2016-12-20 13:09:34 +03:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"log"
|
2023-12-25 23:00:06 +03:00
|
|
|
"net/netip"
|
2018-04-15 21:08:32 +03:00
|
|
|
"os"
|
|
|
|
|
|
|
|
"github.com/armon/go-socks5"
|
2023-12-25 23:00:06 +03:00
|
|
|
env "github.com/caarlos0/env/v6"
|
2016-12-20 13:09:34 +03:00
|
|
|
)
|
|
|
|
|
2018-06-13 22:34:35 +03:00
|
|
|
type params struct {
|
2023-12-25 23:00:06 +03:00
|
|
|
User string `env:"PROXY_USER" envDefault:""`
|
|
|
|
Password string `env:"PROXY_PASSWORD" envDefault:""`
|
|
|
|
Port string `env:"PROXY_PORT" envDefault:"1080"`
|
|
|
|
AllowedDestFqdn string `env:"ALLOWED_DEST_FQDN" envDefault:""`
|
|
|
|
AllowedIPs []string `env:"ALLOWED_IPS" envSeparator:"," envDefault:""`
|
|
|
|
AllowedNets []string `env:"ALLOWED_NETS" envSeparator:"," envDefault:""`
|
2018-06-13 22:34:35 +03:00
|
|
|
}
|
|
|
|
|
2016-12-20 13:09:34 +03:00
|
|
|
func main() {
|
2018-06-13 22:34:35 +03:00
|
|
|
// Working with app params
|
|
|
|
cfg := params{}
|
|
|
|
err := env.Parse(&cfg)
|
|
|
|
if err != nil {
|
|
|
|
log.Printf("%+v\n", err)
|
|
|
|
}
|
2018-04-15 21:08:32 +03:00
|
|
|
|
2018-06-13 22:34:35 +03:00
|
|
|
//Initialize socks5 config
|
2021-07-24 14:22:03 +03:00
|
|
|
socks5conf := &socks5.Config{
|
2018-04-15 21:08:32 +03:00
|
|
|
Logger: log.New(os.Stdout, "", log.LstdFlags),
|
2016-12-20 13:09:34 +03:00
|
|
|
}
|
2018-04-15 21:08:32 +03:00
|
|
|
|
2018-06-13 22:34:35 +03:00
|
|
|
if cfg.User+cfg.Password != "" {
|
2018-04-15 21:08:32 +03:00
|
|
|
creds := socks5.StaticCredentials{
|
|
|
|
os.Getenv("PROXY_USER"): os.Getenv("PROXY_PASSWORD"),
|
|
|
|
}
|
|
|
|
cator := socks5.UserPassAuthenticator{Credentials: creds}
|
2021-07-24 14:22:03 +03:00
|
|
|
socks5conf.AuthMethods = []socks5.Authenticator{cator}
|
2018-04-15 21:08:32 +03:00
|
|
|
}
|
|
|
|
|
2021-07-24 14:22:03 +03:00
|
|
|
if cfg.AllowedDestFqdn != "" {
|
|
|
|
socks5conf.Rules = PermitDestAddrPattern(cfg.AllowedDestFqdn)
|
|
|
|
}
|
|
|
|
|
|
|
|
server, err := socks5.New(socks5conf)
|
2016-12-20 13:09:34 +03:00
|
|
|
if err != nil {
|
2018-04-15 21:08:32 +03:00
|
|
|
log.Fatal(err)
|
2016-12-20 13:09:34 +03:00
|
|
|
}
|
|
|
|
|
2023-03-06 00:48:21 +03:00
|
|
|
// Set IP whitelist
|
2023-12-25 23:00:06 +03:00
|
|
|
if len(cfg.AllowedIPs) > 0 || len(cfg.AllowedNets) > 0 {
|
|
|
|
whitelist := make([]netip.Addr, len(cfg.AllowedIPs))
|
|
|
|
whitelistnet := make([]netip.Prefix, len(cfg.AllowedNets))
|
|
|
|
|
|
|
|
if len(cfg.AllowedIPs) > 0 {
|
|
|
|
for i, ip := range cfg.AllowedIPs {
|
|
|
|
whitelist[i], _ = netip.ParseAddr(ip)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if len(cfg.AllowedNets) > 0 {
|
|
|
|
for i, inet := range cfg.AllowedNets {
|
|
|
|
whitelistnet[i], _ = netip.ParsePrefix(inet)
|
|
|
|
}
|
2023-03-06 00:48:21 +03:00
|
|
|
}
|
2023-12-25 23:00:06 +03:00
|
|
|
|
|
|
|
server.SetIPWhitelist(whitelist, whitelistnet)
|
2023-03-06 00:48:21 +03:00
|
|
|
}
|
|
|
|
|
2023-12-25 23:00:06 +03:00
|
|
|
log.Printf("Started proxy service listening on port %s\n", cfg.Port)
|
2018-06-13 22:34:35 +03:00
|
|
|
if err := server.ListenAndServe("tcp", ":"+cfg.Port); err != nil {
|
2018-04-15 21:08:32 +03:00
|
|
|
log.Fatal(err)
|
2016-12-20 13:09:34 +03:00
|
|
|
}
|
2018-04-15 21:08:32 +03:00
|
|
|
}
|