Understanding the Socks5 Protocol

BZor picture BZor · Oct 4, 2011 · Viewed 12.9k times · Source

I'm a total newbie with socks5, but I'm trying learn by creating a socks5 server.

I've gotten a great deal of information about SocksV5 from reading RFC 1928.

It explains the packets which must be sent to the client and server in order to establish a connection to the server, request remote connections, and binding. It also explains how to use UDP which is great.

What I don't understand is what happens after the connection has been established.

For example,

Client: <sends method identifiers>
Server: <responds with the method identifier to use>
...authentication is complete....
Client: Sends a connection request to 192.168.1.1:2321
Server: Acknowledges Packet
Server: Acknowledges successful connection to 192.168.1.1:2321
Client: ????

What is the format of the packet that is sent from the client to the server to actually forward data to the destination?

Lets say the client asks the proxy server to establish 3 connections. When the client wants to forward data to connection 1, there must be a protocol for doing so. Otherwise, how will the server know which connection to send it to? I can't find any information in the RFC documents.

I guess the other question is, is this possible? Can the client request multiple connections or must it do them one at a time or establish a separate socket connection to the server for each connection it wants forwarded out?

Thanks for the help!

Answer

Remy Lebeau picture Remy Lebeau · Oct 4, 2011

Read the RFC again more carefully, it does tell you what you are asking for.

The client must establish a separate TCP connection with the SOCKS proxy for each server it wants to exchange data with, whether that data is TCP or UDP.

If the client is exchanging TCP data, it simply read/sends data over the same connection that it establishes with the proxy, after the proxy sends its success reply.

If the client is exchanging UDP data, the TCP connection is used to establish an associated UDP relay that the proxy uses to forward data back and forth. The client tells the proxy where to send inbound UDP packets to, and the proxy's success reply tells the client where to send outbound UDP packets to. The UDP replay is active as long as the TCP connection between the client and proxy is active.

Either way, the proxy handles all forwarding between the client and server transparently once the necessary parameters have been established.