## Path: Productivity/Networking/Web/Proxy ## Description: Basic configuration of cntlm auth proxy ## Config: cntlm ## Type: string ## Default: "cntlm" # CNTLM_USER="" ## Type: string ## Default: "" # # -A

[/] # New ACL allow rule. Address can be an IP or a hostname, net must be a number (CIDR notation) # -a ntlm | nt | lm # Authentication parameter - combined NTLM, just LM, or just NT. Default is to, # send both, NTLM. It is the most versatile setting and likely to work for you. # -B Enable NTLM-to-basic authentication. # -c # Configuration file. Other arguments can be used as well, overriding # config file settings. # -D

[/] # New ACL deny rule. Syntax same as -A. # -d # Domain/workgroup can be set separately. # -f Run in foreground, do not fork into daemon mode. # -F # NTLM authentication flags. # -G # User-Agent matching for the trans-isa-scan plugin. # -g Gateway mode - listen on all interfaces, not only loopback. # -L [:]:: # Forwarding/tunneling a la OpenSSH. Same syntax - listen on lport # and forward all connections through the proxy to rhost:rport. # Can be used for direct tunneling without corkscrew, etc. # -O [:] # Enable SOCKS5 proxy and make it listen on the specified port (and address). # -p # Account password. Will not be visible in "ps", /proc, etc. # -r "HeaderName: value" # Add a header substitution. All such headers will be added/replaced # in the client's requests. # -S # Enable transparent handler of ISA AV scanner plugin for files up to size_in_kb KiB. # -s Do not use threads, serialize all requests - for debugging only. # -U # Run as uid. It is an important security measure not to run as root. # -u [@ # Some proxies require correct NetBIOS hostname. # CNTLM_OPTS="" ## Type: string ## Default: "127.0.0.1:3128" if not set in cntlm.conf # # -l [:] # Main listening port for the NTLM proxy. # CNTLM_LISTEN=""