On 13/03/2013 9:40 p.m., James Harper wrote:
> Forging a reply as I'm not actually subscribed to -dev and the replies didn't cc me...
>
>> What is wrong with the dante socks server ? Why the effort with squid supporting
>> socks ?
> Much easier to maintain a single set of rules. I installed Dante but the group auth modules appear to be $$$ extras.
>
> Also reporting on squid logs is already a solved problem. Merging squid and dante logs to try and report would be harder
>
>>> Is anyone working on this?
>> Not since I gave up on that branch. My SOCKS configuration an testing skills were
>> not up to the task. If you have better success you are welcome to continue it.
>> The problem I faced at the end was that Squid was apparently transiting traffic
>> and I could not identify whether it was arriving as HTTP-over-SOCKS or HTTP-over-TCP,
>> so there was no way to identify if the socks-enabled versus socks-disabled port
>> settings were working or not.
> I took a slightly different approach and created a socks_port config option, which at the moment simply duplicates the http_port (eg it understands HTTP not SOCKS). I'm not sure whether it really belongs in a different file or can be incorporated into the existing file.
>
> The SOCKS protocol itself is very simple, the only exception maybe being authentication and encryption (I think socks5 can be encrypted). A basic connect-only implementation shouldn't be that hard, but it would be nice to also use bind and udp as then squid could be a complete gateway solution instead of just http/https/ftp like it is now. That would be harder though, obviously.
Yes.
Are you planning on writing the SOCKS protocol handshake inside Squid
code or using a socks library for the network I/O?
Amos
Received on Wed Mar 13 2013 - 11:53:01 MDT
This archive was generated by hypermail 2.2.0 : Wed Mar 13 2013 - 12:00:14 MDT