5

i was reading this topic http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol

What I'm trying to do is:
I have a client/server application, I'm trying to use socks 4 BIND request to bind my server to a remote socks server, and make the clients connect to that socks server and the socks server will make them connect to my server (at least that's how I understand socks BIND request)

But I don't fully understand it (my English is kinda bad), what I'm asking is, is it possible to do so when I don't know any of the remote IPs of the clients? Since the server's BIND request package must contain the address of the remote client and I don't really have than since the clients are from unknown users retrieving status info from my server (or can I use 0 for INANY_ADDR) ?

Chenmunka
  • 685
  • 4
  • 21
  • 25
killercode
  • 1,666
  • 5
  • 29
  • 42

1 Answers1

7

What you are asking for is not possible with SOCKS, nor is it meant for that purpose. Read the spec again more carefully. The BIND command is meant for use with multi-connection protocols (like FTP), where a primary connection is used to communicate between a client and a server, and BIND facilitates situations where the server needs to connect a secondary connection to the client after the client tells the server where to connect. In that situation, the client would issue a BIND command to SOCKS telling it the server's IP/Port so it only accepts that connection, then send the resulting SOCKS listening IP/Port to the server to connect to.

What you are asking for is better served by using a router with Port Forwarding rules defined. Then you can open a listening port on the router that accepts any inbound connection and forwards it to your app's listening IP/Port. Most modern routers support uPNP (Universal Plug-N-Play) so you can configure the forwarding rules programmably instead of requiring admin access to the router's configuration software.

Remy Lebeau
  • 555,201
  • 31
  • 458
  • 770
  • thanks, i understood it better from ur example, got it now, thanks again. i was just looking for away to protect my server, so it it was attacked, the Socks Server will be and not my Local Server. – killercode Oct 12 '11 at 22:28
  • Use a router that has anti-attack logic built in. – Remy Lebeau Oct 12 '11 at 22:33
  • 2
    Remy, currently I am struggling with socks' rfc. Could you clarify some BIND aspects? How many inbound connections from a target host can be done on a BINDed socket? Only one? In my opinion this point is not obvious in rfc. – sim May 03 '14 at 10:37
  • @sim Once the new socket is bound, it only accepts one connection. After receiving a BIND request, the server sends a maximum of two replies: one after the socket is bound, and another after the anticipated incoming connection succeeds or fails. There is no third reply - further incoming connections are not included in RFC 1928 – AlbinoDrought Jul 17 '20 at 15:25
  • @sim reading the SOCKS 4 and 5 specs, the wording is pretty obvious that only 1 inbound connection is allowed per BIND request. – Remy Lebeau Jul 17 '20 at 16:34