m->g->strip[ss]) - 1;
+			assert(OP(m->g->strip[esub]) == OOR1);
+			for (;;) {	/* find first matching branch */
+				if (slow(m, sp, rest, ssub, esub) == rest)
+					break;	/* it matched all of it */
+				/* that one missed, try next one */
+				assert(OP(m->g->strip[esub]) == OOR1);
+				esub++;
+				assert(OP(m->g->strip[esub]) == OOR2);
+				ssub = esub + 1;
+				esub += OPND(m->g->strip[esub]);
+				if (OP(m->g->strip[esub]) == OOR2)
+					esub--;
+				else
+					assert(OP(m->g->strip[esub]) == O_CH);
+			}
+			dp = dissect(m, sp, rest, ssub, esub);
+			assert(dp == rest);
+			sp = rest;
+			break;
+		case O_PLUS:
+		case O_QUEST:
+		case OOR1:
+		case OOR2:
+		case O_CH:
+			assert(nope);
+			break;
+		case OLPAREN:
+			i = OPND(m->g->strip[ss]);
+			assert(0 < i && i <= m->g->nsub);
+			m->pmatch[i].rm_so = sp - m->offp;
+			break;
+		case ORPAREN:
+			i = OPND(m->g->strip[ss]);
+			assert(0 < i && i <= m->g->nsub);
+			m->pmatch[i].rm_eo = sp - m->offp;
+			break;
+		default:		/* uh oh */
+			assert(nope);
+			break;
+		}
+	}
+
+	assert(sp == stop);
+	return(sp);
+}
+
+/*
+ - backref - figure out what matched what, figuring in back references
+ == static char *backref(register struct match *m, char *start, \
+ ==	char *stop, sopno startst, sopno stopst, sopno lev);
+ */
+static char *			/* == stop (success) or NULL (failure) */
+backref(m, start, stop, startst, stopst, lev)
+register struct match *m;
+char *start;
+char *stop;
+sopno startst;
+sopno stopst;
+sopno lev;			/* PLUS nesting level */
+{
+	register int i;
+	register sopno ss;	/* start sop of current subRE */
+	register char *sp;	/* start of string matched by it */
+	register sopno ssub;	/* start sop of subsubRE */
+	register sopno esub;	/* end sop of subsubRE */
+	register char *ssp;	/* start of string matched by subsubRE */
+	register char *dp;
+	register size_t len;
+	register int hard;
+	register sop s;
+	register regoff_t offsave;
+	register cset *cs;
+
+	AT("back", start, stop, startst, stopst);
+	sp = start;
+
+	/* get as far as we can with easy stuff */
+	hard = 0;
+	for (ss = startst; !hard && ss < stopst; ss++)
+		switch (OP(s = m->g->strip[ss])) {
+		case OCHAR:
+			if (sp == stop || *sp++ != (char)OPND(s))
+				return(NULL);
+			break;
+		case OANY:
+			if (sp == stop)
+				return(NULL);
+			sp++;
+			break;
+		case OANYOF:
+			cs = &m->g->sets[OPND(s)];
+			if (sp == stop || !CHIN(cs, *sp++))
+				return(NULL);
+			break;
+		case OBOL:
+			if ( (sp == m->beginp && !(m->eflags&REG_NOTBOL)) ||
+					(sp < m->endp && *(sp-1) == '\n' &&
+						(m->g->cflags&REG_NEWLINE)) )
+				{ /* yes */ }
+			else
+				return(NULL);
+			break;
+		case OEOL:
+			if ( (sp == m->endp && !(m->eflags&REG_NOTEOL)) ||
+					(sp < m->endp && *sp == '\n' &&
+						(m->g->cflags&REG_NEWLINE)) )
+				{ /* yes */ }
+			else
+				return(NULL);
+			break;
+		case OBOW:
+			if (( (sp == m->beginp && !(m->eflags&REG_NOTBOL)) ||
+					(sp < m->endp && *(sp-1) == '\n' &&
+						(m->g->cflags&REG_NEWLINE)) ||
+					(sp > m->beginp &&
+							!ISWORD(*(sp-1))) ) &&
+					(sp < m->endp && ISWORD(*sp)) )
+				{ /* yes */ }
+			else
+				return(NULL);
+			break;
+		case OEOW:
+			if (( (sp == m->endp && !(m->eflags&REG_NOTEOL)) ||
+					(sp < m->endp && *sp == '\n' &&
+						(m->g->cflags&REG_NEWLINE)) ||
+					(sp < m->endp && !ISWORD(*sp)) ) &&
+					(sp > m->beginp && ISWORD(*(sp-1))) )
+				{ /* yes */ }
+			else
+				return(NULL);
+			break;
+		case O_QUEST:
+			break;
+		case OOR1:	/* matches null but needs to skip */
+			ss++;
+			s = m->g->strip[ss];
+			do {
+				assert(OP(s) == OOR2);
+				ss += OPND(s);
+			} while (OP(s = m->g->strip[ss]) != O_CH);
+			/* note that the ss++ gets us past the O_CH */
+			break;
+		default:	/* have to make a choice */
+			hard = 1;
+			break;
+		}
+	if (!hard) {		/* that was it! */
+		if (sp != stop)
+			return(NULL);
+		return(sp);
+	}
+	ss--;			/* adjust for the for's final increment */
+
+	/* the hard stuff */
+	AT("hard", sp, stop, ss, stopst);
+	s = m->g->strip[ss];
+	switch (OP(s)) {
+	case OBACK_:		/* the vilest depths */
+		i = OPND(s);
+		assert(0 < i && i <= m->g->nsub);
+		if (m->pmatch[i].rm_eo == -1)
+			return(NULL);
+		assert(m->pmatch[i].rm_so != -1);
+		len = m->pmatch[i].rm_eo - m->pmatch[i].rm_so;
+		assert(stop - m->beginp >= len);
+		if (sp > stop - len)
+			return(NULL);	/* not enough left to match */
+		ssp = m->offp + m->pmatch[i].rm_so;
+		if (memcmp(sp, ssp, len) != 0)
+			return(NULL);
+		while (m->g->strip[ss] != SOP(O_BACK, i))
+			ss++;
+		return(backref(m, sp+len, stop, ss+1, stopst, lev));
+		break;
+	case OQUEST_:		/* to null or not */
+		dp = backref(m, sp, stop, ss+1, stopst, lev);
+		if (dp != NULL)
+			return(dp);	/* not */
+		return(backref(m, sp, stop, ss+OPND(s)+1, stopst, lev));
+		break;
+	case OPLUS_:
+		assert(m->lastpos != NULL);
+		assert(lev+1 <= m->g->nplus);
+		m->lastpos[lev+1] = sp;
+		return(backref(m, sp, stop, ss+1, stopst, lev+1));
+		break;
+	case O_PLUS:
+		if (sp == m->lastpos[lev])	/* last pass matched null */
+			return(backref(m, sp, stop, ss+1, stopst, lev-1));
+		/* try another pass */
+		m->lastpos[lev] = sp;
+		dp = backref(m, sp, stop, ss-OPND(s)+1, stopst, lev);
+		if (dp == NULL)
+			return(backref(m, sp, stop, ss+1, stopst, lev-1));
+		else
+			return(dp);
+		break;
+	case OCH_:		/* find the right one, if any */
+		ssub = ss + 1;
+		esub = ss + OPND(s) - 1;
+		assert(OP(m->g->strip[esub]) == OOR1);
+		for (;;) {	/* find first matching branch */
+			dp = backref(m, sp, stop, ssub, esub, lev);
+			if (dp != NULL)
+				return(dp);
+			/* that one missed, try next one */
+			if (OP(m->g->strip[esub]) == O_CH)
+				return(NULL);	/* there is none */
+			esub++;
+			assert(OP(m->g->strip[esub]) == OOR2);
+			ssub = esub + 1;
+			esub += OPND(m->g->strip[esub]);
+			if (OP(m->g->strip[esub]) == OOR2)
+				esub--;
+			else
+				assert(OP(m->g->strip[esub]) == O_CH);
+		}
+		break;
+	case OLPAREN:		/* must undo assignment if rest fails */
+		i = OPND(s);
+		assert(0 < i && i <= m->g->nsub);
+		offsave = m->pmatch[i].rm_so;
+		m->pmatch[i].rm_so = sp - m->offp;
+		dp = backref(m, sp, stop, ss+1, stopst, lev);
+		if (dp != NULL)
+			return(dp);
+		m->pmatch[i].rm_so = offsave;
+		return(NULL);
+		break;
+	case ORPAREN:		/* must undo assignment if rest fails */
+		i = OPND(s);
+		assert(0 < i && i <= m->g->nsub);
+		offsave = m->pmatch[i].rm_eo;
+		m->pmatch[i].rm_eo = sp - m->offp;
+		dp = backref(m, sp, stop, ss+1, stopst, lev);
+		if (dp != NULL)
+			return(dp);
+		m->pmatch[i].rm_eo = offsave;
+		return(NULL);
+		break;
+	default:		/* uh oh */
+		assert(nope);
+		break;
+	}
+
+	/* "can't happen" */
+	assert(nope);
+	/* NOTREACHED */
+	return((char *)NULL);	/* dummy */
+}
+
+/*
+ - fast - step through the string at top speed
+ == static char *fast(register struct match *m, char *start, \
+ ==	char *stop, sopno startst, sopno stopst);
+ */
+static char *			/* where tentative match ended, or NULL */
+fast(m, start, stop, startst, stopst)
+register struct match *m;
+char *start;
+char *stop;
+sopno startst;
+sopno stopst;
+{
+	register states st = m->st;
+	register states fresh = m->fresh;
+	register states tmp = m->tmp;
+	register char *p = start;
+	register int c = (start == m->beginp) ? OUT : *(start-1);
+	register int lastc;	/* previous c */
+	register int flagch;
+	register int i;
+	register char *coldp;	/* last p after which no match was underway */
+
+	CLEAR(st);
+	SET1(st, startst);
+	st = step(m->g, startst, stopst, st, NOTHING, st);
+	ASSIGN(fresh, st);
+	SP("start", st, *p);
+	coldp = NULL;
+	for (;;) {
+		/* next character */
+		lastc = c;
+		c = (p == m->endp) ? OUT : *p;
+		if (EQ(st, fresh))
+			coldp = p;
+
+		/* is there an EOL and/or BOL between lastc and c? */
+		flagch = '\0';
+		i = 0;
+		if ( (lastc == '\n' && m->g->cflags&REG_NEWLINE) ||
+				(lastc == OUT && !(m->eflags&REG_NOTBOL)) ) {
+			flagch = BOL;
+			i = m->g->nbol;
+		}
+		if ( (c == '\n' && m->g->cflags&REG_NEWLINE) ||
+				(c == OUT && !(m->eflags&REG_NOTEOL)) ) {
+			flagch = (flagch == BOL) ? BOLEOL : EOL;
+			i += m->g->neol;
+		}
+		if (i != 0) {
+			for (; i > 0; i--)
+				st = step(m->g, startst, stopst, st, flagch, st);
+			SP("boleol", st, c);
+		}
+
+		/* how about a word boundary? */
+		if ( (flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
+					(c != OUT && ISWORD(c)) ) {
+			flagch = BOW;
+		}
+		if ( (lastc != OUT && ISWORD(lastc)) &&
+				(flagch == EOL || (c != OUT && !ISWORD(c))) ) {
+			flagch = EOW;
+		}
+		if (flagch == BOW || flagch == EOW) {
+			st = step(m->g, startst, stopst, st, flagch, st);
+			SP("boweow", st, c);
+		}
+
+		/* are we done? */
+		if (ISSET(st, stopst) || p == stop)
+			break;		/* NOTE BREAK OUT */
+
+		/* no, we must deal with this character */
+		ASSIGN(tmp, st);
+		ASSIGN(st, fresh);
+		assert(c != OUT);
+		st = step(m->g, startst, stopst, tmp, c, st);
+		SP("aft", st, c);
+		assert(EQ(step(m->g, startst, stopst, st, NOTHING, st), st));
+		p++;
+	}
+
+	assert(coldp != NULL);
+	m->coldp = coldp;
+	if (ISSET(st, stopst))
+		return(p+1);
+	else
+		return(NULL);
+}
+
+/*
+ - slow - step through the string more deliberately
+ == static char *slow(register struct match *m, char *start, \
+ ==	char *stop, sopno startst, sopno stopst);
+ */
+static char *			/* where it ended */
+slow(m, start, stop, startst, stopst)
+register struct match *m;
+char *start;
+char *stop;
+sopno startst;
+sopno stopst;
+{
+	register states st = m->st;
+	register states empty = m->empty;
+	register states tmp = m->tmp;
+	register char *p = start;
+	register int c = (start == m->beginp) ? OUT : *(start-1);
+	register int lastc;	/* previous c */
+	register int flagch;
+	register int i;
+	register char *matchp;	/* last p at which a match ended */
+
+	AT("slow", start, stop, startst, stopst);
+	CLEAR(st);
+	SET1(st, startst);
+	SP("sstart", st, *p);
+	st = step(m->g, startst, stopst, st, NOTHING, st);
+	matchp = NULL;
+	for (;;) {
+		/* next character */
+		lastc = c;
+		c = (p == m->endp) ? OUT : *p;
+
+		/* is there an EOL and/or BOL between lastc and c? */
+		flagch = '\0';
+		i = 0;
+		if ( (lastc == '\n' && m->g->cflags&REG_NEWLINE) ||
+				(lastc == OUT && !(m->eflags&REG_NOTBOL)) ) {
+			flagch = BOL;
+			i = m->g->nbol;
+		}
+		if ( (c == '\n' && m->g->cflags&REG_NEWLINE) ||
+				(c == OUT && !(m->eflags&REG_NOTEOL)) ) {
+			flagch = (flagch == BOL) ? BOLEOL : EOL;
+			i += m->g->neol;
+		}
+		if (i != 0) {
+			for (; i > 0; i--)
+				st = step(m->g, startst, stopst, st, flagch, st);
+			SP("sboleol", st, c);
+		}
+
+		/* how about a word boundary? */
+		if ( (flagch == BOL || (lastc != OUT && !ISWORD(lastc))) &&
+					(c != OUT && ISWORD(c)) ) {
+			flagch = BOW;
+		}
+		if ( (lastc != OUT && ISWORD(lastc)) &&
+				(flagch == EOL || (c != OUT && !ISWORD(c))) ) {
+			flagch = EOW;
+		}
+		if (flagch == BOW || flagch == EOW) {
+			st = step(m->g, startst, stopst, st, flagch, st);
+			SP("sboweow", st, c);
+		}
+
+		/* are we done? */
+		if (ISSET(st, stopst))
+			matchp = p;
+		if (EQ(st, empty) || p == stop)
+			break;		/* NOTE BREAK OUT */
+
+		/* no, we must deal with this character */
+		ASSIGN(tmp, st);
+		ASSIGN(st, empty);
+		assert(c != OUT);
+		st = step(m->g, startst, stopst, tmp, c, st);
+		SP("saft", st, c);
+		assert(EQ(step(m->g, startst, stopst, st, NOTHING, st), st));
+		p++;
+	}
+
+	return(matchp);
+}
+
+
+static states
+step(g, start, stop, bef, ch, aft)
+register struct re_guts *g;
+sopno start;			/* start state within strip */
+sopno stop;			/* state after stop state within strip */
+register states bef;		/* states reachable before */
+int ch;				/* character or NONCHAR code */
+register states aft;		/* states already known reachable after */
+{
+	register cset *cs;
+	register sop s;
+	register sopno pc;
+	register onestate here;		/* note, macros know this name */
+	register sopno look;
+	register long i;
+
+	for (pc = start, INIT(here, pc); pc != stop; pc++, INC(here)) {
+		s = g->strip[pc];
+		switch (OP(s)) {
+		case OEND:
+			assert(pc == stop-1);
+			break;
+		case OCHAR:
+			/* only characters can match */
+			assert(!NONCHAR(ch) || ch != (char)OPND(s));
+			if (ch == (char)OPND(s))
+				FWD(aft, bef, 1);
+			break;
+		case OBOL:
+			if (ch == BOL || ch == BOLEOL)
+				FWD(aft, bef, 1);
+			break;
+		case OEOL:
+			if (ch == EOL || ch == BOLEOL)
+				FWD(aft, bef, 1);
+			break;
+		case OBOW:
+			if (ch == BOW)
+				FWD(aft, bef, 1);
+			break;
+		case OEOW:
+			if (ch == EOW)
+				FWD(aft, bef, 1);
+			break;
+		case OANY:
+			if (!NONCHAR(ch))
+				FWD(aft, bef, 1);
+			break;
+		case OANYOF:
+			cs = &g->sets[OPND(s)];
+			if (!NONCHAR(ch) && CHIN(cs, ch))
+				FWD(aft, bef, 1);
+			break;
+		case OBACK_:		/* ignored here */
+		case O_BACK:
+			FWD(aft, aft, 1);
+			break;
+		case OPLUS_:		/* forward, this is just an empty */
+			FWD(aft, aft, 1);
+			break;
+		case O_PLUS:		/* both forward and back */
+			FWD(aft, aft, 1);
+			i = ISSETBACK(aft, OPND(s));
+			BACK(aft, aft, OPND(s));
+			if (!i && ISSETBACK(aft, OPND(s))) {
+				/* oho, must reconsider loop body */
+				pc -= OPND(s) + 1;
+				INIT(here, pc);
+			}
+			break;
+		case OQUEST_:		/* two branches, both forward */
+			FWD(aft, aft, 1);
+			FWD(aft, aft, OPND(s));
+			break;
+		case O_QUEST:		/* just an empty */
+			FWD(aft, aft, 1);
+			break;
+		case OLPAREN:		/* not significant here */
+		case ORPAREN:
+			FWD(aft, aft, 1);
+			break;
+		case OCH_:		/* mark the first two branches */
+			FWD(aft, aft, 1);
+			assert(OP(g->strip[pc+OPND(s)]) == OOR2);
+			FWD(aft, aft, OPND(s));
+			break;
+		case OOR1:		/* done a branch, find the O_CH */
+			if (ISSTATEIN(aft, here)) {
+				for (look = 1;
+						OP(s = g->strip[pc+look]) != O_CH;
+						look += OPND(s))
+					assert(OP(s) == OOR2);
+				FWD(aft, aft, look);
+			}
+			break;
+		case OOR2:		/* propagate OCH_'s marking */
+			FWD(aft, aft, 1);
+			if (OP(g->strip[pc+OPND(s)]) != O_CH) {
+				assert(OP(g->strip[pc+OPND(s)]) == OOR2);
+				FWD(aft, aft, OPND(s));
+			}
+			break;
+		case O_CH:		/* just empty */
+			FWD(aft, aft, 1);
+			break;
+		default:		/* ooooops... */
+			assert(nope);
+			break;
+		}
+	}
+
+	return(aft);
+}
+
+#undef	matcher
+#undef	fast
+#undef	slow
+#undef	dissect
+#undef	backref
+#undef	step
+#undef	print
+#undef	at
+#undef	match
+
+int				/* 0 success, REG_NOMATCH failure */
+regexec(preg, string, nmatch, pmatch, eflags)
+const regex_t *preg;
+const char *string;
+size_t nmatch;
+regmatch_t pmatch[];
+int eflags;
+{
+	register struct re_guts *g = preg->re_g;
+#define	GOODFLAGS(f)	((f)&(REG_NOTBOL|REG_NOTEOL|REG_STARTEND))
+
+	if (preg->re_magic != MAGIC1 || g->magic != MAGIC2)
+		return(REG_BADPAT);
+	assert(!(g->iflags&BAD));
+	if (g->iflags&BAD)		/* backstop for no-debug case */
+		return(REG_BADPAT);
+	eflags = GOODFLAGS(eflags);
+
+	if (g->nstates <= CHAR_BIT*sizeof(states1) && !(eflags&REG_LARGE))
+		return(smatcher(g, (char *)string, nmatch, pmatch, eflags));
+	else
+		return(lmatcher(g, (char *)string, nmatch, pmatch, eflags));
+#undef GOODFLAGS
+}
+/*
+ - regfree - free everything
+ = extern void regfree(regex_t *);
+ */
+void
+regfree(preg)
+regex_t *preg;
+{
+	register struct re_guts *g;
+
+	if (preg->re_magic != MAGIC1)	/* oops */
+		return;			/* nice to complain, but hard */
+
+	g = preg->re_g;
+	if (g == NULL || g->magic != MAGIC2)	/* oops again */
+		return;
+	preg->re_magic = 0;		/* mark it invalid */
+	g->magic = 0;			/* mark it invalid */
+
+	if (g->strip != NULL)
+		free((char *)g->strip);
+	if (g->sets != NULL)
+		free((char *)g->sets);
+	if (g->setbits != NULL)
+		free((char *)g->setbits);
+	if (g->must != NULL)
+		free(g->must);
+	free((char *)g);
+}
+
+#ifdef WITH_MAIN
+int main(int argc, char* argv[]){
+ regex_t preg;
+ int i, s;
+ if(argc<2) return 1;
+ if (regcomp(&preg, argv[1], REG_NOSUB)) {
+	fprintf(stderr, "Failed to compile regex\n");
+	return 2;
+ }
+ for (i = 2; i<argc; i++){
+   s = regexec(&preg, argv[i], 0, NULL, 0);
+   fprintf(stdout, "String[%d]: ", i-1);
+   switch(s){
+	case 0:
+		printf("match\n");
+		break;
+	case REG_NOMATCH:
+		printf("not match\n");
+		break;
+	default:
+		printf("failed (%d)\n", s);
+   }
+ }
+ regfree(&preg);
+ return 0;
+}
+#endif

src/libs/regex.h

@@ -0,0 +1,74 @@
+/*
+
+  Minimal version of Henry Spencer's regex library 
+  with minor modifications
+
+*/
+
+
+#ifndef _REGEX_H_
+#define	_REGEX_H_
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef off_t regoff_t;
+typedef struct {
+	int re_magic;
+	size_t re_nsub;		/* number of parenthesized subexpressions */
+	const char *re_endp;	/* end pointer for REG_PEND */
+	struct re_guts *re_g;	/* none of your business :-) */
+} regex_t;
+typedef struct {
+	regoff_t rm_so;		/* start of match */
+	regoff_t rm_eo;		/* end of match */
+} regmatch_t;
+
+
+extern int regcomp(regex_t *, const char *, int);
+#define	REG_BASIC	0000
+#define	REG_EXTENDED	0001
+#define	REG_ICASE	0002
+#define	REG_NOSUB	0004
+#define	REG_NEWLINE	0010
+#define	REG_NOSPEC	0020
+#define	REG_PEND	0040
+#define	REG_DUMP	0200
+
+
+#define	REG_OKAY	 0
+#define	REG_NOMATCH	 1
+#define	REG_BADPAT	 2
+#define	REG_ECOLLATE	 3
+#define	REG_ECTYPE	 4
+#define	REG_EESCAPE	 5
+#define	REG_ESUBREG	 6
+#define	REG_EBRACK	 7
+#define	REG_EPAREN	 8
+#define	REG_EBRACE	 9
+#define	REG_BADBR	10
+#define	REG_ERANGE	11
+#define	REG_ESPACE	12
+#define	REG_BADRPT	13
+#define	REG_EMPTY	14
+#define	REG_ASSERT	15
+#define	REG_INVARG	16
+#define	REG_ATOI	255	/* convert name to number (!) */
+#define	REG_ITOA	0400	/* convert number to name (!) */
+
+
+extern int regexec(const regex_t *, const char *, size_t, regmatch_t [], int);
+#define	REG_NOTBOL	00001
+#define	REG_NOTEOL	00002
+#define	REG_STARTEND	00004
+#define	REG_TRACE	00400	/* tracing of execution */
+#define	REG_LARGE	01000	/* force large representation */
+#define	REG_BACKR	02000	/* force use of backref code */
+
+
+extern void regfree(regex_t *);
+
+#ifdef __cplusplus
+}
+#endif
+#endif

src/libs/smbdes.c

@@ -0,0 +1,321 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   a partial implementation of DES designed for use in the 
+   SMB authentication protocol
+
+   Copyright (C) Andrew Tridgell 1998
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include <string.h>
+#include <ctype.h>
+
+
+#define uchar unsigned char
+
+static const uchar perm1[56] = {57, 49, 41, 33, 25, 17,  9,
+			 1, 58, 50, 42, 34, 26, 18,
+			10,  2, 59, 51, 43, 35, 27,
+			19, 11,  3, 60, 52, 44, 36,
+			63, 55, 47, 39, 31, 23, 15,
+			 7, 62, 54, 46, 38, 30, 22,
+			14,  6, 61, 53, 45, 37, 29,
+			21, 13,  5, 28, 20, 12,  4};
+
+static const uchar perm2[48] = {14, 17, 11, 24,  1,  5,
+                         3, 28, 15,  6, 21, 10,
+                        23, 19, 12,  4, 26,  8,
+                        16,  7, 27, 20, 13,  2,
+                        41, 52, 31, 37, 47, 55,
+                        30, 40, 51, 45, 33, 48,
+                        44, 49, 39, 56, 34, 53,
+                        46, 42, 50, 36, 29, 32};
+
+static const uchar perm3[64] = {58, 50, 42, 34, 26, 18, 10,  2,
+			60, 52, 44, 36, 28, 20, 12,  4,
+			62, 54, 46, 38, 30, 22, 14,  6,
+			64, 56, 48, 40, 32, 24, 16,  8,
+			57, 49, 41, 33, 25, 17,  9,  1,
+			59, 51, 43, 35, 27, 19, 11,  3,
+			61, 53, 45, 37, 29, 21, 13,  5,
+			63, 55, 47, 39, 31, 23, 15,  7};
+
+static const uchar perm4[48] = {   32,  1,  2,  3,  4,  5,
+                            4,  5,  6,  7,  8,  9,
+                            8,  9, 10, 11, 12, 13,
+                           12, 13, 14, 15, 16, 17,
+                           16, 17, 18, 19, 20, 21,
+                           20, 21, 22, 23, 24, 25,
+                           24, 25, 26, 27, 28, 29,
+                           28, 29, 30, 31, 32,  1};
+
+static const uchar perm5[32] = {      16,  7, 20, 21,
+                              29, 12, 28, 17,
+                               1, 15, 23, 26,
+                               5, 18, 31, 10,
+                               2,  8, 24, 14,
+                              32, 27,  3,  9,
+                              19, 13, 30,  6,
+                              22, 11,  4, 25};
+
+
+static const uchar perm6[64] ={ 40,  8, 48, 16, 56, 24, 64, 32,
+                        39,  7, 47, 15, 55, 23, 63, 31,
+                        38,  6, 46, 14, 54, 22, 62, 30,
+                        37,  5, 45, 13, 53, 21, 61, 29,
+                        36,  4, 44, 12, 52, 20, 60, 28,
+                        35,  3, 43, 11, 51, 19, 59, 27,
+                        34,  2, 42, 10, 50, 18, 58, 26,
+                        33,  1, 41,  9, 49, 17, 57, 25};
+
+
+static const uchar sc[16] = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1};
+
+static const uchar sbox[8][4][16] = {
+	{{14,  4, 13,  1,  2, 15, 11,  8,  3, 10,  6, 12,  5,  9,  0,  7},
+	 {0, 15,  7,  4, 14,  2, 13,  1, 10,  6, 12, 11,  9,  5,  3,  8},
+	 {4,  1, 14,  8, 13,  6,  2, 11, 15, 12,  9,  7,  3, 10,  5,  0},
+	 {15, 12,  8,  2,  4,  9,  1,  7,  5, 11,  3, 14, 10,  0,  6, 13}},
+
+	{{15,  1,  8, 14,  6, 11,  3,  4,  9,  7,  2, 13, 12,  0,  5, 10},
+	 {3, 13,  4,  7, 15,  2,  8, 14, 12,  0,  1, 10,  6,  9, 11,  5},
+	 {0, 14,  7, 11, 10,  4, 13,  1,  5,  8, 12,  6,  9,  3,  2, 15},
+	 {13,  8, 10,  1,  3, 15,  4,  2, 11,  6,  7, 12,  0,  5, 14,  9}},
+
+	{{10,  0,  9, 14,  6,  3, 15,  5,  1, 13, 12,  7, 11,  4,  2,  8},
+	 {13,  7,  0,  9,  3,  4,  6, 10,  2,  8,  5, 14, 12, 11, 15,  1},
+	 {13,  6,  4,  9,  8, 15,  3,  0, 11,  1,  2, 12,  5, 10, 14,  7},
+	 {1, 10, 13,  0,  6,  9,  8,  7,  4, 15, 14,  3, 11,  5,  2, 12}},
+
+	{{7, 13, 14,  3,  0,  6,  9, 10,  1,  2,  8,  5, 11, 12,  4, 15},
+	 {13,  8, 11,  5,  6, 15,  0,  3,  4,  7,  2, 12,  1, 10, 14,  9},
+	 {10,  6,  9,  0, 12, 11,  7, 13, 15,  1,  3, 14,  5,  2,  8,  4},
+	 {3, 15,  0,  6, 10,  1, 13,  8,  9,  4,  5, 11, 12,  7,  2, 14}},
+
+	{{2, 12,  4,  1,  7, 10, 11,  6,  8,  5,  3, 15, 13,  0, 14,  9},
+	 {14, 11,  2, 12,  4,  7, 13,  1,  5,  0, 15, 10,  3,  9,  8,  6},
+	 {4,  2,  1, 11, 10, 13,  7,  8, 15,  9, 12,  5,  6,  3,  0, 14},
+	 {11,  8, 12,  7,  1, 14,  2, 13,  6, 15,  0,  9, 10,  4,  5,  3}},
+
+	{{12,  1, 10, 15,  9,  2,  6,  8,  0, 13,  3,  4, 14,  7,  5, 11},
+	 {10, 15,  4,  2,  7, 12,  9,  5,  6,  1, 13, 14,  0, 11,  3,  8},
+	 {9, 14, 15,  5,  2,  8, 12,  3,  7,  0,  4, 10,  1, 13, 11,  6},
+	 {4,  3,  2, 12,  9,  5, 15, 10, 11, 14,  1,  7,  6,  0,  8, 13}},
+
+	{{4, 11,  2, 14, 15,  0,  8, 13,  3, 12,  9,  7,  5, 10,  6,  1},
+	 {13,  0, 11,  7,  4,  9,  1, 10, 14,  3,  5, 12,  2, 15,  8,  6},
+	 {1,  4, 11, 13, 12,  3,  7, 14, 10, 15,  6,  8,  0,  5,  9,  2},
+	 {6, 11, 13,  8,  1,  4, 10,  7,  9,  5,  0, 15, 14,  2,  3, 12}},
+
+	{{13,  2,  8,  4,  6, 15, 11,  1, 10,  9,  3, 14,  5,  0, 12,  7},
+	 {1, 15, 13,  8, 10,  3,  7,  4, 12,  5,  6, 11,  0, 14,  9,  2},
+	 {7, 11,  4,  1,  9, 12, 14,  2,  0,  6, 10, 13, 15,  3,  5,  8},
+	 {2,  1, 14,  7,  4, 10,  8, 13, 15, 12,  9,  0,  3,  5,  6, 11}}};
+
+static void permute(char *out, const char *in, const uchar *p, int n)
+{
+	int i;
+	for (i=0;i<n;i++)
+		out[i] = in[p[i]-1];
+}
+
+static void lshift(char *d, int count, int n)
+{
+	char out[64];
+	int i;
+	for (i=0;i<n;i++)
+		out[i] = d[(i+count)%n];
+	for (i=0;i<n;i++)
+		d[i] = out[i];
+}
+
+static void concat(char *out, char *in1, char *in2, int l1, int l2)
+{
+	while (l1--)
+		*out++ = *in1++;
+	while (l2--)
+		*out++ = *in2++;
+}
+
+static void xor(char *out, char *in1, char *in2, int n)
+{
+	int i;
+	for (i=0;i<n;i++)
+		out[i] = in1[i] ^ in2[i];
+}
+
+static void dohash(char *out, char *in, char *key)
+{
+	int i, j, k;
+	char pk1[56];
+	char c[28];
+	char d[28];
+	char cd[56];
+	char ki[16][48];
+	char pd1[64];
+	char l[32], r[32];
+	char rl[64];
+
+	permute(pk1, key, perm1, 56);
+
+	for (i=0;i<28;i++)
+		c[i] = pk1[i];
+	for (i=0;i<28;i++)
+		d[i] = pk1[i+28];
+
+	for (i=0;i<16;i++) {
+		lshift(c, sc[i], 28);
+		lshift(d, sc[i], 28);
+
+		concat(cd, c, d, 28, 28); 
+		permute(ki[i], cd, perm2, 48); 
+	}
+
+	permute(pd1, in, perm3, 64);
+
+	for (j=0;j<32;j++) {
+		l[j] = pd1[j];
+		r[j] = pd1[j+32];
+	}
+
+	for (i=0;i<16;i++) {
+		char er[48];
+		char erk[48];
+		char b[8][6];
+		char cb[32];
+		char pcb[32];
+		char r2[32];
+
+		permute(er, r, perm4, 48);
+
+		xor(erk, er, ki[i], 48);
+
+		for (j=0;j<8;j++)
+			for (k=0;k<6;k++)
+				b[j][k] = erk[j*6 + k];
+
+		for (j=0;j<8;j++) {
+			int m, n;
+			m = (b[j][0]<<1) | b[j][5];
+
+			n = (b[j][1]<<3) | (b[j][2]<<2) | (b[j][3]<<1) | b[j][4]; 
+
+			for (k=0;k<4;k++) 
+				b[j][k] = (sbox[j][m][n] & (1<<(3-k)))?1:0; 
+		}
+
+		for (j=0;j<8;j++)
+			for (k=0;k<4;k++)
+				cb[j*4+k] = b[j][k];
+		permute(pcb, cb, perm5, 32);
+
+		xor(r2, l, pcb, 32);
+
+		for (j=0;j<32;j++)
+			l[j] = r[j];
+
+		for (j=0;j<32;j++)
+			r[j] = r2[j];
+	}
+
+	concat(rl, r, l, 32, 32);
+
+	permute(out, rl, perm6, 64);
+}
+
+static void str_to_key(unsigned char *str,unsigned char *key)
+{
+	int i;
+
+	key[0] = str[0]>>1;
+	key[1] = ((str[0]&0x01)<<6) | (str[1]>>2);
+	key[2] = ((str[1]&0x03)<<5) | (str[2]>>3);
+	key[3] = ((str[2]&0x07)<<4) | (str[3]>>4);
+	key[4] = ((str[3]&0x0F)<<3) | (str[4]>>5);
+	key[5] = ((str[4]&0x1F)<<2) | (str[5]>>6);
+	key[6] = ((str[5]&0x3F)<<1) | (str[6]>>7);
+	key[7] = str[6]&0x7F;
+	for (i=0;i<8;i++) {
+		key[i] = (key[i]<<1);
+	}
+}
+
+
+static void smbhash(unsigned char *out, const unsigned char *in, unsigned char *key)
+{
+	int i;
+	char outb[64];
+	char inb[64];
+	char keyb[64];
+	unsigned char key2[8];
+
+	str_to_key(key, key2);
+
+	for (i=0;i<64;i++) {
+		inb[i] = (in[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
+		keyb[i] = (key2[i/8] & (1<<(7-(i%8)))) ? 1 : 0;
+		outb[i] = 0;
+	}
+
+	dohash(outb, inb, keyb);
+
+	for (i=0;i<8;i++) {
+		out[i] = 0;
+	}
+
+	for (i=0;i<64;i++) {
+		if (outb[i])
+			out[i/8] |= (1<<(7-(i%8)));
+	}
+}
+
+/*
+ *	Converts the password to uppercase, and creates the LM
+ *	password hash.
+ */
+void lmpwdhash(const unsigned char *password,unsigned char *lmhash)
+{
+	int i;
+	unsigned char p14[14];
+	static unsigned char sp8[8] = {0x4b, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25};
+
+	memset(p14, 0, sizeof(p14));
+	for (i = 0; i < 14 && password[i]; i++) {
+		p14[i] = toupper((int) password[i]);
+	}
+
+	smbhash(lmhash, sp8, p14);
+	smbhash(lmhash+8, sp8, p14+7);
+}
+
+/*
+ *	Take the NT or LM password, and return the MSCHAP response
+ *
+ *	The win_password MUST be exactly 16 bytes long.
+ */
+void mschap(const unsigned char *win_password,
+		 const unsigned char *challenge, unsigned char *response)
+{
+	unsigned char p21[21];
+
+	memset(p21, 0, sizeof(p21));
+	memcpy(p21, win_password, 16);
+
+	smbhash(response, challenge, p21);
+	smbhash(response+8, challenge, p21+7);
+	smbhash(response+16, challenge, p21+14);
+}

src/msnpr.c

@@ -0,0 +1,234 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: msnpr.c,v 1.3 2012-04-11 23:01:19 vlad Exp $
+*/
+
+#include "proxy.h"
+
+#ifndef PORTMAP
+#define PORTMAP
+#endif
+#define RETURN(xxx) { param->res = xxx; goto CLEANRET; }
+
+struct msn_cookie {
+	struct msn_cookie *next;
+	unsigned char *userid;
+	char * connectstring;
+};
+
+static struct msn_cookie *msn_cookies = NULL;
+pthread_mutex_t msn_cookie_mutex;
+int msn_cookie_mutex_init = 0;
+
+static void msn_clear(void *fo){
+};
+
+static FILTER_ACTION msn_srv(void *fc, struct clientparam * param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p){
+	unsigned char *data = *buf_p + offset;
+	int len = (int)(*length_p - offset);
+	struct sockaddr_in sa;
+	SASIZETYPE size = sizeof(sa);
+	struct msn_cookie *cookie;
+	char tmpbuf[256];
+	char *sp1, *sp2, *sp3;
+
+
+	if(*bufsize_p - *length_p < 32) return CONTINUE;
+	if(len < 10 || len > 220) return CONTINUE;
+
+	data[len] = 0;
+	
+
+	sp1 = data + 3;
+	if(data[0] == 'X' && data[1] == 'F' && data[2] == 'R' && data[3] == ' '){
+		if(!(sp2 = strchr(sp1 + 1, ' ')) || !(sp2 = strchr(sp2 + 1, ' '))|| !(sp3 = strchr(sp2 + 1, ' '))) return CONTINUE;
+	}
+	else if(data[0] == 'R' && data[1] == 'N' && data[2] == 'G' && data[3] == ' '){
+		if(!(sp2 = strchr(sp1 + 1, ' ')) || !(sp3 = strchr(sp2 + 1, ' '))) return CONTINUE;
+	}
+	else return CONTINUE;
+
+ 	*sp2 = 0;
+ 	*sp3 = 0;
+	if(getsockname(param->clisock, (struct sockaddr *)&sa, &size)==-1) {
+		return CONTINUE;
+	};
+	cookie = myalloc(sizeof(struct msn_cookie));
+	cookie->connectstring = mystrdup(sp2 + 1);
+	cookie->userid = mystrdup(param->username);
+
+	pthread_mutex_lock(&msn_cookie_mutex);
+	cookie->next = msn_cookies;
+	msn_cookies = cookie;
+	pthread_mutex_unlock(&msn_cookie_mutex);
+
+	strcpy(tmpbuf, data);
+	len = (int)strlen(tmpbuf);
+	tmpbuf[len++] = ' ';
+
+	len+=myinet_ntoa(sa.sin_addr, tmpbuf+len);
+	sprintf(tmpbuf+len, ":%hu %s", ntohs(sa.sin_port), sp3 + 1);
+	len = (int)strlen(tmpbuf);
+	memcpy(*buf_p + offset, tmpbuf, len);
+	*length_p = offset + len;
+
+	return CONTINUE;
+}
+
+
+static struct filter msnfilter = {
+	NULL,
+	"msnfilter",
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	NULL,
+	*msn_srv,
+	*msn_clear,
+	NULL
+};
+
+
+void * msnprchild(struct clientparam* param) {
+ int res, len;
+ unsigned char *buf;
+ int buflen = 256;
+ char *sp1, *sp2, *sp3;
+ char *verstr = NULL;
+ int id;
+ struct msn_cookie *cookie, *prevcookie=NULL;
+ int sec = 0; 
+ struct filterp  **newfilters;
+ int skip = 0;
+ struct filterp msnfilterp = {
+	&msnfilter,
+	(void *)&skip
+ };
+
+
+ if(!msn_cookie_mutex_init){
+	msn_cookie_mutex_init = 1;
+	pthread_mutex_init(&msn_cookie_mutex, NULL);
+ }
+
+ buf = myalloc(buflen); 
+ res = sockgetlinebuf(param, CLIENT, buf, 240, '\n', conf.timeouts[STRING_S]);
+ if(res < 10) RETURN(1201);
+ buf[res] = 0;
+ if(!(sp1 = strchr(buf, ' ')) || !(sp2 = strchr(sp1 + 1, ' ')) || !(sp3 = strchr(sp2 + 1, ' ')) || ((int)(sp3-sp2)) < 6) RETURN(1202);
+ if((buf[0] == 'U' && buf[1] == 'S' && buf[2] == 'R') ||
+    (buf[0] == 'A' && buf[1] == 'N' && buf[2] == 'S')){
+        len = 1 + (int)(sp3 - sp2);
+ 	param->username = myalloc(len - 1);
+ 	memcpy(param->username, sp2 + 1, len - 2);
+	sec = 1;
+
+ }
+ else if(buf[0] != 'V' || buf[1] != 'E' || buf[2] != 'R') {RETURN(1203);}
+ else {
+	id = atoi(sp1 + 1);
+	verstr = mystrdup(buf);
+
+	if(socksend(param->clisock, buf, res, conf.timeouts[STRING_S])!=res) {RETURN (1204);}
+
+	res = sockgetlinebuf(param, CLIENT, buf, 240, '\n', conf.timeouts[STRING_S]);
+	if(res < 10) RETURN(1205);
+ 	buf[res] = 0;
+ 	if(buf[0] != 'C' || buf[1] != 'V' || buf[2] != 'R' || !(sp1=strrchr(buf,' ')) || (len = (int)strlen(sp1+1)) < 3) RETURN(1206);
+ 	param->username = myalloc(len - 1);
+ 	memcpy(param->username, sp1 + 1, len - 2);
+ }
+ param->username[len - 2] = 0;
+ param->operation = CONNECT;
+
+ pthread_mutex_lock(&msn_cookie_mutex);
+ for(cookie = msn_cookies; cookie; cookie = cookie->next){
+	if(!strcmp(param->username, cookie->userid)){
+		parsehostname(cookie->connectstring, param, ntohs(param->srv->targetport));
+		if(prevcookie)prevcookie->next = cookie->next;
+		else msn_cookies = cookie->next;
+		myfree(cookie->connectstring);
+		myfree(cookie->userid);
+		myfree(cookie);
+		break;
+	}
+	prevcookie = cookie;
+ }
+ pthread_mutex_unlock(&msn_cookie_mutex);
+ if(!cookie) {
+	if(sec) RETURN(1233);
+	parsehostname((char *)param->srv->target, param, ntohs(param->srv->targetport));
+ }
+ res = (*param->srv->authfunc)(param);
+ if(res) {RETURN(res);}
+
+ if(!sec){
+	len = (int)strlen(verstr);
+	if(socksend(param->remsock, verstr, len, conf.timeouts[STRING_S])!= len) {RETURN (1207);}
+	param->statscli += len;
+
+
+	myfree(verstr);
+	verstr = mystrdup(buf);
+
+	len = sockgetlinebuf(param, SERVER, buf, 240, '\n', conf.timeouts[STRING_S]);
+	if(len < 10) RETURN(1208);
+	param->statssrv += len;
+
+	strcpy(buf, verstr);
+ }
+
+ len = (int)strlen(buf);
+ if((res=handledatfltcli(param,  &buf, &buflen, 0, &len))!=PASS) RETURN(res);
+ if(socksend(param->remsock, buf, len, conf.timeouts[STRING_S])!= len) {RETURN (1207);}
+
+
+ param->statscli += len;
+
+ if(sec){
+	RETURN(sockmap(param, conf.timeouts[CONNECTION_L]));
+ }
+
+ param->ndatfilterssrv++;
+ newfilters = myalloc(param->ndatfilterssrv * sizeof(struct filterp *));
+ if(param->ndatfilterssrv > 1){
+	memcpy(newfilters, param->datfilterssrv, (param->ndatfilterssrv - 1) * sizeof(struct filterp *));
+	myfree(param->datfilterssrv);
+ }
+ param->datfilterssrv = newfilters;
+ newfilters[param->ndatfilterssrv - 1] = &msnfilterp;
+
+ param->res = sockmap(param, conf.timeouts[CONNECTION_L]);
+
+ param->ndatfilterssrv--;
+
+
+
+CLEANRET:
+ 
+ 
+ if(verstr)myfree(verstr);
+ if(buf)myfree(buf);
+ (*param->srv->logfunc)(param, NULL);
+ freeparam(param);
+ return (NULL);
+}
+
+#ifdef WITHMAIN
+struct proxydef childdef = {
+	msnprchild,
+	0,
+	0,
+	S_MSNPR,
+	""
+};
+#include "proxymain.c"
+#endif

src/myalloc.c

@@ -0,0 +1,367 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: myalloc.c,v 1.5 2008/01/08 21:46:38 vlad Exp $
+*/
+
+#include "proxy.h"
+
+
+#ifndef WITH_STD_MALLOC
+
+#include "proxy.h"
+
+#define MEM64K	65536
+#define MEM16K	16384
+#define	MEM4K	4096
+#define	MEM1K	1024
+#define MEM256	256
+
+#define DEBUGLEVEL 1
+
+struct mempage{
+	struct mempage *next;
+	unsigned usable;
+	unsigned char bitmap[32];
+	unsigned char data[MEM64K];
+} * pages[] = {NULL, NULL, NULL, NULL, NULL, NULL};
+
+unsigned memsizes[] = {MEM64K, MEM16K, MEM4K, MEM1K, MEM256, 0};
+enum pagesizes {
+		p64k,
+		p16k,
+		p4k,
+		p1k,
+		p256,
+		nomem,
+};
+
+pthread_mutex_t mem_mutex;
+int	mem_init = 0;
+#ifdef _WIN32
+HANDLE myheap;
+#define malloc(x) HeapAlloc(myheap, 0, x)
+#define free(x) HeapFree(myheap, 0, x)
+#endif
+
+void init_mem(void) {
+	mem_init++;
+	pthread_mutex_init(&mem_mutex, NULL);
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Memory initialized\n");
+fflush(stderr);
+#endif
+#ifdef _WIN32
+	myheap = HeapCreate(0, MEM64K*16, 0);
+#endif
+}
+
+void * myalloc64k(){
+
+	struct mempage *newpage;
+
+	if(!mem_init)init_mem();
+	if(!(newpage = (struct mempage *)malloc(sizeof(struct mempage)))){
+#if DEBUGLEVEL > 0
+fprintf(stderr, "Failed to allocate p64k\n");
+fflush(stderr);
+#endif
+		return NULL;
+	}
+	memset(newpage->bitmap, 0, 32);
+	newpage->usable = 0;
+	pthread_mutex_lock(&mem_mutex);
+	newpage->next = pages[p64k];	
+	pages[p64k] = newpage;
+	pthread_mutex_unlock(&mem_mutex);
+#if DEBUGLEVEL > 2
+fprintf(stderr, "New p64k created, address %X region: %X\n", newpage, newpage->data);
+fflush(stderr);
+#endif
+#if DEBUGLEVEL == 2
+fprintf(stderr, "myalloc64 %p\n", newpage->data);
+fflush(stderr);
+#endif
+
+	return newpage->data;
+}
+
+int alloced = 0;
+
+void * myalloc(size_t size){
+	struct mempage *newpage, *page;
+	unsigned pagesize;
+	unsigned i=0, j, k=0;
+	int p;
+
+
+	alloced++;
+	if(!mem_init)init_mem();
+	for(p = nomem; ; ) {
+		if(!p){
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Page is too large (%u), requesting malloc instead\n", size);
+fflush(stderr);
+#endif
+			return malloc(size);
+		}
+		p--;
+		if(size<memsizes[p]){
+			break;
+		}
+	}
+
+	if(p == p64k){
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Page will p64k\n");
+fflush(stderr);
+#endif
+		return myalloc64k();
+	}
+
+	pagesize = memsizes[p];
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Calculated pagesize: %u\n", pagesize);
+fflush(stderr);
+#endif
+	pthread_mutex_lock(&mem_mutex);
+	newpage = pages[p];
+	if(newpage && newpage->usable){
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Useful page found: %X,", newpage);
+fflush(stderr);
+#endif
+		for(j=0; j<32; j++){
+			register unsigned c = newpage->bitmap[j];
+			if(c){
+				for(k=0; ;k++)if(c & (1<<k))break;
+				i = (j<<11) + (k<<8);
+#if DEBUGLEVEL > 2
+fprintf(stderr, "region: %X, offset %u, byte %u, %u, %u\n", newpage->data + i, i, j, k, newpage->bitmap[j]);
+fflush(stderr);
+#endif                  
+				break;
+			}
+		}
+	}
+	else{
+		if(!(newpage = (struct mempage *)malloc(sizeof(struct mempage)))){
+			pthread_mutex_unlock(&mem_mutex);
+#if DEBUGLEVEL > 0
+fprintf(stderr, "Failed to allocate p64k\n");
+fflush(stderr);
+#endif
+			return NULL;
+		}
+#if DEBUGLEVEL > 2
+fprintf(stderr, "New page used: %X,", newpage);
+fflush(stderr);
+#endif
+		memset(newpage->bitmap, 0, 32);
+		for(i = 0; i<MEM64K; i+=pagesize){
+			j = (i >> 11);
+			k = ((i & 0x000007FF) >> 8);
+			newpage->bitmap[j] |= (1<<k);
+		}
+		i-=pagesize;
+		newpage->next = pages[p];
+		newpage->usable = MEM64K;
+		pages[p] = newpage;
+	}
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Byte was %d/%d/%d\n", j, k, newpage->bitmap[j]);
+fflush(stderr);
+#endif
+	newpage->bitmap[j] ^= (1<<k);
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Byte set %d/%d/%d\n", j, k, newpage->bitmap[j]);
+fflush(stderr);
+#endif
+	newpage->usable -= pagesize;
+#if DEBUGLEVEL > 2
+fprintf(stderr, "usable amount after allocation: %u\n", newpage->usable);
+fflush(stderr);
+#endif
+	if(!newpage->usable){
+#if DEBUGLEVEL > 2
+fprintf(stderr, "No usable amount left\n", newpage->usable);
+fflush(stderr);
+#endif
+		if((page = newpage->next) && page->usable){
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Moving to end of list\n", newpage->usable);
+fflush(stderr);
+#endif
+			pages[p] = page;
+			while(page->next && page->next->usable)page = page->next;
+			newpage->next = page->next;
+			page->next = newpage;
+		}
+	}
+	pthread_mutex_unlock(&mem_mutex);
+#if DEBUGLEVEL > 2
+fprintf(stderr, "All done, returning: %x\n", newpage->data + i);
+fflush(stderr);
+#endif
+#if DEBUGLEVEL == 2
+fprintf(stderr, "malloc %p\n", (void *)(newpage->data + i));
+fflush(stderr);
+#endif
+
+	return (void *)(newpage->data + i);
+}
+
+int myfindsize(void * p, struct mempage ***prevpagep, struct mempage **pagep){
+	int i;
+	struct mempage *prevpage, *page;
+
+	for (i=0; i<nomem; i++){
+		for(page = pages[i], prevpage = NULL; page; page=page->next){
+			if( p >= (void *)page->data && p < (void *)(page->data + MEM64K))break;
+			prevpage = page;
+		}
+		if(page){
+			if(pagep)*pagep = page;
+			if(prevpagep)*prevpagep = prevpage?&prevpage->next:&pages[i];
+#if DEBUGLEVEL > 2
+fprintf(stderr, "%x belongs to page: %x with data %x\n", p, page, page->data);
+fflush(stderr);
+#endif
+			break;
+		}
+	}
+	return i;
+
+
+}
+
+void myfree(void *p){
+	struct mempage **prevpage, *page;
+	int i;
+	unsigned pagesize;
+	unsigned size, j, k;
+	
+	alloced--;
+#if DEBUGLEVEL == 2
+fprintf(stderr, "free %p\n", p);
+fflush(stderr);
+#endif
+	pthread_mutex_lock(&mem_mutex);
+	i = myfindsize(p, &prevpage, &page);
+	if (i == nomem) {
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Page does not exists, trying free()\n");
+fflush(stderr);
+#endif
+		pthread_mutex_unlock(&mem_mutex);
+		free(p);
+		return;
+	}
+	pagesize = memsizes[i];
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Calculated pagesize: %u\n", pagesize);
+fflush(stderr);
+#endif
+	size = (unsigned)((unsigned char*)p - page->data);
+	if(size%pagesize) {
+#if DEBUGLEVEL > 0
+write(2, p, 4);
+fprintf(stderr, "\nGiven address is not block aligned, ignoring\n");
+fflush(stderr);
+#endif
+		pthread_mutex_unlock(&mem_mutex);
+		return; /* Hmmmmm */
+	}
+	*prevpage = page->next;
+	page->usable += pagesize;
+#if DEBUGLEVEL > 2
+fprintf(stderr, "New usable space: %u\n", page->usable);
+fflush(stderr);
+#endif
+	if(page->usable >= MEM64K && ((pagesize == MEM64K) || (pages[i] && pages[i]->usable))) {
+#if DEBUGLEVEL > 2
+fprintf(stderr, "Free this page\n");
+fflush(stderr);
+#endif
+		free(page);
+	}
+	else {
+		j = (size>>11);
+		k = ((size & 0x000007FF) >> 8);
+		k = ('\01'<<k);
+		if(page->bitmap[j] & k) {
+#if DEBUGLEVEL > 0
+fprintf(stderr, "Error: double free() %d/%d/%d\n", j, k, page->bitmap[j]);
+fflush(stderr);
+#endif
+			page->usable += pagesize;
+		}
+		page->bitmap[j] |= k;
+		page->next = pages[i];
+		pages[i] = page;
+#if DEBUGLEVEL > 2
+fprintf(stderr, "This page will be reused next time\n");
+fflush(stderr);
+#endif
+	}
+	pthread_mutex_unlock(&mem_mutex);
+}
+
+char * mystrdup(const char *str){
+	unsigned l;
+	char *p;
+
+	if(!str) return NULL;
+	l = ((unsigned)strlen(str))+1;
+	p = myalloc(l);
+	if(p)memcpy(p, str, l);
+#if DEBUGLEVEL == 2
+fprintf(stderr, "strdup %p\n", p);
+fflush(stderr);
+#endif
+	return p;
+}
+
+
+void *myrealloc(void *ptr, size_t size){
+	unsigned l;
+	void * p;
+	l = myfindsize(ptr, NULL, NULL);
+	if(size <= memsizes[l]) return ptr;
+	p = myalloc(size);
+	if(p){
+		memcpy(p,ptr,size);
+		myfree(ptr);
+	}
+	return p;	
+}
+
+
+#ifdef WITH_MAIN
+int main(){
+	void *p1, *p2, *p3, *p4, *p5, *p6, *p7, *p8, *p9, *p10, *p11, *p12, *p13;
+	p1 = myalloc(5000);
+	p2 = myalloc(5000);
+	p3 = myalloc(5000);
+	p4 = myalloc(5000);
+	p5 = myalloc(5000);
+	p6 = myalloc(5000);
+	p7 = myalloc(5000);
+	p8 = myalloc(5000);
+	p9 = myalloc(5000);
+	p10 = myalloc(5000);
+	myfree(p2);
+	myfree(p8);
+	p11 = myalloc(5000);
+	p12 = myalloc(5000);
+	p13 = myalloc(5000);
+	p2 = myalloc(5000);
+	p8 = myalloc(5000);
+	myalloc(5000);
+}
+#endif
+
+#endif

src/mycrypt.c

@@ -0,0 +1,200 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: mycrypt.c,v 1.8 2008/01/08 21:46:38 vlad Exp $
+*/
+#include "libs/md5.h"
+#include "libs/md4.h"
+#include <string.h>
+
+#define MD5_SIZE 16
+
+#ifdef _WIN32
+#pragma warning (disable : 4996)
+#endif
+
+
+void tohex(unsigned char *in, unsigned char *out, int len);
+
+static unsigned char itoa64[] =
+        "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+
+void
+_crypt_to64(unsigned char *s, unsigned long v, int n)
+{
+        while (--n >= 0) {
+                *s++ = itoa64[v&0x3f];
+                v >>= 6;
+        }
+}
+
+
+unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPassword, int ctohex)
+{
+	unsigned char szUnicodePass[513];
+	unsigned int nPasswordLen;
+	MD4_CTX ctx;
+	unsigned int i;
+
+	/*
+	 *	NT passwords are unicode.  Convert plain text password
+	 *	to unicode by inserting a zero every other byte
+	 */
+	nPasswordLen = (int)strlen((char *)szPassword);
+	if(nPasswordLen > 255)nPasswordLen = 255;
+	for (i = 0; i < nPasswordLen; i++) {
+		szUnicodePass[i << 1] = szPassword[i];
+		szUnicodePass[(i << 1) + 1] = 0;
+	}
+
+	/* Encrypt Unicode password to a 16-byte MD4 hash */
+	MD4Init(&ctx);
+	MD4Update(&ctx, szUnicodePass, (nPasswordLen<<1));
+	MD4Final(szUnicodePass, &ctx);
+	if (ctohex){
+		tohex(szUnicodePass, szHash, 16);
+	}
+	else memcpy(szHash, szUnicodePass, 16);
+	return szHash;
+}
+
+
+unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsigned char *passwd){
+
+ const unsigned char *ep;
+ if(salt[0] == '$' && salt[1] == '1' && salt[2] == '$' && (ep = (unsigned char *)strchr((char *)salt+3, '$'))) {
+	static unsigned char	*magic = (unsigned char *)"$1$";	
+	unsigned char  *p;
+	const unsigned char *sp;
+	unsigned char	final[MD5_SIZE];
+	int sl,pl,i;
+	MD5_CTX	ctx,ctx1;
+	unsigned long l;
+
+	/* Refine the Salt first */
+	sp = salt +3;
+
+	/* get the length of the true salt */
+	sl = (int)(ep - sp);
+
+	MD5Init(&ctx);
+
+	/* The password first, since that is what is most unknown */
+	MD5Update(&ctx,pw,strlen((char *)pw));
+
+	/* Then our magic string */
+	MD5Update(&ctx,magic,strlen((char *)magic));
+
+	/* Then the raw salt */
+	MD5Update(&ctx,sp,sl);
+
+	/* Then just as many unsigned characters of the MD5(pw,salt,pw) */
+	MD5Init(&ctx1);
+	MD5Update(&ctx1,pw,strlen((char *)pw));
+	MD5Update(&ctx1,sp,sl);
+	MD5Update(&ctx1,pw,strlen((char *)pw));
+	MD5Final(final,&ctx1);
+	for(pl = (int)strlen((char *)pw); pl > 0; pl -= MD5_SIZE)
+		MD5Update(&ctx,final,pl>MD5_SIZE ? MD5_SIZE : pl);
+
+	/* Don't leave anything around in vm they could use. */
+	memset(final,0,sizeof final);
+
+	/* Then something really weird... */
+	for (i = (int)strlen((char *)pw); i ; i >>= 1)
+		if(i&1)
+		    MD5Update(&ctx, final, 1);
+		else
+		    MD5Update(&ctx, pw, 1);
+
+	/* Now make the output string */
+	strcpy((char *)passwd,(char *)magic);
+	strncat((char *)passwd,(char *)sp,sl);
+	strcat((char *)passwd,"$");
+
+	MD5Final(final,&ctx);
+
+	/*
+	 * and now, just to make sure things don't run too fast
+	 * On a 60 Mhz Pentium this takes 34 msec, so you would
+	 * need 30 seconds to build a 1000 entry dictionary...
+	 */
+	for(i=0;i<1000;i++) {
+		MD5Init(&ctx1);
+		if(i & 1)
+			MD5Update(&ctx1,pw,strlen((char *)pw));
+		else
+			MD5Update(&ctx1,final,MD5_SIZE);
+
+		if(i % 3)
+			MD5Update(&ctx1,sp,sl);
+
+		if(i % 7)
+			MD5Update(&ctx1,pw,strlen((char *)pw));
+
+		if(i & 1)
+			MD5Update(&ctx1,final,MD5_SIZE);
+		else
+			MD5Update(&ctx1,pw,strlen((char *)pw));
+		MD5Final(final,&ctx1);
+	}
+
+	p = passwd + strlen((char *)passwd);
+
+	l = (final[ 0]<<16) | (final[ 6]<<8) | final[12];
+	_crypt_to64(p,l,4); p += 4;
+	l = (final[ 1]<<16) | (final[ 7]<<8) | final[13];
+	_crypt_to64(p,l,4); p += 4;
+	l = (final[ 2]<<16) | (final[ 8]<<8) | final[14];
+	_crypt_to64(p,l,4); p += 4;
+	l = (final[ 3]<<16) | (final[ 9]<<8) | final[15];
+	_crypt_to64(p,l,4); p += 4;
+	l = (final[ 4]<<16) | (final[10]<<8) | final[ 5];
+	_crypt_to64(p,l,4); p += 4;
+	l =                    final[11]                ;
+	_crypt_to64(p,l,2); p += 2;
+	*p = '\0';
+
+	/* Don't leave anything around in vm they could use. */
+	memset(final,0,sizeof final);
+ }
+ else {
+	*passwd = 0;
+ }
+ return passwd;
+}
+
+#ifdef WITHMAIN
+
+#include <stdio.h>
+int main(int argc, char* argv[]){
+	unsigned char buf[1024];
+	unsigned i;
+	if(argc < 2 || argc > 3) {
+		fprintf(stderr, "usage: \n"
+			"\t%s <password>\n"
+			"\t%s <salt> <password>\n"
+			"Performs NT crypt if no salt specified, MD5 crypt with salt\n"
+			"This software uses:\n"
+			"  RSA Data Security, Inc. MD4 Message-Digest Algorithm\n"
+			"  RSA Data Security, Inc. MD5 Message-Digest Algorithm\n",
+			argv[0],
+			argv[0]);
+			return 1;
+	}
+	if(argc == 2) {
+		printf("NT:%s\n", ntpwdhash(buf, (unsigned char *)argv[1], 1));
+	}
+	else {
+		i = (int)strlen((char *)argv[1]);
+		if (i > 64) argv[1][64] = 0;
+		sprintf((char *)buf, "$1$%s$", argv[1]);
+		printf("CR:%s\n", mycrypt((unsigned char *)argv[2], buf, buf+256));
+	}
+	return 0;
+}
+
+#endif

src/ntlm.c

@@ -0,0 +1,89 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: ntlm.c,v 1.9 2008/01/08 21:46:38 vlad Exp $
+*/
+
+#include "proxy.h"
+struct ntlmchal {
+	unsigned char sig[8];
+	unsigned char messtype[4];
+	unsigned char dom_len[2];
+	unsigned char dom_max_len[2];
+	unsigned char dom_offset[4];
+	unsigned char flags[4];
+	unsigned char challenge[8];
+	unsigned char reserved[8];
+	unsigned char addr_len[2];
+	unsigned char addr_max_len[2];
+	unsigned char addr_offset[4];
+	unsigned char data[1];
+};
+
+struct ntlmreq {
+	unsigned char sig[8];
+	unsigned char messtype[4];
+	unsigned char flags[4];
+	unsigned char dom_len[2];
+	unsigned char dom_max_len[2];
+	unsigned char dom_offset[4];
+	unsigned char pad1[2];
+	unsigned char host_len[2];
+	unsigned char host_max_len[2];
+	unsigned char host_offset[4];
+	unsigned char pad2[2];
+	unsigned char data[1];
+};
+
+int text2unicode(const char * text, char * buf, int buflen){
+	int count = 0;
+	buflen = ((buflen>>1)<<1);
+	if(!text || !buflen) return 0;
+	do {
+		buf[count++] = toupper(*text++);
+		buf[count++] = '\0';
+	} while (*text && count < buflen);
+	return count;
+}
+
+void unicode2text(const char *unicode, char * buf, int len){
+	int i;
+	if(!unicode || !len) return;
+	for(i=0; i<len; i++){
+		buf[i] = unicode[(i<<1)];
+	}
+	buf[i] = 0;
+}
+
+void genchallenge(struct clientparam *param, char * challenge, char *buf){
+	struct ntlmchal *chal;
+	char tmpbuf[1024];
+	char hostname[128];
+	int len, i;
+	
+
+	chal = (struct ntlmchal *)tmpbuf;
+	memset(chal, 0, 1024);
+	memcpy(chal->sig, "NTLMSSP", 8);
+	chal->messtype[0] = 2;
+	gethostname(hostname, 128);
+	hostname[15] = 0;
+	len = (((int)strlen(hostname)) << 1);
+	chal->dom_len[0] = len;
+	chal->dom_max_len[0] = len;
+	chal->dom_offset[0] =  (unsigned char)((unsigned char *)chal->data - (unsigned char *)chal);
+	chal->flags[0] = 0x03;
+	chal->flags[1] = 0x82;
+	chal->flags[2] = 0x81;
+	chal->flags[3] = 0xA0;
+	text2unicode(hostname, (char *)chal->data, 64);
+	time((time_t *)challenge);
+	memcpy(challenge+4, &param->sinc.sin_addr.s_addr, 4);
+	challenge[1]^=param->sinc.sin_port;
+	for(i = 0; i < 8; i++) challenge[i] ^= myrand(challenge, 8);
+	memcpy(chal->challenge, challenge, 8);
+	en64((unsigned char *)tmpbuf, (unsigned char *)buf, (int)((unsigned char *)chal->data - (unsigned char *)chal) + len);	
+}

src/plugins.c

@@ -0,0 +1,142 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2002-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: ntlm.c,v 1.8 2007/12/27 13:20:04 vlad Exp $
+*/
+
+#include "proxy.h"
+
+unsigned bandlimitfunc(struct clientparam *param, unsigned nbytesin, unsigned nbytesout);
+void trafcountfunc(struct clientparam *param);
+int checkACL(struct clientparam * param);
+void nametohash(const unsigned char * name, unsigned char *hash);
+unsigned hashindex(const unsigned char* hash);
+void decodeurl(unsigned char *s, int allowcr);
+int parsestr (unsigned char *str, unsigned char **argm, int nitems, unsigned char ** buff, int *inbuf, int *bufsize);
+struct ace * make_ace (int argc, unsigned char ** argv);
+extern char * proxy_stringtable[];
+extern char * admin_stringtable[];
+extern struct schedule * schedule;
+int start_proxy_thread(struct child * chp);
+
+extern int linenum;
+extern char *conffile;
+
+struct symbol symbols[] = {
+	{symbols+1, "conf", (void *) &conf},
+	{symbols+2, "socksend", (void *) socksend},
+	{symbols+3, "socksendto", (void *) socksendto},
+	{symbols+4, "sockrecvfrom", (void *) sockrecvfrom},
+	{symbols+5, "sockgetcharcli", (void *) sockgetcharcli},
+	{symbols+6, "sockgetcharsrv", (void *) sockgetcharsrv},
+	{symbols+7, "sockgetlinebuf", (void *) sockgetlinebuf},
+	{symbols+8, "myinet_ntoa", (void *) myinet_ntoa},
+	{symbols+9, "dobuf", (void *) dobuf},
+	{symbols+10, "scanaddr", (void *) scanaddr},
+	{symbols+11, "getip", (void *) getip},
+	{symbols+12, "sockmap", (void *) sockmap},
+	{symbols+13, "sockfuncs", (void *) &so},
+	{symbols+14, "ACLmatches", (void *) ACLmatches},
+	{symbols+15, "bandlimitfunc", (void *) bandlimitfunc},
+	{symbols+16, "trafcountfunc", (void *) trafcountfunc},
+	{symbols+17, "alwaysauth", (void *) alwaysauth},
+	{symbols+18, "ipauth", (void *) ipauth},
+	{symbols+19, "nbnameauth", (void *) nbnameauth},
+	{symbols+20, "strongauth", (void *) strongauth},
+	{symbols+21, "checkACL", (void *) checkACL},
+	{symbols+22, "nametohash", (void *) nametohash},
+	{symbols+23, "hashindex", (void *) hashindex},
+	{symbols+24, "nservers", (void *) nservers},
+	{symbols+25, "udpresolve", (void *) udpresolve},
+	{symbols+26, "bandlim_mutex", (void *) &bandlim_mutex},
+	{symbols+27, "tc_mutex", (void *) &tc_mutex},
+	{symbols+28, "hash_mutex", (void *) &hash_mutex},
+	{symbols+29, "pwl_mutex", (void *) &pwl_mutex},
+	{symbols+30, "linenum", (void *) &linenum},
+	{symbols+31, "proxy_stringtable", (void *) proxy_stringtable},
+	{symbols+32, "en64", (void *) en64},
+	{symbols+33, "de64", (void *) de64},
+	{symbols+34, "tohex", (void *) tohex},
+	{symbols+35, "fromhex", (void *) fromhex},
+	{symbols+36, "dnspr", (void *) dnsprchild},
+	{symbols+37, "pop3p", (void *) pop3pchild},
+	{symbols+38, "proxy", (void *) proxychild},
+	{symbols+39, "socks", (void *) sockschild},
+	{symbols+40, "tcppm", (void *) tcppmchild},
+	{symbols+41, "udppm", (void *) udppmchild},
+	{symbols+42, "admin", (void *) adminchild},
+	{symbols+43, "ftppr", (void *) ftpprchild},
+	{symbols+44, "smtpp", (void *) smtppchild},
+	{symbols+45, "icqpr", (void *) icqprchild},
+	{symbols+46, "msnpr", (void *) msnprchild},
+	{symbols+47, "authfuncs", (void *) &authfuncs},
+	{symbols+48, "commandhandlers", (void *) &commandhandlers},
+	{symbols+49, "decodeurl", (void *) decodeurl},
+	{symbols+50, "parsestr", (void *) parsestr},
+	{symbols+51, "make_ace", (void *) make_ace},
+	{symbols+52, "freeacl", (void *) freeacl},
+	{NULL, "", NULL}
+};
+
+static void * findbyname(const char *name){
+	struct symbol * symbols;
+	for(symbols = &pluginlink.symbols; symbols; symbols=symbols->next)
+		if(!strcmp(symbols->name, name)) return symbols->value;
+	return NULL;
+}
+
+
+struct pluginlink pluginlink = {
+	{symbols, "", NULL},
+	&conf,
+	nservers,
+	&linenum,
+	authfuncs,
+	commandhandlers,
+	findbyname,
+	socksend,
+	socksendto,
+	sockrecvfrom,
+	sockgetcharcli,
+	sockgetcharsrv,
+	sockgetlinebuf,
+	myinet_ntoa,
+	dobuf,
+	dobuf2,
+	scanaddr,
+	getip,
+	sockmap,
+	ACLmatches,		
+	alwaysauth,
+	checkACL,
+	nametohash,
+	hashindex,
+	en64,
+	de64,
+	tohex,
+	fromhex,
+	decodeurl,
+	parsestr,
+	make_ace,
+	myalloc,
+	myfree,
+	myrealloc,
+	mystrdup,
+	trafcountfunc,
+	proxy_stringtable,
+	&schedule,
+	freeacl,
+	admin_stringtable,
+	&childdef,
+	start_proxy_thread,
+	freeparam,
+	parsehostname,
+	parseusername,
+	parseconnusername,
+	&so,
+	dologname
+};
+

src/plugins/CVS/Entries

@@ -0,0 +1,7 @@
+D/WindowsAuthentication////
+D/TrafficPlugin////
+D/PCREPlugin////
+D/FilePlugin////
+D/TransparentPlugin////
+D/utf8tocp1251////
+D/SSLPlugin////

src/plugins/CVS/Repository

@@ -0,0 +1 @@
+3proxy-0.5a/src/plugins

src/plugins/CVS/Root

@@ -0,0 +1 @@
+/cygdrive/m/MEDIA/H/CVS

src/plugins/FilePlugin/CVS/Entries

@@ -0,0 +1,4 @@
+/Makefile.inc/1.1/Sun Sep 20 17:13:29 2009//
+/FilePlugin.h/1.4/Fri Oct  9 11:36:00 2009//
+/FilePlugin.c/1.8/Wed Apr 11 23:01:22 2012//
+D

src/plugins/FilePlugin/CVS/Repository

@@ -0,0 +1 @@
+3proxy-0.5a/src/plugins/FilePlugin

src/plugins/FilePlugin/CVS/Root

@@ -0,0 +1 @@
+/cygdrive/m/MEDIA/H/CVS

src/plugins/FilePlugin/FilePlugin.c

@@ -0,0 +1,895 @@
+/*
+   3APA3A simpliest proxy server
+   (c) 2007-2008 by ZARAZA <3APA3A@security.nnov.ru>
+
+   please read License Agreement
+
+   $Id: FilePlugin.c,v 1.8 2012-04-11 23:01:22 vlad Exp $
+*/
+
+#include "../../structures.h"
+#include "FilePlugin.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/timeb.h>
+#include <fcntl.h>
+#include <time.h>
+#ifdef _WIN32
+#ifndef _WINCE
+#include <io.h>
+#else
+#include <sys/unistd.h>
+#endif
+#else
+#include <unistd.h>
+#ifndef O_BINARY
+#define O_BINARY (0)
+#endif
+#endif
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+
+#ifndef _WIN32
+#define WINAPI
+#define fp_size_t size_t
+#else
+#define fp_size_t int
+#endif
+
+static struct pluginlink * pl;
+
+static pthread_mutex_t file_mutex;
+
+unsigned long preview = 0;
+
+char path[256];
+
+static int counter = 0;
+static int timeo = 0;
+
+static char * fp_stringtable[] = {
+/* 0 */	"HTTP/1.0 503 Service Unavailable\r\n"
+	"Proxy-Connection: close\r\n"
+	"Content-type: text/html; charset=us-ascii\r\n"
+	"\r\n"
+	"<html><head><title>503 Service Unavailable</title></head>\r\n"
+	"<body><h2>503 Service Unavailable</h2><h3>HTTP policy violation: you have no permission to perform this action. Please conatct helpdesk or Administrator.</h3></body></html>\r\n",
+/* 1 */	"421 SMTP policy violation: you have no permission to perform this action. Please conatct helpdesk or Administrator.\r\n",
+/* 2 */	"421 FTP policy violation: you have no permission to perform this action. Please conatct helpdesk or Administrator.\r\n",
+	NULL
+};
+
+enum states {
+ STATE_INITIAL = 0,
+ GOT_HTTP_REQUEST,
+ GOT_HTTP_CLI_HDR,
+ GOT_HTTP_SRV_HDR,
+ GOT_HTTP_CLI_HDR2,
+ GOT_HTTP_SRV_HDR2,
+ GOT_HTTP_CLIDATA,
+ GOT_HTTP_SRVDATA,
+ GOT_SMTP_REQ,
+ GOT_SMTP_DATA,
+ GOT_FTP_REQ,
+ GOT_FTP_CLIDATA,
+ GOT_FTP_SRVDATA,
+ FLUSH_DATA
+};
+
+struct fp_callback {
+ struct fp_callback *next;
+ FP_CALLBACK callback;
+ void * data;
+ int what;
+ int preview_size;
+ int max_size;
+};
+
+struct fp_stream {
+ struct fp_stream *next;
+ char * buf;
+ int state;
+ int what;
+ int needsrvconnect;
+ int preview_size;
+ long bufsize;
+ unsigned long clihdrwritten, clientwritten, clientsent, srvhdrwritten, serverwritten, serversent;
+ struct fp_callback *callbacks;
+ struct fp_filedata fpd;
+} *fp_streams = NULL;
+
+struct sockfuncs sso;
+
+
+static void genpaths(struct fp_stream *fps){
+
+ if(fps->what & (FP_CLIDATA|FP_CLIHEADER)){
+	if(fps->fpd.path_cli) free(fps->fpd.path_cli);
+	fps->fpd.path_cli = malloc(strlen(path) + 10);
+	sprintf(fps->fpd.path_cli, path, counter++);
+ }
+ if(fps->what & (FP_SRVDATA|FP_SRVHEADER)){
+	if(fps->fpd.path_srv) free(fps->fpd.path_srv);
+	fps->fpd.path_srv = malloc(strlen(path) + 10);
+	sprintf(fps->fpd.path_srv, path, counter++);
+ }
+
+}
+
+static 
+#ifdef _WIN32
+  HANDLE
+#else
+  int 
+#endif
+    initclientfile(struct fp_stream *fps){
+
+	fps->clientwritten = fps->clientsent = 0;
+#ifdef _WIN32
+	if(fps->fpd.h_cli != INVALID_HANDLE_VALUE){
+		CloseHandle(fps->fpd.h_cli);
+	}
+	fps->fpd.h_cli = CreateFile(fps->fpd.path_cli, GENERIC_READ | GENERIC_WRITE, (fps->what & FP_SHAREFILE)? FILE_SHARE_DELETE|FILE_SHARE_READ|FILE_SHARE_WRITE:0, NULL, CREATE_ALWAYS, (fps->what & (FP_KEEPFILE|FP_SHAREFILE))? FILE_ATTRIBUTE_TEMPORARY : FILE_ATTRIBUTE_TEMPORARY | FILE_FLAG_DELETE_ON_CLOSE, NULL);
+	return fps->fpd.h_cli;
+#else
+	if(fps->fpd.fd_cli != -1) close(fps->fpd.fd_cli);
+	fps->fpd.fd_cli = open(fps->fpd.path_cli, O_BINARY|O_RDWR|O_CREAT|O_TRUNC, 0600);
+	return fps->fpd.fd_cli;
+#endif
+}
+
+static 
+#ifdef _WIN32
+  HANDLE
+#else
+  int 
+#endif
+     initserverfile(struct fp_stream *fps){
+	fps->serverwritten = fps->serversent = 0;
+#ifdef _WIN32
+	if(fps->fpd.h_srv != INVALID_HANDLE_VALUE){
+		CloseHandle(fps->fpd.h_srv);
+	}
+	fps->fpd.h_srv = CreateFile(fps->fpd.path_srv, GENERIC_READ | GENERIC_WRITE, (fps->what & FP_SHAREFILE)? FILE_SHARE_DELETE|FILE_SHARE_READ|FILE_SHARE_WRITE:0, NULL, CREATE_ALWAYS, (fps->what & (FP_KEEPFILE|FP_SHAREFILE))? FILE_ATTRIBUTE_TEMPORARY : FILE_ATTRIBUTE_TEMPORARY | FILE_FLAG_DELETE_ON_CLOSE, NULL);
+	return fps->fpd.h_srv;
+#else
+	if(fps->fpd.fd_srv != -1) close(fps->fpd.fd_srv);
+	fps->fpd.fd_srv = open(fps->fpd.path_srv, O_BINARY|O_RDWR|O_CREAT|O_TRUNC, 0600);
+	return fps->fpd.fd_srv;
+#endif
+}
+
+static void closefiles(struct fp_stream *fps){
+#ifdef _WIN32
+	if(fps->fpd.h_cli != INVALID_HANDLE_VALUE) {
+		CloseHandle(fps->fpd.h_cli);
+		fps->fpd.h_cli = INVALID_HANDLE_VALUE;
+
+		if((fps->what & FP_SHAREFILE) && !(fps->what & FP_KEEPFILE)) DeleteFile(fps->fpd.path_cli);
+	}
+	if(fps->fpd.h_srv != INVALID_HANDLE_VALUE) {
+		CloseHandle(fps->fpd.h_srv);
+		fps->fpd.h_srv = INVALID_HANDLE_VALUE;
+
+		if((fps->what & FP_SHAREFILE) && !(fps->what & FP_KEEPFILE)) DeleteFile(fps->fpd.path_cli);
+	}
+#else
+	if(fps->fpd.fd_cli != -1) {
+		close(fps->fpd.fd_cli);
+		fps->fpd.fd_cli = -1;
+
+		if(!(fps->what & FP_KEEPFILE)) unlink(fps->fpd.path_cli);
+	}
+	if(fps->fpd.fd_srv != -1) {
+		close(fps->fpd.fd_srv);
+		fps->fpd.fd_srv = -1;
+		if(!(fps->what & FP_KEEPFILE)) unlink(fps->fpd.path_srv);
+	}
+#endif
+	if(fps->fpd.path_cli) {
+		free(fps->fpd.path_cli);
+		fps->fpd.path_cli = NULL;
+	}
+	if(fps->fpd.path_srv) {
+		free(fps->fpd.path_srv);
+		fps->fpd.path_srv = NULL;
+	}
+	fps->clihdrwritten = fps->clientwritten = fps->clientsent = fps->srvhdrwritten = fps->serverwritten = fps->serversent = 0;
+}
+
+static int searchsocket(SOCKET s, struct fp_stream **pfps){
+	struct fp_stream *fps = NULL;
+	int ret = 0;
+	pthread_mutex_lock(&file_mutex);
+	for(fps = fp_streams; fps; fps = fps->next){
+		if(fps->fpd.cp->clisock == s) {
+			ret = 1;
+			break;
+		}
+		if(fps->fpd.cp->remsock == s) {
+			ret = 2;
+			break;
+		}
+		if(fps->fpd.cp->ctrlsock == s) {
+			ret = 3;
+			break;
+		}
+	}
+	pthread_mutex_unlock(&file_mutex);
+	*pfps = fps;
+	return ret;
+}
+
+static void freecallback(struct fp_stream * fps, struct fp_callback * fpc){
+	if(fpc->next) freecallback(fps, fpc->next);
+		if(fpc->what & FP_CALLONREMOVE) (*fpc->callback)(FP_CALLONREMOVE, fpc->data, &fps->fpd, NULL, 0);
+	free(fpc);
+}
+
+static void removefps(struct fp_stream * fps){
+	if(!fp_streams) return;
+	pthread_mutex_lock(&file_mutex);
+	if(fp_streams == fps)fp_streams = fps->next;
+	else {
+		struct fp_stream *fps2;
+
+		for(fps2 = fp_streams; fps2->next; fps2 = fps2->next){
+			if(fps2->next == fps){
+				fps2->next = fps->next;
+				break;
+			}
+		}
+		
+	}
+	pthread_mutex_unlock(&file_mutex);
+	if(fps->callbacks){
+		freecallback(fps, fps->callbacks);
+		fps->callbacks = 0;
+	}
+	closefiles(fps);
+	if(fps->buf) {
+		free(fps->buf);
+		fps->buf = NULL;
+	}
+	fps->state = 0;
+}
+
+static int WINAPI fp_connect(SOCKET s, const struct sockaddr *name, fp_size_t namelen){
+ return sso._connect(s, name, namelen);
+}
+
+void processcallbacks(struct fp_stream *fps, int what, char *msg, int size){
+	struct fp_callback *cb;
+	int state;
+
+	state = fps->state;
+	if(fps->what & what) {
+		fps->what = 0;
+		for(cb = fps->callbacks; cb; cb=cb->next){
+			if(cb->what & what){
+				cb->what = (*cb->callback)(what, cb->data, &(fps->fpd), msg, size);
+			}
+			fps->what |= cb->what;
+		}
+	}
+	if(fps->what  & FP_REJECT){
+		switch(state){
+/*
+	Fixme: handle different states
+*/
+			case  GOT_SMTP_REQ:
+			case  GOT_SMTP_DATA:
+				fps->state = FLUSH_DATA;
+				pl->socksend(fps->fpd.cp->clisock, fp_stringtable[1], (int)strlen(fp_stringtable[1]), pl->conf->timeouts[STRING_S]);
+				fps->state = state;
+				break;
+			case GOT_HTTP_REQUEST:
+			case GOT_HTTP_CLI_HDR:
+			case GOT_HTTP_SRV_HDR:
+			case GOT_HTTP_CLI_HDR2:
+			case GOT_HTTP_SRV_HDR2:
+			case GOT_HTTP_CLIDATA:
+			case GOT_HTTP_SRVDATA:
+				if(!fps->serversent){
+					fps->state = FLUSH_DATA;
+					pl->socksend(fps->fpd.cp->clisock, fp_stringtable[0], (int)strlen(fp_stringtable[0]), pl->conf->timeouts[STRING_S]);
+					fps->state = state;
+				}
+				break;
+			case GOT_FTP_CLIDATA:
+			case GOT_FTP_REQ:
+			case GOT_FTP_SRVDATA:
+				fps->state = FLUSH_DATA;
+				pl->socksend(fps->fpd.cp->ctrlsock, fp_stringtable[1], (int)strlen(fp_stringtable[1]), pl->conf->timeouts[STRING_S]);
+				fps->state = state;
+				break;
+			default:
+				break;
+		}
+		if(fps->fpd.cp->remsock != INVALID_SOCKET)sso._closesocket(fps->fpd.cp->remsock);
+		fps->fpd.cp->remsock = INVALID_SOCKET;
+		if(fps->fpd.cp->clisock != INVALID_SOCKET)sso._closesocket(fps->fpd.cp->clisock);
+		fps->fpd.cp->clisock = INVALID_SOCKET;
+	}
+}
+
+static int copyfdtosock(struct fp_stream * fps, DIRECTION which, long len){
+	int res;
+	long toread;
+	int state;
+#ifdef _WIN32
+	HANDLE h;
+#else
+	int fd;
+#endif
+	SOCKET sock;
+	long offset;
+	int sendchunk = 0;
+
+	state = fps->state;
+	fps->state = FLUSH_DATA;
+	if(!fps->buf){
+		fps->buf = malloc(2048);
+		if(!fps->buf) return -2;
+		fps->bufsize = 2048;
+	}
+	if(which == SERVER){
+		offset = fps->clientsent;
+		fps->clientsent += len;
+#ifdef _WIN32
+		h = fps->fpd.h_cli;
+#else
+		fd = fps->fpd.fd_cli;
+#endif
+		sock = fps->fpd.cp->remsock;
+	}
+	else {
+		if(fps->fpd.cp->chunked){ 
+			if(fps->serversent < fps->srvhdrwritten && (fps->serversent + len) > fps->srvhdrwritten){
+				len -= fps->srvhdrwritten - fps->serversent;
+				if ((res = copyfdtosock(fps, which, fps->srvhdrwritten - fps->serversent))) return res;
+			}
+			if(fps->serversent >= fps->srvhdrwritten){
+				sprintf(fps->buf, "%lx\r\n", len);
+				sendchunk = (int)strlen(fps->buf);
+				if(pl->socksend(fps->fpd.cp->clisock, fps->buf, sendchunk, pl->conf->timeouts[STRING_S]) != sendchunk){
+					return -4;
+				}
+			} 
+		}
+		offset = fps->serversent;
+		fps->serversent += len;
+#ifdef _WIN32
+		h = fps->fpd.h_srv;
+#else
+		fd = fps->fpd.fd_srv;
+#endif
+		sock = fps->fpd.cp->clisock;
+	}
+#ifdef _WIN32
+	if(SetFilePointer(h,offset,0,FILE_BEGIN)!=offset){
+		return -1;
+	}
+#else
+	if(lseek(fd, offset, SEEK_SET) < 0) {
+		return -1;
+	}
+#endif
+
+
+	while(len > 0){
+
+
+/*
+	Fixme: prevent client/server timeouts
+*/
+		toread = (len > fps->bufsize)? fps->bufsize:len;
+#ifdef _WIN32
+		if(!ReadFile(h, fps->buf, (DWORD)toread,(DWORD *)&res,NULL)) {
+#else
+		if((res = read(fd, fps->buf, toread)) <= 0) {
+#endif
+			return -3;
+		}
+		if(pl->socksend(sock, fps->buf, res, pl->conf->timeouts[STRING_S]) != res) {
+			return -4;
+		}
+		len -= res;
+	}
+	if(sendchunk){
+		if(pl->socksend(sock, "\r\n", 2, pl->conf->timeouts[STRING_S]) != 2)
+			return -4;
+	}
+	fps->state = state;
+	return 0;
+}
+
+static int WINAPI fp_poll(struct pollfd *fds, unsigned int nfds, int timeout){
+ struct fp_stream *fps = NULL;
+ int res;
+ unsigned i;
+ int to;
+
+ for(i = 0; i<nfds; i++){
+	res = searchsocket(fds[i].fd, &fps);
+	if(res == 2 && fps->state == GOT_SMTP_DATA){
+		if(fds[i].events & POLLOUT){
+			fds[i].revents = POLLOUT;
+			return 1;
+		}
+	}
+	else if(res == 2 && (((fps->what & FP_CLIHEADER) && (fps->state == GOT_HTTP_REQUEST || fps->state == GOT_HTTP_CLI_HDR2)) || ((fps->what & FP_CLIDATA) && fps->state == GOT_HTTP_CLIDATA))){
+
+		if(fds[i].events & POLLIN){
+			processcallbacks(fps, (fps->state == GOT_HTTP_CLIDATA)?FP_CLIDATA:FP_CALLAFTERCLIHEADERS, NULL, 0);
+			if(fps->clihdrwritten + fps->clientwritten > fps->clientsent) {
+				if(copyfdtosock(fps, SERVER, (fps->clihdrwritten + fps->clientwritten) - fps->clientsent))
+					return -2;
+			}
+			if(fps->state) {
+				if(fps->what & FP_SRVHEADER) initserverfile(fps);
+				fps->state =  GOT_HTTP_SRV_HDR;
+			}
+		}
+
+		else if(fds[i].events & POLLOUT){
+			fds[i].revents = POLLOUT;
+			return 1;
+		}
+
+	}
+	else if(res == 1 && (fps->state == GOT_HTTP_SRVDATA || fps->state == GOT_HTTP_SRV_HDR || fps->state == GOT_HTTP_SRV_HDR2)&& (fds[i].events & POLLIN)){
+			processcallbacks(fps, (fps->state == GOT_HTTP_SRVDATA)? FP_SRVDATA:FP_CALLAFTERSRVHEADERS, NULL, 0);
+			if(fps->srvhdrwritten + fps->serverwritten > fps->serversent) {
+				if(copyfdtosock(fps, CLIENT, (fps->srvhdrwritten + fps->serverwritten) - fps->serversent))
+					return -2;
+			}
+			closefiles(fps);
+			fps->state = 0;
+	}
+	
+ }
+ return sso._poll(fds, nfds, timeout);
+}
+
+static int WINAPI fp_send(SOCKET s, const char *msg, fp_size_t len, int flags){
+ struct fp_stream *fps = NULL;
+ int res;
+ res = searchsocket(s, &fps);
+ if(res == 2){
+	if(fps->state == GOT_SMTP_DATA) {
+		if(fps->clihdrwritten + fps->clientwritten > fps->clientsent) {
+			processcallbacks(fps, FP_CLIDATA, NULL, 0);
+			if(copyfdtosock(fps, SERVER, (fps->clihdrwritten + fps->clientwritten) - fps->clientsent)) {
+				return -1;
+			}
+			fps->state = 0;
+		}
+		closefiles(fps);
+		fps->state = 0;
+		return sso._send(s, msg, len, flags);
+	}
+	if((((fps->what & FP_CLIHEADER) && (fps->state == GOT_HTTP_REQUEST || fps->state == GOT_HTTP_CLI_HDR2)) || ((fps->what & FP_CLIDATA) && fps->state == GOT_HTTP_CLIDATA))){
+#ifdef _WIN32
+		if(SetFilePointer(fps->fpd.h_cli, fps->clientwritten + fps->clihdrwritten, 0, FILE_BEGIN) != (fps->clientwritten + fps->clihdrwritten)){
+			return -1;
+		}
+		if(!WriteFile(fps->fpd.h_cli, msg, (DWORD)len,(DWORD *)&res,NULL) || res != len){
+			return -1;
+		}
+#else
+		if(lseek(fps->fpd.fd_cli, fps->clientwritten + fps->clihdrwritten, SEEK_SET) < 0) {
+			return -1;
+		}
+		if((res = write(fps->fpd.fd_cli, msg, len) != len)) return -1;
+#endif
+		if(fps->state == GOT_HTTP_CLIDATA)fps->clientwritten += res;
+		else fps->clihdrwritten += res;
+		return res;
+	}
+ }
+ if(res == 1){
+	if(((fps->what & FP_SRVDATA) && (fps->state == GOT_HTTP_SRVDATA || fps->state == GOT_HTTP_SRV_HDR) && fps->fpd.cp->chunked && len < 16 )){
+		int hasnonzero = 0, i;
+		
+		for(i=0; i < len; i++){
+			char c = msg[i];
+
+			if(c == '\r' || c == '\n') continue;
+			if((c<'0'|| c>'9') && (c<'A' || c>'F') && (c<'a' || c>'f')) {
+				return sso._send(s, msg, len, flags);
+			}
+			if(c != '0') hasnonzero = 1;
+		}
+		if(i>2 && !hasnonzero){
+
+			if(fps->srvhdrwritten + fps->serverwritten > fps->serversent) {
+				processcallbacks(fps, FP_SRVDATA, NULL, 0);
+				if(copyfdtosock(fps, CLIENT, (fps->srvhdrwritten + fps->serverwritten) - fps->serversent)) {
+					return -1;
+				}
+				fps->state = 0;
+			}
+			closefiles(fps);
+			fps->state = 0;
+			return sso._send(s, msg, len, flags);
+		}
+		return len;
+	}
+	if(((fps->what & FP_SRVHEADER) && (fps->state == GOT_HTTP_SRV_HDR || fps->state == GOT_HTTP_SRV_HDR2))){
+#ifdef _WIN32
+		if(SetFilePointer(fps->fpd.h_srv, fps->serverwritten + fps->srvhdrwritten, 0, FILE_BEGIN) != (fps->serverwritten + fps->srvhdrwritten)){
+			return -1;
+		}
+		if(!WriteFile(fps->fpd.h_srv, msg, (DWORD)len,(DWORD *)&res,NULL) || res !=len){
+			return -1;
+		}
+#else
+		if(lseek(fps->fpd.fd_srv, fps->serverwritten + fps->srvhdrwritten, SEEK_SET) < 0) {
+			return -1;
+		}
+		if((res = write(fps->fpd.fd_srv, msg, len) != len)) return -1;
+#endif
+		fps->srvhdrwritten += res;
+		return res;
+	}
+ }
+ return sso._send(s, msg, len, flags);
+}
+static int WINAPI fp_sendto(SOCKET s, const void *msg, int len, int flags, const struct sockaddr *to, fp_size_t tolen){
+ struct fp_stream *fps = NULL;
+ int res;
+ res = searchsocket(s, &fps);
+ if(res == 2) {
+	switch(fps->state){
+	case GOT_SMTP_REQ:
+		if(!(fps->what & FP_CLIDATA)) break;
+		fps->state = GOT_SMTP_DATA;
+		initclientfile(fps);
+	case GOT_FTP_REQ:
+		if(fps->state == GOT_FTP_REQ){
+			if(!(fps->what & FP_CLIDATA)) break;
+			fps->state = GOT_FTP_CLIDATA;
+			initclientfile(fps);
+		}
+	case GOT_HTTP_CLI_HDR2:
+		if(fps->state == GOT_HTTP_CLI_HDR2){
+			processcallbacks(fps, FP_CALLAFTERCLIHEADERS, NULL, 0);
+			if ((fps->what & FP_REJECT)) return -1;
+			if((fps->what & FP_CLIDATA) && !(fps->what & FP_CLIHEADER)) initclientfile(fps);
+			else if(!(fps->what & FP_CLIDATA) && (fps->what & FP_CLIHEADER)){
+				if(fps->clihdrwritten + fps->clientwritten > fps->clientsent) {
+					if(copyfdtosock(fps, SERVER, (fps->clihdrwritten + fps->clientwritten) - fps->clientsent))
+						return -2;
+				}
+			}
+			fps->state = GOT_HTTP_CLIDATA;
+		}
+	case GOT_HTTP_REQUEST:
+		if(fps->state == GOT_HTTP_REQUEST && !(fps->what & FP_CLIHEADER)) break;
+	case GOT_SMTP_DATA:
+	case GOT_FTP_CLIDATA:
+	case GOT_FTP_SRVDATA:
+	case GOT_HTTP_CLIDATA:
+		if((!fps->what & FP_CLIDATA)) break;
+#ifdef _WIN32
+		if(SetFilePointer(fps->fpd.h_cli, fps->clientwritten + fps->clihdrwritten, 0, FILE_BEGIN) != (fps->clientwritten + fps->clihdrwritten)){
+			return -1;
+		}
+		if(!WriteFile(fps->fpd.h_cli, msg, (DWORD)len,(DWORD *)&res,NULL) || res != len) {
+			return -1;
+		}
+#else
+		if(lseek(fps->fpd.fd_cli, fps->clientwritten + fps->clihdrwritten, SEEK_SET) < 0) {
+			return -1;
+		}
+		if((res = write(fps->fpd.fd_cli, msg, len) != len)) return -1;
+#endif
+		if(fps->state == GOT_HTTP_REQUEST)fps->clihdrwritten += res;
+		else fps->clientwritten += res;
+		if(fps->preview_size && ((fps->clihdrwritten + fps->clientwritten) > (fps->clientsent + fps->preview_size))){
+			if(!fps->clientsent){
+				processcallbacks(fps, FP_PREVIEWCLI, NULL, 0);
+				if ((fps->what & FP_REJECT)) return -1;
+			}
+			if(copyfdtosock(fps, SERVER, (fps->clihdrwritten + fps->clientwritten) - (fps->clientsent + fps->preview_size)))
+				return -1;
+
+		}
+		return res;
+	}
+	
+ }
+ else if(res == 1){ 
+	switch(fps->state){
+	case GOT_HTTP_SRV_HDR2:
+		processcallbacks(fps, FP_CALLAFTERSRVHEADERS, NULL, 0);
+		if ((fps->what & FP_REJECT)) return REJECT;
+		if((fps->what & FP_SRVDATA) && !(fps->what & FP_SRVHEADER)) initserverfile(fps);
+		else if(!(fps->what & FP_SRVDATA) && (fps->what & FP_SRVHEADER)){
+			if(fps->srvhdrwritten + fps->serverwritten > fps->serversent) {
+				if(copyfdtosock(fps, CLIENT, (fps->srvhdrwritten + fps->serverwritten) - fps->serversent))
+					return -2;
+			}
+		}
+		fps->state = GOT_HTTP_SRVDATA;
+	case GOT_FTP_REQ:
+		if(fps->state == GOT_FTP_REQ){
+			if(!(fps->what & FP_SRVDATA)) break;
+			fps->state = GOT_FTP_SRVDATA;
+			initserverfile(fps);
+		}
+	case GOT_HTTP_SRV_HDR:
+		if(fps->state == GOT_HTTP_SRV_HDR && !(fps->what & FP_SRVHEADER)) break;
+	case GOT_HTTP_SRVDATA:
+	case GOT_FTP_SRVDATA:
+	case GOT_FTP_CLIDATA:
+		if(!(fps->what & FP_SRVDATA)) break;
+#ifdef _WIN32
+		if(SetFilePointer(fps->fpd.h_srv, fps->serverwritten + fps->srvhdrwritten, 0, FILE_BEGIN) != (fps->serverwritten + fps->srvhdrwritten)){
+			return -1;
+		}
+		if(!WriteFile(fps->fpd.h_srv, msg, (DWORD)len,(DWORD *)&res,NULL) || res != len){
+			return -1;
+		}
+#else
+		if(lseek(fps->fpd.fd_srv, fps->serverwritten + fps->srvhdrwritten, SEEK_SET) < 0) {
+			return -1;
+		}
+		if((res = write(fps->fpd.fd_srv, msg, len) != len)) return -1;
+#endif
+		if(fps->state == GOT_HTTP_SRV_HDR)fps->srvhdrwritten += res;
+		else fps->serverwritten += res;
+		if(fps->preview_size && ((fps->srvhdrwritten + fps->serverwritten) > (fps->serversent + fps->preview_size))){
+			if(!fps->serversent){
+				processcallbacks(fps, FP_PREVIEWSRV, NULL, 0);
+				if ((fps->what & FP_REJECT)) return -1;
+			}
+			if(copyfdtosock(fps, CLIENT, (fps->srvhdrwritten + fps->serverwritten) - (fps->serversent + fps->preview_size)))
+				return -1;
+
+		}
+		return res;
+	}
+ }
+ return sso._sendto(s, msg, len, flags, to, tolen);
+}
+static int WINAPI fp_recv(SOCKET s, void *buf, fp_size_t len, int flags){
+ return sso._recv(s, buf, len, flags);
+}
+static int WINAPI fp_recvfrom(SOCKET s, void * buf, fp_size_t len, int flags, struct sockaddr * from, fp_size_t * fromlen){
+ return sso._recvfrom(s, buf, len, flags, from, fromlen);
+}
+static int WINAPI fp_shutdown(SOCKET s, int how){
+ struct fp_stream *fps = NULL;
+
+ int res;
+ res = searchsocket(s, &fps);
+ if(res){
+	if(fps->state == GOT_HTTP_SRV_HDR || fps->state == GOT_HTTP_SRVDATA || fps->state == GOT_FTP_SRVDATA){
+		if(fps->srvhdrwritten + fps->serverwritten > fps->serversent) {
+			processcallbacks(fps, FP_SRVDATA, NULL, 0);
+			copyfdtosock(fps, CLIENT, (fps->srvhdrwritten + fps->serverwritten) - fps->serversent);
+		}
+		closefiles(fps);
+		fps->state = 0;
+	}
+	else if(fps->state == GOT_FTP_CLIDATA){
+		if(fps->clihdrwritten + fps->clientwritten > fps->clientsent) {
+			processcallbacks(fps, FP_CLIDATA, NULL, 0);
+			copyfdtosock(fps, SERVER, (fps->clihdrwritten + fps->clientwritten) - fps->clientsent);
+		}
+		closefiles(fps);
+		fps->state = 0;
+	}
+ }
+ 
+ return sso._shutdown(s, how);
+}
+static int WINAPI fp_closesocket(SOCKET s){
+ return sso._closesocket(s);
+}
+
+
+
+struct fp_stream * addfps(struct clientparam *cp){
+ struct fp_stream *fps;
+
+ for(fps = fp_streams; fps && fps->fpd.cp != cp; fps = fps->next);
+ if(!fps) {
+   fps = malloc(sizeof(struct fp_stream));
+   if(!fps){
+	return NULL;
+   }
+   memset(fps, 0, sizeof(struct fp_stream));
+   fps->fpd.cp = cp;
+   fps->next = fp_streams;
+   fp_streams = fps;
+#ifdef _WIN32
+   fps->fpd.h_cli = fps->fpd.h_srv = INVALID_HANDLE_VALUE;
+#else
+   fps->fpd.fd_cli = fps->fpd.fd_srv = -1;
+#endif
+ }
+ return fps;
+}
+
+static int fp_registercallback (int what, int max_size, int preview_size, struct clientparam *cp, FP_CALLBACK cb, void *data){
+ struct fp_callback * fpc;
+ struct fp_stream *fps;
+
+ fpc = malloc(sizeof(struct fp_callback));
+ if(!fpc) return 0;
+ fpc->what = what;
+ fpc->preview_size = preview_size;
+ fpc->max_size = max_size;
+ fpc->data = data;
+ fpc->callback = cb;
+ pthread_mutex_lock(&file_mutex);
+ fps = addfps(cp);
+ if(fps){
+	 fpc->next = fps->callbacks;
+	 fps->callbacks = fpc;
+	 fps->what |= fpc->what;
+	 if(preview_size > fps->preview_size) fps->preview_size = preview_size;
+ }
+ else free(fpc);
+ pthread_mutex_unlock(&file_mutex);
+ return fps?1:0;
+}
+
+
+static void * fp_open(void * idata, struct srvparam * param){
+	return idata;
+}
+
+
+#define FC ((struct fp_stream *)fc)
+
+static FILTER_ACTION fp_client(void *fo, struct clientparam * param, void** fc){
+
+	pthread_mutex_lock(&file_mutex);
+	(*fc) = (void *)addfps(param);
+	pthread_mutex_unlock(&file_mutex);
+	return CONTINUE;
+}
+
+static FILTER_ACTION fp_request(void *fc, struct clientparam * param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p){
+	if(fc && (param->service == S_PROXY)){
+		if(FC->state) {
+			closefiles(FC);
+			FC->state = 0;
+		}
+		processcallbacks(FC, FP_CALLONREQUEST, *buf_p + offset, *length_p - offset);
+		if(FC->what &FP_REJECT) return REJECT;
+		FC->state = GOT_HTTP_REQUEST;
+		genpaths(FC);
+		if(FC->what & FP_CLIHEADER) initclientfile(FC);
+
+	}	
+	return CONTINUE;
+}
+
+static FILTER_ACTION fp_hcli(void *fc, struct clientparam * param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p){
+	if(fc && param->service == S_SMTPP) {
+		processcallbacks(FC, FP_CALLONREQUEST, *buf_p + offset, *length_p - offset);
+		if(FC->what & FP_REJECT) return REJECT;
+		if(!FC->state)genpaths(FC);
+		FC->state = GOT_SMTP_REQ;
+	}
+	if(fc && param->service == S_FTPPR) {
+		processcallbacks(FC, FP_CALLONREQUEST, *buf_p + offset, *length_p - offset);
+		if(FC->what & FP_REJECT) return REJECT;
+		genpaths(FC);
+		FC->state = GOT_FTP_REQ;
+	}
+	return CONTINUE;
+}
+
+static FILTER_ACTION fp_hsrv(void *fc, struct clientparam * param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p){
+	if(fc && param->service == S_PROXY && (FC->state == GOT_HTTP_REQUEST || FC->state == GOT_HTTP_CLI_HDR || FC->state == GOT_HTTP_CLIDATA)){
+		if(FC->what & FP_SRVHEADER) initserverfile(FC);
+		FC->state = GOT_HTTP_SRV_HDR;
+
+	}	
+	return CONTINUE;
+}
+
+static FILTER_ACTION fp_dcli(void *fc, struct clientparam * param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p){
+	if(fc && FC->state == GOT_HTTP_REQUEST){
+		FC->state = GOT_HTTP_CLI_HDR2;
+	}	
+	return CONTINUE;
+}
+
+
+static FILTER_ACTION fp_dsrv(void *fc, struct clientparam * param, unsigned char ** buf_p, int * bufsize_p, int offset, int * length_p){
+	if(fc && (FC->state == GOT_HTTP_REQUEST || FC->state == GOT_HTTP_CLI_HDR || FC->state == GOT_HTTP_CLIDATA || FC->state == GOT_HTTP_CLIDATA || FC->state == GOT_HTTP_SRV_HDR)){
+		FC->state = GOT_HTTP_SRV_HDR2;
+	}	
+	return CONTINUE;
+}
+
+static void fp_clear(void *fc){
+	removefps(FC);
+	free(fc);
+}
+
+static void fp_close(void *fo){
+}
+
+
+static struct filter fp_filter = {
+	NULL,
+	"filefilter",
+	"filefilter",
+	fp_open,
+	fp_client,
+	fp_request,
+	fp_hcli,
+	fp_hsrv,
+	NULL,
+	fp_dcli,
+	fp_dsrv,
+	fp_clear,
+	fp_close,
+};
+
+static struct symbol fp_symbols[] = {
+	{fp_symbols + 1, "fp_registercallback", (void*) fp_registercallback},
+	{NULL, "fp_stringtable", (void*) fp_stringtable}
+};
+
+static int file_loaded=0;
+
+
+#ifdef _WIN32
+__declspec(dllexport)
+#endif
+
+
+ int file_plugin (struct pluginlink * pluginlink, 
+					 int argc, char** argv){
+
+	char * dirp;
+	if(!file_loaded){
+		pthread_mutex_init(&file_mutex, NULL);
+		file_loaded = 1;
+		pl = pluginlink;
+		memcpy(&sso, pl->so, sizeof(struct sockfuncs));
+		pl->so->_poll = fp_poll;
+		pl->so->_send = fp_send;
+		pl->so->_sendto = fp_sendto;
+		pl->so->_recv = fp_recv;
+		pl->so->_recvfrom = fp_recvfrom;
+		pl->so->_shutdown = fp_shutdown;
+		pl->so->_closesocket = fp_closesocket;
+		fp_filter.next = pl->conf->filters;
+		pl->conf->filters = &fp_filter;
+		fp_symbols[1].next = pl->symbols.next;
+		pl->symbols.next = fp_symbols;
+	}
+	if(path) free(path);
+	dirp = (argc > 1)? argv[1] : getenv("TEMP");
+	if(strlen(dirp) > 200 || strchr(dirp, '%')) return (13001);
+#ifdef _WIN32
+	sprintf(path, "%s\\%%d.tmp", dirp);
+#else
+	sprintf(path, "%s/%%d.tmp", dirp);
+#endif
+	if(argc > 2) preview = atoi(argv[2]);
+	if(!preview) preview = 32768;
+
+	return 0;
+		
+ }
+#ifdef  __cplusplus
+}
+#endif