Request: upstream via a SOCKS proxy
Tom van der Woerdt
info at tvdw.eu
Fri Jan 25 11:37:42 UTC 2013
As far as I know, the tcp proxy module intends to be a reverse proxy for
any tcp connection, while my SOCKS suggestion would be to support
forward proxies in proxy_pass, uwsgi_pass, fastcgi_pass, etc.
Tom
Op 1/25/13 4:45 AM, ??? schreef:
> I have no idea about the SOCK4a/SOCK5 protocol. Is it similar with the
> tcp proxy module? https://github.com/yaoweibin/nginx_tcp_proxy_module
>
> 2013/1/24 Tom van der Woerdt <info at tvdw.eu <mailto:info at tvdw.eu>>
>
> Hi,
>
> A project I'm working on has a backend server that, for security
> reasons, can only be accessed via a SOCKS4a/SOCKS5 proxy. A
> frontend server for this project (nginx) has one simple task: to
> proxy all incoming connections to the backend server.
>
> Right now, nginx cannot do this, because it has no support for
> proxying upstream connections via a SOCKS proxy. The current
> temporary workaround is to run another service on the frontend
> machine that acts like a HTTP server but proxies the data to the
> backend - basically everything I'd like nginx to do. I cannot use
> this service as my main frontend, because there are a few other
> files that also need to be served.
>
> SOCKS4a and SOCKS5 are really easy protocols and are basically
> just sockets but with an alternate handshake (skip the DNS lookup,
> send the hostname to the socket instead). Since they should be so
> easy to implement, I'm requesting that on this mailing list.
>
> I was thinking of a config file that would look something like this :
>
> upstream backend {
> server hidden_dns.local socks4=127.0.0.1:1234
> <http://127.0.0.1:1234>;
> }
>
> server {
> location / {
> proxy_pass http://backend;
> }
> }
>
> As far as I'm aware, this feature wouldn't break anything, since a
> SOCKS connections behaves just like any other normal socket.
>
> Thanks for considering,
> Tom van der Woerdt
>
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org <mailto:nginx-devel at nginx.org>
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
>
>
>
> --
> Weibin Yao
> Developer @ Server Platform Team of Taobao
>
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20130125/52d96932/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3729 bytes
Desc: S/MIME-cryptografische ondertekening
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20130125/52d96932/attachment-0001.bin>
More information about the nginx-devel
mailing list