socks-router
Thin facade layer on top of openssh’s dynamic proxy with slightly more sophiscated configurable routing rules
Usage
socks-router --help
Routing Table
Grammar
routing_table := "" | comment | routing_rule [[comment] end_of_line routing_table]
routing_rule := upstream_address whitespaces patterns
comment := [whitespaces] "#" [whitespaces] .*
upstream_address := [upstream_scheme "://"] address
address := ipv4_address | ipv6_address | host_address
upstream_scheme := "ssh" | "socks5" | "socks5h"
patterns := pattern [whitespaces patterns]
pattern := ["!"] "[^ \t\r\n]+"
ipv4_address := ipv4 [":" port]
ipv6_address := ("[" ipv6 "]:" port) | ipv6
host_address := host [":" port]
whitespaces := whitespace | whitespaces
whitespace := " " | "\t"
end_of_line := "\r\n" | "\r" | "\n"
Example
# ~/.ssh/routes
# default upstream scheme: ssh://
# use ssh host foo's dynamic proxy to connect to bar.com
foo bar.com
# use ssh host foo's dynamic proxy to connect to *.bar.com
foo *.bar.com
# use ssh host foo's dynamic proxy to connect to *.google.com but abc.bar.com
foo *.bar.com !abc.bar.com
ssh://foo *.google.com
# transparent socks5 / socks5h upstreams
# perform DNS resolution in socks-router
socks5://foo-bar.baz hello-world.com
# defer the DNS resolution to upstream
socks5h://foo-bar.baz hello-world.com
Development
poetry install
poetry run pytest --cov-report html
NOTE: pre-commit hooks are set up
Table of Content
- API Reference
- socks_router
- Submodules
- socks_router.cli
- socks_router.models
- Attributes
- Classes
- Module Contents
SOCKS_VERSION
PackingSequence
RecursiveMapping
PACKABLE_DEFERRED_FORMAT
PACKABLE_VARIABLE_LENGTH_DECLARATION_FORMAT
Packable
SupportsUnbytes
SocketAddress
IPv4
IPv6
Host
Address
Socks5Method
Socks5Command
Socks5AddressType
Socks5MethodSelectionRequest
Socks5MethodSelectionResponse
Socks5Address
Socks5Request
Socks5ReplyType
Socks5ReplyType.SUCCEEDED
Socks5ReplyType.GENERAL_SOCKS_SERVER_FAILURE
Socks5ReplyType.CONNECTION_NOT_ALLOWED_BY_RULESET
Socks5ReplyType.NETWORK_UNREACHABLE
Socks5ReplyType.HOST_UNREACHABLE
Socks5ReplyType.CONNECTION_REFUSED
Socks5ReplyType.TTL_EXPIRED
Socks5ReplyType.COMMAND_NOT_SUPPORTED
Socks5ReplyType.ADDRESS_TYPE_NOT_SUPPORTED
Socks5ReplyType.__pack_format__
Socks5ReplyType.message
Socks5Reply
Socks5State
Pattern
UpstreamScheme
UpstreamAddress
RoutingEntry
RoutingTable
Socks5Addresses
Socks5AddressTypes
SSHUpstream
ProxyUpstream
Upstream
RetryOptions
ApplicationContext
ApplicationContext.name
ApplicationContext.routing_table
ApplicationContext.ssh_connection_timeout
ApplicationContext.remote_socket_timeout
ApplicationContext.proxy_poll_socket_timeout
ApplicationContext.proxy_retry_options
ApplicationContext.mutex
ApplicationContext.upstreams
ApplicationContext.is_terminating
- socks_router.parsers
- socks_router.proxies
- socks_router.router
- Attributes
- Classes
- Functions
- Module Contents
CHUNK_SIZE
logger
create_socket
with_proxy
poll_socket
resolve_address
create_remote
connect_remote
exchange_loop
match_upstream
SocksRouter
SocksRouterRequestHandler
SocksRouterRequestHandler.server
SocksRouterRequestHandler.state
SocksRouterRequestHandler.remote
SocksRouterRequestHandler.logger
SocksRouterRequestHandler.acquire_upstream
SocksRouterRequestHandler.handshake
SocksRouterRequestHandler.reply
SocksRouterRequestHandler.connect_remote
SocksRouterRequestHandler.handle_request
SocksRouterRequestHandler.exchange
SocksRouterRequestHandler.setup
SocksRouterRequestHandler.handle
SocksRouterRequestHandler.finish
- socks_router.utils
- Submodules
- socks_router
CHANGELOG
v0.2.0 (2024-09-28)
Feature
feat: config hot reload via watchdog (#42)
feat: config hot reload via watchdog
wip: adding debug logs to debug linux
wip: adding debug logs in test case
chore: remove debug logs
chore: remove unused branches and place sleep to wait for subject to update
chore: fix coverage pragma (
6ce0241
)
v0.1.1 (2024-08-05)
Ci
Fix
fix(exchange-loop): fixed filedescriptor out of range in select() (#22) (
a89f59d
)
v0.1.0 (2024-06-13)
Chore
chore: ensure ssh permissions (
76be670
)chore: verbose ssh flag (
79295d5
)chore: ssh on mac (
1cd4999
)chore: sshd config on mac (
2265c34
)chore: test ssh (
469b528
)chore: restart ssh (
470e909
)chore: restart ssh (
a39b51c
)chore: ssh config (
3321fab
)chore: set AddressFamily to any in sshd_config (
2aadf01
)chore: added debug log on OSError (
ebc4331
)chore: improve exception logging (
2196806
)chore: changed log level in utils (
6420457
)chore: better handling for exceptions (
26fbe30
)chore: removed unused code (
dfb14f6
)chore: fixed typo (
05fac3e
)chore: added pytest into pre-commit hooks (
bd3aca2
)chore: fixed linter errors (
fd16a0c
)chore: initial check-in (
565e063
)
Ci
ci: fix default branch checking (
557bcbf
)ci: fix ssh command test (
1d4903f
)ci: fix ssh command test (
bd9fdb6
)ci: use native traceback in pytest (
52c2ff3
)ci: ssh config (
09bad9e
)ci: ssh MaxAuthTries 100 (
91c0112
)ci: ssha (
813398e
)ci: ssh (
18b7961
)ci: ssh config (
b6a4c1f
)ci: host key (
c8bb0f0
)ci: attempt to connect to sshd first (
a5f8e6c
)ci: leave ListenAddress alone (
3dbe22d
)ci: write logs to junitxml (
3409343
)ci: lock mypy at 415d49f25b6315cf1b7a04046a942246a033498d (
3ea10c6
)ci: add colors to github actions (
9837b45
)ci: add colors to github actions (
699ea7b
)ci: always proceed to consolidation and sonarqube (
970442b
)ci: sed compatibility (
056406f
)ci: quoting (
9e1e5da
)ci: quoting (
6b3e8da
)ci: accomodate mac (
c9e2558
)ci: set +e in start-ssh-agent (
52438a6
)ci: fix ssh-keygen (
d426fd3
)ci: specify path for id_rsa (
7eed841
)ci: fixed permission issue (
858bee1
)ci: fixed quotes in action (
1c55f25
)ci: added shell parameter in action (
55f9d19
)ci: setup sshd (
e2b3a1a
)ci: fixed pipeline (
b207d42
)ci: fixed sphinx (
1190ed4
)ci: fixed sonar-project.properties (
dd1bf6d
)ci: use –non-interactive in ci (
b7c2aea
)ci: use sonarqube on-premise (
d5c919c
)ci: added python version (
d62a933
)ci: added python version (
319b018
)ci: fix setup (
4ef0956
)ci: added –enable-incomplete-feature=NewGenericSyntax (
9f746a9
)
Feature
feat: implemented socks-router (
a59afc2
)
Fix
Performance
perf: fixed connection reset problem (
422da33
)
Refactor
Test
test: force ipv4 for destination for when_upstream_server_does_not_behave (
26db9c7
)test: remove fixture to fix ScopeMismatch (
6f34b1c
)test: fix linux test case (
ecb17fa
)test: refactored proxies (
174c15d
)test: use StringIO for stdout and stderr (
7fac1a0
)test: specify identity file (
7954c1a
)test: cover router (
aceea3e
)test: cover router (
4657e15
)test: fully covered utils (
993c071
)test: cover read_socket (
21a5f76
)test: cover utils (
cf5f6d4
)test: testing router (
8cbf208
)test: fully test cli (
b48388f
)test: added test case to ensure non-sock5 versions are not handled (
ffd2d75
)test: testing socks-router with itself (
4bee59f
)test: added tests to router (
5635fc9
)