Am 26-10-2017 17:40, schrieb Ciprian Dorin Craciun:
On Sun, Oct 22, 2017 at 11:11 PM, Aleksandar Lazic <[email protected]>
wrote:
Currently the socks protocol is not implemented in haproxy.
I was hoping someone had a patch "hidden". :)
Well then it's still hidden ;-)
What flow do you have in mind?
I have a couple of use-cases in mind, like for example:
* SOCKS4 in the backend, would allow HAProxy to route all backend
traffic through a proper SOCKS4 proxy; this might be used as a
poor-man variant of a tunnel, like for example via SSH; (if one makes
HAProxy into a transparent proxy, it could even serve as a layer-7
firewall;)
* SOCKS4 in the frontend, would allow HAProxy to act like a SOCKS4
proxy, and apply for example HTTP routing and filtering; (for example
one configures HAProxy as a SOCKS4 proxy in a browser;)
Basically it allows HAProxy to interoperate with other SOCKS4 proxies
like SSH or Tor.
Sounds interesting even though I can't really help to implement just to
point to some ideas.
As https://en.wikipedia.org/wiki/SOCKS#SOCKS4a have fields maybe you can
use
http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#req.payload
to inspect the content like this example
http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#7.1.5
and create a map for dedicated backends.
It's not that dynamic but maybe a start point.
Or you can add a layer 6 module like the ssl module.
http://cbonte.github.io/haproxy-dconv/1.7/configuration.html#7.3.5
Ciprian.
Regards
Aleks
