ajmwagar / merino Goto Github PK

:sheep: A SOCKS5 Proxy server written in Rust

License: MIT License

Rust 97.10% Dockerfile 2.90%

socks5 socks5-proxy socks5-server proxy proxy-server

merino's Introduction

                     _
 _ __ ___   ___ _ __(_)_ __   ___
| '_ ` _ \ / _ \ '__| | '_ \ / _ \
| | | | | |  __/ |  | | | | | (_) |
|_| |_| |_|\___|_|  |_|_| |_|\___/

A SOCKS5 Proxy server written in Rust

🎁 Features

Written in 100% Safe Rust
Multi-threaded connection handler
Lightweight (Less than 0.6% CPU usage while surfing the web/streaming YouTube)
Standalone binary (no system dependencies)
1+ Gb/second connection speeds (On Gigabit LAN network over ethernet. Results may vary!)
Tunable logging (by flags or RUST_LOG environmental variable)
SOCKS5 Compatible Authentication methods:
- NoAuth
- Username & Password
- GSSAPI Coming Soon!

📦 Installation & 🏃 Usage

Installation

cargo install merino

git clone https://github.com/ajmwagar/merino
cd merino
cargo install --path .

docker image pull ghcr.io/ajmwagar/merino:latest

Usage

# Start a SOCKS5 Proxy server listening on port 1080 without authentication
merino --no-auth

# Use username/password authentication and read users from users.csv
merino --users users.csv

# Display a help menu
merino --help

docker container run --pull=always --name=merino -p=8001:8001 ghcr.io/ajmwagar/merino:latest --no-auth --port=8001

🚥 Roadmap

merino's People

Contributors

Stargazers

Watchers

merino's Issues

failed to fill whole buffer

hi buddy
I got this error:
ERROR merino > Error! failed to fill whole buffer

Block ip list such as localhost

someone connecting to the socks proxy can attempt to connect to 127.0.0.1 which can potentially be insecure as that can give access to ports that shouldn't be exposed to the internet.

AddrTypeNotSupported

Address detection error? For 35.185.44.232

curl -4vv 35.185.44.232 -qqss  --socks5 "socks5://192.168.12.122:18818"
*   Trying 192.168.12.122:18818...
* SOCKS5 connect to IPv4 35.185.44.232:80 (locally resolved)
* Can't complete SOCKS5 connection to 35.185.44.232. (8)
* Closing connection 0

curl -4vv 35.185.44.232 -qqss  --socks5 "socks5h://192.168.12.122:18818"
*   Trying 192.168.12.122:18818...
* Can't complete SOCKS5 connection to 35.185.44.232. (8)
* Closing connection 0

server log

 2022-12-08T18:37:17.824Z DEBUG merino > New connection
 2022-12-08T18:37:17.824Z TRACE merino > Version: 5 Auth nmethods: 2
 2022-12-08T18:37:17.824Z DEBUG merino > Authenticating
 2022-12-08T18:37:17.824Z TRACE merino > methods: [0]
 2022-12-08T18:37:17.824Z DEBUG merino > Sending NOAUTH packet
 2022-12-08T18:37:17.824Z DEBUG merino > NOAUTH sent
 2022-12-08T18:37:17.824Z DEBUG merino > Starting to relay data
 2022-12-08T18:37:17.824Z TRACE merino > Server waiting for connect
 2022-12-08T18:37:17.824Z TRACE merino > Server received [5, 1, 0, 1]
 2022-12-08T18:37:17.824Z TRACE merino > Getting Addr
 2022-12-08T18:37:17.824Z INFO  merino > New Request: Command: Connect Addr: 35.185.44.232, Port: 80
 2022-12-08T18:37:17.824Z DEBUG merino > Handling CONNECT Command
 2022-12-08T18:37:17.824Z TRACE merino > Connecting to: [35.185.44.232:80]
 2022-12-08T18:37:17.876Z ERROR merino > Error! Socks(AddrTypeNotSupported), client: 192.168.12.122:40986

Completely broken

This package is completely broken, can't enable authentication anyway

# merino --users users.csv --port 3080
ERROR merino > Error! failed to fill whole buffer

WARN merino > Init: Unsupported version: SOCKS67

I am able to build and run Merino but when I attempt to connect with or without authentication, using dns or the IP of the host I get the following error.
WARN merino > Init: Unsupported version: SOCKS67

Allow only some remote IPs

Hi, I know this is an open source project (thank you!), and I cannot demand anything.
Anyhow, maybe it's just a simple change. Instead of user/pass auth I would like to allow a single remote IP address only (maybe more advanced with CIDR notation).
Thanks

Error invalid socket address syntax when trying to connect Prowlarr to socks5 merino proxy

I want to route traffic from Prowlarr through my merino proxy. I've got it all setup but whenever Prowlarr tries to communicate with anything, I get that error. Connect Addr seems to be empty.

Prowlarr is running in a docker container.

Settings:

Support outbound socket bind interface

Are there any plans to provide the ability to bind a network interface for outbound like glider?

More details: https://github.com/nadoo/glider/blob/master/config/glider.conf.example#L271

Can someone give me a light into how might I set or modify request Headers

This kind of great tool makes rust such a great language,

Really nice work,

I want to know if there is a way to modify the Headers of requests, does anyone have any clue?

ldap auth

Could merino use a ldap server (for example https://github.com/nitnelave/lldap) to authenticate users ?

Invalid IP address

# merino -i 0.0.0.0 -p 1110 --no-auth
 2019-12-19T13:57:58.746 INFO  merino > New Request: Source: 113.xx.xx.xx, Command: Connect Addr: , Port: 29555
 2019-12-19T13:57:58.746 ERROR merino > Error! invalid IP address syntax

Please publish docker image on a public docker registry, like Docker Hub or GitHub Container Registry

I would like to use merino on Google Container-Optimized OS, which is a hardened distro that only runs containers. It would be nice if I didn't have to build the merino image myself. I looked at the Dockerfile you already have and it LGTM 🙂👍 Can you please publish the image on a public docker registry, like Docker Hub or GitHub Container Registry? 🙏

Here's a GitHub workflow I use to publish one of my images to GHCR.

name: Release

on:
  push:
    branches:
      - master

jobs:
  build_and_upload_image:
    runs-on: ubuntu-latest
    steps:
      - name: Set up Docker buildx
        uses: docker/setup-buildx-action@v2
      - name: Log in to GHCR
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ github.token }}
      - name: Build and Push
        uses: docker/build-push-action@v4
        with:
          platforms: linux/amd64,linux/arm64,darwin/amd64,darwin/arm64
          pull: true
          push: true
          tags: ghcr.io/${{ github.repository }}:latest
          cache-from: type=gha
          # mode=max means "cache everything possible". This ensures maximum
          # use of the cache, but will use up GitHub's 10 GB cache size limit
          # faster.
          cache-to: type=gha,mode=max

This is using the latest GitHub+docker buildx features to build the image as quickly as possible (using layer caching provided by GitHub Actions).

I'd be happy to submit this as an PR, along with some README instructions about how to docker pull the image.

Whether UDP is supported

If not, is there a plan for the follow-up

Async feature

Hi,

Have you planned to rewrite your code using async / await ?

Thx

For some reason the vector needs to actually be full

I'm not agree.

// For some reason the vector needs to actually be full
            for _ in 0..plen[0] {
                password.push(0);
            }

for me this code leads to program freezing when i use proxy in curl

➜  ~ curl -v --proxy socks5://admin:[email protected]:1080 https://ipapi.co/json/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* SOCKS5 communication to ipapi.co:443
^C

Debug output in merino

 2021-12-11T14:40:09.628 TRACE merino > Loaded user: admin
 2021-12-11T14:40:09.629 TRACE merino > Loaded user: ajmwagar
 2021-12-11T14:40:09.629 INFO  merino > Listening on 127.0.0.1:1080
 2021-12-11T14:40:09.629 TRACE mio::poll > registering event source with poller: token=Token(1), interests=READABLE | WRITABLE
 2021-12-11T14:40:09.629 INFO  merino    > Serving Connections...
 2021-12-11T14:40:11.583 TRACE mio::poll > registering event source with poller: token=Token(2), interests=READABLE | WRITABLE
 2021-12-11T14:40:11.583 DEBUG merino    > New connection from: 127.0.0.1
 2021-12-11T14:40:11.583 TRACE merino    > Version: 5 Auth nmethods: 3
 2021-12-11T14:40:11.583 DEBUG merino    > Authenticating w/ 127.0.0.1
 2021-12-11T14:40:11.583 TRACE merino    > methods: [2]
 2021-12-11T14:40:11.583 DEBUG merino    > Sending USER/PASS packet

Tested on OSX rust release: 1.56.0

curl cannot link

Run by default

git clone ...
cargo build --release
./merino

curl send request

curl -x socks5://admin:[email protected]:1080  http://www.google.com

log:

 2020-05-03T20:21:29.221 INFO  merino > Listening on 127.0.0.1:1080
 2020-05-03T20:21:29.221 INFO  merino > Serving Connections...
 2020-05-03T20:21:34.955 WARN  merino > Client has no suitable Auth methods!
 2020-05-03T20:21:34.956 ERROR merino > Error! SOCKS5 Server Failure
 2020-05-03T20:21:34.956 WARN  merino > Failed to send error code
 2020-05-03T20:21:34.956 WARN  merino > Failed to shutdown TcpStream

Got errors about `os error 24` and `failed to lookup address information`

I got some error messages like these when I use merino --no-auth:

2019-10-16T14:32:45.816 ERROR merino > Error! Too many open files (os error 24)
2019-10-16T14:32:45.888 ERROR merino > Error! failed to lookup address information: nodename nor servname provided, or not known

env: macOS 10.13.4 / rustc 1.38.0