Revision 1 as of 2013-11-06 16:24:19
changed from "#language en" to "ru"
|Deletions are marked like this.||Additions are marked like this.|
|Line 1:||Line 1:|
|#language en||#language ru|
|Line 8:||Line 8:|
|## If your page gets really long, uncomment this Table of Contents||## If your page gets really long, uncomment this Table of Contents|
SOCKS is an Internet protocol that facilitates the routing of network packets between client–server applications via a proxy server. SOCKS performs at Layer 5 of the OSI model—the session layer (an intermediate layer between the presentation layer and the transport layer). Port 1080 is the registered port designated for the SOCKS server.
The SOCKS5 protocol was originally a security protocol that made firewalls and other security products easier to administer. (source: Wikipedia: SOCKS)
Debian provides some SOCKS5 compatible server... search SOCKS in your prefered packages manager, like: apt-cache search SOCKS At the time of writting, DebianTesting has:
hpsockd - HP SOCKS server
dante-server - SOCKS (v4 and v5) proxy daemon (danted)
socks4-server - SOCKS4 server for proxying IP-based services over a firewall
Also, many people uses openssh to act as a SOCKS5 server, see http://www.debian-administration.org/article/SSH_dynamic_port_forwarding_with_SOCKS
Some applications can be instructed to use the SOCKS proxy in various ways:
Gnome compatible applications should use the system settings (in Menu >> System >> Preferences >> Network Proxy). KDE may have similar setting.
- Most applications can use some kind of helper, which encapsulate/proxy the application's connection(s) through the specified server (more below)
SOCKS helpers & wrappers
connect-proxy - Establish TCP connection using SOCKS4/5 or HTTP tunnel
socat - multipurpose relay for bidirectional data transfer
tsocks - transparent network access through a SOCKS 4 or 5 proxy
proxychains - proxy chains - redirect connections through proxy servers
dante-client - SOCKS wrapper for users behind a firewall
redsocks - Redirect any TCP connection to a SOCKS or HTTPS proxy server
(If you wonder which one is the most poular, check: popcon )
Application specific instructions
Using SSH client
(If your gateway doesn't have a SOCKS helper, there are some alternatives, using netcat http://benno.id.au/blog/2006/06/08/ssh_proxy_command , or even this one [which doesn't work in Debian because of 146464] http://www.rschulz.eu/2008/09/ssh-proxycommand-without-netcat.html )
tsocks can be used too.
SSH and connect-proxy
Assuming your SOCKS server is running on your localhost, listening on port 20000, you could run one of the following commands:
ssh root@mysshserver -o ProxyCommand='connect-proxy -S localhost:20000 %h %p'
Configure your ~/.ssh/config:
host mysshserver User root ProxyCommand connect-proxy -S localhost:20000 %h %p
then simply run: ssh mysshserver
Define an environement variable and an alias in ~/.bashrc :
export SOCKS5_SERVER=localhost:20000 alias ssh_socks="ssh -o ProxyCommand='connect-proxy -s %h %p'"
which makes it easy to ssh through your SOCKS proxy when you need it, by simply running: ssh_socks root@mysshserver
torsocks - use socks-friendly applications with Tor
corkscrew - tunnel TCP connections through HTTP proxies