Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why does SOCKS5 require to relay UDP over UDP?

The SOCKS5 protocol, described by RFC1928 provides support for UDP.

To summarize, a client wishing to relay UDP packets through a SOCKS5 server must, at least:

  • open a TCP connection to the SOCKS5 server;
  • send a UDP ASSOCIATE request (cf section 4);
  • receive from the server the address and port where it must send UDP packets to be relayed;
  • send datagrams (UDP) to that address, encapsulated with some headers (cf section 7).

Here are some relevant quotations, from section 6:

A UDP association terminates when the TCP connection that the UDP ASSOCIATE request arrived on terminates.

In the reply to a UDP ASSOCIATE request, the BND.PORT and BND.ADDR fields indicate the port number/address where the client MUST send UDP request messages to be relayed.

and section 7:

A UDP-based client MUST send its datagrams to the UDP relay server at the UDP port indicated by BND.PORT in the reply to the UDP ASSOCIATE request.

Why so much complexity? Why not just sending UDP packets in the pre-existing TCP connection?

EDIT: To clarify, I am expecting the SOCKS proxy to receive UDP packets over a TCP stream and then transmit them to the target using actual UDP. And then receive UDP packets from the target and send them back down the TCP stream.


Here is some context.

My goal is to implement reverse tethering, so that an Android device may use the internet connection of the computer it is plugged on, without requiring root access both on the device and the computer (SimpleRT works but requires root access on the computer).

My first idea was to start a simple SOCKS5 server with ssh -D on the computer, so that I only needed to implement the client. The packets would be transmitted from the device to the computer over adb, thanks to remote port forwarding provided by adb reverse

Unfortunately, OpenSSH SOCKS server does not support UDP. But it was just a limitation from the implementation, I could have used another SOCKS server instead.

However, adb reverse does not support UDP forwarding either.

Hence my question about SOCKS5 protocol.

I am currently writing a PoC implementing my own (simple) protocol over TCP, which is able to relay UDP packets, but I am disappointed not to be able to use a standard protocol (and benefit from existing implementations).

like image 844
rom1v Avatar asked Jan 31 '17 20:01

rom1v


People also ask

Does SOCKS5 use UDP?

The SOCKS5 protocol, described by RFC1928 provides support for UDP.

Does SOCKS5 use TCP or UDP?

Unlike its predecessors, which only used TCP protocol, SOCKS5 proxy servers can use UDP protocol, ensuring a reliable connection and efficient performance. The TCP internet protocol forms a connection between a client and a server, making sure that all the packets arrive from one side to the other.

Does proxy use UDP?

HTTP/FTP proxies do not support UDP at all (since HTTP/FTP are TCP-based protocols).

What port does SOCKS5 use?

Usually a socks server listens at one port which is by default port 1080. This is used by all socksified applications. To look only for one port facilitates management and monitoring of network traffic.


1 Answers

I am answering to my own question: it's probably to avoid TCP mechanisms (packet retransmission, head-of-line blocking…).

For a local reverse tethering tool, it is not a problem though, so I implemented UDP over TCP without using SOCKS.

like image 94
rom1v Avatar answered Oct 12 '22 07:10

rom1v