3

I am looking at traffic generated by my computer when socks server is defined. I read over the internet and see that its possible to route udp also trough the proxy server. when i try using different apps that uses UDP and allows socks settings, it uses it only for tcp traffic. why? I have defined SOCKS5, as i understand that v4 doesnt support udp (why?) i tried an example, Vuze client - its expert mode allows to prefer udp traffic, setup socks server and even at this point, any udp goes directly to peers. My wish is to monitor the traffic and see how its transmitted, is it over UDP connection with socks server, or does it actually connects to the socks server in TCP and sends the data, which is then sent via udp to the destination?

buddy123
  • 5,679
  • 10
  • 47
  • 73
  • Are you connecting through a local SOCKS5 proxy, or a remote one? If the SOCKS proxy can't be reached, the traffic will be sent directly. – Fls'Zen Dec 26 '12 at 16:49
  • Im connecting to a working socks5 i found on sockslist.net, its working flawlessly for tcp connections but i wonder if its possible to route udp traffic over it also. is it? – buddy123 Dec 27 '12 at 06:13
  • 1
    Are you network sniffing while this is going on? You should see your client software performing a UDP ASSOCIATE with the SOCKS5 proxy.This association is done over the TCP connection to the proxy. Refer to the spec for details: http://tools.ietf.org/html/rfc1928 – Fls'Zen Dec 27 '12 at 12:59
  • Does the UDP ASSOCIATE takes place only **after** the first negotiation ends (when the server sends back 0x05 ? – buddy123 Dec 30 '12 at 05:48
  • The RFC seems to indicate that is the case. – Fls'Zen Dec 31 '12 at 01:31

2 Answers2

8

When a client wants to relay UDP traffic over the SOCKS5 proxy, the client makes a UDP associate request over the TCP. SOCKS5 server then returns an available UDP port to the client to send UDP packages to.

Client then starts sending the UDP packages that needs to be relayed to the new UDP port that is available on SOCKS5 server. SOCKS5 server redirects these UDP packages to the remote server and redirects the UDP packages coming from the remote server back to the client.

When client wants to terminate the connection, it sends a FIN package over the TCP. The SOCKS5 server then terminates the UDP connection created for the client and then terminates the TCP connection.

Koray Gocmen
  • 674
  • 6
  • 18
0

Double SSH Tunnel Manager support SOCKS5 With UDP 3proxy Server support UDP

Maks Glyncev
  • 11