socks
4 TopicsRead or Modify SOCKS payload
Hello Devcentral, even though apparently not much people is playing with the new SOCKS features, here I am with another question on this subject. Can i modify (or read) the SOCKS payload of my clients' requests ? When i dump the full TCP::payload in the CLIENT_DATA event, all i can see is the client's greeting that is part of the SOCKS handshake: 050100 I understand there is a socks-tunnel interface and that the traffic (after the handshake has completed) is likely to be processed at this level but is there a way to read or modify the socks payload from an iRule ?445Views0likes1CommentClient SSL and SOCKS profiles on same VS
Hello Devcentral, I have a VS that's configured as follows ltm virtual myVS { destination 10.0.0.1:443 ip-protocol tcp mask 255.255.255.255 profiles { clientssl { context clientside } socks { } tcp { } } source 0.0.0.0/0 source-address-translation { type automap } vs-index 69 } The client uses stunnel to establish a TLS session with 10.0.0.1 and then basically sends SOCKS requests into the tunnel. This is accomplished by configuring 127.0.0.1:8080 as SOCKS proxy in the browser settings. Stunnel Configuration: [sockstest] client = yes accept = 127.0.0.1:8080 connect = 10.0.0.1:443 verify = 0 This configuration doesn't work: the browser fails to load any websites. But if i just remove the Client SSL profile from myVS and use 10.0.0.1:443 as SOCKS proxy, the browser successfully loads any web pages. Why is that ?273Views0likes0CommentsSOCKSv4 protocol parsing and IP/Port/Hostname rewrites
Problem this snippet solves: Hi Folks, the provided iRule can be used to parse SOCKSv4 connection request and to rewrite the connection attemps to a given IP/Port/Hostname to a different IP/Port/Hostname. Cheers, Kai How to use this snippet: Tweak the RULE_INIT settings as required Attach the iRule to your Virtual Server which is serving your SOCKSv4 Proxy. Connect to the IP/Port/Hostname via SOCKSv4 as usual. Check if the connection was forwarded to the new host. Code : when RULE_INIT { set static::socks_debug 1 # Set the original and new destination HOST set static::orig_host "1.1.1.1:22" set static::new_host "2.2.2.2:22" set static::orig_hostname "dummy1.domain.de" set static::new_hostname "dummy2.domain.de" # Formating static::orig_host value to socks compliant host string scan $static::orig_host %d.%d.%d.%d:%d ip1 ip2 ip3 ip4 port set static::orig_host_hex [format %4.4x $port] foreach octed "$ip1 $ip2 $ip3 $ip4" { append static::orig_host_hex [format %2.2x $octed] } # Formating static::new_host value to socks compliant host string scan $static::new_host %d.%d.%d.%d:%d ip1 ip2 ip3 ip4 port set static::new_host_hex [format %4.4x $port] foreach octed "$ip1 $ip2 $ip3 $ip4" { append static::new_host_hex [format %2.2x $octed] } binary scan $static::orig_hostname H* static::orig_hostname_hex binary scan $static::new_hostname H* static::new_hostname_hex } when CLIENT_ACCEPTED { TCP::collect } when CLIENT_DATA { catch { if { $static::socks_debug } then { binary scan [TCP::payload] H2H1H4H2H2H2H2H* socks_version socks_command socks_port socks_ip1 socks_ip2 socks_ip3 socks_ip4 socks_username log local0.debug "Socks Request received: Version=[expr { "0x$socks_version" }], Command=[expr { "0x$socks_command" }] , DST_Port=[expr { "0x$socks_port" }] , DST_IP=[expr { "0x$socks_ip1" }].[expr { "0x$socks_ip2" }].[expr { "0x$socks_ip3" }].[expr { "0x$socks_ip4" }] , Username = [binary format H* $socks_username]" } binary scan [TCP::payload] H* orig_socks_payload if { $orig_socks_payload contains $static::orig_hostname_hex } then { if { $static::socks_debug } then { log local0.debug "Socks Request requires HOSTNAME rewrite..." } set new_socks_payload [string map "$static::orig_hostname_hex $static::new_hostname_hex" $orig_socks_payload] TCP::payload replace 0 [TCP::payload length] [binary format H* $new_socks_payload] } elseif { $orig_socks_payload contains $static::orig_host_hex } then { if { $static::socks_debug } then { log local0.debug "Socks Request requires IP rewrite..." } set new_socks_payload [string map "$static::orig_host_hex $static::new_host_hex" $orig_socks_payload] TCP::payload replace 0 [TCP::payload length] [binary format H* $new_socks_payload] } } TCP::release } Tested this on version: 12.0225Views0likes0Comments