Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
UDP-Proxy for node.js. Supports both IPv6 and v4 (and proxies between them)
UDP-proxy for node.js version >= 0.10.x (for eariler node versions, use version 0.2.1)
Supports both IPv6 and IPv4, and bridging in between (see example below).
npm install udp-proxy
udp-proxy has no dependencies beyond node.js itself
// Let's create a DNS-proxy that proxies IPv4 udp-requests to googles IPv6 DNS-server
var proxy = require('udp-proxy'),
options = {
address: '2001:4860:4860::8888',
port: 53,
ipv6: true,
localaddress: '0.0.0.0',
localport: 53535,
localipv6: false,
proxyaddress: '::0',
timeOutTime: 10000
};
// This is the function that creates the server, each connection is handled internally
var server = proxy.createServer(options);
// this should be obvious
server.on('listening', function (details) {
console.log('DNS - IPv4 to IPv6 proxy }>=<{ by: ok 2012');
console.log('udp-proxy-server ready on ' + details.server.family + ' ' + details.server.address + ':' + details.server.port);
console.log('traffic is forwarded to ' + details.target.family + ' ' + details.target.address + ':' + details.target.port);
});
// 'bound' means the connection to server has been made and the proxying is in action
server.on('bound', function (details) {
console.log('proxy is bound to ' + details.route.address + ':' + details.route.port);
console.log('peer is bound to ' + details.peer.address + ':' + details.peer.port);
});
// 'message' is emitted when the server gets a message
server.on('message', function (message, sender) {
console.log('message from ' + sender.address + ':' + sender.port);
});
// 'proxyMsg' is emitted when the bound socket gets a message and it's send back to the peer the socket was bound to
server.on('proxyMsg', function (message, sender, peer) {
console.log('answer from ' + sender.address + ':' + sender.port);
});
// 'proxyClose' is emitted when the socket closes (from a timeout) without new messages
server.on('proxyClose', function (peer) {
console.log('disconnecting socket from ' + peer.address);
});
server.on('proxyError', function (err) {
console.log('ProxyError! ' + err);
});
server.on('error', function (err) {
console.log('Error! ' + err);
});
var proxy = require('udp-proxy');
var server = proxy.createServer( options );
address
: string (the address you want to proxy to)
port
: number (the port you want to proxy to)
ipv6
: boolean (if the target uses IPv6)
localaddress
: string (the interface-addresses to use for the server)
localipv6
is set to true)localport
: number (the port for the server to listen on)
localipv6
: boolean (if you want the server to use IPv6)
proxyaddress
: string (if you want to set on which interface the proxy connects out)
ipv6
is set to true)timeOutTime
: number the time it takes for socket to time out (in ms)
timeOutTime
: number the time it takes for socket to time out (in ms)
middleware
: object apply a middleware to the proxy, see Middleware section below.
the proxy always connects outwards with a random port
server.close(callback) closes proxy server.
server.on( 'event'
, function ( args ) { });
'listening'
, details
'bound'
, details
'message'
, message, sender
'proxyMsg'
, message, sender, peer
'error'
, err
'proxyError'
, err
'proxyClose'
, peer
'close'
address object contains:
address
: string ip-addressfamily
: string IPv6 or IPv4port
: number udp-portAdd a middleware object to the proxy to intercept any incoming or outgoing message. Use this if you need to potentially change the message content before it is relayed, or prevent it from sending altogether.
The middleware
object must contain the following functions:
message( msg
, sender
, function next
( msg, sender ) { });
sender
to the server.next
is invoked.proxyMsg( msg
, sender
, peer
, function next
( msg, sender, peer ) { });
sender
to a peer
.next
is invoked.The following example will block any message going from the client to the server that has length > 120.
// Following the first example, let's create a DNS-proxy that proxies IPv4 udp-requests to googles IPv6 DNS-server and provide a middleware.
var proxy = require('udp-proxy'),
options = {
address: '2001:4860:4860::8888',
port: 53,
ipv6: true,
localaddress: '0.0.0.0',
localport: 53535,
localipv6: false,
proxyaddress: '::0',
timeOutTime: 10000,
middleware: {
message: function(msg, sender, next) {
// messages with longer length will not be relayed, because 'next' will not be invoked.
if (msg.length <= 120) {
next(msg, sender);
}
},
proxyMsg: function(msg, sender, peer, next) {
next(msg, sender, peer);
}
}
};
var server = proxy.createServer(options);
// ..
Run node testIPv4
or node testIPv6
to run the tests.
MIT
FAQs
UDP-Proxy for node.js. Supports both IPv6 and v4 (and proxies between them)
The npm package udp-proxy receives a total of 59 weekly downloads. As such, udp-proxy popularity was classified as not popular.
We found that udp-proxy demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.