SS5 SOCKS Proxy: Difference between revisions

wiki.TerraBase.info
Jump to navigation Jump to search
← Older editNewer edit →
VisualWikitext
No edit summary
No edit summary
Line 11: Line 11:
By default SS5 listens on port 1080.  Since my environment uses OpenVPN VPNs and SS5 is not exposed publicly, there wasn't any additional configuration to do or stuff to worry about.
By default SS5 listens on port 1080.  Since my environment uses OpenVPN VPNs and SS5 is not exposed publicly, there wasn't any additional configuration to do or stuff to worry about.


As noted above the software is more than half a decade old.  In my case it meant it wasn't build for the CentOS 7 systemctl "Unit" world, but it worked with a modification.  The permission on the /etc/init.d/ss5 file had to be changed: chmod 755 /etc/init.d/ss5 and then systemctl enable ss5 worked correctly as did systemctl start ss5.
As noted above the software is more than half a decade old.  In my case it meant it wasn't build for the CentOS 7 systemctl "Unit" world, but it worked with a couple of modifications.  The SS5 software did not automatically create a directory for its PID file, so added the /var/run/ss5 directory and it was able to add the PID file.  The permission on the /etc/init.d/ss5 file had to be changed: chmod 755 /etc/init.d/ss5 and then systemctl enable ss5 worked correctly as did systemctl start ss5.


From there I checked it with my "client software" (which has SOCKS Proxy client capability built in) and verified that it worked.  After that it was a matter of making sure the software only connected through the SOCKS Proxy which meant checking off every "Use..." and "Disable..." box under the Connection Section.  Tested again by turning the SS5 SOCKS Proxy off which resulted in nothing happening from my client, then turning SS5 back on and everything worked.  That meant all traffic for that client was routed through the SS5 SOCKS Proxy.  And I verified it with this command (and saw a bazillion connections related to SS5): netstat -anp | grep ss5.
From there I checked it with my "client software" (which has SOCKS Proxy client capability built in) and verified that it worked.  After that it was a matter of making sure the software only connected through the SOCKS Proxy which meant checking off every "Use..." and "Disable..." box under the Connection Section.  Tested again by turning the SS5 SOCKS Proxy off which resulted in nothing happening from my client, then turning SS5 back on and everything worked.  That meant all traffic for that client was routed through the SS5 SOCKS Proxy.  And I verified it with this command (and saw a bazillion connections related to SS5): netstat -anp | grep ss5.  Double verified it by noticing there was almost zero traffic through the host computer's default gateway router and a lot of bandwidth through a separate VPN router.


My client software is a bandwidth hog, so all the other traffic flowing through the VPN tunnel was very slow.  Oh, well.
My client software is a bandwidth hog, so all the other traffic flowing through the VPN tunnel was very slow.  Oh, well.

Revision as of 17:33, 22 September 2019

...this isn't a "how to" article. Just some tips on getting a SOCKS Proxy working.

Read this first: https://en.wikipedia.org/wiki/SOCKS

This is the SOCKS Proxy software I chose: http://ss5.sourceforge.net/project.htm Complicated and way overkill for what I needed, but it worked. It also seems to be a bit old (2013) and not developed anymore, but solid and worked like it should. Maybe it is a mature product and doesn't need improvements.

Instead of compiling it from source code, and given that it's about half a decade old, I figured someone made an RPM for CentOS. But they didn't, so I followed the directions here: https://kenelm1985.wordpress.com/2016/07/28/socks5-server-setup-on-redhat-enterprise-linux-7/ and downloaded the source from here: https://rpmfind.net/linux/rpm2html/search.php?query=ss5 and made my own RPM which ended up here /MyHomeDirectory/rpmbuild/RPMS and then I installed it using YUM.

For configuration the default configuration worked fine and the only item(s) necessary (per the above instructions) were to add settings in the authorization section. 

permit -	MySubnetIP/24	-	0.0.0.0/0	-	-	-	-	-

By default SS5 listens on port 1080. Since my environment uses OpenVPN VPNs and SS5 is not exposed publicly, there wasn't any additional configuration to do or stuff to worry about.

As noted above the software is more than half a decade old. In my case it meant it wasn't build for the CentOS 7 systemctl "Unit" world, but it worked with a couple of modifications. The SS5 software did not automatically create a directory for its PID file, so added the /var/run/ss5 directory and it was able to add the PID file. The permission on the /etc/init.d/ss5 file had to be changed: chmod 755 /etc/init.d/ss5 and then systemctl enable ss5 worked correctly as did systemctl start ss5.

From there I checked it with my "client software" (which has SOCKS Proxy client capability built in) and verified that it worked. After that it was a matter of making sure the software only connected through the SOCKS Proxy which meant checking off every "Use..." and "Disable..." box under the Connection Section. Tested again by turning the SS5 SOCKS Proxy off which resulted in nothing happening from my client, then turning SS5 back on and everything worked. That meant all traffic for that client was routed through the SS5 SOCKS Proxy. And I verified it with this command (and saw a bazillion connections related to SS5): netstat -anp | grep ss5. Double verified it by noticing there was almost zero traffic through the host computer's default gateway router and a lot of bandwidth through a separate VPN router.

My client software is a bandwidth hog, so all the other traffic flowing through the VPN tunnel was very slow. Oh, well.

Retrieved from "https://wiki.terrabase.info/index.php?title=SS5_SOCKS_Proxy&oldid=85"