jpillora
UDP SOCKS5 protocol support
The armon/go-socks5 module only supports TCP CONNECT. SOCKS5 protocol also had support for UDP ASSOCIATE. Maybe we should consider switching to a module that has better protocol support. I've surveyed a few and most do not support UDP.
This module looks the most promising, but it would require a bit more code to wire it up:
https://github.com/txthinking/socks5
This is actually a lot more difficult than I anticipated. The SOCKS5 protocol, described by RFC1928 provides support for UDP but requires listening on two ports. To summarize this process, a client wishing to relay UDP packets through a SOCKS5 server must, at least:
- open a TCP connection to the SOCKS5 server;
- send a UDP ASSOCIATE request (cf section 4);
- receive from the server the address and port where it must send UDP packets to be relayed;
- send datagrams (UDP) to that address, encapsulated with some headers (cf section 7).
Here are some relevant quotations, from section 6:
A UDP association terminates when the TCP connection that the UDP ASSOCIATE request arrived on terminates.
In the reply to a UDP ASSOCIATE request, the BND.PORT and BND.ADDR fields indicate the port number/address where the client MUST send UDP request messages to be relayed.
and section 7:
A UDP-based client MUST send its datagrams to the UDP relay server at the UDP port indicated by BND.PORT in the reply to the UDP ASSOCIATE request.
In order to implement this, we would probably have to the SOCKS server listening (vs just passing and serving the net.Conn) with custom TCP and UDP handlers to egress through chisel. I'll do some thinking...
UDP SOCKS would be nice 👍 I also looked into this briefly but wasn't as simple as I'd hoped so decided to leave it out for now. Provided it doesn't raise complexity too much, would be happy to merge a PR for this :)
I think it could be added to the README.md that socks5 doesn't currently work with UDP. I have the same use case with tun2proxy (the goal il to make a transparent proxy)
