Request: upstream via a SOCKS proxy

Aleksandar Lazic al-nginx at none.at
Fri Jan 25 11:57:35 UTC 2013


Hi,

There are some http2socks proxy out there.

http://www.privoxy.org/
http://www.privoxy.org/user-manual/config.html#SOCKS

http://www.delegate.org/delegate/
http://www.delegate.org/delegate/Manual.htm#SOCKS

http://en.wikipedia.org/wiki/SOCKS#Translating_proxies

The setup coul looks like

client -> nginx  -> http-proxylistener -> socks-proxyrequester -> 
socks-server

OT: Sock5 is not so easy if you want to implement the full protocol, 
imho.

I Agree with you that this would be a nice upsteam module, even that I 
don't
need it at the moment.

Cheers
Aleks
Am 23-01-2013 17:05, schrieb Tom van der Woerdt:
> Hi,
> 
> A project I'm working on has a backend server that, for security
> reasons, can only be accessed via a SOCKS4a/SOCKS5 proxy. A frontend
> server for this project (nginx) has one simple task: to proxy all
> incoming connections to the backend server.
> 
> Right now, nginx cannot do this, because it has no support for
> proxying upstream connections via a SOCKS proxy. The current temporary
> workaround is to run another service on the frontend machine that acts
> like a HTTP server but proxies the data to the backend - basically
> everything I'd like nginx to do. I cannot use this service as my main
> frontend, because there are a few other files that also need to be
> served.
> 
> SOCKS4a and SOCKS5 are really easy protocols and are basically just
> sockets but with an alternate handshake (skip the DNS lookup, send the
> hostname to the socket instead). Since they should be so easy to
> implement, I'm requesting that on this mailing list.
> 
> I was thinking of a config file that would look something like this :
> 
>     upstream backend {
>         server hidden_dns.local socks4=127.0.0.1:1234;
>     }
> 
>     server {
>         location / {
>             proxy_pass http://backend;
>         }
>     }
> 
> As far as I'm aware, this feature wouldn't break anything, since a
> SOCKS connections behaves just like any other normal socket.
> 
> Thanks for considering,
> Tom van der Woerdt
> 
> 
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel



More information about the nginx-devel mailing list