Lib.rs

Network programming
#socks5 #udp #bind #command #connect #associate #install

socks-abstract5

A Lightweight SOCKS5 implementation without having to install extra system dependencies

Owned by VoltagedDebunked.

1 unstable release

0.1.0 Feb 2, 2025

#1388 in Network programming

Download history 112/week @ 2025-02-02

112 downloads per month

Custom license

14KB
236 lines

socks-abstract5

A high-performance, RFC-compliant SOCKS5 proxy implementation in Rust.

Features

  • Full RFC 1928 SOCKS5 protocol implementation
  • Asynchronous architecture using Tokio
  • Support for all SOCKS5 commands:
    • CONNECT
    • BIND
    • UDP ASSOCIATE
  • Comprehensive address type support:
    • IPv4
    • IPv6
    • Domain names
  • Zero-copy data transfer
  • Robust error handling
  • No external dependencies beyond Tokio and thiserror

Installation

Add this to your Cargo.toml:

[dependencies]
socks-abstract5 = "0.1.0"

Quick Start

Running as a Standalone Proxy

use socks_abstract5::Socks5Server;

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
    let server = Socks5Server::new("127.0.0.1:1080").await?;
    server.run().await?;
    Ok(())
}

Using as a Library

use socks_abstract5::{Socks5Server, Result};

async fn start_proxy(bind_address: &str) -> Result<()> {
    let server = Socks5Server::new(bind_address).await?;
    server.run().await
}

Technical Documentation

Architecture

socks-abstract5 is built on a fully asynchronous architecture, leveraging Tokio for high-performance I/O operations. The implementation follows a modular design with clear separation of concerns:

  • Protocol handling (authentication, command processing)
  • Address resolution
  • Data transfer
  • Error management

Protocol Implementation

Authentication

Currently supports:

  • No authentication (0x00)
  • Extensible framework for adding additional authentication methods

Commands

  1. CONNECT (0x01)

    • Establishes TCP connections to remote servers
    • Supports both direct IP connections and domain name resolution
    • Implements full duplex communication

  2. BIND (0x02)

    • Supports reverse connection scenarios
    • Implements two-phase reply mechanism
    • Includes source address validation

  3. UDP ASSOCIATE (0x03)

    • Creates UDP association for datagram transport
    • Maintains TCP control connection
    • Supports UDP relay functionality

Address Types

  • IPv4 (0x01)
  • Domain Name (0x03)
  • IPv6 (0x04)

Error Handling

Comprehensive error handling using custom error types:

pub enum Error {
    Io(std::io::Error),
    InvalidVersion,
    AuthFailed,
    InvalidCommand(u8),
    InvalidAddrType(u8),
    ConnectionNotAllowed,
    NetworkUnreachable,
    HostUnreachable,
    ConnectionRefused,
    TtlExpired,
    ProtocolError,
    AddrTypeNotSupported,
}

Performance Considerations

  • Zero-copy data transfer where possible
  • Efficient memory usage with appropriate buffer sizes
  • Asynchronous I/O for optimal resource utilization
  • Connection pooling and reuse
  • Minimal allocations during proxy operations

Configuration

Default configuration values:

const DEFAULT_BACKLOG: u32 = 1024;
const BUFFER_SIZE: usize = 8192;
const DEFAULT_TIMEOUT: Duration = Duration::from_secs(300);

Security Considerations

  • No cleartext password authentication
  • Connection validation
  • Source address verification for BIND command
  • Proper handling of connection timeouts
  • Clean shutdown procedures

License

Mozilla Public License 2.0 (MPL-2.0)

Future Roadmap

  • Authentication methods (Username/Password, GSSAPI)
  • Configuration file support
  • TLS/SSL support
  • Connection pooling
  • Advanced logging and metrics
  • Rule-based access control
  • HTTP/HTTPS proxy support
  • Docker container support
  • WebAssembly compilation target

Acknowledgments

This implementation follows the SOCKS Protocol Version 5 specification as defined in RFC 1928.

Dependencies

~2.6–8.5MB
~74K SLoC