proxysocks

Understanding the Socks5 Protocol


I'm a total newbie with socks5, but I'm trying learn by creating a socks5 server.

I've gotten a great deal of information about SocksV5 from reading RFC 1928.

It explains the packets which must be sent to the client and server in order to establish a connection to the server, request remote connections, and binding. It also explains how to use UDP which is great.

What I don't understand is what happens after the connection has been established.

For example,

Client: <sends method identifiers>
Server: <responds with the method identifier to use>
...authentication is complete....
Client: Sends a connection request to 192.168.1.1:2321
Server: Acknowledges Packet
Server: Acknowledges successful connection to 192.168.1.1:2321
Client: ????

What is the format of the packet that is sent from the client to the server to actually forward data to the destination?

Lets say the client asks the proxy server to establish 3 connections. When the client wants to forward data to connection 1, there must be a protocol for doing so. Otherwise, how will the server know which connection to send it to? I can't find any information in the RFC documents.

I guess the other question is, is this possible? Can the client request multiple connections or must it do them one at a time or establish a separate socket connection to the server for each connection it wants forwarded out?

Thanks for the help!


Solution

  • Read the RFC again more carefully, it does tell you what you are asking for.

    The client must establish a separate TCP connection with the SOCKS proxy for each target server it wants to exchange data with, whether that data is TCP or UDP.

    If the client is exchanging TCP data with the target server, it simply reads/sends whatever TCP data it wants over the same connection it has established with the proxy, after the proxy has sent its success reply.

    If the client is exchanging UDP data with the target server, the TCP connection with the proxy is used to establish an associated UDP relay that the proxy then uses to forward UDP data back and forth. The client uses the TCP connection to tell the proxy where to send inbound UDP packets to, and the proxy's success reply tells the client where to send outbound UDP packets to. The UDP relay is active as long as the TCP connection between the client and proxy is active.

    Either way, the proxy handles all forwarding between the client and target server transparently once the necessary parameters have been established.