Community discussions

MikroTik App
 
theory
just joined
Topic Author
Posts: 1
Joined: Mon Sep 20, 2021 11:49 pm

Mikrotik socks4 works, socks5 doesn't?

Tue Sep 21, 2021 12:48 am

Hi all

I'm trying to get the built-in socks server working on 7.1rc4. When set to version 4, it works:
C:\>curl -v --socks4 192.168.4.253 google.com
* Rebuilt URL to: google.com/
*   Trying 192.168.4.253...
* TCP_NODELAY set
* SOCKS4 communication to google.com:80
* SOCKS4 connect to IPv4 216.58.215.46 (locally resolved)
* SOCKS4 request granted.
* Connected to 192.168.4.253 (192.168.4.253) port 1080 (#0)
> GET / HTTP/1.1
> Host: google.com
> User-Agent: curl/7.55.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Location: http://www.google.com/
...
</BODY></HTML>
* Connection #0 to host 192.168.4.253 left intact

However, when set to version 5, it resets the connection:
C:\>curl -v --socks5-hostname 192.168.4.253 google.com
* Rebuilt URL to: google.com/
*   Trying 192.168.4.253...
* TCP_NODELAY set
* SOCKS5 communication to google.com:80
* SOCKS5 request granted.
* Connected to 192.168.4.253 (192.168.4.253) port 1080 (#0)
> GET / HTTP/1.1
> Host: google.com
> User-Agent: curl/7.55.0
> Accept: */*
>
* Recv failure: Connection was reset
* stopped the pause stream!
* Closing connection 0
curl: (56) Recv failure: Connection was reset

Here's the socks server config:
[...@MikroTik] /ip/socks> print
                  enabled: yes
                     port: 1080
  connection-idle-timeout: 2m
          max-connections: 200
                  version: 5
              auth-method: none
[...@MikroTik] /ip/socks> access
[...@MikroTik] /ip/socks/access> print
Flags: X - disabled 
[...@MikroTik] /ip/socks/access> ../users
[...@MikroTik] /ip/socks/users> print

[...@MikroTik] /ip/socks/users>

Any ideas for how to debug this further?

(To mitigate the XY problem and explain the big picture what I'm hoping to achieve, I want to improve my privacy in terms of what my ISP sees. My RB750GL is in mostly defconf configuration, with LAN masqueraded to ether1 WAN and the ISP upstream of that. I've set up a Wireguard interface and peer to a paid VPN service on the Mikrotik, which is running 7.1rc4. I would tunnel all the traffic through the Wireguard interface, except that would add loads of latency to my online gaming. Rather than trying to whitelist game server IPs one by one, I want to have all LAN traffic be routed as normal, but all traffic originating from the Mikrotik itself routed over the Wireguard interface, socks server connections included. That way, I can game without any additional latency, but then configure Firefox to use the Mikrotik socks proxy for privacy. I have a vague understanding that I'll need to use output chain mangle to apply a routing mark, and then do a routing adjustment somehow, but I don't yet know how to accomplish that. This whole plan is moot if the Mikrotik socks proxy doesn't work, if routing all Mikrotik-originated traffic like that isn't possible, or if the additional firewall rules will cause ordinarily routed LAN traffic to have higher latency, negatively impacting my gaming experience. The alternative is that I leave the Mikrotik as-is and buy a separate device to run the Wireguard tunnel and host a socks proxy, but I'd prefer to use the hardware I already have if possible)

Thanks!
 
neroanelli
just joined
Posts: 1
Joined: Sat Feb 08, 2020 8:05 am

Re: Mikrotik socks4 works, socks5 doesn't?

Wed Nov 17, 2021 12:31 pm

I got the same problem。RB5009UG,7.1rc6.

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], Majestic-12 [Bot], nuwang13, Rhydu and 63 guests