Location (XPath) Required Description
/proxycap_ruleset yes The "proxycap_ruleset" element must be the root element of the XML document.
/proxycap_ruleset/@version yes For this version of the format, the value of the "version" attribute must be set to "535".
/proxycap_ruleset/proxy_servers no The "proxycap_servers" element may contain one or more nested "proxy_server" elements.
/proxycap_ruleset/proxy_servers/proxy_server[n] no The "proxy_server" element defines a proxy server.
/proxycap_ruleset/proxy_servers/proxy_server[n]/@name yes The "name" attribute specifies the display name of the proxy server. It must be a non-empty string of maximum length 39 characters. Unicode is supported. The name must be unique among proxy server and proxy chain display names. The value "(default)" is reserved.
/proxycap_ruleset/proxy_servers/proxy_server[n]/@type yes The "type" attribute specifies the type of the proxy server. Its value must be one of: "http", "https", "shadowsocks", "socks4", "socks5", "ssh".
/proxycap_ruleset/proxy_servers/proxy_server[n]/@hostname yes The "hostname" attribute specifies the hostname, or the IP address, of the proxy server. International domain names are supported.
/proxycap_ruleset/proxy_servers/proxy_server[n]/@port yes The "port" attribute specifies the port number of the proxy server.
/proxycap_ruleset/proxy_servers/proxy_server[n]/@auth_method yes The "auth_method" attribute specifies the authentication method to use to authenticate to the proxy. Its value must be one of: "none", "password", "integrated", "gssapi", "key".
/proxycap_ruleset/proxy_servers/proxy_server[n]/@pref_cipher no The "pref_cipher" attribute specifies the preferred SSH2 cipher to use to encrypt the data. Its value must be one of: "aes128-ctr", "aes192-ctr", "aes256-ctr", "aes128-gcm@openssh.com", "aes256-gcm@openssh.com", "arcfour256", "arcfour128", "aes128-cbc", "3des-cbc", "blowfish-cbc", "cast128-cbc", "aes192-cbc", "aes256-cbc", "arcfour".
/proxycap_ruleset/proxy_servers/proxy_server[n]/@ss_cipher see
description
The "ss_cipher" attribute specifies the shadowsocks cipher to use to encrypt the data. Its value must be one of: "rc4", "rc4-md5", "aes-128-cfb", "aes-192-cfb", "aes-256-cfb", "aes-128-ctr", "aes-192-ctr", "aes-256-ctr", "bf-cfb", "camellia-128-cfb", "camellia-192-cfb", "camellia-256-cfb", "aes-128-gcm", "aes-192-gcm", "aes-256-gcm", "chacha20-ietf-poly1305". This attribute is required for shadowsocks, otherwise it should be omitted.
/proxycap_ruleset/proxy_servers/proxy_server[n]/@is_default yes The "is_default" attribute indicates whether the proxy server is the "default" proxy. Its value must be one of "true" or "false". If there is at least one proxy server defined, there must be exactly one "default" proxy.
/proxycap_ruleset/proxy_servers/proxy_server[n]/@username see
description
The "username" attribute specifies the username to use to authenticate to the proxy. This attribute is required with the "password" and "key" authentications except shadowssocks, otherwise it should be omitted.
/proxycap_ruleset/proxy_servers/proxy_server[n]/@password see
description
The "password" attribute specifies the password to use to authenticate to the proxy. This attribute is required with the "password" authentication, otherwise it should be omitted.
/proxycap_ruleset/proxy_servers/proxy_server[n]/@key see
description
The "key" attribute specifies the key to use to authenticate to the proxy. The key must be base64 encoded. To convert an OpenSSH authentication key to a compatible format, run xml2prs with argument "sshkey". A shadowsocks key can be specified as is. This attribute is required with the "key" authentication, otherwise it should be omitted.
/proxycap_ruleset/proxy_servers/proxy_server[n]/@hostkey no The "hostkey" attribute specifies the key to use to verify SSH server's host key. The key must be base64 encoded. To convert an OpenSSH host key to a compatible format, run xml2prs with argument "sshhostkey".
/proxycap_ruleset/proxy_chains no The "proxy_chains" element may contain one or more nested "proxy_chain" elements.
/proxycap_ruleset/proxy_chains/proxy_chain[n] no The "proxy_chain" element defines a proxy chain. A proxy chain must contain at least 2 proxies.
/proxycap_ruleset/proxy_chains/proxy_chain[n]/@name yes The "name" attribute specifies the display name of the proxy chain. It must be a non-empty string of maximum length 39 characters. Unicode is supported. The name must be unique among proxy chain and proxy server display names. The value "(default)" is reserved.
/proxycap_ruleset/proxy_chains/proxy_chain[n]/proxy_server[m] yes The "proxy_server" element references a proxy server .
/proxycap_ruleset/proxy_chains/proxy_chain[n]/proxy_server[m]/@name yes The value of the "name" atrribute must be either the display name of one of the proxy servers defined in "/proxycap_ruleset/proxy_servers" or the special value "(default)" indicating the "default" proxy.
/proxycap_ruleset/routing_rules no The "routing_rules" element may contain one or more nested "routing_rule" elements.
/proxycap_ruleset/routing_rules/routing_rule[n] no The "routing_rule" element defines a routing rule.
/proxycap_ruleset/routing_rules/routing_rule[n]/@name yes The "name" attribute specifies the display name of the rule. It must be a non-empty string of maximum length 79 characters. Unicode is supported. The name must be unique among rule display names.
/proxycap_ruleset/routing_rules/routing_rule[n]/@action yes The "action" attribute specifies the rule action. Its value must be one of: "proxy", "direct", "block".
/proxycap_ruleset/routing_rules/routing_rule[n]/@remote_dns see
description
The "remote_dns" attribute specifies whether DNS lookups for redirected connections happen on the proxy server ("true") on the client ("false"). This attribute is required if the rule action is "proxy", otherwise it should be omitted.
/proxycap_ruleset/routing_rules/routing_rule[n]/@transports yes The "transports" attribute specifies which TCP/IP transport protocols the rule applies to. Its value must be one of: "tcp", "udp", "all" (meaning "TCP and UDP").
/proxycap_ruleset/routing_rules/routing_rule[n]/@disabled yes The "disabled" attribute indicates whether the rule is disabled. Its value must be one of "true" or "false".
/proxycap_ruleset/routing_rule[n]/proxy_or_chain[m] see
description
The "proxy_or_chain" element references a proxy server or proxy chain. This element must be present if the rule action is "proxy", otherwise it should be omitted. More than one "proxy_or_chain" elements may be defined in order to enable client-side load balancing.
/proxycap_ruleset/routing_rule[n]/proxy_or_chain[m]/@name yes The value of the "name" atrribute must be either the display name of one of the proxy servers defined in "/proxycap_ruleset/proxy_servers", the display name of one of the proxy chains defined in "/proxycap_ruleset/proxy_chains", or the special value "(default)" indicating the "default" proxy.
/proxycap_ruleset/routing_rule[n]/programs no The "programs" element, if exists, must contain one or more nested "program" elements. Omitting this element indicates that the rule applies to all programs.
/proxycap_ruleset/routing_rule[n]/programs/program[m] yes The "program" element specifies a program to which this rule applies.
/proxycap_ruleset/routing_rule[n]/programs/program[m]/@path yes The "path" attribute specifies either the full file path or the file name of the executable.
/proxycap_ruleset/routing_rule[n]/programs/program[m]/@dir_included yes The "dir_included" attribute indicates whether "path" is a full path or a file name.
/proxycap_ruleset/routing_rule[n]/ports no The "ports" element, if exists, must contain one or more nested "port_range" elements. Omitting this element indicates that the rule applies to all destination ports.
/proxycap_ruleset/routing_rule[n]/ports/port_range[m] yes The "port_range" element specifies a port range to which this rule applies.
/proxycap_ruleset/routing_rule[n]/ports/port_range[m]/@first yes The "first" attribute specifies the first port in the range.
/proxycap_ruleset/routing_rule[n]/ports/port_range[m]/@last yes The "last" attribute specifies the last port in the range. Its value must be greater or equal to the value of "first".
/proxycap_ruleset/routing_rule[n]/ip_addresses no The "ip_addresses" element, if exists, must contain one or more nested "ip_range" elements. Omitting this element indicates that the rule applies to all destination IP addresses.
/proxycap_ruleset/routing_rule[n]/ip_addresses/ip_range[m] yes The "ip_range" element specifies an IP address range to which this rule applies.
/proxycap_ruleset/routing_rule[n]/ip_addresses/ip_range[m]/@ip yes The "ip" attribute specifies the IP address for this IP address range.
/proxycap_ruleset/routing_rule[n]/ip_addresses/ip_range[m]/@mask yes The "mask" attribute specifies the number of 1's (bits) at the left side of the network mask. Thus, a mask of 24 is equivalent to 255.255.255.0 for IPv4 and FFFF:FF00:: for IPv6.
/proxycap_ruleset/routing_rule[n]/hostnames no The "hostnames" element, if exists, must contain one or more nested "hostname" elements. Omitting this element indicates that the rule applies to all destination hostnames.
/proxycap_ruleset/routing_rule[n]/hostnames/hostname[m] yes The "hostname" element specifies a hostname to which this rule applies.
/proxycap_ruleset/routing_rule[n]/hostnames/hostname[m]/@wildcard yes The "wildcard" attribute specifies the hostname. The special wildcard characters (*) and (?) can be used.
/proxycap_ruleset/remote_dns_exceptions no The "remote_dns_exceptions" element may contain one or more nested "remote_dns_exception" elements.
/proxycap_ruleset/remote_dns_exceptions/remote_dns_exception[n] no The "remote_dns_exception" element specifies a hostname to be always resolved locally.
/proxycap_ruleset/remote_dns_exceptions/remote_dns_exception[n]/@wildcard yes The "wildcard" attribute specifies the hostname. The special wildcard characters (*) and (?) can be used.