Skip to content

Support for SOCKS5 UDP_ASSOCIATE command#570

Open
hc-syn wants to merge 36 commits intorofl0r:masterfrom
hc-syn:udp-associate
Open

Support for SOCKS5 UDP_ASSOCIATE command#570
hc-syn wants to merge 36 commits intorofl0r:masterfrom
hc-syn:udp-associate

Conversation

@hc-syn
Copy link

@hc-syn hc-syn commented Jun 20, 2024

I have been working on the UDP support in ProxyChains. I have written a wiki (https://github.com/hc-syn/proxychains-ng/wiki) to explain my implementation.

hc-syn added 30 commits September 8, 2023 16:42
@hc-syn
adding missing hooks
39ff28a
@hc-syn
udp wip
2c5ad9f
@hc-syn
udp wip 2
8348e42
@hc-syn
bug fixes
68180a6
@hc-syn
implemented send hook logic
9f4cd23
@hc-syn
add read_udp_header()
5606132
@hc-syn
add dump_buffer in debug
48422d4
@hc-syn
implements udp reception and fixes
4c75e05
@hc-syn
add dump relay chain
0ee4c00
@hc-syn
close relay chain and v4inv6 to v4
45aed86
@hc-syn
separate functions, add utils, hook recvmsg
8ed4b52
@hc-syn
dig works
f3511f8
@hc-syn
digworks
0197c92
@hc-syn
fix msgname NULL when connected socket
d2dc4d6
@hc-syn
sendmmsg and fixes
95036aa
@hc-syn
hook connect and getpeername
23c9654
@hc-syn
comments
120cfe9
@hc-syn
removed receive_udp_packet()
44c4352
@hc-syn
fix sockaddr / sockaddr_storage confusion
436f402
@hc-syn
remove send_udp_packet()
5660aea
@hc-syn
add filtering on send flags
14c35dd
@hc-syn
define RECV_BUFFER_SIZE
81092b1
@hc-syn
change unsocksify_udp_packet() and
a47f9c0 
decapsulate_udp_packet() signature.
Moved udp data copy outside these functions
@hc-syn
implement MSG_TRUNC logic in recvfrom and recvmsg
e379a8a
@hc-syn
adding comments
1c8c231
@hc-syn
hook read and write
b377a29
@hc-syn
mutex, true_close, fix del_relay_chain
803f8a6
@hc-syn
change debug format
0322811
@hc-syn
remove some debug
12c9524
@hc-syn
add chain debug
004b19b
@Abhinavpatel00
Copy link

Abhinavpatel00 commented Aug 15, 2024

looks interesting , why its still not merged yet?

@rofl0r
Copy link
Owner

rofl0r commented Aug 15, 2024

@Abhinavpatel00 proxychains wasn't designed with UDP in mind, and integrating this properly is a huge task - or even impossible, if we want to keep all existing configuration knobs working.

first of all, this PR only supports UDP via socks5, whereas proxychains supports HTTP, SOCKS4(a) and SOCKS5. next it's unclear whether this PR only supports a single proxy, or chaining of multiple proxies - which is the main feature of proxychains, as reflected in the name. it's also unclear whether the PR works properly with dnat, localnet, and all the other features. the PR is also huge - more than 2000 lines of code changed or added. a proper review would require a lot of time, which i'm currently unable to spend. even with that done, it's likely a lot of new bugs would be introduced in corner-cases, which i would have to fix myself over time.

last but not least the PR introduces a dependency on libuv, if i understand correctly, just because the author likes that particular library and wants to support it out-of-the-box. that's completely unacceptable for upstreaming.
i think the author is aware of these points and chose from the get-go to do his own feature-fork, as evident from the PR description and the linked-to wiki.

@Abhinavpatel00
Copy link

Abhinavpatel00 commented Aug 15, 2024

@Abhinavpatel00 proxychains wasn't designed with UDP in mind, and integrating this properly is a huge task - or even impossible, if we want to keep all existing configuration knobs working.

first of all, this PR only supports UDP via socks5, whereas proxychains supports HTTP, SOCKS4(a) and SOCKS5. next it's unclear whether this PR only supports a single proxy, or chaining of multiple proxies - which is the main feature of proxychains, as reflected in the name. it's also unclear whether the PR works properly with dnat, localnet, and all the other features. the PR is also huge - more than 2000 lines of code changed or added. a proper review would require a lot of time, which i'm currently unable to spend. even with that done, it's likely a lot of new bugs would be introduced in corner-cases, which i would have to fix myself over time.

last but not least the PR introduces a dependency on libuv, if i understand correctly, just because the author likes that particular library and wants to support it out-of-the-box. that's completely unacceptable for upstreaming. i think the author is aware of these points and chose from the get-go to do his own feature-fork, as evident from the PR description and the linked-to wiki.

thanks a ton for such a detailed reply :D , you might be on of the most humble oss maintainer out there

@Zerogoki00
Copy link

Zerogoki00 commented Jan 9, 2025
edited
Loading

Hello, since the Discord is now blocked in Russia, this will be very useful. Voice calls don't work without UDP and I can't find any other software to proxify UDP... (except tun interface)
Any update?

@rofl0r
Copy link
Owner

rofl0r commented Jan 9, 2025

Any update?

you can try out the fork's version i guess?

@przemyslaw0
Copy link

przemyslaw0 commented Mar 23, 2025

I tested this version, it doesn't compile with GCC 14, GCC 13 compiled fine, it works normally with IPv4 UDP connections, but not with IPv6 ones:

$ ./proxychains4 -f src/proxychains.conf host g.co 1.1.1.1
[proxychains] config file found: src/proxychains.conf
[proxychains] preloading ./libproxychains4.so
[proxychains] DLL init: proxychains-ng 
[proxychains] UDP_ASSOCIATE tcp socket chain  ...  127.0.0.1:1080  --> Node[127.0.0.1:55350] open
Using domain server:
Name: 1.1.1.1
Address: 1.1.1.1#53
Aliases: 

g.co has address 142.250.80.110
[proxychains] UDP_ASSOCIATE tcp socket chain  ...  127.0.0.1:1080  --> Node[127.0.0.1:38542] open
g.co has IPv6 address 2607:f8b0:4006:80d::200e
[proxychains] UDP_ASSOCIATE tcp socket chain  ...  127.0.0.1:1080  --> Node[127.0.0.1:33651] open
[proxychains] UDP_ASSOCIATE tcp socket chain  ...  127.0.0.1:1080  --> Node[127.0.0.1:35070] open

$ ./proxychains4 -f src/proxychains.conf host g.co 2606:4700:4700::1001
[proxychains] config file found: src/proxychains.conf
[proxychains] preloading ./libproxychains4.so
[proxychains] DLL init: proxychains-ng 
[proxychains] UDP_ASSOCIATE tcp socket chain  ...  127.0.0.1:1080  --> Node[127.0.0.1:35462] open
;; UDP setup with 2606:4700:4700::1001#53(2606:4700:4700::1001) for g.co failed: address family not supported.
;; no servers could be reached
[proxychains] UDP_ASSOCIATE tcp socket chain  ...  127.0.0.1:1080  --> Node[127.0.0.1:57170] open
;; UDP setup with 2606:4700:4700::1001#53(2606:4700:4700::1001) for g.co failed: address family not supported.
;; no servers could be reached

@fokx fokx mentioned this pull request Jan 28, 2026
Merged
Itsusinn pushed a commit to Itsusinn/tuic that referenced this pull request Feb 2, 2026
@fokx
feat(client): allow passing outgoing traffic through a SOCKS5 proxy (#86
2dabc25 
)

* feat(client): allow passing outgoing traffic through a SOCKS5 proxy

This could be useful if you want to reach the target tuic-server through another proxy. And usually external tools such as [proxychains-ng does not support sockifying UDP traffic](rofl0r/proxychains-ng#570).

The SOCKS5 proxy should support UDP. So there is a small pitfall when you use a SOCKS5 proxy that is another tuic-server with an SOCKS5 outbound enabled and its `allow_udp` is set as false, because UDP over SOCKS5 outbound of tuic-server is not implemented.

* make socks5 udp_buffer_size configurable(default to 2048); fix using ipv6 socks5 server; add address unmapping in UdpSession::send and recv
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@hc-syn @Abhinavpatel00 @rofl0r @Zerogoki00 @przemyslaw0