dannote / socks-nginx-module Goto Github PK
View Code? Open in Web Editor NEWAn nginx_http_proxy_module fork with SOCKS5 support
An nginx_http_proxy_module fork with SOCKS5 support
Tested with socks_set_host to https://domain.name/ failed.
How can I use this module to connect to some https connection on some specific port. The website says all ngx_http_proxy_module
directives are supported. How to use proxy_ssl_certificate
, etc with this module ?
what i was doing is , i was using socks-nginx-module to connect to TOR network which was listening on 127.0.0.1:9050 and then using Host header to request .onion site , i.e. i was doing reverse proxy to .onion website over TOR network using nginx and socks-nginx-module + TOR .
but if the .onion site is dead or the proxy stops i.e. TOR stops workiong then somehow nginx is crashing, my other sites were throwing 502 too.
here is the log
[root@testing deploy]# cat /usr/local/nginx/logs/error.log
2017/01/01 21:57:54 [error] 20552#0: *397411 connect() failed (111: Connection refused) while connecting to upstream, client: 173.245.50.159, server: example.com, request: "GET /df80f81238e3a2fee528100ea777ff4a4b99ba03 HTTP/1.1", upstream: "socks5://127.0.0.1:9050/df80f81238e3a2fee528100ea777ff4a4b99ba03", host: "example.com"
2017/01/01 21:57:55 [alert] 20127#0: worker process 20552 exited on signal 11
2017/01/01 21:57:56 [error] 20550#0: *397433 connect() failed (111: Connection refused) while connecting to upstream, client: 108.162.229.151, server: example.com, request: "GET /4dda81d88c3ceddbcf08a5a6202a680a1eb50722 HTTP/1.1", upstream: "socks5://127.0.0.1:9050/4dda81d88c3ceddbcf08a5a6202a680a1eb50722", host: "example.com"
2017/01/01 21:57:57 [alert] 20127#0: worker process 20550 exited on signal 11
2017/01/01 21:59:47 [error] 20555#0: *398595 connect() failed (111: Connection refused) while connecting to upstream, client: 141.101.69.36, server: example.com, request: "GET /search?f=everyday HTTP/1.1", upstream: "socks5://127.0.0.1:9050/search?f=everyday", host: "example.com"
2017/01/01 21:59:47 [alert] 20127#0: worker process 20555 exited on signal 11
2017/01/01 21:59:47 [error] 20557#0: *398607 connect() failed (111: Connection refused) while connecting to upstream, client: 141.101.69.108, server: example.com, request: "GET /search?f=Imax%20english HTTP/1.1", upstream: "socks5://127.0.0.1:9050/search?f=Imax%20english", host: "example.com"
2017/01/01 21:59:48 [alert] 20127#0: worker process 20557 exited on signal 11
2017/01/01 21:59:48 [error] 20560#0: *398614 connect() failed (111: Connection refused) while connecting to upstream, client: 141.101.69.216, server: example.com, request: "GET /f693e6303e797afc3dce48a31c46575c5a9ce57a HTTP/1.1", upstream: "socks5://127.0.0.1:9050/f693e6303e797afc3dce48a31c46575c5a9ce57a", host: "example.com"
2017/01/01 21:59:48 [alert] 20127#0: worker process 20560 exited on signal 11
2017/01/01 21:59:49 [error] 20551#0: *398622 connect() failed (111: Connection refused) while connecting to upstream, client: 141.101.69.36, server: example.com, request: "GET /search?f=mon HTTP/1.1", upstream: "socks5://127.0.0.1:9050/search?f=mon", host: "example.com"
2017/01/01 21:59:49 [error] 20561#0: *398624 connect() failed (111: Connection refused) while connecting to upstream, client: 173.245.50.159, server: example.com, request: "GET /f7b11081fcd6e72d4cc5a9aa43bcbd336ede22d6 HTTP/1.1", upstream: "socks5://127.0.0.1:9050/f7b11081fcd6e72d4cc5a9aa43bcbd336ede22d6", host: "example.com"
2017/01/01 21:59:49 [alert] 20127#0: worker process 20561 exited on signal 11
2017/01/01 21:59:50 [alert] 20127#0: worker process 20551 exited on signal 11
2017/01/01 21:59:55 [error] 20563#0: *398680 connect() failed (111: Connection refused) while connecting to upstream, client: 162.158.69.6, server: example.com, request: "GET /0b1cb8ea4a2aa41cca07b5a87d026f6d4d5c67f5 HTTP/1.1", upstream: "socks5://127.0.0.1:9050/0b1cb8ea4a2aa41cca07b5a87d026f6d4d5c67f5", host: "example.com"
2017/01/01 21:59:55 [alert] 20127#0: worker process 20563 exited on signal 11
2017/01/01 21:59:58 [error] 20565#0: *398719 connect() failed (111: Connection refused) while connecting to upstream, client: 108.162.229.199, server: example.com, request: "GET /search?f=10,5%20big HTTP/1.1", upstream: "socks5://127.0.0.1:9050/search?f=10,5%20big", host: "example.com"
2017/01/01 21:59:59 [alert] 20127#0: worker process 20565 exited on signal 11
2017/01/01 21:59:59 [error] 20553#0: *398728 connect() failed (111: Connection refused) while connecting to upstream, client: 108.162.221.55, server: example.com, request: "GET /a241b8d8a9f2b8d1ba0bba3338412ef7a6da0974 HTTP/1.1", upstream: "socks5://127.0.0.1:9050/a241b8d8a9f2b8d1ba0bba3338412ef7a6da0974", host: "example.com"
2017/01/01 21:59:59 [error] 20567#0: *398730 connect() failed (111: Connection refused) while connecting to upstream, client: 173.245.50.189, server: example.com, request: "GET /b0890b3e953ee03e59f0a150efe57d97831b81bb HTTP/1.1", upstream: "socks5://127.0.0.1:9050/b0890b3e953ee03e59f0a150efe57d97831b81bb", host: "example.com"
thanks.
I insert this to nginx.conf,but can not start nginx.
location / { socks_set_header Host $http_host; socks_set_header Proxy-Connection ''; socks_pass_header Server; socks_redirect off; socks_http_version 1.1; socks_tunnel_header X-Connect; socks_buffers 16 16k; socks_buffer_size 32k; socks_cache proxy; socks_cache_valid 30s; socks_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; socks_pass socks5://127.0.0.1:1080; }
like this
server { listen 1080; location / { socks_set_header Host $http_host; socks_set_header Proxy-Connection ''; socks_pass_header Server; socks_redirect off; socks_http_version 1.1; socks_tunnel_header X-Connect; socks_buffers 16 16k; socks_buffer_size 32k; socks_cache proxy; socks_cache_valid 30s; socks_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; socks_pass socks5://127.0.0.1:1080; } }
can you help me.or can you provide your nginx.conf to me.thank you very much.
s -I src/http -I src/http/modules \
-o objs/src/http/modules/ngx_http_upstream_zone_module.o \
src/http/modules/ngx_http_upstream_zone_module.c
cc -c -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I src/core -I src/event -I src/event/modules -I src/event/quic -I src/os/unix -I objs -I src/http -I src/http/modules \
-o objs/addon/src/ngx_http_socks_module.o \
../socks-nginx-module/src/ngx_http_socks_module.c
../socks-nginx-module/src/ngx_http_socks_module.c: In function ‘ngx_http_socks_create_request’:
../socks-nginx-module/src/ngx_http_socks_module.c:991:33: error: ‘ngx_http_request_t’ {aka ‘struct ngx_http_request_s’} has no member named ‘space_in_uri’; did you mean ‘plus_in_uri’?
991 | if (r->quoted_uri || r->space_in_uri || r->internal) {
| ^~~~~~~~~~~~
| plus_in_uri
../socks-nginx-module/src/ngx_http_socks_module.c: In function ‘ngx_http_socks_add_x_forwarded_for_variable’:
../socks-nginx-module/src/ngx_http_socks_module.c:2228:38: error: ‘r->headers_in.x_forwarded_for’ is a pointer; did you mean to use ‘->’?
2228 | n = r->headers_in.x_forwarded_for.nelts;
| ^
| ->
../socks-nginx-module/src/ngx_http_socks_module.c:2229:38: error: ‘r->headers_in.x_forwarded_for’ is a pointer; did you mean to use ‘->’?
2229 | h = r->headers_in.x_forwarded_for.elts;
| ^
| ->
../socks-nginx-module/src/ngx_http_socks_module.c: In function ‘ngx_http_socks_init_headers’:
../socks-nginx-module/src/ngx_http_socks_module.c:3260:26: error: cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t *)’ {aka ‘long unsigned int (*)(ngx_http_script_engine_t *)’} to ‘void (*)(ngx_http_script_engine_t *)’ [-Werror=cast-function-type]
3260 | copy->code = (ngx_http_script_code_pt)
| ^
../socks-nginx-module/src/ngx_http_socks_module.c:3295:26: error: cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t *)’ {aka ‘long unsigned int (*)(ngx_http_script_engine_t *)’} to ‘void (*)(ngx_http_script_engine_t *)’ [-Werror=cast-function-type]
3295 | copy->code = (ngx_http_script_code_pt)
| ^
../socks-nginx-module/src/ngx_http_socks_module.c:3336:26: error: cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t *)’ {aka ‘long unsigned int (*)(ngx_http_script_engine_t *)’} to ‘void (*)(ngx_http_script_engine_t *)’ [-Werror=cast-function-type]
3336 | copy->code = (ngx_http_script_code_pt)
| ^
cc1: all warnings being treated as errors
make[1]: *** [objs/Makefile:1218: objs/addon/src/ngx_http_socks_module.o] Error 1
make[1]: Leaving directory '/home/harry/tmp/nginx-1.25.1'
make: *** [Makefile:10: build] Error 2
harry@host2:~/tmp/nginx-1.25.1$
Hello.
I am trying to rebuild nginx package with the socks module support, but have some errors (
/home/thestanislav/nginx/nginx-1.6.2/debian/modules/socks-nginx-module/src/ngx_http_socks_module.c:3898:26: warning: assignment makes pointer from integer without a cast
slcf->upstream.cache = 1;
^
/home/thestanislav/nginx/nginx-1.6.2/debian/modules/socks-nginx-module/src/ngx_http_socks_module.c:3912:23: error: ‘ngx_http_upstream_conf_t’ has no member named ‘cache_value’
slcf->upstream.cache_value = ngx_palloc(cf->pool,
^
/home/thestanislav/nginx/nginx-1.6.2/debian/modules/socks-nginx-module/src/ngx_http_socks_module.c:3914:27: error: ‘ngx_http_upstream_conf_t’ has no member named ‘cache_value’
if (slcf->upstream.cache_value == NULL) {
^
/home/thestanislav/nginx/nginx-1.6.2/debian/modules/socks-nginx-module/src/ngx_http_socks_module.c:3918:24: error: ‘ngx_http_upstream_conf_t’ has no member named ‘cache_value’
*slcf->upstream.cache_value = cv;
^
/home/thestanislav/nginx/nginx-1.6.2/debian/modules/socks-nginx-module/src/ngx_http_socks_module.c:3918:37: error: incompatible types when assigning to type ‘ngx_command_t’ from type ‘ngx_http_complex_value_t’
*slcf->upstream.cache_value = cv;
^
/home/thestanislav/nginx/nginx-1.6.2/debian/modules/socks-nginx-module/src/ngx_http_socks_module.c:3923:19: error: ‘ngx_http_upstream_conf_t’ has no member named ‘cache_zone’
slcf->upstream.cache_zone = ngx_shared_memory_add(cf, &value[1], 0,
^
/home/thestanislav/nginx/nginx-1.6.2/debian/modules/socks-nginx-module/src/ngx_http_socks_module.c:3925:23: error: ‘ngx_http_upstream_conf_t’ has no member named ‘cache_zone’
Looks like only support domain connect mode for now?
how to support ipv4 mode ?
buf[0] = NGX_HTTP_SOCKS_VERSION;
buf[1] = NGX_HTTP_SOCKS_CMD_CONNECT;
buf[2] = NGX_HTTP_SOCKS_RESERVED;
//buf[3] = NGX_HTTP_SOCKS_ADDR_DOMAIN_NAME;
buf[3] = NGX_HTTP_SOCKS_ADDR_IPv4; (relpace this will be ok?)
buf[4] = host_len;
*(u_short*) (buf + len - 2) = ntohs(port);
ngx_memcpy(buf + 5, ctx->host.data, host_len);
thanks。。
issue fixed
rt
Hi, I'm using the socks plugin to route a request via a socks proxy. I have tried a simple loopback i.e. request example.com -> (socks proxy) -> example.com
Request example.com resolves to machine A and connects to nginx
SOCKS5 proxy listening at localhost:xxx on machine A, connected to machine B.
Request is routed via the SOCKS5 proxy but when trying to do the HTTP request I get HTTP 400 error.
Here's the access log:
"GET\x00/IJKT_QHYF/index.php/DGH_Wiki/ HTTP/1.1" 400 173 "-" "-"
as apposed to a normal request directly to example.com (machine A):
"GET /IJKT_QHYF/index.php/DGH_Wiki/ HTTP/1.1" 401 597 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)"
As you can see the HTTP headers are garbled with \x00 encoded between GET and the location.
i am trying to build nginx 1.11.8 on cent os x64 with socks-nginx-module, i have tried building with 1.11.5 and it completes successfully, but with 1.11.8 i get
-o objs/addon/src/ngx_http_socks_upstream.o \
/home/deploy/socks-nginx-module/src/ngx_http_socks_upstream.c
/home/deploy/socks-nginx-module/src/ngx_http_socks_upstream.c: In function ‘ngx_http_socks_upstream_send_response’:
/home/deploy/socks-nginx-module/src/ngx_http_socks_upstream.c:2755:45: error: ‘ngx_http_file_cache_t’ has no member named ‘temp_path’
if (r->cache && r->cache->file_cache->temp_path) {
^
/home/deploy/socks-nginx-module/src/ngx_http_socks_upstream.c:2756:54: error: ‘ngx_http_file_cache_t’ has no member named ‘temp_path’
p->temp_file->path = r->cache->file_cache->temp_path;
^
/home/deploy/socks-nginx-module/src/ngx_http_socks_upstream.c: In function ‘ngx_http_socks_upstream_add’:
/home/deploy/socks-nginx-module/src/ngx_http_socks_upstream.c:4794:21: error: ‘ngx_http_upstream_srv_conf_t’ has no member named ‘default_port’
if (uscfp[i]->default_port && u->default_port
^
/home/deploy/socks-nginx-module/src/ngx_http_socks_upstream.c:4795:24: error: ‘ngx_http_upstream_srv_conf_t’ has no member named ‘default_port’
&& uscfp[i]->default_port != u->default_port)
^
/home/deploy/socks-nginx-module/src/ngx_http_socks_upstream.c:4817:9: error: ‘ngx_http_upstream_srv_conf_t’ has no member named ‘default_port’
uscf->default_port = u->default_port;
^
make[1]: *** [objs/addon/src/ngx_http_socks_upstream.o] Error 1
make[1]: Leaving directory `/home/deploy/nginx-1.11.8'
make: *** [build] Error 2
thanks
./configure --prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib64/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--user=nginx \
--group=nginx \
--build=Fedora \
--builddir=nginx-1.18.0 \
--with-select_module \
--with-poll_module \
--with-threads \
--with-file-aio \
--with-http_ssl_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_geoip_module=dynamic \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_auth_request_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_degradation_module \
--with-http_slice_module \
--with-http_stub_status_module \
--with-http_perl_module=dynamic \
--with-perl_modules_path=/usr/lib64/perl5 \
--with-perl=/usr/bin/perl \
--http-log-path=/var/log/nginx/access.log \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--with-mail=dynamic \
--with-mail_ssl_module \
--with-stream=dynamic \
--with-stream_ssl_module \
--with-stream_realip_module \
--with-stream_geoip_module=dynamic \
--with-stream_ssl_preread_module \
--with-compat \
--with-pcre=../pcre-8.44 \
--with-pcre-jit \
--with-zlib=../zlib-1.2.11 \
--with-openssl=../openssl-1.1.1j \
--with-openssl-opt=no-nextprotoneg \
--add-module=../socks-nginx-module \
--with-debug
../socks-nginx-module/src/ngx_http_socks_module.c: In function ‘ngx_http_socks_init_headers’:
../socks-nginx-module/src/ngx_http_socks_module.c:3260:26: error: cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t *)’ {aka ‘long unsigned int (*)(ngx_http_script_engine_t *)’} to ‘void (*)(ngx_http_script_engine_t *)’ [-Werror=cast-function-type]
3260 | copy->code = (ngx_http_script_code_pt)
| ^
../socks-nginx-module/src/ngx_http_socks_module.c:3295:26: error: cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t *)’ {aka ‘long unsigned int (*)(ngx_http_script_engine_t *)’} to ‘void (*)(ngx_http_script_engine_t *)’ [-Werror=cast-function-type]
3295 | copy->code = (ngx_http_script_code_pt)
| ^
../socks-nginx-module/src/ngx_http_socks_module.c:3336:26: error: cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t *)’ {aka ‘long unsigned int (*)(ngx_http_script_engine_t *)’} to ‘void (*)(ngx_http_script_engine_t *)’ [-Werror=cast-function-type]
3336 | copy->code = (ngx_http_script_code_pt)
| ^
cc1: all warnings being treated as errors
make[1]: *** [nginx-1.18.0/Makefile:1540: nginx-1.18.0/addon/src/ngx_http_socks_module.o] Error 1
make[1]: Leaving directory '/root/nginx-1.18.0'
make: *** [Makefile:8: build] Error 2
cc -c -pipe -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I src/core -I src/event -I src/event/modules -I src/os/unix -I objs -I src/http -I src/http/modules -I src/http/v2 \
-o objs/addon/src/ngx_http_socks_module.o \
../socks-nginx-module/src/ngx_http_socks_module.c
../socks-nginx-module/src/ngx_http_socks_module.c: In function ‘ngx_http_socks_init_headers’:
../socks-nginx-module/src/ngx_http_socks_module.c:3260:26: error: cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t *)’ {aka ‘long unsigned int (*)(struct <anonymous> *)’} to ‘void (*)(ngx_http_script_engine_t *)’ {aka ‘void (*)(struct <anonymous> *)’} [-Werror=cast-function-type]
3260 | copy->code = (ngx_http_script_code_pt)
| ^
../socks-nginx-module/src/ngx_http_socks_module.c:3295:26: error: cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t *)’ {aka ‘long unsigned int (*)(struct <anonymous> *)’} to ‘void (*)(ngx_http_script_engine_t *)’ {aka ‘void (*)(struct <anonymous> *)’} [-Werror=cast-function-type]
3295 | copy->code = (ngx_http_script_code_pt)
| ^
../socks-nginx-module/src/ngx_http_socks_module.c:3336:26: error: cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t *)’ {aka ‘long unsigned int (*)(struct <anonymous> *)’} to ‘void (*)(ngx_http_script_engine_t *)’ {aka ‘void (*)(struct <anonymous> *)’} [-Werror=cast-function-type]
3336 | copy->code = (ngx_http_script_code_pt)
|
Hi,
I would like to try out your module, but I really don't know how to install it into my Nginx.
Any help ?
Thanks
I would appreciate it if you could convert the config file to the new style so it could be built as a dynamic module for nginx > 1.9.13.
I use nginx 1.11.5 installed from nginx-repository and it would be nice to load your module as a dynamic module into nginx instead of compiling it inside the server.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.