#proxy-server #proxy #server #sock

app koblas

Lightweight SOCKS5 proxy server

9 releases (2 stable)

1.1.0 Feb 11, 2024
0.1.6 Jan 16, 2024
0.1.5 Oct 20, 2023
0.1.3 Jul 15, 2023
0.1.0 Jan 21, 2023

#4 in #proxy-server

31 downloads per month

MIT/Apache

21KB
376 lines

Koblas

A lightweight SOCKS5 proxy server, written in Rust.

  • Multi-User
  • Configurable
  • IPv4 & IPv6
  • Blacklist & Whitelist
  • No Authentication
  • Username/Password Authentication

Installation

Cargo

Make sure the current stable release of Rust is installed.

Registry

cargo install koblas

Manual

git clone https://github.com/ynuwenhof/koblas.git
cd koblas
cargo install --path .

Hash passwords by running the following command:

koblas hash "correct-horse-battery-staple"

this will return an Argon2id password hash.

After installing, you can run the server with:

koblas -a 0.0.0.0 --auth -c /path/to/config.toml

this will bind the server to 0.0.0.0:1080.

Docker

Make sure the Docker Engine is installed.

Pull the latest image from the Docker Hub registry with:

docker pull ynuwenhof/koblas:latest

Run the following commands to build the image yourself instead:

git clone https://github.com/ynuwenhof/koblas.git
cd koblas
docker build -t ynuwenhof/koblas:latest .

Hash passwords by running the following command:

docker run -it --rm ynuwenhof/koblas:latest hash "correct-horse-battery-staple"

this will return an Argon2id password hash.

After pulling or building the image, you can run the server with:

docker run -d -p 1080:1080 \
  -v /path/to/config.toml:/etc/koblas/config.toml \
  -e RUST_LOG=debug \
  -e KOBLAS_NO_AUTHENTICATION=false \
  -e KOBLAS_ANONYMIZE=false \
  --name koblas ynuwenhof/koblas:latest

this will bind the server to 0.0.0.0:1080.

Deploy the server with Docker Compose:

version: "3.8"
services:
  koblas:
    image: ynuwenhof/koblas:latest
    container_name: koblas
    restart: unless-stopped
    ports:
      - 1080:1080
    environment:
      RUST_LOG: debug
      KOBLAS_LIMIT: 256
      KOBLAS_NO_AUTHENTICATION: false
      KOBLAS_ANONYMIZATION: true
    volumes:
      - /path/to/config.toml:/etc/koblas/config.toml

Configuration

Koblas can be configured via environment variables or command line arguments.

Missing keys will fall back to their default value.

Key Description Default
KOBLAS_ADDRESS Address on which to listen for incoming TCP connections 127.0.0.1
KOBLAS_PORT Port on which to listen for incoming TCP connections 1080
KOBLAS_LIMIT Maximum amount of clients to handle at once 255
KOBLAS_NO_AUTHENTICATION Don't require clients to authenticate using a username/password combination false
KOBLAS_ANONYMIZATION Exclude sensitive information from the logs false
KOBLAS_CONFIG_PATH File path to the config file None

⚠️ The default configuration requires everyone to connect with a pre-existing username/password combination.

Koblas doesn't have a default config file location, but we recommend the following locations:

  • Linux: /etc/koblas/config.toml
  • MacOS: /etc/koblas/config.toml
  • Windows: %ProgramData%\koblas\config.toml

Example

# All matching IPs will be automatically blocked
blacklist = [
    # Blacklist all IPs between
    # 192.168.2.0 and 192.168.2.255
    "192.168.2.0/24",
    # Blacklist a single IP
    "192.168.3.0/32",
]

# All non matching IPs will be automatically blocked
# Keep empty to disable the whitelist
whitelist = [
    # Whitelist all IPs between
    # 192.168.0.0 and 192.168.0.255
    "192.168.0.0/24",
    # Whitelist a single IP
    "192.168.1.0/32",
]

[users]
# Username = "alice", password = "QDuMGlxdhpZt"
alice = "$argon2id$v=19$m=8,t=2,p=1$bWUwSXl2M2pYNU9xcVBocw$f4gFaE7p0qWRKw"
# Username = "bob", password = "ceQvWaDGVeTv"
bob = "$argon2id$v=19$m=8,t=2,p=1$ZExzaTM3aks1WjU1a3g4UA$J+EiueHYuR/dlA"

License

This project is licensed under either of the following licenses, at your option:

Dependencies

~9–21MB
~264K SLoC