--proxy (Specify proxy address)
Requests proxying through
using the protocol specified by
If no port is specified, the proxy protocol's well-known port is used (1080 for
SOCKS and 3128 for HTTP). When specifying an IPv6 HTTP proxy server
using the IP address rather than the hostname, the square-bracket
notation (for example [2001:db8::1]:8080) MUST be used to separate
the port from the IPv6 address.
If the proxy requires authentication, use
--proxy-type (Specify proxy protocol)
In connect mode, this option requests the protocol
to connect through the proxy host specified by
--proxy. In listen mode,
this option has Ncat act as a proxy server using the specified protocol.
The currently available protocols in connect mode are
socks4 (SOCKSv4), and
The only server currently supported is
If this option is not used, the default protocol is
--proxy-auth (Specify proxy credentials)
In connect mode, gives the credentials that will be used to
connect to the proxy server. In listen mode, gives the credentials
that will be required of connecting clients. For use with
--proxy-type http or
--proxy-type socks5, the form should be
--proxy-type socks4, it should be a username only.
These credentials can be alternatively passed onto Ncat by
setting environment variable
which reduces the risk of the credentials being captured in process
--proxy-dns (Specify where to resolve proxy destination)
In connect mode, it provides control over whether proxy
destination hostnames are resolved by the remote proxy server or
locally, by Ncat itself.
Possible values for
local - Hostnames are resolved locally on
the Ncat host. Ncat exits with error if the hostname cannot be
remote - Hostnames are passed directly onto
the remote proxy server. This is the default behavior.
both - Hostname resolution is first
attempted on the Ncat host. Unresolvable hostnames are passed onto
the remote proxy server.
none - Hostname resolution is completely
disabled. Only a literal IPv4 or IPv6 address can be used as
the proxy destination.
Local hostname resolution generally respects IP version
specified with options
except for SOCKS4, which is incompatible with IPv6.