update README for 4.1 release

fix core.h to be usable on its own
core.c: add getservbyname_r replacement function for mac
2026-05-13 17:03:07 +08:00 · 2012-08-06 01:34:23 +02:00 · 2012-08-06 01:26:34 +02:00 · 2012-08-06 01:26:03 +02:00 · 2012-08-04 17:55:37 +02:00 · 2012-08-03 10:43:59 +02:00
15 changed files with 1130 additions and 1077 deletions
@@ -1,5 +1,17 @@
+original code
 N3E7CR34TUR3.
+http://proxychains.sourceforge.net
+netcreature@users.sourceforge.net

-web site:	proxychains.sourceforge.net
-email:		netcreature@users.sourceforge.net
+main.c, remote-dns, thread safety, bugfixes, build system, 
+cleanups, mac support
+rofl0r.
+https://github.com/rofl0r/proxychains

+localnet, bugfixes
+adam hamsik.
+https://github.com/haad/proxychains
+
+localnet-port, bugfixes
+jianing yang.
+https://github.com/jianingy/proxychains
@@ -1,13 +0,0 @@
-ProxyChains ver 3.1 Installation
-=======================
-
-If you have installed other ver of proxychains  "make uninstall" before installing this distribution
-
-unpack the .tar.gz , 'cd' to distribution directory and
-run following commands (as root)
-------------------------------------
-./configure
-make
-make install
-------------------------------------
-that's all
@@ -11,10 +11,11 @@ bindir = $(exec_prefix)/bin
 prefix = /usr/local/
 includedir = $(prefix)/include
 libdir = $(prefix)/lib
+sysconfdir=$(prefix)/etc

 SRCS = $(sort $(wildcard src/*.c))
 OBJS = $(SRCS:.c=.o)
-LOBJS = src/core.o src/libproxychains.o
+LOBJS = src/core.o src/common.o src/libproxychains.o

 CFLAGS  += -Wall -O0 -g -std=c99 -D_GNU_SOURCE -pipe -DTHREAD_SAFE
 LDFLAGS = -shared -fPIC -ldl -lpthread
@@ -23,26 +24,34 @@ PIC     = -fPIC
 AR      = $(CROSS_COMPILE)ar
 RANLIB  = $(CROSS_COMPILE)ranlib

-LDSO_PATHNAME = libproxychains4.so
+LDSO_SUFFIX = so
+LD_SET_SONAME = -Wl,-soname=
+INSTALL_FLAGS = -D -m
+
+-include config.mak
+
+LDSO_PATHNAME = libproxychains4.$(LDSO_SUFFIX)

 SHARED_LIBS = $(LDSO_PATHNAME)
 ALL_LIBS = $(SHARED_LIBS)
 PXCHAINS = proxychains4
 ALL_TOOLS = $(PXCHAINS)

-include config.mak

-CFLAGS+=$(USER_CFLAGS)
-CFLAGS_MAIN=-DLIB_DIR=\"$(libdir)\"
+CFLAGS+=$(USER_CFLAGS) $(MAC_CFLAGS)
+CFLAGS_MAIN=-DLIB_DIR=\"$(libdir)\" -DSYSCONFDIR=\"$(sysconfdir)\" -DDLL_NAME=\"$(LDSO_PATHNAME)\"


 all: $(ALL_LIBS) $(ALL_TOOLS)

-#install: $(ALL_LIBS:lib/%=$(DESTDIR)$(libdir)/%) $(DESTDIR)$(LDSO_PATHNAME)
+install-config:
+	install -d $(DESTDIR)/$(sysconfdir)
+	install $(INSTALL_FLAGS) 644 src/proxychains.conf $(DESTDIR)/$(sysconfdir)/
+
 install: 
-	install -D -m 755 $(ALL_TOOLS) $(bindir)/
-	install -D -m 644 $(ALL_LIBS) $(libdir)/
-	install -D -m 644 src/proxychains.conf $(prefix)/etc/
+	install -d $(DESTDIR)/$(bindir)/ $(DESTDIR)/$(libdir)/
+	install $(INSTALL_FLAGS) 755 $(ALL_TOOLS) $(DESTDIR)/$(bindir)/
+	install $(INSTALL_FLAGS) 644 $(ALL_LIBS) $(DESTDIR)/$(libdir)/

 clean:
 	rm -f $(ALL_LIBS)
@@ -53,10 +62,10 @@ clean:
 	$(CC) $(CFLAGS) $(CFLAGS_MAIN) $(INC) $(PIC) -c -o $@ $<

 $(LDSO_PATHNAME): $(LOBJS)
-	$(CC) $(LDFLAGS) -Wl,-soname=$(LDSO_PATHNAME) -o $@ $(LOBJS)
+	$(CC) $(LDFLAGS) $(LD_SET_SONAME)$(LDSO_PATHNAME) -o $@ $(LOBJS)

 $(ALL_TOOLS): $(OBJS)
-	$(CC) src/main.o -o $(PXCHAINS)
+	$(CC) src/main.o src/common.o -o $(PXCHAINS)


 .PHONY: all clean install
@@ -1,26 +1,49 @@
-ProxyChains ver 4.0 README
+ProxyChains ver 4.1 README
 ==========================

+  ProxyChains is a UNIX program, that hooks network-related libc functions
+  in dynamically linked programs via a preloaded DLL and redirects the
+  connections through SOCKS4a/5 or HTTP proxies.
+
 *********** ATTENTION ***********

-this program works only on dynamically linked programs.
-also both proxychains and the program to call must use
-the same dynamic linker (i.e. same libc)
+  this program works only on dynamically linked programs.
+  also both proxychains and the program to call must use
+  the same dynamic linker (i.e. same libc)

 *********************************

+*** Known limitations of the current version: ***

-This is Unix version only.
+  when a process forks, does a DNS lookup in the child, and then uses
+  the ip in the parent, the corresponding ip mapping will not be found.
+  this is because the fork can't write back into the parents mapping table.
+  IRSSI shows this behaviour, so you have to pass the resolved ip address
+  to it. (you can use the proxyresolv script (requires "dig") to do so)

-How to mess with sources - How to Install : read INSTALL !!!!!!
+  this means that you can't currently use tor onion urls for irssi.
+  to solve this issue, an external data store (file, pipe, ...) has to
+  manage the dns <-> ip mapping. of course there has to be proper locking.
+  shm_open, mkstemp, are possible candidates for a file based approach,
+  the other option is to spawn some kind of server process that manages the
+  map lookups. since connect() etc are hooked, this must not be a TCP server.

-This program forces any tcp connection made by any given tcp client
-to follow through proxy (or proxy chain). It is a kind of proxifier.
-It acts like sockscap / permeo / eborder driver ( intercepts TCP calls )
-It is FREE.
+  I am reluctant on doing this change, because the described behaviour
+  seems pretty idiotic (doing a fork only for a DNS lookup), and irssi
+  is currently the only known affected program.
+
+*** Installation ***
+
+  # needs a working C compiler, preferably gcc
+  ./configure
+  make
+  sudo make install

 Changelog:
 ----------
+Version 4.1 adds support for mac os x (i386, x86_64, ppc)
+all internal functions are threadsafe when compiled with -DTHREAD_SAFE
+(default).

 Version (4.x) removes the dnsresolver script which required a dynamically
 linked "dig" binary to be present with remote DNS lookup.
@@ -74,21 +97,21 @@ proxychains looks for config file in following order:

 Usage Example:

-	bash$ proxychains telnet targethost.com
+	$ proxychains telnet targethost.com

 in this example it will run telnet through proxy(or chained proxies)
 specified by proxychains.conf

 Usage Example:

-      	bash$ proxychains -f /etc/proxychains-other.conf targethost2.com
+      	$ proxychains -f /etc/proxychains-other.conf targethost2.com

 in this example it will use different configuration file then proxychains.conf 
 to connect to targethost2.com host.

 Usage Example:

-	bash$ proxyresolv targethost.com
+	$ proxyresolv targethost.com

 in this example it will resolve targethost.com through proxy(or chained proxies)
 specified by proxychains.conf
@@ -1,8 +1,6 @@
-ProxyChains ver 3.1 TODO
+ProxyChains ver 4.0 TODO
 ===================

-   stable DNS resolver .... currently gnu dig is used, which is an ugly hack
-	also it is required to link it with the same libc as proxychains
 	
   hooks for reentrant dns functions, i.e. gethostbyaddr_r

@@ -2,6 +2,18 @@

 prefix=/usr/local

+usage() {
+	echo "supported arguments"
+	echo "--prefix=/path 		default: $prefix"
+	echo "--exec_prefix=/path	default: $prefix/bin"
+	echo "--bindir=/path		default: $prefix/bin"
+	echo "--libdir=/path		default: $prefix/lib"
+	echo "--includedir=/path	default: $prefix/include"
+	echo "--sysconfdir=/path	default: $prefix/etc"
+	echo "--help : show this text"
+	exit 1
+}
+
 spliteq() {
 	arg=$1
 	echo "${arg#*=}"
@@ -11,14 +23,20 @@ spliteq() {

 parsearg() {
 	case "$1" in
-	--prefix=*) prefix=$(spliteq "$1");;
+	--prefix=*) prefix=`spliteq $1`;;
 	--exec_prefix=*) exec_prefix=`spliteq $1`;;
 	--bindir=*) bindir=`spliteq $1`;;
 	--libdir=*) libdir=`spliteq $1`;;
 	--includedir=*) includedir=`spliteq $1`;;
+	--sysconfdir=*) sysconfdir=`spliteq $1`;;
+	--help) usage;;
 	esac
 }

+ismac() {
+	uname -s | grep Darwin
+}
+
 while true ; do
 	case $1 in
 	-*) parsearg "$1"; shift;;
@@ -26,23 +44,27 @@ while true ; do
 	esac
 done

-if [ ! $exec_prefix ] ; then
+if [ -z "$exec_prefix" ] ; then
 	exec_prefix=$prefix
 fi

-if [ ! $libdir ] ; then
+if [ -z "$libdir" ] ; then
 	libdir=$prefix/lib
 fi

-if [ ! $includedir ] ; then
+if [ -z "$includedir" ] ; then
 	includedir=$prefix/include
 fi

-if [ ! $bindir ] ; then
+if [ -z "$sysconfdir" ] ; then
+	sysconfdir=$prefix/etc
+fi
+
+if [ -z "$bindir" ] ; then
 	bindir=$exec_prefix/bin
 fi

-if [ ! $CC ] ; then
+if [ -z "$CC" ] ; then
 	CC=cc
 fi

@@ -54,6 +76,13 @@ echo exec_prefix=$exec_prefix>>config.mak
 echo bindir=$bindir>>config.mak
 echo libdir=$libdir>>config.mak
 echo includedir=$includedir>>config.mak
+echo sysconfdir=$sysconfdir>>config.mak
+if ismac ; then
+	echo LDSO_SUFFIX=dylib>>config.mak
+	echo MAC_CFLAGS+=-DIS_MAC=1>>config.mak
+	echo LD_SET_SONAME=-Wl,-install_name,>>config.mak
+	echo INSTALL_FLAGS=-m>>config.mak
+fi

 echo done, now run make \&\& make install

@@ -1,14 +0,0 @@
-Begin3
-Title:          ProxyChains 
-Version:        3.0
-Entered-date:   
-Description:    
-Keywords:        
-Author:          <N37CR347UR3>
-Maintained-by:   <NetCreature>
-Primary-site:   	        
-Home-page:      http://proxychains.sourceforge.net
-Original-site:  
-Platforms:       Linux and other Unices
-Copying-policy: GNU Public License
-End
@@ -0,0 +1,54 @@
+#include "common.h"
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+
+static int check_path(char *path) {
+	if(!path)
+		return 0;
+	return access(path, R_OK) != -1;
+}
+
+char *get_config_path(char* default_path, char* pbuf, size_t bufsize) {
+	char buf[512];
+	// top priority: user defined path
+	char *path = default_path;
+	if(check_path(path))
+		goto have;
+	
+	// priority 1: env var PROXYCHAINS_CONF_FILE
+	path = getenv(PROXYCHAINS_CONF_FILE_ENV_VAR);
+	if(check_path(path))
+		goto have;
+
+	// priority 2; proxychains conf in actual dir
+	path = getcwd(buf, sizeof(buf));
+	snprintf(pbuf, bufsize, "%s/%s", path, PROXYCHAINS_CONF_FILE);
+	path = pbuf;
+	if(check_path(path))
+		goto have;
+
+	// priority 3; $HOME/.proxychains/proxychains.conf
+	path = getenv("HOME");
+	snprintf(pbuf, bufsize, "%s/.proxychains/%s", path, PROXYCHAINS_CONF_FILE);
+	path = pbuf;
+	if(check_path(path))
+		goto have;
+
+	// priority 4: $SYSCONFDIR/proxychains.conf
+	path = SYSCONFDIR "/" PROXYCHAINS_CONF_FILE;
+	if(check_path(path))
+		goto have;
+
+	// priority 5: /etc/proxychains.conf
+	path = "/etc/" PROXYCHAINS_CONF_FILE;
+	if(check_path(path))
+		goto have;
+	
+	perror("couldnt find configuration file");
+	exit(1);
+	
+	return NULL;
+	have:
+	return path;
+}
@@ -2,3 +2,7 @@
 #define PROXYCHAINS_QUIET_MODE_ENV_VAR "PROXYCHAINS_QUIET_MODE"
 #define PROXYCHAINS_CONF_FILE "proxychains.conf"
 #define LOG_PREFIX "[proxychains] "
+
+#include <stddef.h>
+
+char *get_config_path(char* default_path, char* pbuf, size_t bufsize);
@@ -4,10 +4,8 @@
    begin                : Tue May 14 2002
    copyright          :  netcreature (C) 2002
    email                 : netcreature@users.sourceforge.net
- ***************************************************************************/
-#include <stdint.h>
- /*     GPL */
-/***************************************************************************
+ ***************************************************************************
+ ***************************************************************************
 *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the GNU General Public License as published by  *
@@ -15,10 +13,17 @@
 *   (at your option) any later version.                                   *
 *                                                                         *
 ***************************************************************************/
+
+#include <stdint.h>
+#include <netinet/in.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+
 #ifndef __CORE_HEADER
 #define __CORE_HEADER
 #define BUFF_SIZE 8*1024  // used to read responses from proxies.
-#define     MAX_LOCALNET 1024
+#define     MAX_LOCALNET 64

 typedef union {
 	unsigned char octet[4];
@@ -40,6 +45,13 @@ extern internal_ip_lookup_table internal_ips;
 #ifdef THREAD_SAFE
 #include <pthread.h>
 extern pthread_mutex_t internal_ips_lock;
+# define MUTEX_LOCK(x) pthread_mutex_lock(x)
+# define MUTEX_UNLOCK(x) pthread_mutex_unlock(x)
+# define MUTEX_INIT(x,y) pthread_mutex_init(x, y)
+#else
+# define MUTEX_LOCK(x)
+# define MUTEX_UNLOCK(x)
+# define MUTEX_INIT(x,y)
 #endif

 /*error codes*/
@@ -52,7 +64,6 @@ typedef enum {
 	BLOCKED  //  target's port blocked on last proxy in the chain
 } ERR_CODE;

-
 typedef enum {
 	HTTP_TYPE,
 	SOCKS4_TYPE,
@@ -91,61 +102,50 @@ typedef struct {
 	char pass[256];
 } proxy_data;

-typedef struct {
-	proxy_data *pd;
-	chain_type ct;
-	unsigned int proxy_count;
-	int sock;
-	struct sockaddr addr;
-	int flags;
-} thread_arg;
-
-int connect_proxy_chain (
-	int sock,
-	ip_type target_ip,
-	unsigned short target_port,
-	proxy_data * pd,
-	unsigned int proxy_count,
-	chain_type ct,
-	unsigned int max_chain );
-
-int proxychains_write_log(char *str,...);
-struct hostent* proxy_gethostbyname(const char *name);
+int connect_proxy_chain (int sock, ip_type target_ip, unsigned short target_port,
+			 proxy_data * pd, unsigned int proxy_count, chain_type ct,
+			 unsigned int max_chain );

+void proxychains_write_log(char *str, ...);

 typedef int (*connect_t)(int, const struct sockaddr *, socklen_t);
-connect_t true_connect;
-
 typedef struct hostent* (*gethostbyname_t)(const char *);
-gethostbyname_t true_gethostbyname;
-
-typedef int (*getaddrinfo_t)(const char *, const char *,
-		const struct addrinfo *,
-		struct addrinfo **);
-getaddrinfo_t true_getaddrinfo;
-
 typedef int (*freeaddrinfo_t)(struct addrinfo *);
-freeaddrinfo_t true_freeaddrinfo;
-
-typedef int (*getnameinfo_t) (const struct sockaddr *,
-		socklen_t, char *,
-		socklen_t, char *,
-		socklen_t, unsigned int);
-getnameinfo_t true_getnameinfo;
-
 typedef struct hostent *(*gethostbyaddr_t) (const void *, socklen_t, int);
-gethostbyaddr_t true_gethostbyaddr;

-int proxy_getaddrinfo(const char *node, const char *service,
-		                const struct addrinfo *hints,
-				                struct addrinfo **res);
+typedef int (*getaddrinfo_t)(const char *, const char *, const struct addrinfo *, 
+			     struct addrinfo **);

-struct hostent* proxy_gethostbyname(const char *name);
+typedef int (*getnameinfo_t) (const struct sockaddr *, socklen_t, char *, 
+			      socklen_t, char *, socklen_t, int);
+
+
+extern connect_t true_connect;
+extern gethostbyname_t true_gethostbyname;
+extern getaddrinfo_t true_getaddrinfo;
+extern freeaddrinfo_t true_freeaddrinfo;
+extern getnameinfo_t true_getnameinfo;
+extern gethostbyaddr_t true_gethostbyaddr;
+
+struct gethostbyname_data {
+	struct hostent hostent_space;
+	in_addr_t resolved_addr;
+	char *resolved_addr_p[2];
+	char addr_name[1024 * 8];
+};
+
+struct hostent* proxy_gethostbyname(const char *name, struct gethostbyname_data *data);
+
+int proxy_getaddrinfo(const char *node, const char *service, 
+		      const struct addrinfo *hints, struct addrinfo **res);
+void proxy_freeaddrinfo(struct addrinfo *res);
+
+void pc_stringfromipv4(unsigned char *ip_buf_4_bytes, char *outbuf_16_bytes);

 #ifdef DEBUG
-# define PDEBUG(fmt, args...) fprintf(stderr,"DEBUG:"fmt, ## args)
+# define PDEBUG(fmt, args...) do { fprintf(stderr,"DEBUG:"fmt, ## args); fflush(stderr); } while(0)
 #else
-# define PDEBUG(fmt, args...)
+# define PDEBUG(fmt, args...) do {} while (0)
 #endif

-#endif 
+#endif
@@ -41,7 +41,14 @@
 #define     SOCKADDR_2(x)     (satosin(x)->sin_addr)
 #define     SOCKPORT(x)     (satosin(x)->sin_port)
 #define     SOCKFAMILY(x)     (satosin(x)->sin_family)
-#define     MAX_CHAIN 30*1024
+#define     MAX_CHAIN 512
+
+connect_t true_connect;
+gethostbyname_t true_gethostbyname;
+getaddrinfo_t true_getaddrinfo;
+freeaddrinfo_t true_freeaddrinfo;
+getnameinfo_t true_getnameinfo;
+gethostbyaddr_t true_gethostbyaddr;

 int tcp_read_time_out;
 int tcp_connect_time_out;
@@ -52,249 +59,204 @@ int proxychains_got_chain_data = 0;
 unsigned int proxychains_max_chain = 1;
 int proxychains_quiet_mode = 0;
 int proxychains_resolver = 0;
-static int init_l = 0;
 localaddr_arg localnet_addr[MAX_LOCALNET];
 size_t num_localnet_addr = 0;
+unsigned int remote_dns_subnet = 224;

-static inline void get_chain_data(proxy_data *pd, unsigned int *proxy_count,
-	chain_type *ct);
-static void init_lib(void);
-
-static void init_lib(void)
-{
 #ifdef THREAD_SAFE
-	pthread_mutex_init(&internal_ips_lock, NULL);
+pthread_once_t init_once = PTHREAD_ONCE_INIT;
 #endif
-	/* read the config file */
-	get_chain_data(proxychains_pd, &proxychains_proxy_count, &proxychains_ct);
-	
-	proxychains_write_log(LOG_PREFIX "DLL init\n");
-	
-	true_connect = (connect_t) dlsym(RTLD_NEXT, "connect");
+static int init_l = 0;

-	if (!true_connect) {
-		fprintf(stderr, "Cannot load symbol 'connect' %s\n", dlerror());
+static inline void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_type * ct);
+
+static void* load_sym(char* symname, void* proxyfunc) {
+
+	void *funcptr = dlsym(RTLD_NEXT, symname);
+	
+	if(!funcptr) {
+		fprintf(stderr, "Cannot load symbol '%s' %s\n", symname, dlerror());
 		exit(1);
 	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'connect'"
-		" real addr %p  wrapped addr %p\n",
-		true_connect, connect);
-		#endif
+		PDEBUG("loaded symbol '%s'" " real addr %p  wrapped addr %p\n", symname, funcptr, proxyfunc);
 	}
-	if(connect==true_connect) {
-		#ifdef DEBUG
+	if(funcptr == proxyfunc) {
 		PDEBUG("circular reference detected, aborting!\n");
-		#endif
 		abort();
 	}
+	return funcptr;
+}
+
+#define INIT() init_lib_wrapper(__FUNCTION__)
+
+#define SETUP_SYM(X) do { true_ ## X = load_sym( # X, X ); } while(0)
+
+static void do_init(void) {
+	MUTEX_INIT(&internal_ips_lock, NULL);
+	/* read the config file */
+	get_chain_data(proxychains_pd, &proxychains_proxy_count, &proxychains_ct);
+
+	proxychains_write_log(LOG_PREFIX "DLL init\n");
+	
+	SETUP_SYM(connect);
+	SETUP_SYM(gethostbyname);
+	SETUP_SYM(getaddrinfo);
+	SETUP_SYM(freeaddrinfo);
+	SETUP_SYM(gethostbyaddr);
+	SETUP_SYM(getnameinfo);
 	
-	true_gethostbyname = (gethostbyname_t) 
-		dlsym(RTLD_NEXT, "gethostbyname");
-
-	if (!true_gethostbyname) {
-		fprintf(stderr, "Cannot load symbol 'gethostbyname' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'gethostbyname'"
-		" real addr %p  wrapped addr %p\n",
-		true_gethostbyname, gethostbyname);
-		#endif
-	}
-	true_getaddrinfo = (getaddrinfo_t) 
-		dlsym(RTLD_NEXT, "getaddrinfo");
-
-	if (!true_getaddrinfo) {
-		fprintf(stderr, "Cannot load symbol 'getaddrinfo' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'getaddrinfo'"
-			" real addr %p  wrapped addr %p\n",
-			true_getaddrinfo, getaddrinfo);
-		#endif
-	}
-	true_freeaddrinfo = (freeaddrinfo_t) 
-		dlsym(RTLD_NEXT, "freeaddrinfo");
-
-	if (!true_freeaddrinfo) {
-		fprintf(stderr, "Cannot load symbol 'freeaddrinfo' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'freeaddrinfo'"
-			" real addr %p  wrapped addr %p\n",
-			true_freeaddrinfo, freeaddrinfo);
-		#endif
-	}
-	true_gethostbyaddr = (gethostbyaddr_t) 
-		dlsym(RTLD_NEXT, "gethostbyaddr");
-
-	if (!true_gethostbyaddr) {
-		fprintf(stderr, "Cannot load symbol 'gethostbyaddr' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'gethostbyaddr'"
-			" real addr %p  wrapped addr %p\n",
-			true_gethostbyaddr, gethostbyaddr);
-		#endif
-	}
-	true_getnameinfo = (getnameinfo_t) 
-		dlsym(RTLD_NEXT, "getnameinfo");
-
-	if (!true_getnameinfo) {
-		fprintf(stderr, "Cannot load symbol 'getnameinfo' %s\n", 
-				dlerror());
-		exit(1);
-	} else {
-		#ifdef DEBUG
-		PDEBUG( "loaded symbol 'getnameinfo'"
-			" real addr %p  wrapped addr %p\n",
-			true_getnameinfo, getnameinfo);
-		#endif
-	}
 	init_l = 1;
 }

-static inline void get_chain_data(
-			proxy_data *pd,
-			unsigned int *proxy_count,
-			chain_type *ct)
-{
-	int count=0,port_n=0,list=0;
-	char buff[1024],type[1024],host[1024],user[1024];
+static void init_lib_wrapper(const char* caller) {
+#ifndef DEBUG
+	(void) caller;
+#endif
+#ifndef THREAD_SAFE
+	if(init_l) return;
+	PDEBUG("%s called from %s\n", __FUNCTION__,  caller);
+	do_init();
+#else
+	if(!init_l) PDEBUG("%s called from %s\n", __FUNCTION__,  caller);
+	pthread_once(&init_once, do_init);
+#endif
+}
+
+/* if we use gcc >= 3, we can instruct the dynamic loader 
+ * to call init_lib at link time. otherwise it gets loaded
+ * lazily, which has the disadvantage that there's a potential
+ * race condition if 2 threads call it before init_l is set 
+ * and PTHREAD support was disabled */
+#if __GNUC__ > 2
+__attribute__((constructor))
+static void gcc_init(void) {
+	INIT();
+}
+#endif
+
+/* get configuration from config file */
+static void get_chain_data(proxy_data * pd, unsigned int *proxy_count, chain_type * ct) {
+	int count = 0, port_n = 0, list = 0;
+	char buff[1024], type[1024], host[1024], user[1024];
 	char *env;
 	char local_in_addr_port[32];
 	char local_in_addr[32], local_in_port[32], local_netmask[32];
-	FILE* file;
+	FILE *file = NULL;

 	if(proxychains_got_chain_data)
-	return;
+		return;

 	//Some defaults
-	tcp_read_time_out = 4*1000;
-	tcp_connect_time_out = 10*1000;
+	tcp_read_time_out = 4 * 1000;
+	tcp_connect_time_out = 10 * 1000;
 	*ct = DYNAMIC_TYPE;
-
-	/*
-	 * Get path to configuration file from env this file has priority
-	 * if it's defined.
-	 */
-	env = getenv(PROXYCHAINS_CONF_FILE_ENV_VAR);
-
-	snprintf(buff,256,"%s/.proxychains/proxychains.conf",getenv("HOME"));
-
-	if(!env || (!(file=fopen(env,"r"))))
-	if(!(file=fopen("./proxychains.conf","r")))
-	if(!(file=fopen(buff,"r")))
-	if(!(file=fopen("/etc/proxychains.conf","r")))
-	{
-		perror("Can't locate proxychains.conf");
-		exit(1);
-	}
 	
-	env = getenv(PROXYCHAINS_QUIET_MODE_ENV_VAR);
-	if(env && *env == '1') proxychains_quiet_mode = 1;
+	env = get_config_path(getenv(PROXYCHAINS_CONF_FILE_ENV_VAR), buff, sizeof(buff));
+	file = fopen(env, "r");

-	while(fgets(buff,sizeof(buff),file)) {
-		if(buff[0] != '\n' && buff[strspn(buff," ")]!='#') {
+	env = getenv(PROXYCHAINS_QUIET_MODE_ENV_VAR);
+	if(env && *env == '1')
+		proxychains_quiet_mode = 1;
+
+	while(fgets(buff, sizeof(buff), file)) {
+		if(buff[0] != '\n' && buff[strspn(buff, " ")] != '#') {
+			/* proxylist has to come last */
 			if(list) {
-				memset(&pd[count], 0, sizeof(proxy_data));
+				if(count >= MAX_CHAIN)
+					break;
 				
+				memset(&pd[count], 0, sizeof(proxy_data));
+
 				pd[count].ps = PLAY_STATE;
 				port_n = 0;
-				
-				sscanf(buff,"%s %s %d %s %s", type, host, &port_n,
-					pd[count].user, pd[count].pass);
-				
+
+				sscanf(buff, "%s %s %d %s %s", type, host, &port_n, pd[count].user, pd[count].pass);
+
 				pd[count].ip.as_int = (uint32_t) inet_addr(host);
-				pd[count].port = htons((unsigned short)port_n);
-				
-				if(!strcmp(type,"http")) {
+				pd[count].port = htons((unsigned short) port_n);
+
+				if(!strcmp(type, "http")) {
 					pd[count].pt = HTTP_TYPE;
-				} else if(!strcmp(type,"socks4")) {
+				} else if(!strcmp(type, "socks4")) {
 					pd[count].pt = SOCKS4_TYPE;
-				} else if(!strcmp(type,"socks5")) {
+				} else if(!strcmp(type, "socks5")) {
 					pd[count].pt = SOCKS5_TYPE;
-				} else 
+				} else
 					continue;
-				
-				if(pd[count].ip.as_int && port_n &&
-				   pd[count].ip.as_int != (uint32_t) -1)
-					if(++count==MAX_CHAIN)
-						break;
-			 } else {
-				if(strstr(buff,"[ProxyList]")) {
-					list=1;
-				} else if(strstr(buff,"random_chain")) {
-					*ct=RANDOM_TYPE;
-				} else if(strstr(buff,"strict_chain")) {
-					*ct=STRICT_TYPE;
-				} else if(strstr(buff,"dynamic_chain")) {
-					*ct=DYNAMIC_TYPE;
-				} else if(strstr(buff,"tcp_read_time_out")){
-					sscanf(buff,"%s %d",user,&tcp_read_time_out) ;
-				} else if(strstr(buff,"tcp_connect_time_out")){
-					sscanf(buff,"%s %d",user,&tcp_connect_time_out) ;
-				} else if(strstr(buff,"localnet")) {
-					if (sscanf(buff,"%s %21[^/]/%15s", user,
-						local_in_addr_port, local_netmask) < 3) {
+
+				if(pd[count].ip.as_int && port_n && pd[count].ip.as_int != (uint32_t) - 1)
+					count++;
+			} else {
+				if(strstr(buff, "[ProxyList]")) {
+					list = 1;
+				} else if(strstr(buff, "random_chain")) {
+					*ct = RANDOM_TYPE;
+				} else if(strstr(buff, "strict_chain")) {
+					*ct = STRICT_TYPE;
+				} else if(strstr(buff, "dynamic_chain")) {
+					*ct = DYNAMIC_TYPE;
+				} else if(strstr(buff, "tcp_read_time_out")) {
+					sscanf(buff, "%s %d", user, &tcp_read_time_out);
+				} else if(strstr(buff, "tcp_connect_time_out")) {
+					sscanf(buff, "%s %d", user, &tcp_connect_time_out);
+				} else if(strstr(buff, "remote_dns_subnet")) {
+					sscanf(buff, "%s %d", user, &remote_dns_subnet);
+					if(remote_dns_subnet >= 256) {
+						fprintf(stderr,
+							"remote_dns_subnet: invalid value. requires a number between 0 and 255.\n");
+						exit(1);
+					}
+				} else if(strstr(buff, "localnet")) {
+					if(sscanf(buff, "%s %21[^/]/%15s", user, local_in_addr_port, local_netmask) < 3) {
 						fprintf(stderr, "localnet format error");
 						exit(1);
 					}
 					/* clean previously used buffer */
-					memset(local_in_port, 0,
-						sizeof(local_in_port) / sizeof(local_in_port[0]));
+					memset(local_in_port, 0, sizeof(local_in_port) / sizeof(local_in_port[0]));

-					if (sscanf(local_in_addr_port, "%15[^:]:%5s",
-						local_in_addr, local_in_port) < 2) {
-					    PDEBUG("added localnet: netaddr=%s, port=%s\n",
-							local_in_addr, local_netmask);
+					if(sscanf(local_in_addr_port, "%15[^:]:%5s", local_in_addr, local_in_port) < 2) {
+						PDEBUG("added localnet: netaddr=%s, netmask=%s\n",
+						       local_in_addr, local_netmask);
 					} else {
-					    PDEBUG("added localnet: netaddr=%s, port=%s, netmask=%s\n",
-							local_in_addr, local_in_port, local_netmask);
+						PDEBUG("added localnet: netaddr=%s, port=%s, netmask=%s\n",
+						       local_in_addr, local_in_port, local_netmask);
 					}
-					if (num_localnet_addr < MAX_LOCALNET)
-					{
+					if(num_localnet_addr < MAX_LOCALNET) {
 						int error;
-						error = inet_pton(AF_INET, local_in_addr, &localnet_addr[num_localnet_addr].in_addr);
-						if (error <= 0)
-						{
+						error =
+						    inet_pton(AF_INET, local_in_addr,
+							      &localnet_addr[num_localnet_addr].in_addr);
+						if(error <= 0) {
 							fprintf(stderr, "localnet address error\n");
 							exit(1);
 						}
-						error = inet_pton(AF_INET, local_netmask, &localnet_addr[num_localnet_addr].netmask);
-						if (error <= 0)
-						{
+						error =
+						    inet_pton(AF_INET, local_netmask,
+							      &localnet_addr[num_localnet_addr].netmask);
+						if(error <= 0) {
 							fprintf(stderr, "localnet netmask error\n");
 							exit(1);
 						}
-						if (local_in_port[0]) {
-							localnet_addr[num_localnet_addr].port = (short)atoi(local_in_port);
+						if(local_in_port[0]) {
+							localnet_addr[num_localnet_addr].port =
+							    (short) atoi(local_in_port);
 						} else {
 							localnet_addr[num_localnet_addr].port = 0;
 						}
 						++num_localnet_addr;
-					}
-					else
-					{
+					} else {
 						fprintf(stderr, "# of localnet exceed %d.\n", MAX_LOCALNET);
 					}
-				} else if(strstr(buff,"chain_len")){
-					char *pc;int len;
-					pc=strchr(buff,'=');
-					len=atoi(++pc);
-					proxychains_max_chain=(len?len:1);
-				} else if(strstr(buff,"quiet_mode")){
-					proxychains_quiet_mode=1;
-				} else if(strstr(buff,"proxy_dns")){
-					proxychains_resolver=1;
+				} else if(strstr(buff, "chain_len")) {
+					char *pc;
+					int len;
+					pc = strchr(buff, '=');
+					len = atoi(++pc);
+					proxychains_max_chain = (len ? len : 1);
+				} else if(strstr(buff, "quiet_mode")) {
+					proxychains_quiet_mode = 1;
+				} else if(strstr(buff, "proxy_dns")) {
+					proxychains_resolver = 1;
 				}
 			}
 		}
@@ -304,11 +266,10 @@ static inline void get_chain_data(
 	proxychains_got_chain_data = 1;
 }

+/*******  HOOK FUNCTIONS  *******/

-
-int connect (int sock, const struct sockaddr *addr, unsigned int len)
-{
-	int socktype=0, flags=0, ret=0;
+int connect(int sock, const struct sockaddr *addr, unsigned int len) {
+	int socktype = 0, flags = 0, ret = 0;
 	socklen_t optlen = 0;
 	ip_type dest_ip;
 #ifdef DEBUG
@@ -317,177 +278,141 @@ int connect (int sock, const struct sockaddr *addr, unsigned int len)
 	struct in_addr *p_addr_in;
 	unsigned short port;
 	size_t i;
+	int remote_dns_connect = 0;
+	INIT();
+	optlen = sizeof(socktype);
+	getsockopt(sock, SOL_SOCKET, SO_TYPE, &socktype, &optlen);
+	if(!(SOCKFAMILY(*addr) == AF_INET && socktype == SOCK_STREAM))
+		return true_connect(sock, addr, len);

-	if(!init_l)
-		init_lib();
-	optlen=sizeof(socktype);
-	getsockopt(sock,SOL_SOCKET,SO_TYPE,&socktype,&optlen);
-	if (! (SOCKFAMILY(*addr)==AF_INET  && socktype==SOCK_STREAM))
-		return true_connect(sock,addr,len);
-
-	p_addr_in = &((struct sockaddr_in *)addr)->sin_addr;
-	port = ntohs(((struct sockaddr_in *)addr)->sin_port);
+	p_addr_in = &((struct sockaddr_in *) addr)->sin_addr;
+	port = ntohs(((struct sockaddr_in *) addr)->sin_port);

 #ifdef DEBUG
-//	PDEBUG("localnet: %s; ", inet_ntop(AF_INET,&in_addr_localnet, str, sizeof(str)));
-//	PDEBUG("netmask: %s; " , inet_ntop(AF_INET, &in_addr_netmask, str, sizeof(str)));
+//      PDEBUG("localnet: %s; ", inet_ntop(AF_INET,&in_addr_localnet, str, sizeof(str)));
+//      PDEBUG("netmask: %s; " , inet_ntop(AF_INET, &in_addr_netmask, str, sizeof(str)));
 	PDEBUG("target: %s\n", inet_ntop(AF_INET, p_addr_in, str, sizeof(str)));
 	PDEBUG("port: %d\n", port);
 #endif
-	for (i = 0; i < num_localnet_addr; i++) {
-		if ((localnet_addr[i].in_addr.s_addr & localnet_addr[i].netmask.s_addr)
-			== (p_addr_in->s_addr & localnet_addr[i].netmask.s_addr))
-		{
-			if (localnet_addr[i].port && localnet_addr[i].port == port) {
+
+	// check if connect called from proxydns
+        remote_dns_connect = (ntohl(p_addr_in->s_addr) >> 24 == remote_dns_subnet);
+
+	for(i = 0; i < num_localnet_addr && !remote_dns_connect; i++) {
+		if((localnet_addr[i].in_addr.s_addr & localnet_addr[i].netmask.s_addr)
+		   == (p_addr_in->s_addr & localnet_addr[i].netmask.s_addr)) {
+			if(!localnet_addr[i].port || localnet_addr[i].port == port) {
 				PDEBUG("accessing localnet using true_connect\n");
-				return true_connect(sock,addr,len);
+				return true_connect(sock, addr, len);
 			}
 		}
 	}

 	flags = fcntl(sock, F_GETFL, 0);
 	if(flags & O_NONBLOCK)
-	fcntl(sock, F_SETFL, !O_NONBLOCK);
-	
+		fcntl(sock, F_SETFL, !O_NONBLOCK);
+
 	dest_ip.as_int = SOCKADDR(*addr);
-	
-	ret = connect_proxy_chain(
-		sock,
-		dest_ip,
-		SOCKPORT(*addr),
-		proxychains_pd,
-		proxychains_proxy_count,
-		proxychains_ct,
-		proxychains_max_chain );
-	
+
+	ret = connect_proxy_chain(sock,
+				  dest_ip,
+				  SOCKPORT(*addr),
+				  proxychains_pd, proxychains_proxy_count, proxychains_ct, proxychains_max_chain);
+
 	fcntl(sock, F_SETFL, flags);
 	if(ret != SUCCESS)
-	errno = ECONNREFUSED;
+		errno = ECONNREFUSED;
 	return ret;
 }

-struct hostent *gethostbyname(const char *name)
-{
-	if(!init_l)
-		init_lib();
-	
-	PDEBUG("gethostbyname: %s\n",name);
-	
+static struct gethostbyname_data ghbndata;
+struct hostent *gethostbyname(const char *name) {
+	INIT();
+
+	PDEBUG("gethostbyname: %s\n", name);
+
 	if(proxychains_resolver)
-		return proxy_gethostbyname(name);
+		return proxy_gethostbyname(name, &ghbndata);
 	else
 		return true_gethostbyname(name);
-			
+
 	return NULL;
 }

-int getaddrinfo(const char *node, const char *service,
-		const struct addrinfo *hints,
-		struct addrinfo **res)
-{
+int getaddrinfo(const char *node, const char *service, const struct addrinfo *hints, struct addrinfo **res) {
 	int ret = 0;
-	
-	if(!init_l)
-		init_lib();
-	
-	PDEBUG("getaddrinfo: %s %s\n",node ,service);
-	
+
+	INIT();
+
+	PDEBUG("getaddrinfo: %s %s\n", node, service);
+
 	if(proxychains_resolver)
 		ret = proxy_getaddrinfo(node, service, hints, res);
 	else
 		ret = true_getaddrinfo(node, service, hints, res);
-			
+
 	return ret;
 }

-void freeaddrinfo(struct addrinfo *res)
-{
-	if(!init_l)
-		init_lib();
-	
-	PDEBUG("freeaddrinfo %p \n",res);
-	
+void freeaddrinfo(struct addrinfo *res) {
+	INIT();
+
+	PDEBUG("freeaddrinfo %p \n", res);
+
 	if(!proxychains_resolver)
 		true_freeaddrinfo(res);
-	else {
-		free(res->ai_addr);
-		free(res);
-	}
+	else
+		proxy_freeaddrinfo(res);
 	return;
 }
+
 // work around a buggy prototype in GLIBC. according to the bugtracker it has been fixed in git at 02 May 2011.
 // 2.14 came out in June 2011 so that should be the first fixed version
 #if defined(__GLIBC__) && (__GLIBC__ < 3) && (__GLIBC_MINOR__ < 14)
-int getnameinfo (const struct sockaddr * sa,
-                        socklen_t salen, char * host,
-                        socklen_t hostlen, char * serv,
-                        socklen_t servlen, unsigned int flags)
+int getnameinfo(const struct sockaddr *sa,
+		socklen_t salen, char *host, socklen_t hostlen, char *serv, socklen_t servlen, unsigned int flags)
 #else
-int getnameinfo (const struct sockaddr * sa,
-			socklen_t salen, char * host,
-			socklen_t hostlen, char * serv,
-			socklen_t servlen, int flags)
+int getnameinfo(const struct sockaddr *sa,
+		socklen_t salen, char *host, socklen_t hostlen, char *serv, socklen_t servlen, int flags)
 #endif
 {
+	char ip_buf[16];
 	int ret = 0;
-	
-	if(!init_l)
-		init_lib();
+
+	INIT();
 	
 	PDEBUG("getnameinfo: %s %s\n", host, serv);
-	
+
 	if(!proxychains_resolver) {
-		ret = true_getnameinfo(sa,salen,host,hostlen,
-				serv,servlen,flags);
+		ret = true_getnameinfo(sa, salen, host, hostlen, serv, servlen, flags);
 	} else {
-		if(hostlen) 
-			strncpy(host, inet_ntoa(SOCKADDR_2(*sa)),hostlen);
-		if(servlen) 
-			snprintf(serv, servlen,"%d",ntohs(SOCKPORT(*sa)));
+		if(hostlen) {
+			pc_stringfromipv4((unsigned char*) &(SOCKADDR_2(*sa)), ip_buf);
+			strncpy(host, ip_buf, hostlen);
+		}
+		if(servlen)
+			snprintf(serv, servlen, "%d", ntohs(SOCKPORT(*sa)));
 	}
 	return ret;
 }

-// stolen from libulz (C) rofl0r
-static void pc_stringfromipv4(unsigned char* ip_buf_4_bytes, char* outbuf_16_bytes) {
-        unsigned char* p;
-        char *o = outbuf_16_bytes;
-        unsigned char n;
-        for(p = ip_buf_4_bytes; p < ip_buf_4_bytes + 4; p++) {
-                n = *p;
-                if(*p >= 100) {
-                        if(*p >= 200) *(o++) = '2';
-                        else *(o++) = '1';
-                        n %= 100;
-                }
-                if(*p >= 10) {
-                        *(o++) = (n / 10) + '0';
-                        n %= 10;
-                }
-                *(o++) = n + '0';
-                *(o++) = '.';
-        }
-        o[-1] = 0;
-}
-
-struct hostent *gethostbyaddr (const void *addr, socklen_t len, int type)
-{
+struct hostent *gethostbyaddr(const void *addr, socklen_t len, int type) {
 	static char buf[16];
 	static char ipv4[4];
-	static char* list[2];
+	static char *list[2];
 	static struct hostent he;
-	
-	if(!init_l)
-		init_lib();
-	
+
+	INIT();
+
 	PDEBUG("TODO: proper gethostbyaddr hook\n");
-	
+
 	if(!proxychains_resolver)
-		return true_gethostbyaddr(addr,len,type);
+		return true_gethostbyaddr(addr, len, type);
 	else {
-		
+
 		PDEBUG("len %u\n", len);
-		if(len != 4) return NULL;
+		if(len != 4)
+			return NULL;
 		he.h_name = buf;
 		memcpy(ipv4, addr, 4);
 		list[0] = ipv4;
@@ -496,9 +421,8 @@ struct hostent *gethostbyaddr (const void *addr, socklen_t len, int type)
 		he.h_addrtype = AF_INET;
 		he.h_aliases = NULL;
 		he.h_length = 4;
-		pc_stringfromipv4((unsigned char*)addr, buf);
+		pc_stringfromipv4((unsigned char *) addr, buf);
 		return &he;
 	}
 	return NULL;
 }
-	
@@ -1,12 +1,4 @@
-/***************************************************************************
-                          main.c  -  description
-
-    begin                : Tue May 14 2002
-    copyright            :  netcreature (C) 2002
-    email                : netcreature@users.sourceforge.net
- ***************************************************************************/
- /*     GPL */
-/***************************************************************************
+/*   (C) 2011, 2012 rofl0r
 *                                                                         *
 *   This program is free software; you can redistribute it and/or modify  *
 *   it under the terms of the GNU General Public License as published by  *
@@ -14,6 +6,7 @@
 *   (at your option) any later version.                                   *
 *                                                                         *
 ***************************************************************************/
+
 #undef _POSIX_C_SOURCE
 #define _POSIX_C_SOURCE 200809L
 #undef _XOPEN_SOURCE
@@ -26,29 +19,20 @@
 #include <sys/types.h>
 #include <sys/wait.h>

-extern char *optarg;
-extern int optind, opterr, optopt;
-
 #include "common.h"

-static int usage(char** argv) {
-	printf( "\nUsage:\t%s -q -f config_file program_name [arguments]\n"
-		"\t-q makes proxychains quiet - this overrides the config setting\n"
-		"\t-t allows to manually specify a configfile to use\n"
-		"\tfor example : proxychains telnet somehost.com\n"
-		"More help in README file\n\n", argv[0]);
+static int usage(char **argv) {
+	printf("\nUsage:\t%s -q -f config_file program_name [arguments]\n"
+	       "\t-q makes proxychains quiet - this overrides the config setting\n"
+	       "\t-t allows to manually specify a configfile to use\n"
+	       "\tfor example : proxychains telnet somehost.com\n" "More help in README file\n\n", argv[0]);
 	return EXIT_FAILURE;
 }

-int check_path(char* path) {
-	if(!path) return 0;
-	return access(path, R_OK) != -1;
-}
-
-static const char* dll_name = "libproxychains4.so";
+static const char *dll_name = DLL_NAME;

 static char own_dir[256];
-static const char* dll_dirs[] = {
+static const char *dll_dirs[] = {
 	".",
 	own_dir,
 	LIB_DIR,
@@ -59,9 +43,10 @@ static const char* dll_dirs[] = {
 	NULL
 };

-static void set_own_dir(const char* argv0) {
+static void set_own_dir(const char *argv0) {
 	size_t l = strlen(argv0);
-	while(l && argv0[l - 1] != '/') l--;
+	while(l && argv0[l - 1] != '/')
+		l--;
 	if(l == 0)
 		memcpy(own_dir, ".", 2);
 	else {
@@ -70,75 +55,52 @@ static void set_own_dir(const char* argv0) {
 	}
 }

+#define MAX_COMMANDLINE_FLAGS 2
+
 int main(int argc, char *argv[]) {
 	char *path = NULL;
 	char buf[256];
 	char pbuf[256];
-	int opt;
 	int start_argv = 1;
 	int quiet = 0;
-	
-	if(argc == 1) return usage(argv);
+	size_t i;
+	const char *prefix = NULL;

-	while ((opt = getopt(argc, argv, "qf:")) != -1) {
-		switch (opt) {
-			case 'q':
+	for(i = 0; i < MAX_COMMANDLINE_FLAGS; i++) {
+		if(start_argv < argc && argv[start_argv][0] == '-') {
+			if(argv[start_argv][1] == 'q') {
 				quiet = 1;
 				start_argv++;
-				break;
-			case 'f':
-				path = (char *)optarg;
-				if(!path) {
-					fprintf(stderr, "error: no path supplied.\n");
-					return EXIT_FAILURE;
-				}
+			} else if(argv[start_argv][1] == 'f') {
+
+				if(start_argv + 1 < argc)
+					path = argv[start_argv + 1];
+				else
+					return usage(argv);
+
 				start_argv += 2;
-				break;
-			default: /* '?' */
-				return usage(argv);
 			}
+		} else
+			break;
 	}
-	
-	if(start_argv >= argc) return usage(argv);
+
+	if(start_argv >= argc)
+		return usage(argv);

 	/* check if path of config file has not been passed via command line */
-	if(!path) {
-		// priority 1: env var PROXYCHAINS_CONF_FILE
-		path = getenv(PROXYCHAINS_CONF_FILE_ENV_VAR);
-		if(check_path(path)) goto have;
-		
-		// priority 2; proxychains conf in actual dir
-		path = getcwd(buf, sizeof(buf));
-		snprintf(pbuf, sizeof(pbuf), "%s/%s", path, PROXYCHAINS_CONF_FILE);
-		path = pbuf;
-		if(check_path(path)) goto have;
-		
-		// priority 3; $HOME/.proxychains/proxychains.conf
-		path = getenv("HOME");
-		snprintf(pbuf, sizeof(pbuf), "%s/.proxychains/%s", path, PROXYCHAINS_CONF_FILE);
-		path = pbuf;
-		if(check_path(path)) goto have;
-		
-		// priority 4: /etc/proxychains.conf
-		path = "/etc/proxychains.conf";
-		if(check_path(path)) goto have;
-		perror("couldnt find configuration file");
-		return 1;
-	}
+	path = get_config_path(path, pbuf, sizeof(pbuf));
 	
-	have:
-
-	if(!quiet) fprintf(stderr, LOG_PREFIX "config file found: %s\n", path);
+	if(!quiet)
+		fprintf(stderr, LOG_PREFIX "config file found: %s\n", path);

 	/* Set PROXYCHAINS_CONF_FILE to get proxychains lib to use new config file. */
 	setenv(PROXYCHAINS_CONF_FILE_ENV_VAR, path, 1);
-	
-	if(quiet) setenv(PROXYCHAINS_QUIET_MODE_ENV_VAR, "1", 1);
+
+	if(quiet)
+		setenv(PROXYCHAINS_QUIET_MODE_ENV_VAR, "1", 1);


 	// search DLL
-	size_t i = 0;
-	const char* prefix = NULL;

 	set_own_dir(argv[0]);

@@ -155,11 +117,17 @@ int main(int argc, char *argv[]) {
 		fprintf(stderr, "couldnt locate %s\n", dll_name);
 		return EXIT_FAILURE;
 	}
-	if(!quiet) fprintf(stderr, LOG_PREFIX "preloading %s/%s\n", prefix, dll_name);
-	
-	snprintf(buf, sizeof(buf), "LD_PRELOAD=%s/%s", prefix, dll_name);
+	if(!quiet)
+		fprintf(stderr, LOG_PREFIX "preloading %s/%s\n", prefix, dll_name);

+#ifndef IS_MAC
+	snprintf(buf, sizeof(buf), "LD_PRELOAD=%s/%s", prefix, dll_name);
 	putenv(buf);
+#else
+	snprintf(buf, sizeof(buf), "DYLD_INSERT_LIBRARIES=%s/%s", prefix, dll_name);
+	putenv(buf);
+	putenv("DYLD_FORCE_FLAT_NAMESPACE=1");
+#endif
 	execvp(argv[start_argv], &argv[start_argv]);
 	perror("proxychains can't load process....");

@@ -37,6 +37,19 @@ strict_chain
 # Proxy DNS requests - no leak for DNS data
 proxy_dns 

+# set the class A subnet number to usefor use of the internal remote DNS mapping
+# we use the reserved 224.x.x.x range by default,
+# if the proxified app does a DNS request, we will return an IP from that range.
+# on further accesses to this ip we will send the saved DNS name to the proxy.
+# in case some control-freak app checks the returned ip, and denies to 
+# connect, you can use another subnet, e.g. 10.x.x.x or 127.x.x.x.
+# of course you should make sure that the proxified app does not need
+# *real* access to this subnet. 
+# i.e. dont use the same subnet then in the localnet section
+#remote_dns_subnet 127 
+#remote_dns_subnet 10
+remote_dns_subnet 224
+
 # Some timeouts in milliseconds
 tcp_read_time_out 15000
 tcp_connect_time_out 8000
@@ -0,0 +1,41 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <sys/socket.h>
+ 
+#ifndef   NI_MAXHOST
+#define   NI_MAXHOST 1025
+#endif
+ 
+int main(void) {
+	struct addrinfo *result;
+	struct addrinfo *res;
+	int error;
+	
+	/* resolve the domain name into a list of addresses */
+	error = getaddrinfo("www.example.com", NULL, NULL, &result);
+	if (error != 0)
+	{   
+		fprintf(stderr, "error in getaddrinfo: %s\n", gai_strerror(error));
+		return EXIT_FAILURE;
+	}   
+	
+	/* loop over all returned results and do inverse lookup */
+	for (res = result; res != NULL; res = res->ai_next)
+	{   
+		char hostname[NI_MAXHOST] = "";
+	
+		error = getnameinfo(res->ai_addr, res->ai_addrlen, hostname, NI_MAXHOST, NULL, 0, 0); 
+		if (error != 0)
+		{
+		fprintf(stderr, "error in getnameinfo: %s\n", gai_strerror(error));
+		continue;
+		}
+		if (*hostname != '\0')
+		printf("hostname: %s\n", hostname);
+	}   
+	
+	freeaddrinfo(result);
+	return EXIT_SUCCESS;
+}