4

I've been studying RFC 1928 and the description of the BIND operation wasn't clear to me. The setup sequence is described as follows, as I understand it:

  1. The client establishes connection to the SOCKS5 server
  2. The client performs the CONNECT request
  3. The client establishes new TCP connection to the SOCKS5 server and requests BIND
  4. The server replies immediately with the result of the BIND operation
  5. Upon receiving incoming connection, the SOCKS5 server sends the notification to the client

What is not immediately clear for me is the step 5. Do I have to re-request BIND afterwards to allow for more incoming connections?

As far as I understand, the same TCP connection (established at the step 3) is used for communication with the accepted peer. What if I need to keep accepting connections on the same address:port? Is it possible, after all?

Community
  • 1
  • 1
Roman Dmitrienko
  • 3,375
  • 3
  • 37
  • 48
  • Is CONNECT really needed? I was thinking that it is just expected for protocols like FTP but not necessary for BIND. And what exactly use of CONNECT in BIND? – PSKP Jul 17 '23 at 16:49
  • @PSKP Oof, that was quite a while ago. I don't exactly remember what I was working on back then. Guess I needed a CONNECT to connect to a remote system via proxy, issue some request, and then use BIND to let the remote system connect back and send its data. But I fail to recall what or why I was doing. – Roman Dmitrienko Jul 20 '23 at 10:48

1 Answers1

3

You need a separate BIND request for each connection you want to accept, as there is only 1 notification sent back by the SOCKS proxy when a client connects to the bound port. Whether or not the SOCKS5 proxy allows multiple BIND requests on the same IP/Port depends on the proxy's implementation.

Remy Lebeau
  • 555,201
  • 31
  • 458
  • 770