Hi folks, I'm using ros 6.34.6, and I'm trying to make the ip/socks work for local socks proxy server, but no luck at all!!
http://wiki.mikrotik.com/wiki/Manual:IP/SOCKS
I went through it, all cool. nothing works, kinda useless
Ive enabled the socks, and trying to connect to it using socks4 client(s) on port 1080, I can see the connections coming in with "time wait" , I used "proxy checker" the test the socks server, it failed the test, I connect using "Blue's Port Tool" it does connect and shows up on the "socks connections", so it looks like it just goes dead in the router, web proxy works according to the "proxy checker" on port 8080
I tried adding my ip on the "socks access" .. nothing works.!
So am I missing some magic firewall rule?
Re: socks not working at all
I just tried it with same RouterOS version and no problem here, it works. Too bad it's stuck in stone age with socks4 only. Not even socks4a...
There's no magic configuration needed. Select port, enable socks, make sure you allow tcp connections to selected port and that's pretty much it. Setting access rules is optional (everything is allowed by default), but recommended if you don't want to end up as open proxy. Although I'd rather block it using firewall, it feels somehow safer.
There's no magic configuration needed. Select port, enable socks, make sure you allow tcp connections to selected port and that's pretty much it. Setting access rules is optional (everything is allowed by default), but recommended if you don't want to end up as open proxy. Although I'd rather block it using firewall, it feels somehow safer.
Re: socks not working at all
can you please "export compact" your config so that I can paste it on my router to see if it works.I just tried it with same RouterOS version and no problem here, it works. Too bad it's stuck in stone age with socks4 only. Not even socks4a...
There's no magic configuration needed. Select port, enable socks, make sure you allow tcp connections to selected port and that's pretty much it. Setting access rules is optional (everything is allowed by default), but recommended if you don't want to end up as open proxy. Although I'd rather block it using firewall, it feels somehow safer.
Re: socks not working at all
There's nothing to see in my config, I just did quick test with clean CHR without any firewall or anything, so the whole changed config is:
If you do have some firewall filter rules, you need something like this (but better also limit it with in-interface=<interface> or src-address=<subnet>):
Then it should work. Also make sure that you are using socks4 only, where client resolves dns and passes numeric IP adddress to socks server. If you try to use socks4a, where client sends hostname and server resolves it, you won't get anywhere with RouterOS socks server.
Code: Select all
/ip socks
set enabled=yesCode: Select all
/ip firewall filter
add chain=input dst-port=1080 protocol=tcpRe: socks not working at all
doesnt work
The IP on ether1 is 192.168.0.195
i can ping 8.8.8.8 and google.com from inside router, so it does have connectivity to internet and the dns is working fine
Code: Select all
# sep/25/2016 19:27:02 by RouterOS 6.34.6
# software id = 83KU-RR95
#
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/ip socks
set enabled=yes
i can ping 8.8.8.8 and google.com from inside router, so it does have connectivity to internet and the dns is working fine
[29:46] Testing Started.
Proxy Server
Address: 192.168.0.195:1080
Protocol: SOCKS 4
Authentication: NO
[29:46] Starting: Test 1: Connection to the Proxy Server
[29:46] IP Address: 192.168.0.195
[29:46] Connection established
[29:46] Test passed.
[29:46] Starting: Test 2: Connection through the Proxy Server
[29:46] Error: could not resolve a hostname through SOCKS 4 proxy server.
Please enable SOCKS 4a extension or specify the IP address of the target host.
[29:46] Test failed.
[29:46] Testing Finished.
[32:17] Testing Started.
Proxy Server
Address: 192.168.0.195:1080
Protocol: SOCKS 4
Authentication: NO
[32:17] Starting: Test 1: Connection to the Proxy Server
[32:17] IP Address: 192.168.0.195
[32:17] Connection established
[32:17] Test passed.
[32:17] Starting: Test 2: Connection through the Proxy Server
[32:17] Error : the proxy server cannot establish connection to http://www.google.com:80
Error = 91 (request rejected or failed).
Please confirm that the target host address is correct.
The error may also indicate that the proxy server is not operating properly.
[32:17] Test failed.
[32:17] Testing Finished.
[33:08] Testing Started.
Proxy Server
Address: 192.168.0.195:1080
Protocol: SOCKS 5
Authentication: NO
[33:08] Starting: Test 1: Connection to the Proxy Server
[33:08] IP Address: 192.168.0.195
[33:08] Connection established
[33:08] Test passed.
[33:08] Starting: Test 2: Connection through the Proxy Server
[33:08] Error : connection to the proxy server was closed unexpectedly.
[33:08] Test failed.
[33:08] Testing Finished.
Re: socks not working at all
hmmm ok, this is junk, socks only work if you deal with IP's[41:11] Testing Started.
Proxy Server
Address: 192.168.0.195:1080
Protocol: SOCKS 4
Authentication: NO
[41:11] Starting: Test 1: Connection to the Proxy Server
[41:11] IP Address: 192.168.0.195
[41:11] Connection established
[41:11] Test passed.
[41:11] Starting: Test 2: Connection through the Proxy Server
[41:11] Connection to 4.59.90.247:80 established through the proxy server.
[41:12] A default web page was successfuly loaded.
[41:12] Test passed.
[41:12] Starting: Test 3: Proxy Server latency
[41:12] Latency < 0 ms
[41:12] Test passed.
[41:12] Testing Finished.
Re: socks not working at all
Yep, that's what I wrote. The fact is, MikroTik's SOCKS implementation is horribly outdated. I hope it gets updated one day, but seeing how it's not exactly widely popular protocol nowadays, I'm not holding my breath. On the other hand, it's extremely simple protocol. Extending it to support at least SOCKS4A (i.e. DNS resolution by server) would take no time. Even basic SOCKS5 support (without udp and fancy authentication types) couldn't require much resources to add, as the differences from SOCKS4 are minimal.
Who is online
Users browsing this forum: Bing [Bot] and 176 guests