; 26 Aug 2020


[Proxy]
RxBuffSize=65536
MaxClients=999
; not used yet
ServerHeader=ICS-Proxy
; can be 0.0.0.0 unless large server
LocalAddr=0.0.0.0
; CA root bundle to validate remote targer certificates and local chains
RootCA=c:\certificates\RootCaCertsBundle.pem
; needed for DH and DHE ciphers
DHParams=c:\certificates\dhparams2048.pem
; Logging: DebugNone, DebugConn, DebugSsl, DebugHttpHdr, DebugHttpBody, DebugChunks, DebugAll
DebugLevel=DebugSsl
; Target SSL security level: sslSecLevelAny, sslSecLevel80bits, sslSecLevel112bits (RSA/DH keys=>2048), sslSecLevel128bits (RSA/DH keys=>3072)
TarSecLevel=sslSecLevel112bits
; Target SSL certificate trusted root check: CertVerNone=0, CertVerBundle=1, CertVerWinStore=2
CertVerTar=CertVerBundle
; with CertVerTar=CertVerWinStore should revoke be checked, slow
SslRevocation=False
; report target SSL certificates on first connection
SslReportChain=True
; with Keep-Alive, try and keep connections open anyway
HttpIgnoreClose=False
; should responses to source client be compressed
HttpSrcCompress=True
; is remote target allowed to compress responses
HttpTarCompress=False
; should be try and stop upgrades to HTTP/2 and SSL
HttpStripUpgrade=True
; force server to send responses by removing If-Modified-Since: header
HttpStopCached=False
; maximum size of body to buffer and check for URLs
HttpMaxBody=2000000
; should browser send certificate: sslCliCertNone, sslCliCertOptional, sslCliCertRequire
SslCliCertMethod=sslCliCertNone
; should server automatically order and install SSL certificates, also needs CertSupplierProto specified
; also needs a Certificate Supplier Account to be created first
SslCertAutoOrder=True
; how many days before expiry of SSL certificates should warnings and AutoOrder start
CertExpireDays=30
; X509 certificate ordering proxy
X509ProxyURL=

[Source1]
Hosts=mypc
HostTag=SMTP-MAGSYS
Descr=SMTP > 25:465
BindIpAddr=0.0.0.0
BindNonPort=25
BindSslPort=
Enabled=True
Proto=SMTP

[Target1]
HostTag=SMTP-MAGSYS
Descr=SMTP > 25:465
TarHost=mail.magsys.co.uk
TarPort=465
TarSsl=True
IdleTimeout=60
HostEnabled=True

[Source2]
Hosts=mypc
HostTag=POP3-MAGSYS
Descr=POP3 > 110:995
BindIpAddr=0.0.0.0
BindNonPort=110
BindSslPort=
Enabled=True
Proto=POP3

[Target2]
HostTag=POP3-MAGSYS
Descr=POP3 > 110:995
TarHost=mail.magsys.co.uk
TarPort=995
TarSsl=True
IdleTimeout=60
HostEnabled=True

[Source3]
Hosts=mypc
HostTag=TELNET-CIX
Descr=Telnet > 23:992
BindIpAddr=0.0.0.0
BindNonPort=23
BindSslPort=
Enabled=True
Proto=TELNET

[Target3]
HostTag=TELNET-CIX
Descr=Telnet > 23:992
TarHost=cix.co.uk
TarPort=992
TarSsl=True
IdleTimeout=60
HostEnabled=True

[Source4]
Hosts=mypc
HostTag=NNTP-EMB
Descr=NTTP > 119:563
BindIpAddr=0.0.0.0
BindNonPort=119
BindSslPort=
Enabled=True
Proto=NNTP

[Target4]
HostTag=NNTP-EMB
Descr=NTTP > 119:563
TarHost=forums.embarcadero.com
TarPort=563
TarSsl=True
IdleTimeout=60
HostEnabled=True

[Source5]
Hosts=mypc
HostTag=HTTP-FORWARD
Descr=Http ForwardProxy 81:80
BindIpAddr=0.0.0.0
BindNonPort=81
BindSslPort=
Enabled=True
ForwardProxy=True
Proto=HTTP

[Source6]
Hosts=mypc
HostTag=HTTP-TELECOM
Descr=Http > 80/443
BindIpAddr=0.0.0.0
BindIpAddr2=
BindNonPort=80
BindSslPort=443
Enabled=True
SslCert=c:\certificates\mypc-bundle.pem
SslPassword=password
SslInters=c:\certificates\inters.pem
SslSecLevel=sslSrvSecInterFS
WellKnownPath=c:\websites\well-known
Proto=HTTP

[Target6]
HostTag=HTTP-TELECOM
Descr=Http > 80/443
TarHost=www.telecom-tariffs.co.uk
TarPort=80
TarSsl=False
IdleTimeout=60
HostEnabled=True
UpdateHttp=True
UpdateHtml=True

[Source7]
Hosts=mypcold
HostTag=HTTP-REDIRECT
Descr=Redirect mypcold
BindIpAddr=0.0.0.0
BindIpAddr2=
BindNonPort=80
BindSslPort=443
Enabled=True
SslCert=c:\certificates\mypcold-bundle.pem
SslPassword=password
SslInters=c:\certificates\inters.pem
SslSecLevel=sslSrvSecInterFS
WellKnownPath=c:\websites\well-known
WebRedirectURL=https://www.telecom-tariffs.co.uk/
WebRedirectStat=301
Proto=HTTP

[Source8]
Hosts=test7.ftptest.org,test7.ftptest.org.uk,test7.ftptest.co.uk
HostTag=HTTP-FTPTEST
Desc=test6-LetsEncrypt
BindIpAddr=192.168.1.123
BindNonPort=80
BindSslPort=443
Enabled=False
SslSecLevel=sslSrvSecInterFS
WellKnownPath=c:\websites\well-known\proxy
SslCert=c:\certificates\local\test7_ftptest_org.pfx
SslPassword=password
CertSupplierProto=SuppProtoAcmeV2
CertProduct=Let's Encrypt
CertDirWork=c:\weblogs\acme-certs\
CertChallenge=ChallFileUNC
CertPKeyType=PrivKeyRsa2048
CertSignDigest=Digest_sha256

[Target8]
HostTag=HTTP-FTPTEST
Descr=HttpFtpTest > Magsys
TarHost=www.magsys.co.uk
TarPort=443
TarSsl=True
IdleTimeout=60
HostEnabled=False
UpdateHttp=True
UpdateHtml=True