OpenSourceArk/socks5-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added Regex destination matching

Browse Source
This commit is contained in:
Peter Huang 2021-07-24 21:22:03 +10:00
parent 76cd1a28e6
commit ca40be5600
3 changed files with 43 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -7,7 +7,13 @@ Simple socks5 server using go-socks5 with authentication options
## Start container with proxy ## Start container with proxy
```docker run -d --name socks5 -p 1080:1080 -e PROXY_USER=<PROXY_USER> -e PROXY_PASSWORD=<PROXY_PASSWORD> serjs/go-socks5-proxy``` ```
docker run -d --name socks5 -p 1080:1080 \
-e PROXY_USER=<PROXY_USER> \
-e PROXY_PASSWORD=<PROXY_PASSWORD> \
-e ALLOWED_DEST_FQDN=<REGEX_PATTERN> \
serjs/go-socks5-proxy
```
Leave `PROXY_USER` and `PROXY_PASSWORD` empty for skip authentication options while running socks5 server. Leave `PROXY_USER` and `PROXY_PASSWORD` empty for skip authentication options while running socks5 server.
@ -18,6 +24,7 @@ Leave `PROXY_USER` and `PROXY_PASSWORD` empty for skip authentication options wh
|PROXY_USER|String|EMPTY|Set proxy user (also required existed PROXY_PASS)| |PROXY_USER|String|EMPTY|Set proxy user (also required existed PROXY_PASS)|
|PROXY_PASSWORD|String|EMPTY|Set proxy password for auth, used with PROXY_USER| |PROXY_PASSWORD|String|EMPTY|Set proxy password for auth, used with PROXY_USER|
|PROXY_PORT|String|1080|Set listen port for application inside docker container| |PROXY_PORT|String|1080|Set listen port for application inside docker container|
|ALLOWED_DEST_FQDN|String|EMPTY|Allowed destination address regular expression pattern. Default allows all.|
|TZ|String|UTC|Set Timezone like in many common Operation Systems| |TZ|String|UTC|Set Timezone like in many common Operation Systems|
## Test running service ## Test running service

24
ruleset.go Normal file
View File

@ -0,0 +1,24 @@
package main
import (
"regexp"
"github.com/armon/go-socks5"
"golang.org/x/net/context"
)
// PermitDestAddrPattern returns a RuleSet which selectively allows addresses
func PermitDestAddrPattern(pattern string) socks5.RuleSet {
return &PermitDestAddrPatternRuleSet{pattern}
}
// PermitDestAddrPatternRuleSet is an implementation of the RuleSet which
// enables filtering supported destination address
type PermitDestAddrPatternRuleSet struct {
AllowedFqdnPattern string
}
func (p *PermitDestAddrPatternRuleSet) Allow(ctx context.Context, req *socks5.Request) (context.Context, bool) {
match, _ := regexp.MatchString(p.AllowedFqdnPattern, req.DestAddr.FQDN)
return ctx, match
}

11
server.go
View File

@ -12,6 +12,7 @@ type params struct {
User string `env:"PROXY_USER" envDefault:""` User string `env:"PROXY_USER" envDefault:""`
Password string `env:"PROXY_PASSWORD" envDefault:""` Password string `env:"PROXY_PASSWORD" envDefault:""`
Port string `env:"PROXY_PORT" envDefault:"1080"` Port string `env:"PROXY_PORT" envDefault:"1080"`
AllowedDestFqdn string `env:"ALLOWED_DEST_FQDN" envDefault:""`
} }
func main() { func main() {
@ -23,7 +24,7 @@ func main() {
} }
//Initialize socks5 config //Initialize socks5 config
socsk5conf := &socks5.Config{ socks5conf := &socks5.Config{
Logger: log.New(os.Stdout, "", log.LstdFlags), Logger: log.New(os.Stdout, "", log.LstdFlags),
} }
@ -32,10 +33,14 @@ func main() {
os.Getenv("PROXY_USER"): os.Getenv("PROXY_PASSWORD"), os.Getenv("PROXY_USER"): os.Getenv("PROXY_PASSWORD"),
} }
cator := socks5.UserPassAuthenticator{Credentials: creds} cator := socks5.UserPassAuthenticator{Credentials: creds}
socsk5conf.AuthMethods = []socks5.Authenticator{cator} socks5conf.AuthMethods = []socks5.Authenticator{cator}
} }
server, err := socks5.New(socsk5conf) if cfg.AllowedDestFqdn != "" {
socks5conf.Rules = PermitDestAddrPattern(cfg.AllowedDestFqdn)
}
server, err := socks5.New(socks5conf)
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }