diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 01:24:41 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-04 01:24:41 +0000 |
commit | a9bcc81f821d7c66f623779fa5147e728eb3c388 (patch) | |
tree | 98676963bcdd537ae5908a067a8eb110b93486a6 /server/proxy/cli/freerdp-proxy.1.in | |
parent | Initial commit. (diff) | |
download | freerdp3-a9bcc81f821d7c66f623779fa5147e728eb3c388.tar.xz freerdp3-a9bcc81f821d7c66f623779fa5147e728eb3c388.zip |
Adding upstream version 3.3.0+dfsg1.upstream/3.3.0+dfsg1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'server/proxy/cli/freerdp-proxy.1.in')
-rw-r--r-- | server/proxy/cli/freerdp-proxy.1.in | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/server/proxy/cli/freerdp-proxy.1.in b/server/proxy/cli/freerdp-proxy.1.in new file mode 100644 index 0000000..c41f97c --- /dev/null +++ b/server/proxy/cli/freerdp-proxy.1.in @@ -0,0 +1,85 @@ +.de URL +\\$2 \(laURL: \\$1 \(ra\\$3 +.. +.if \n[.g] .mso www.tmac +.TH @MANPAGE_NAME@ 1 2023-12-14 "@FREERDP_VERSION_FULL@" "FreeRDP" +.SH NAME +@MANPAGE_NAME@ \- A server binary allowing MITM proxying of RDP connections +.SH SYNOPSIS +.B @MANPAGE_NAME@ +[\fB-h\fP] +[\fB--help\fP] +[\fB--buildconfig\fP] +[\fB--dump-config\fP \fB<config file>\fP] +[\fB-v\fP] +[\fB--version\fP] +[\fB<config file>\fP] +.SH DESCRIPTION +.B @MANPAGE_NAME@ +can be used to proxy a RDP connection between a target server and connecting clients. +Possible usage scenarios are: +.IP Proxying +Connect outdated/insecure RDP servers from behind a (more secure) proxy +.IP Analysis +Allow detailed protocol analysis of (many) unknown protocol features (channels) +.IP Inspection +MITM proxy for session inspection and recording + +.SH OPTIONS +.IP -h,--help +Display a help text explaining usage. +.IP --buildconfig +Print the build configuration of the proxy and exit. +.IP -v,--version +Print the version of the proxy and exit. +.IP --dump-config \fB<config-ini-file>\fP +Dump a template configuration to \fB<config-ini-file>\fP +.IP \fB<config-ini-file>\fP +Start the proxy with settings read from \fB<config-ini-file>\fP + +.SH WARNING +The proxy does not support authentication out of the box but acts simply as intermediary. +Only \fBRDP\fP and \fBTLS\fP security modes are supported, \fBNLA\fP will fail for connections to the proxy. +To implement authentication a \fBproxy-module\fP can be implemented that can authenticate against some backend +and map connecting users and credentials to target server users and credentials. + +.SH EXAMPLES +@MANPAGE_NAME@ /some/config/file + +@MANPAGE_NAME@ --dump-config /some/config/file + +.SH PREPARATIONS + +1. generate certificates for proxy + +\fBwinpr-makecert -rdp -path . proxy\fP + +2. generate proxy configuration + +\fB@MANPAGE_NAME@ --dump-config proxy.ini\fP + +3. edit configurartion and: + + * provide (preferrably absolute) paths for \fBCertificateFile\fP and \fBPrivateKeyFile\fP generated previously + * remove the \fBCertificateContents\fP and \fBPrivateKeyContents\fP + * Adjust the \fB[Server]\fP settings \fBHost\fP and \fBPort\fP to bind a specific port on a network interface + * Adjust the \fB[Target]\fP \fBHost\fP and \fBPort\fP settings to the \fBRDP\fP target server + * Adjust (or remove if unuse) the \fBPlugins\fP settings + +3. start proxy server + + \fB@MANPAGE_NAME@ proxy.ini\fP + +.SH EXIT STATUS +.TP +.B 0 +Successful program execution. +.TP +.B 1 +Otherwise. + +.SH SEE ALSO +wlog(7) + +.SH AUTHOR +FreeRDP <team@freerdp.com> |