cybozu-go/usocksd cybozu-go/usocksd

  • Stars
    star
    142
  • Rank 251,553 (Top 6 %)
  • Language
    Go
  • License
    MIT License
  • Created over 8 years ago
  • Updated about 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
cybozu-go/usocksd
github

cybozu-go

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

SOCKS4/5 server library and command in Go

GitHub release GoDoc main Go Report Card License

Micro SOCKS server

usocksd is a SOCKS server written in Go.

usocksd/socks is a general purpose SOCKS server library. usocksd is built on it.

Features

  • Support for SOCKS4, SOCKS4a, SOCK5

    • Only CONNECT is supported (BIND and UDP associate is missing).

  • Graceful stop & restart

    • On SIGINT/SIGTERM, usocksd stops gracefully.
    • On SIGHUP, usocksd restarts gracefully.

  • Access log

    Thanks to cybozu-go/log, usocksd can output access logs in structured formats including JSON.

  • Specific network interface

    usocksd can be configured to use specific network interface for outgoing connections.

    It is extremely useful if you want to send all traffic to VPN/Wireguard device or you have multiple network cards.

  • Multiple external IP addresses

    usocksd can be configured to use multiple external IP addresses for outgoing connections.

    usocksd keeps using the same external IP address for a client as much as possible. This means usocksd can proxy passive FTP connections reliably.

    Moreover, you can use a DNSBL service to exclude dynamically from using some undesirable external IP addresses.

  • White- and black- list of sites

    usocksd can be configured to grant access to the sites listed in a white list, and/or to deny access to the sites listed in a black list.

    usocksd can block connections to specific TCP ports, too.

Install

Use a recent version of Go.

go get -u github.com/cybozu-go/usocksd/...

Usage

usocksd [-h] [-f CONFIG]

The default configuration file path is /etc/usocksd.toml.

In addition, usocksd implements the common spec from cybozu-go/well.

usocksd does not have daemon mode. Use systemd to run it on your background.

Configuration file format

usocksd.toml is a TOML file. All fields are optional.

[log]
filename = "/path/to/file"         # default to stderr.
level = "info"                     # critical, error, warning, info, debug
format = "plain"                   # plain, logfmt, json

[incoming]
port = 1080
metrics_port = 1081                # Port number to serve metrics
addresses = ["127.0.0.1"]          # List of listening IP addresses
allow_from = ["10.0.0.0/8"]        # CIDR network or IP address

[outgoing]
allow_sites = [                    # List of FQDN to be granted.
    "www.amazon.com",              # exact match
    ".google.com",                 # subdomain match
]
deny_sites = [                     # List of FQDN to be denied.
    ".2ch.net",                    # subdomain match
    "bad.google.com",              # deny a domain of *.google.com
    "",                            # "" matches non-FQDN (IP) requests.
]
deny_ports = [22, 25]              # Black list of outbound ports
iface = tun0                       # Outgoing traffic binds to specific network interface
addresses = ["12.34.56.78"]        # List of source IP addresses
dnsbl_domain = "some.dnsbl.org"    # to exclude black listed IP addresses

Tuning

If you see usocksd consumes too much CPU, try setting GOGC to higher value, say 300.

License

MIT

More Repositories

1

transocks

Transparent SOCKS5 / HTTP proxy in Go
Go
465
star
2

moco

MySQL operator on Kubernetes using GTID-based semi-synchronous replication.
Go
246
star
3

neco

Project Neco
Go
229
star
4

cke

Cybozu Kubernetes Engine
Go
183
star
5

coil

CNI plugin for Kubernetes designed for scalability and extensibility
Go
156
star
6

well

Go framework for well-behaving commands
Go
125
star
7

goma

An extensible monitoring agent in Go.
Go
124
star
8

aptutil

Go utilities for Debian APT repositories
Go
123
star
9

sabakan

A versatile network boot server for large data centers
Go
113
star
10

placemat

Virtual data center construction tool
Go
82
star
11

etcdpasswd

Distributed Linux user management using etcd
Go
44
star
12

accurate

Kubernetes controller for multi-tenancy. It propagates resources between namespaces accurately and allows tenant users to create/delete sub-namespaces.
Go
28
star
13

log

Logging framework for Cybozu Go products
Go
28
star
14

contour-plus

Enhance contour for external-dns and cert-manager
Go
25
star
15

meows

Kubernetes controller for GitHub actions self-hosted runners
Go
19
star
16

netutil

Add-ons for Go networking
Go
15
star
17

kkok

Alert routing and filtering service
Go
10
star
18

scim

generic SCIM server/client library in Go
Go
7
star
19

cat-gate

A Kubernetes controller to delay pod deployment using scheduling gates
Go
5
star
20

setup-hw

Build container image to configure BMC and BIOS
Go
5
star
21

nginx-i2c

ip2country.conf generation tool for nginx
Go
4
star
22

options

A small library that provides Option[T], which represents an optional value of type T
Go
4
star
23

scim-server

Go
4
star
24

pod-security-admission

A Kubernetes admission webhook to ensure pod security standards
Go
4
star
25

nyamber

Custom controllers to create Neco environment
Go
1
star
26

neco-template

Template repository for Neco
Makefile
1
star
27

neco-gcp

GCP management tools for project Neco
Go
1
star
28

necotiator

ResourceQuota Controller for soft multi-tenancy
Go
1
star
29

tenet

Tenet is a Kubernetes controller that aims to facilitate setting-up Network Policies on tenant namespaces.
Go
1
star
30

necoperf

necoperf provides the ability to easily retrieve profiles of containers running on Kubernetes.
Go
1
star