I need a socks 5 proxy server that can run on centos. This would use a block of IP's so that client X with IP Address zzz connects tomy proxy server with ip xxx and then to remote host with ip yyy.
What is the best server software that I should install?
ZoredacheWhat is the best server software that I should install?
113k31 gold badges233 silver badges381 bronze badges
user12145user121455734 gold badges20 silver badges39 bronze badges
2 Answers
Consider installing dante Socks 5 server:
AlexAlexyum install dante-server
You should enable a 3rd party repository to install it, I use RPMForge.6,6813 gold badges28 silver badges46 bronze badges
ss5. its not perfect, but its at least good, and free.
dunxd7,14119 gold badges73 silver badges113 bronze badges
SirexSirex4,7591 gold badge26 silver badges51 bronze badges
Not the answer you're looking for? Browse other questions tagged centosproxysocks or ask your own question.
All, please try 1.12.0-rc4 to see if this works.
I have this working locally just fine with
ALL_PROXY
and 1.12.0-rc4. Take a look at the instructions here, that Docker Machine example should work fine.docker -H socks5h://localhost:port ps
is not the correct format. ALL_PROXY=socks5://localhost:port docker ps
is (note the lack of h
in the protocol -- the Golang upstream lib we are using does not support socks5h
, just socks5
).You do not want to attempt to contact the Docker daemon at the SOCKS proxy's address, you want to route the Docker client request through the SOCKS proxy. You must use the idiomatic UNIX environment variables to do this, e.g.
ALL_PROXY
.Note that in order for this to work there must be a connectable port listening on the other end, e.g.
:2375
(the default of listening on the UNIX domain socket is not sufficient!) or, in Machine's case, :2376
which is running with TLS (requiring you to also set the DOCKER_*
TLS related environment variables). As @phemmer notes in that issue exposing :2375
directly is a big security issue. DON'T DO IT UNLESS YOU KNOW EXACTLY WHAT YOU ARE DOING PLEASE.Thanks all, I think this issue can be closed @cpuguy83 .
EDIT: I had a typo, very importantly,
socks5h://
proto will NOT work, only socks5://
. The critical difference between the two being host name resolution IIRC.Redsocks is the tool that allows you to proxify(redirect) network traffic through a SOCKS4, SOCKS5 or HTTPs proxy server. It works on the lowest level, the kernel level (iptables). The other possible way is to use application level proxy, when the proxy client is implemented in the same language as an application is written in. Redsocks operates on the lowest system level, that’s why all running application don’t even have an idea that network traffic is sent through a proxy server, as a result it is called a transparent proxy redirector.
Prerequisites
If you are reading this article, you should probably have an idea why do you need to use a proxy server. Furthermore, you should be acquainted with basic proxy terms and definitions in order to understand everything described in this tutorial. It wouldn’t hurt to have some Linux administration skills as well.
For this tutorial I will be using Centos 7 Minimal installation, it has only the most essential applications installed. But you are free to use any distro, you may skip some steps then.
How does Redsocks work ?
Before start installing Redsocks, I think it is always worth to know how something works internally. And it will help to understand this tool better and therefore troubleshoot issues.
First of all, Redsocks leverages features provided by the Linux kernel firewall (Netfilter module)
I hope this diagram will help you to understand the flow of a packet while using Redsocks.
Here is a brief explanation how does a packet get redirected to Redsocks.
- When a packet is sent from an app in the system it is handled by the kernel, it triggers the NT_ hooks (defined in <linux/netfilter.h>).
- The ip_tables kernel module registers at netfilter’s hooks and proceed them according to defined rules.
- We are defining rules using the iptables command line utility (these rules will be described later in this article). And they are defined in the way that some or mostly all packets are redirected to the local process listening on a port, 12345 in case of Redsocks.
- All redirected packets are handled by Redsokcs conforming to the configuration file rules.
- Redsocks redirects packets to proxy servers.
Step 1 — Getting Redsocks source code
First and foremost, you need to update repositories and installed software on the system.
In order to install Redsocks we need to compile it at first. Change into a directory you want to keep source code in.
By default the git command line tool is not installed in most Centos distros. So install it at first.
And clone Redsocks source code from the git repository.
Now change the directory to the redsocks.
Try to compile the application, but it will probably fail. In my case I don’t have even make installed.
Step 2 — Compiling Redsocks
Firstly you need to install build-tools(Development Tools) if you haven’t already.
Next, we need to install dependencies to successfully compile Redsocks.
After installation try to compile Redsocks again using the make command. If compilation succeed you should see the compiled binary file in the current directory.
Now you can copy the binary file to any folder defined in the $PATH variable, to be able to execute it without specifying a full path to Redsocks.
Step 3 — Setting Iptables Rules
To redirect necessary packets to Redsocks we need to define some iptables rules.I will use the rules suggested on the official Redsocks page. Afreen afreen mp3 ringtone download pagalworld.
The rule above creates a new custom chain in the NAT table.
Next we need to exclude all local and reserved network addresses. As a result all packets with the destination address from the following ranges will not be sent to Redsocks.
Now we need to add a rule that will redirect all packets from our custom REDSOCKS chain to the local port, we will use the default one – 12345
Please note, this rule doesn’t redirect every packet sent in the system to the port 12345, it only redirects packets that are already passed inside the REDSOCKS chain. You can check this, for example using the following command.
Consequently, we need to define a rule that will redirect chosen packets by some criteria to the REDSOCKS chain. You are free to apply any rules you want, but I will show how to redirect all HTTP and HTTPS packets through a proxy. Define the following rules.
Also you may need to define the following rules in the PREROUTING chain. For redirecting incomming packets to the REDSOCKS chain.
Do not be confused about these rules. They are applied only for incoming packets, that’s why the chain is called PRE ROUTING. Here is the diagram that shows the packet flow through iptables tables and chains.
Furthermore, you are free to define any rules you need, just remember to jump (-j REDSOCKS) to the REDSOCKS chain. Here another example from the official documentation. It redirects only packets sent from a specific user, this could be very useful in some cases. You can follow the user per application strategy (similar used in Android), as a result you will be able set application specific rules.
One more important point, avoid using the root user in iptables rules or you may get stuck in the infinite loop. Here is a problem I’ve encountered because of my inattention.
Having set iptables rules the final step is to configure Redsocks itself using the configuration file.
Step 4 — Configuring Redsocks
Create a file with the name redsocks.conf in the same directory (or any other directory) where the binary file is located. And let’s start by defining the base section of the configuration file as follows.
I think each parameter is self-explanatory. You can find a complete description of every option in the example of configuration file in the official repository.
Next we need to define proxies. This is done using redsocks sections. Here is an example of a possible proxy configuration.
As you can see from the configuration above, this is the SOCKS5 proxy configuration. Redsocks will listen to the port 12345. We have provided credentials to authenticate ourselves on the proxy server as well.
You create multiple redsocks sections. But you have to specify a different local port and as a result you need to set appropriate iptables rules.
As an example, you can use the tricky technique to simulate load balancing with the help of the random module.
Centos Proxy Server
There are lot of other ways to define iptables rules for using with multiple proxies, for instance you can use the mangle table, create another chain (ex. REDSOCKS_HTTP) and so on.
Step 5 — Testing proxies with Redsocks
Configure Proxy On Centos 7
Now it is time to test our configuration. Save the configuration file. Navigate to the folder with the Redsocks compiled executable file. And execute the following command.
If your configuration file is valid and there are no other errors you should almost return immediately in case or running in the daemon mode or see the similar output with the daemon mode off.
Furthermore, you can use the netstat tool to get list of processes bound to ports.
Now try to make any request as the specified user or to match a rule you defined on your own. For example, use the following curl request to get your external IP address.
Socks 5 Proxy Free
If the redsocks process is attached to the terminal, you should see something like that in stderr.
If you encountered any error check debug output in the first place.
Conclusion
In this tutorial I’ve described how to install Redsocks on Centos 7. Redsocks provides a very convenient way to configure a proxy environment, starting from a single proxy server to a dozens of proxies of different type. In addition if you are missing some features in the original project, you can check out a fork – Redsocks2.
I hope this tutorial was useful for you. If you have any troubles with setting up Redsocks, please feel free to leave comments below.
Recent posts
- Feb 16, 2019Hacking Java Applications with Byte Buddy and Decompilers
- Jan 5, 2019Page Specific Dynamic Angular Components using Child Routes
- Oct 13, 2018Understanding Dagger 2 Scopes Under The Hood
- Jul 21, 2018Understanding and using Xdebug with PHPStorm and Magento remotely
- Jun 24, 2018Creating Microservices with Golang, gRPC, Kubernetes, Consul
Popular posts
- 51438 ViewsRouting network traffic through a transparent SOCKS5 proxy using DD-WRT
- 46151 ViewsHow to Install The Latest Apache Server (httpd) on Centos 7
- 26721 ViewsAndroid Reverse Engineering: Debugging Smali in Smalidea
- 24514 ViewsCreating Custom Radio Groups & Radio Buttons in Android
- 22118 ViewsHow to Unbrick TP-Link WiFi Router WR841ND using TFTP and Wireshark
![Socks5 Socks5](/uploads/1/2/3/7/123721510/436310618.jpg)
apart from that I have created proxy.sh file under /etc/profile.d/ and put the same proxy configuration line to it as well
and configure DNS on /etc/resolv.conf by adding google DNS 8.8.8.8
But still I couldn't resolve the google DNS. ping 8.8.8.8 send reply packets as well
First I observe this DNS issue when I received the below error message
curl: (6) Couldn't resolve host 'packages.graylog2.org'
I need to configure proxy settings using command line only. Plz help me, if any body setup this kind of incident earlier.