SOCKS Protocol Version 5 Library in Go. Full TCP/UDP and IPv4/IPv6 support

Overview

socks5

中文

Go Report Card GoDoc Donate Slack

SOCKS Protocol Version 5 Library.

Full TCP/UDP and IPv4/IPv6 support. Goals: KISS, less is more, small API, code is like the original protocol.

Install

$ go get github.com/txthinking/socks5

Struct is like concept in protocol

  • Negotiation:
    • type NegotiationRequest struct
      • func NewNegotiationRequest(methods []byte), in client
      • func (r *NegotiationRequest) WriteTo(w io.Writer), client writes to server
      • func NewNegotiationRequestFrom(r io.Reader), server reads from client
    • type NegotiationReply struct
      • func NewNegotiationReply(method byte), in server
      • func (r *NegotiationReply) WriteTo(w io.Writer), server writes to client
      • func NewNegotiationReplyFrom(r io.Reader), client reads from server
  • User and password negotiation:
    • type UserPassNegotiationRequest struct
      • func NewUserPassNegotiationRequest(username []byte, password []byte), in client
      • func (r *UserPassNegotiationRequest) WriteTo(w io.Writer), client writes to server
      • func NewUserPassNegotiationRequestFrom(r io.Reader), server reads from client
    • type UserPassNegotiationReply struct
      • func NewUserPassNegotiationReply(status byte), in server
      • func (r *UserPassNegotiationReply) WriteTo(w io.Writer), server writes to client
      • func NewUserPassNegotiationReplyFrom(r io.Reader), client reads from server
  • Request:
    • type Request struct
      • func NewRequest(cmd byte, atyp byte, dstaddr []byte, dstport []byte), in client
      • func (r *Request) WriteTo(w io.Writer), client writes to server
      • func NewRequestFrom(r io.Reader), server reads from client
      • After server gets the client's *Request, processes...
  • Reply:
    • type Reply struct
      • func NewReply(rep byte, atyp byte, bndaddr []byte, bndport []byte), in server
      • func (r *Reply) WriteTo(w io.Writer), server writes to client
      • func NewReplyFrom(r io.Reader), client reads from server
  • Datagram:
    • type Datagram struct
      • func NewDatagram(atyp byte, dstaddr []byte, dstport []byte, data []byte)
      • func NewDatagramFromBytes(bb []byte)
      • func (d *Datagram) Bytes()

Advanced API

Server. You can process client's request by yourself after reading Request from client. Also, here is a advanced interfaces.

  • type Server struct
  • type Handler interface
    • TCPHandle(*Server, *net.TCPConn, *Request) error
    • UDPHandle(*Server, *net.UDPAddr, *Datagram) error

Example:

s, _ := NewClassicServer(addr, ip, username, password, tcpTimeout, udpTimeout)
s.ListenAndServe(Handler)
  • If you want a standard socks5 server, pass in nil
  • If you want to handle data by yourself, pass in a custom Handler

Client. Here is a client support both TCP and UDP and return net.Conn.

  • type Client struct

Example:

c, _ := socks5.NewClient(server, username, password, tcpTimeout, udpTimeout)
conn, _ := c.Dial(network, addr)

Users:

Author

A project by txthinking

License

Licensed under The MIT License

Comments
  • udp associate port and address have the problem

    udp associate port and address have the problem

    Describe actual behavior

    What is your expected behavior

    Specifications like the version of the project, operating system, or hardware

    Steps to reproduce the problem

    opened by grayscott 28
  • how do you limit access to the udp association if the client is in a LAN?

    how do you limit access to the udp association if the client is in a LAN?

    In RFC 1928, it says:

    The DST.ADDR and DST.PORT fields contain the address and port that the client expects to use to send UDP datagrams on for the association. The server MAY use this information to limit access to the association.

    But if the client is in a LAN, the server would get a totally different addr and port when receiving udp packets because of the NAT.Then how could i limit access to the udp association?

    opened by Danieldachao 7
  • fix: should not dial bind addr directly

    fix: should not dial bind addr directly

    When server returns an any ip (0.0.0.0 or [::]), we should use conventional ip to replace the any ip given (0.0.0.0 or [::]). This behaviour adapts to most situations.

    See v2fly/v2ray-core#523


    Problem happens when socks5 proxy works on remote servers and different implementation will given different bind addr.

    For most situations it is issues of servers. However, clients should behave normally in one case that returned bind addr is an ANYIP (0.0.0.0 or [::]), which indicate that we should use a conventional remote address to connect.

    RFC does not illustrate the mechanism of bind addr; it is based on experience.

    opened by mzz2017 6
  • udp response destaddress and destport fault

    udp response destaddress and destport fault

    Describe actual behavior

    What is your expected behavior

    Specifications like the version of the project, operating system, or hardware

    Steps to reproduce the problem

    opened by grayscott 5
  • Convert to Go modules

    Convert to Go modules

    @txthinking

    I would like to ask how you feel about using Go modules with this?

    If you don't like go modules, my apologies, maybe I should have created an Issue first?

    Anyway, curious about your thoughts. (And thank you for a nice looking Socks5 proxy!)

    opened by cameronelliott 2
  • Support to use with privoxy

    Support to use with privoxy

    修复与三方软件privoxy配合使用 (privoxy是一个HTTP转socks5的软件,可能它有bug导致不支持分散的tcp write,导致此项目的socks5握手流程无法正常完成,改成一次性写入可以解决问题)

    Fixes # .

    Changes proposed in this pull request:

    @mentions

    opened by kahotv 1
  • socks5 proxy over socks5 proxy

    socks5 proxy over socks5 proxy

    Describe actual behavior

    Support socks5 proxy behind socks5 proxy

    What is your expected behavior

    Support socks5 proxy behind socks5 proxy

    Suggestion

    The client/server side dialer can be set separately: https://github.com/txthinking/socks5/blob/master/client.go#L235 https://github.com/txthinking/socks5/blob/master/server.go#L396

    opened by defool 0
  • Migrate the net.* structures to net.* interface types to allow different transports/address types

    Migrate the net.* structures to net.* interface types to allow different transports/address types

    Not associated with an existing issue.

    Changes proposed in this pull request:

    • This PR migrates txthinking/socks5 from using concrete net types(net.TCPAddr, net.TCPConn) to using interface net types(net.Addr, net.Conn, net.PacketConn).
    • It also implements the ability to add a custom Resolver and a custom Dialer which use interface types as well.
    • This allows developers to use custom dialers and resolves in order to work with alternate pseudo-TLD's directly. In my use case, this pseudo-tld is the .i2p space. Developers can now do something like this:
    package main
    
    import (
    	"github.com/eyedeekay/sam3/helper"
    	"github.com/eyedeekay/sam3/i2pkeys"
    	"github.com/txthinking/socks5"
    	"log"
    )
    
    func main() {
    	// Create a SOCKS5 server
    	addr := "127.0.0.1:8888"
    	ip := "127.0.0.1"
    	username := ""
    	password := ""
    	tcpTimeout := 60000
    	udpTimeout := 60000
    	i2pkeys.FakePort = true
    
    	primary, err := sam.I2PPrimarySession("sam-socks", "127.0.0.1:7656", "socks5")
    	if err != nil {
    		panic(err)
    	}
    
    	socks5.Dial = primary
    	socks5.Resolver = primary
    
    	server, err := socks5.NewClassicServer(addr, ip, username, password, tcpTimeout, udpTimeout)
    	if err != nil {
    		panic(err)
    	}
    	log.Println("Client Created")
    
    	// Create SOCKS5 proxy on localhost port 8000
    	if err := server.ListenAndServe(nil); err != nil {
    		panic(err)
    	}
    

    to transparently I2P-ify their applications.

    opened by eyedeekay 2
  •  NAT1 Full cone question

    NAT1 Full cone question

    Describe actual behavior

    I am working on changing the socks5 of this project to full cone(nat1). I would like to ask, can I only receive data packets from remote addr in the udp connection state? If a connect udp is established, such as 127.0.0.1:8003- >1.1.1.1:53, but I want to receive 1.1.1.2:33->127.0.0.1:8003 udp packets, can I only use the non-connected listening port to achieve this?

    What is your expected behavior

    nat1

    Specifications like the version of the project, operating system, or hardware

    Steps to reproduce the problem

    opened by rocinan 1
Owner
TxThinking
Keep it simple, stupid
TxThinking
Quickly find all IPv6 and IPv4 hosts in a LAN.

invaentory Quickly find all IPv6 and IPv4 hosts in a LAN. Overview ?? This project is a work-in-progress! Instructions will be added as soon as it is

Felix Pojtinger 7 May 17, 2022
Ipv6-ghost-ship - Silly usage of AWS EC2 IPv6 prefixes

ipv6-ghost-ship Twitter thread ?? As of July 2021, AWS EC2 instances can be assi

Aidan Steele 304 Oct 26, 2022
a go mini version TCP top on UDP for game connections or others.

sanhua sanhua(三花猫) is kind of cat with black, red and white color. This is a mini version TCP top on UDP, but with out resend lost packet. As we know.

Arion 1 May 31, 2022
CoreRAD is an extensible and observable IPv6 Neighbor Discovery Protocol router advertisement daemon. Apache 2.0 Licensed.

CoreRAD CoreRAD is an extensible and observable IPv6 Neighbor Discovery Protocol router advertisement daemon. Apache 2.0 Licensed. To get started with

Matt Layher 122 Nov 14, 2022
UDP Transport: compress, encrypt and send any data reliably over unreliable UDP connections

udpt UDP Transport Compresses, encrypts and transfers data between a sender and receiver using UDP protocol. Features and Design Aims: Avoid the overh

Ali Bala 42 Nov 5, 2022
UDP output for beats to send events over UDP.

beats-udp-output How To Use Clone this project to elastic/beats/libbeat/output/ Modify elastic/beats/libbeat/publisher/includes/includes.go : // add i

ichx 0 Dec 11, 2021
A SOCKS (SOCKS4, SOCKS4A and SOCKS5) Proxy Package for Go

SOCKS SOCKS is a SOCKS4, SOCKS4A and SOCKS5 proxy package for Go. Quick Start Get the package go get -u "h12.io/socks" Import the package import "h12

Hǎi-Liàng 453 Nov 17, 2022
Multi-threaded socks proxy checker written in Go!

Soxy - a very fast tool for checking open SOCKS proxies in Golang I was looking for some open socks proxies, and so I needed to test them - but really

pry0cc 45 Sep 6, 2022
Forked Version of Miekg's DNS library that recycles UDP sockets

Alternative (more granular) approach to a DNS library Less is more. Complete and usable DNS library. All Resource Records are supported, including the

null 0 Jan 20, 2022
Bee is a tool to scan ports by TCP and UDP protocols

Bee - Port scan tool ?? Bee is a tool to scan ports by TCP and UDP protocols Building from Source Code First, we compile the source code with the ligh

kraken 2 Oct 10, 2021
Program to simultaneously listen and respond on multiple TCP/UDP ports

listen Program to simultaneously listen on multiple TCP/UDP ports and reply back to anything sent along with IP addresses and lengths of data received

Purplecarrot 1 Feb 20, 2022
Golang pow implementation client <-> server over UDP and TCP protocols

Client <-> server over UDP and TCP pow protocol Denial-of-Service-attacks are a typical situation when providing services over a network. A method for

Nikita Kryuchkov 0 Jan 13, 2022
Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH.

Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server. Written in Go (golang). Chisel is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network.

Jaime Pillora 8.2k Nov 21, 2022
Send network packets over a TCP or UDP connection.

Packet is the main class representing a single network message. It has a byte code indicating the type of the message and a []byte type payload.

Aero 72 Nov 10, 2022
netscanner - TCP/UDP scanner to find open or closed ports

netscanner netscanner - TCP/UDP scanner to find open or closed ports installation you have to run this command to install the program $ go get github.

R4yan 200 Oct 8, 2022
Ethr is a Comprehensive Network Measurement Tool for TCP, UDP & ICMP.

Ethr Ethr is a cross platform network performance measurement tool written in golang. The goal of this project is to provide a native tool for compreh

Microsoft 5.5k Nov 20, 2022
A socks5 server(tcp/udp) written in golang.

socks5-server A socks5 server(tcp/udp) written in golang. Usage Usage of /main: -l string local address (default "127.0.0.1:1080") -p stri

null 32 Nov 20, 2022
P2P Forwarder - a tool for farwarding tcp/udp ports. Made using libp2p.

P2P Forwarder A tool for farwarding ports. Made using libp2p. How it works A: opens desired ports ports inside P2P Forwarder A: shares it's id from P2

null 31 Nov 14, 2022
🖨️ This is a simple IPv4 subnet calculator.

IPv4 Subnet Calculator Quick Start Linux & Mac: git clone https://github.com/0l1v3rr/subnet-calculator.git cd subnet-calculator make run Windows: (Onl

Olivér 12 Nov 2, 2022