Page 1 of 1

Marking Socks Connections

Posted: Wed Jan 04, 2017 11:14 am
by headshoter
Hello,
I need to Route Mark the Socks connections to my router, so after that i can do some PBR.
But i could not get any success. i've tried marking by source address but couldn't get any luck.

P.S:when i dont use socks, and route normally through the MikroTik, the marking and PBR work fine based on source address, but as soon as use socks connection, the marking are not applied so i can't get PBR to work.

what is your suggestion for marking the socks traffic?

Thanks,

Re: Marking Socks Connections

Posted: Wed Jan 04, 2017 6:28 pm
by Sob
You may want to add some more details about what exactly you want to do. SOCKS is proxy, so client connects to router, router connects to target, and all those connections come from process running on router. You can see target addresses and ports, but not anything about client that initiated those connections.

Re: Marking Socks Connections

Posted: Thu Jan 05, 2017 9:22 am
by headshoter
assume that mikrotik has 192.168.1.1 as default gateway, but for socks traffic i want to route the traffic through 10.1.1.1 instead of 192.168.1.1.
i mean on a single LAN, users not using SOCKS should route to 192.168.1.1, and users that are using SOCKS need to be routed to 10.1.1.1
i've also attached a diagram.

Re: Marking Socks Connections

Posted: Thu Jan 05, 2017 9:40 pm
by Sob
I understand what you want, but I don't think it's possible (in a clean no-sideeffects way). Unless there's a feature that I don't know about, that would mark connections made by proxy (I'm pretty sure there isn't, but it could be interesting if it was), you can't tell proxy traffic from other traffic originating from router. What you could do, would be sending forwarded traffic to GW1 and all traffic from router (which would also cover proxied traffic) to GW2. You could set some exceptions, e.g. DNS queries going to GW1, atd.. So it might be usable.

Re: Marking Socks Connections

Posted: Thu Jan 05, 2017 9:48 pm
by pe1chl
Where in the diagram above is the SOCKS proxy located?

Re: Marking Socks Connections

Posted: Fri Jan 06, 2017 1:06 am
by headshoter
I understand what you want, but I don't think it's possible (in a clean no-sideeffects way). Unless there's a feature that I don't know about, that would mark connections made by proxy (I'm pretty sure there isn't, but it could be interesting if it was), you can't tell proxy traffic from other traffic originating from router. What you could do, would be sending forwarded traffic to GW1 and all traffic from router (which would also cover proxied traffic) to GW2. You could set some exceptions, e.g. DNS queries going to GW1, atd.. So it might be usable.
It seems that i have no other choice. Thanks for your help.


Sent from my iPhone using Tapatalk

Re: Marking Socks Connections

Posted: Fri Jan 06, 2017 1:08 am
by headshoter
Where in the diagram above is the SOCKS proxy located?
Proxy client is located on LAN, and the server is mikrotik. Do you have a solution for this case?


Sent from my iPhone using Tapatalk

Re: Marking Socks Connections

Posted: Fri Jan 06, 2017 10:26 am
by pe1chl
No, there is no solution for that case, when you don't want to change anything to the proxy.
When you move the proxy into the MikroTik shown on the picture, perhaps something could be done.
(although I do not have a ready solution for that, either)