# Configuration file for testing (use both by sslh under
# test and the test script `t`)

foreground: true;
inetd: false;
numeric: true;
transparent: false;
timeout: 10;   # Probe test writes slowly
pidfile: "/tmp/sslh_test.pid";

syslog_facility: "auth"; 

# Logging configuration
# Value: 1: stdout; 2: syslog; 3: both
# Defaults should be sensible. Generally, you want *-error
# to be always enabled, to know if something is going wrong.
verbose-config: 1; #  print configuration at startup
verbose-config-error: 1;  # print configuration errors
verbose-connections: 1; # trace established incoming address to forward address
verbose-connections-error: 1; # connection errors
verbose-connections-try: 1; # connection attempts towards targets
verbose-fd: 0; # file descriptor activity, open/close/whatnot
verbose-packets: 1; # hexdump packets on which probing is done
verbose-probe-info: 0; # what's happening during the probe process
verbose-probe-error: 1; # failures and problems during probing
verbose-system-error: 1; # system call problem, i.e.  malloc, fork, failing
verbose-int-error: 1; # internal errors, the kind that should never happen

# List of interfaces on which we should listen
# Options:
listen:
(
    { host: "localhost"; port: "8080"; keepalive: true; },
    { host: "localhost"; port: "8081"; keepalive: true; },
    { host: "ip4-localhost"; is_udp: true; port: "8086"; },
    { host: "/tmp/sslh.sock"; is_unix: true; port: ""; }
);


# Tester beware: when using fork, the forked process loses
# track of buffers of other, concurrent connections. Memory
# leak tools thus complain each time a forked process stops.
 
protocols:
(
     { name: "ssh";  host: "localhost"; port: "9000"; fork: true; transparent: true; resolve_on_forward: true; },
     { name: "socks5";  host: "localhost"; port: "9001";  },
     { name: "http";  host: "localhost"; port: "80"; proxyprotocol: 2;  },
     { name: "tinc";  host: "localhost"; port: "9003"; },
     { name: "openvpn";  host: "localhost"; port: "9004"; },
     { name: "xmpp";  host: "localhost"; port: "9009"; },
     { name: "adb";  host: "localhost"; port: "9010"; },
     { name: "syslog"; host: "localhost"; port: "9013"; },
     { name: "regex"; host: "ip4-localhost"; is_udp: true; port: "9020";
         udp_timeout: 30;
         regex_patterns: [ "^foo" ];
         resolve_on_forward: true;
     },
     { name: "regex"; host: "localhost"; port: "9011";
        regex_patterns: [ "^foo", "^bar" ];
        minlength: 4; 
        test_patterns: (    # this is used by the test script, not by sslh
            { pattern: "foo"; result: "ssh"; },  # After timeout
            { pattern: "fooo"; result: "regex"; },
            { pattern: "bar"; result: "ssh"; },
            { pattern: "barr"; result: "regex"; },
            { pattern: "barrrr"; result: "regex"; }
        );
     },
     { name: "tls"; host: "localhost"; port: "9021"; alpn_protocols: [ "alpn1", "alpn2" ]; sni_hostnames: [ "sni1" ]; },
     { name: "tls"; host: "localhost"; port: "9022"; alpn_protocols: [ "alpn1", "alpn2" ]; sni_hostnames: [ "sni2", "sni3" ]; },
     { name: "tls"; host: "localhost"; port: "9023"; alpn_protocols: [ "alpn3" ]; },
     { name: "tls"; host: "localhost"; port: "9024"; sni_hostnames: [ "sni3" ]; },
     { name: "tls"; host: "localhost"; port: "9025"; },
     { name: "anyprot";  host: "localhost"; port: "9099";  }
);

on_timeout: "ssh";