Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
simple-socks
Advanced tools
Creates a simple SOCKS5 server and exposes additional SOCKS5 proxy events.
npm install simple-socks
In the examples folder exists two examples, one that requires no authentication and one that requires username/password authentication. Below is an example with no authentication:
import socks5 from 'simple-socks'
const server = socks5.createServer().listen(1080);
// When a reqest arrives for a remote destination
server.on('proxyConnect', (info, destination) => {
console.log('connected to remote server at %s:%d', info.address, info.port);
destination.on('data', (data) => {
console.log(data.length);
});
});
// When data arrives from the remote connection
server.on('proxyData', (data) => {
console.log(data.length);
});
// When an error occurs connecting to remote destination
server.on('proxyError', (err) => {
console.error('unable to connect to remote server');
console.error(err);
});
// When a request for a remote destination ends
server.on('proxyDisconnect', (originInfo, destinationInfo, hadError) => {
console.log(
'client %s:%d request has disconnected from remote server at %s:%d with %serror',
originInfo.address,
originInfo.port,
destinationInfo.address,
destinationInfo.port,
hadError ? '' : 'no ');
});
// When a proxy connection ends
server.on('proxyEnd', (response, args) => {
console.log('socket closed with code %d', response);
console.log(args);
});
For a SOCKS5 server that does not require authentication, look at examples/createServer.js:
node examples/createServer
In a separate terminal window:
curl http://www.google.com --socks5 127.0.0.1:1080
For a SOCKS5 server that requires username/password authentication, look at examples/createServerWithAuthentication.js:
node examples/createServerWithAuthentication
In a separate terminal window:
curl http://www.google.com --socks5 127.0.0.1:1080 --proxy-user foo:bar
For a SOCKS5 server that can perform either origin or destination (or both!) address filtering, look at examples/createServerConnectionFilter.js:
node examples/createServerConnectionFilter
In a separate terminal window:
curl http://www.github.com --socks5 127.0.0.1:1080 # allowed
curl http://www.google.com --socks5 127.0.0.1:1080 # denied
Factory method that creates an instance of a SOCKS5 proxy server:
import socks5 from 'simple-socks';
const server = socks5.createServer();
server.listen(1080, '0.0.0.0', function () {
console.log('SOCKS5 proxy server started on 0.0.0.0:1080');
});
This method accepts an optional options
argument:
options.authentication
- A callback for authenticationoptions.connectionFilter
- A callback for connection filteringTo make the socks5 server require username/password authentication, supply a function callback in the options as follows:
import socks5 from 'simple-socks';
const options = {
authenticate : function (username, password, socket, callback) {
if (username === 'foo' && password === 'bar') {
return setImmediate(callback);
}
return setImmediate(callback, new Error('incorrect username and password'));
}
};
const server = socks5.createServer(options);
// begin listening and require user/pass authentication
server.listen(1080);
The authenticate
callback accepts three arguments:
Allows you to filter incoming connections, based on either origin and/or destination, return false
to disallow:
import socks5 from 'simple-socks';
const server = socks5.createServer({
connectionFilter : function (destination, origin, callback) {
if (origin.address === '127.0.0.1') {
console.log('denying access from %s:%s', origin.address, origin.port);
return setImmediate(callback, new Error('access from specified origin is denied'));
}
if (destination.address === '10.0.0.1') {
console.log('denying access to %s:%s', remote.address, remote.port);
return setImmediate(callback, new Error('access to specified destination is denied'));
}
return setImmediate(callback);
}
});
The connectionFilter
callback accepts three arguments:
For an example, see examples/createServerConnectionFilter.js.
The socks5 server supports all events that exist on a native net.Server object. Additionally, the following events have been added that are specific to the SOCKS5 proxy:
proxyConnect
occurs, this event is emitted when the remote destination ends the connectionNote:
This module exports the above events as constants for convenience purposes via the property events
:
console.log(socks5.events);
Outputs the following:
{ AUTHENTICATION: 'authenticate',
AUTHENTICATION_ERROR: 'authenticateError',
CONNECTION_FILTER: 'connectionFilter',
HANDSHAKE: 'handshake',
PROXY_CONNECT: 'proxyConnect',
PROXY_DATA: 'proxyData',
PROXY_DISCONNECT: 'proxyDisconnect',
PROXY_END: 'proxyEnd',
PROXY_ERROR: 'proxyError' }
This is event is emitted when a socks5 client connects to the server. The callback accepts a single argument:
// When a new request is initiated
server.on('handshake', function (socket) {
console.log('new socks5 client from %s:%d', socket.remoteAddress, socket.remotePort);
});
This event is emitted when successful authentication occurs. The callback accepts a single argument:
// When authentication succeeds
server.on('authenticate', function (username) {
console.log('user %s successfully authenticated!', username);
});
This event is emitted when authentication is not successful. The callback accepts the following arguments:
options.authenticate
callback// When authentication fails
server.on('authenticateError', function (username, err) {
console.log('user %s failed to authenticate...', username);
console.error(err);
});
This event is emitted when a destination address and port is filtered by the connectionFilter
callback. The callback accepts the following arguments:
options.connectionFilter
callback// When a destination connection is filtered
server.on('connectionFilter', function (port, address, err) {
console.log('connection to %s:%s has been denied', address, port);
console.error(err);
});
This event is emitted each time a connection is requested to a remote destination. The callback accepts two arguments:
// When a reqest arrives for a remote destination
server.on('proxyConnect', function (info, destination) {
console.log('connected to remote server at %s:%d', info.address, info.port);
});
This event is emitted each time a remote connection returns data:
// When a reqest arrives for a remote destination
server.on('proxyData', function (data) {
console.log('data received from remote destination: %d', data.length);
});
Note: This can also be accomplished by listening to the data
event on the destination
connection received in the proxyConnect
event:
// When a reqest arrives for a remote destination
server.on('proxyConnect', function (info, destination) {
destination.on('data', function (data) {
console.log('data received from remote destination: %d', data.length);
});
});
This event is emitted after a proxyConnect
when a connection to a remote destination has ended. The callback accepts three arguments:
// When a request for a remote destination ends
server.on('proxyDisconnect', function (err) {
console.log(
'client %s:%d request has disconnected from remote server at %s:%d with %serror',
originInfo.address,
originInfo.port,
destinationInfo.address,
destinationInfo.port,
hadError ? '' : 'no ');
});
In the event that a network error occurs attempting to create communication with the destination, this event is raised.
// When an error occurs connecting to remote destination
server.on('proxyError', function (err) {
console.error('unable to connect to remote server');
console.error(err);
});
When a socket connection is closed by the server, the proxyEnd
event is emitted. It returns two arguments in the callback:
ver
cmd
atype
dst.addr
dst.port
// When a proxy connection ends
server.on('proxyEnd', function (response, args) {
console.log('socket closed with code %d', response);
console.log(args);
});
FAQs
proxies requests
The npm package simple-socks receives a total of 1,116 weekly downloads. As such, simple-socks popularity was classified as popular.
We found that simple-socks demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.