13

are there any solution/patch that would make nginx work with a socks upstream?

something like this:

server {
  location / {
    proxy_pass  socks5://ip:port/
  }
}
est
  • 11,429
  • 14
  • 70
  • 118

2 Answers2

7

I've recently wrote a module doing exactly what you need. You might need something like HAProxy before nginx to support TLS tunneling.

dannote
  • 86
  • 1
  • 4
3

SOCKS is layer 5, HTTP is layer 7. An HTTP proxy cannot deal with SOCKS, although an HTTP proxy can work over SOCKS. It's unclear to me what you would expect Nginx to do with the response were it able to connect to the SOCKS server. It's similar to asking if Nginx could connect to NetBIOS or PTPP.

Assuming you are attempting to have Nginx proxy to another HTTP server that can only be reached via SOCKS, you need to set this up as part of your network stack on your operating system.

Maybe this link can help you:

http://www.catonmat.net/blog/linux-socks5-proxy/

cliff.wells
  • 735
  • 7
  • 9
  • 2
    yes, that's my point, instead of setting up another socks5 proxy (which performance is guranteed to suck, compared to nginx), why can't nginx handle socks5 directly (client requests an URL, nginx retrieve the URL via the socks5. It's just that simple)? – est Jun 28 '12 at 10:21
  • 1
    I'm unclear as to where you believe "the socks5" is in your description. It's something you have to configure in your OS. Once you've done that, then you can simply tell Nginx to proxy_pass to http://localhost:8080 (depending on your SOCKS setup) and it will work. – cliff.wells Jul 05 '12 at 21:56
  • The localhost:8080 performance will not match nginx's. You can't use this method for high bandwidth sites. – est Jul 06 '12 at 12:01
  • I wouldn't do a high-bandwidth site over SOCKS. That being said, SOCKS is a network interface, so you have to treat it as one. – cliff.wells Jul 09 '12 at 21:33
  • I understand you wouldn't, but I would, thus my question. SOCKS is a network interface which could in theory act as a nginx upstream. The http request will tell the network interface where to go next. – est Jul 10 '12 at 03:33
  • Have you simply tried using proxy_pass to your socks ip:port? – cliff.wells Jul 11 '12 at 18:39
  • 4
    It's perfectly valid to expect such functionality, you can easily implement it with nginx -> delegate -> sock5 . So, why it can't be expected to be done via nginx plugin? – Alex Craft Jul 30 '14 at 14:27
  • @AlexeyPetrushin Because one simply doesn't... you know :) [let's downvote Cliff now] – mlvljr Nov 28 '14 at 16:32