Skip to content

Commit

Permalink
Implement optional support for SOCKS5-UDP
Browse files Browse the repository at this point in the history
This change adds a new option, --socks5-udp.  If this option is
present, and no UDP gateway is specified, UDP packets will no
longer be dropped.  Instead, the client will use the SOCKS5
UDP ASSOCIATE command to route UDP packets through the proxy
server.

This implementation is intended for use with any UDP data, and it
includes an optimization for packets containing DNS queries.
However, this implementation is currently limited to localhost
SOCKS5 servers. SOCKS5-UDP does not perform well over actual
network links, as it requires several roundtrips to the server and
is not compatible with NAT.

This implementation is currently in use in a fork of tun2socks used
by Outline (https://getoutline.org) and Intra (https://getintra.org).

Fixes ambrop72#56
  • Loading branch information
Ben Schwartz authored and ambrop72 committed Feb 1, 2020
1 parent 4c1c128 commit ae4edfb
Show file tree
Hide file tree
Showing 17 changed files with 869 additions and 83 deletions.
1 change: 1 addition & 0 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -332,6 +332,7 @@ endif ()
if (BUILD_TUN2SOCKS)
add_subdirectory(socksclient)
add_subdirectory(udpgw_client)
add_subdirectory(socks_udp_client)
add_subdirectory(lwip)
endif ()

Expand Down
1 change: 1 addition & 0 deletions blog_channels.txt
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,7 @@ NCDRfkillMonitor 4
udpgw 4
UdpGwClient 4
SocksUdpGwClient 4
SocksUdpClient 4
BNetwork 4
BConnection 4
BSSLConnection 4
Expand Down
4 changes: 4 additions & 0 deletions generated/blog_channel_SocksUdpClient.h
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#ifdef BLOG_CURRENT_CHANNEL
#undef BLOG_CURRENT_CHANNEL
#endif
#define BLOG_CURRENT_CHANNEL BLOG_CHANNEL_SocksUdpClient
115 changes: 58 additions & 57 deletions generated/blog_channels_defines.h
Original file line number Diff line number Diff line change
Expand Up @@ -89,60 +89,61 @@
#define BLOG_CHANNEL_udpgw 88
#define BLOG_CHANNEL_UdpGwClient 89
#define BLOG_CHANNEL_SocksUdpGwClient 90
#define BLOG_CHANNEL_BNetwork 91
#define BLOG_CHANNEL_BConnection 92
#define BLOG_CHANNEL_BSSLConnection 93
#define BLOG_CHANNEL_BDatagram 94
#define BLOG_CHANNEL_PeerChat 95
#define BLOG_CHANNEL_BArpProbe 96
#define BLOG_CHANNEL_NCDModuleIndex 97
#define BLOG_CHANNEL_NCDModuleProcess 98
#define BLOG_CHANNEL_NCDValGenerator 99
#define BLOG_CHANNEL_ncd_from_string 100
#define BLOG_CHANNEL_ncd_to_string 101
#define BLOG_CHANNEL_ncd_value 102
#define BLOG_CHANNEL_ncd_try 103
#define BLOG_CHANNEL_ncd_sys_request_server 104
#define BLOG_CHANNEL_NCDRequest 105
#define BLOG_CHANNEL_ncd_net_ipv6_wait_dynamic_addr 106
#define BLOG_CHANNEL_NCDRequestClient 107
#define BLOG_CHANNEL_ncd_request 108
#define BLOG_CHANNEL_ncd_sys_request_client 109
#define BLOG_CHANNEL_ncd_exit 110
#define BLOG_CHANNEL_ncd_getargs 111
#define BLOG_CHANNEL_ncd_arithmetic 112
#define BLOG_CHANNEL_ncd_parse 113
#define BLOG_CHANNEL_ncd_valuemetic 114
#define BLOG_CHANNEL_ncd_file 115
#define BLOG_CHANNEL_ncd_netmask 116
#define BLOG_CHANNEL_ncd_implode 117
#define BLOG_CHANNEL_ncd_call2 118
#define BLOG_CHANNEL_ncd_assert 119
#define BLOG_CHANNEL_ncd_reboot 120
#define BLOG_CHANNEL_ncd_explode 121
#define BLOG_CHANNEL_NCDPlaceholderDb 122
#define BLOG_CHANNEL_NCDVal 123
#define BLOG_CHANNEL_ncd_net_ipv6_addr 124
#define BLOG_CHANNEL_ncd_net_ipv6_route 125
#define BLOG_CHANNEL_ncd_net_ipv4_addr_in_network 126
#define BLOG_CHANNEL_ncd_net_ipv6_addr_in_network 127
#define BLOG_CHANNEL_dostest_server 128
#define BLOG_CHANNEL_dostest_attacker 129
#define BLOG_CHANNEL_ncd_timer 130
#define BLOG_CHANNEL_ncd_file_open 131
#define BLOG_CHANNEL_ncd_backtrack 132
#define BLOG_CHANNEL_ncd_socket 133
#define BLOG_CHANNEL_ncd_depend_scope 134
#define BLOG_CHANNEL_ncd_substr 135
#define BLOG_CHANNEL_ncd_sys_start_process 136
#define BLOG_CHANNEL_NCDBuildProgram 137
#define BLOG_CHANNEL_ncd_log 138
#define BLOG_CHANNEL_ncd_log_msg 139
#define BLOG_CHANNEL_ncd_buffer 140
#define BLOG_CHANNEL_ncd_getenv 141
#define BLOG_CHANNEL_BThreadSignal 142
#define BLOG_CHANNEL_BLockReactor 143
#define BLOG_CHANNEL_ncd_load_module 144
#define BLOG_CHANNEL_ncd_basic_functions 145
#define BLOG_CHANNEL_ncd_objref 146
#define BLOG_NUM_CHANNELS 147
#define BLOG_CHANNEL_SocksUdpClient 91
#define BLOG_CHANNEL_BNetwork 92
#define BLOG_CHANNEL_BConnection 93
#define BLOG_CHANNEL_BSSLConnection 94
#define BLOG_CHANNEL_BDatagram 95
#define BLOG_CHANNEL_PeerChat 96
#define BLOG_CHANNEL_BArpProbe 97
#define BLOG_CHANNEL_NCDModuleIndex 98
#define BLOG_CHANNEL_NCDModuleProcess 99
#define BLOG_CHANNEL_NCDValGenerator 100
#define BLOG_CHANNEL_ncd_from_string 101
#define BLOG_CHANNEL_ncd_to_string 102
#define BLOG_CHANNEL_ncd_value 103
#define BLOG_CHANNEL_ncd_try 104
#define BLOG_CHANNEL_ncd_sys_request_server 105
#define BLOG_CHANNEL_NCDRequest 106
#define BLOG_CHANNEL_ncd_net_ipv6_wait_dynamic_addr 107
#define BLOG_CHANNEL_NCDRequestClient 108
#define BLOG_CHANNEL_ncd_request 109
#define BLOG_CHANNEL_ncd_sys_request_client 110
#define BLOG_CHANNEL_ncd_exit 111
#define BLOG_CHANNEL_ncd_getargs 112
#define BLOG_CHANNEL_ncd_arithmetic 113
#define BLOG_CHANNEL_ncd_parse 114
#define BLOG_CHANNEL_ncd_valuemetic 115
#define BLOG_CHANNEL_ncd_file 116
#define BLOG_CHANNEL_ncd_netmask 117
#define BLOG_CHANNEL_ncd_implode 118
#define BLOG_CHANNEL_ncd_call2 119
#define BLOG_CHANNEL_ncd_assert 120
#define BLOG_CHANNEL_ncd_reboot 121
#define BLOG_CHANNEL_ncd_explode 122
#define BLOG_CHANNEL_NCDPlaceholderDb 123
#define BLOG_CHANNEL_NCDVal 124
#define BLOG_CHANNEL_ncd_net_ipv6_addr 125
#define BLOG_CHANNEL_ncd_net_ipv6_route 126
#define BLOG_CHANNEL_ncd_net_ipv4_addr_in_network 127
#define BLOG_CHANNEL_ncd_net_ipv6_addr_in_network 128
#define BLOG_CHANNEL_dostest_server 129
#define BLOG_CHANNEL_dostest_attacker 130
#define BLOG_CHANNEL_ncd_timer 131
#define BLOG_CHANNEL_ncd_file_open 132
#define BLOG_CHANNEL_ncd_backtrack 133
#define BLOG_CHANNEL_ncd_socket 134
#define BLOG_CHANNEL_ncd_depend_scope 135
#define BLOG_CHANNEL_ncd_substr 136
#define BLOG_CHANNEL_ncd_sys_start_process 137
#define BLOG_CHANNEL_NCDBuildProgram 138
#define BLOG_CHANNEL_ncd_log 139
#define BLOG_CHANNEL_ncd_log_msg 140
#define BLOG_CHANNEL_ncd_buffer 141
#define BLOG_CHANNEL_ncd_getenv 142
#define BLOG_CHANNEL_BThreadSignal 143
#define BLOG_CHANNEL_BLockReactor 144
#define BLOG_CHANNEL_ncd_load_module 145
#define BLOG_CHANNEL_ncd_basic_functions 146
#define BLOG_CHANNEL_ncd_objref 147
#define BLOG_NUM_CHANNELS 148
1 change: 1 addition & 0 deletions generated/blog_channels_list.h
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,7 @@
{"udpgw", 4},
{"UdpGwClient", 4},
{"SocksUdpGwClient", 4},
{"SocksUdpClient", 4},
{"BNetwork", 4},
{"BConnection", 4},
{"BSSLConnection", 4},
Expand Down
10 changes: 9 additions & 1 deletion misc/socks_proto.h
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,15 @@ B_START_PACKED
struct socks_addr_ipv6 {
uint8_t addr[16];
uint16_t port;
} B_PACKED;
} B_PACKED;
B_END_PACKED

B_START_PACKED
struct socks_udp_header {
uint16_t rsv;
uint8_t frag;
uint8_t atyp;
} B_PACKED;
B_END_PACKED

#endif
1 change: 1 addition & 0 deletions socks_udp_client/CMakeLists.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
badvpn_add_library(socks_udp_client "system;flow;flowextra" "" SocksUdpClient.c)
Loading

0 comments on commit ae4edfb

Please sign in to comment.