Request: upstream via a SOCKS proxy

Tom van der Woerdt info at
Wed Jan 23 16:05:53 UTC 2013


A project I'm working on has a backend server that, for security 
reasons, can only be accessed via a SOCKS4a/SOCKS5 proxy. A frontend 
server for this project (nginx) has one simple task: to proxy all 
incoming connections to the backend server.

Right now, nginx cannot do this, because it has no support for proxying 
upstream connections via a SOCKS proxy. The current temporary workaround 
is to run another service on the frontend machine that acts like a HTTP 
server but proxies the data to the backend - basically everything I'd 
like nginx to do. I cannot use this service as my main frontend, because 
there are a few other files that also need to be served.

SOCKS4a and SOCKS5 are really easy protocols and are basically just 
sockets but with an alternate handshake (skip the DNS lookup, send the 
hostname to the socket instead). Since they should be so easy to 
implement, I'm requesting that on this mailing list.

I was thinking of a config file that would look something like this :

     upstream backend {
         server hidden_dns.local socks4=;

     server {
         location / {
             proxy_pass http://backend;

As far as I'm aware, this feature wouldn't break anything, since a SOCKS 
connections behaves just like any other normal socket.

Thanks for considering,
Tom van der Woerdt

More information about the nginx-devel mailing list