Difference between HTTP(s) Reverse Proxy, TCP Proxy, Socks5 Proxy?

Question

Here are my understandings about these and I see few gaps there; especially when and where to use

HTTP(s) proxy:

• Can be used as TLS termination proxy
• Can be used to modify HTTP headers
• Can be used as a load balancer or a public IP provider in front of DMZ to shield backend servers

TCP Proxy

• Can be used as reverse proxy for TCP connections and can support not only HTTP but also other application layer protocols such as FTP

My question(s)

• If I only accept HTTP web traffic what are the use cases where we should use TCP proxy instead of HTTP Proxy
• Is this understanding connect? TCP clients can connect to a single socket on TCP proxy and TCP Proxy can open up multiple connections to the backend servers something similar load balancers

SOCKS5 Proxy

• From Wikipedia

Socket Secure (SOCKS) is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 additionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.

SOCKS performs at Layer 5 of the OSI model (the session layer, an intermediate layer between the presentation layer and the transport layer). SOCKS server accepts incoming client connection on TCP port 1080

My questions

• What is the use of SOCKS proxy in an web application
• Difference between TCP and SOCKS5 proxy
• In TCP/IP model is it a transport layer protocol
• What are the use cases for proxying UDP connections

Answer 1

If I only accept HTTP web traffic what are the use cases where we should use TCP proxy instead of HTTP Proxy

A TCP proxy terminates the incoming TCP socket, opens outbound socket and moves data in between. It doesn't/can't change the data in between since it doesn't understand any of it. Most often, a TCP proxy is statically configured and can only create connections to a single host:port combination.

An HTTP proxy understands HTTP. It looks at the incoming HTTP request and uses an outbound, potentially changed HTTP request to fulfill the request. The proxy can read the HTTP request's host address and connect to multiple hosts that way. It is aware of the HTTP application level which a TCP proxy isn't. Some HTTP proxies can even fulfill FTP or HTTPS requests for clients just using HTTP.

A "forward" proxy is a proxy connecting from private to public IP space (which was the original idea for a proxy) while a "reverse" proxy connects from public to private IP (e.g. mapping to multiple web servers from a single, public IP). Technically, it's the same, but from the security POV there's a huge difference (in "forward" you trust the clients, in "reverse" you trust the servers).

Is this understanding connect? TCP clients can connect to a single socket on TCP proxy and TCP Proxy can open up multiple connections to the backend servers something similar load balancers

Yes.

Difference between TCP and SOCKS5 proxy

SOCKS5 is a general proxy protocol that can do more than a TCP proxy, including one-to-many connections, listening ports, and UDP.

In TCP/IP model is it a transport layer protocol

To me, SOCKS5 is an application layer protocol to arbitrate a transport protocol connection. Some argue that SOCKS5 is a session layer protocol in between transport and application layer - that holds some truth but the session layer is ill-defined in TCP/IP.

What are the use cases for proxying UDP connections

For instance, SOCKS5 can be used for private-to-public Internet access or for (insecure) public-to-private LAN access.