chisel icon indicating copy to clipboard operation
chisel copied to clipboard
verified publisher icon jpillora

Added socks5 auth and filters

Open marcino239 opened this issue 4 years ago • 1 comments

Hi,

I've added two options:

  • --socks5-auth - to specify socks5 credentials
  • --socks5-allowed-hosts - to specify a simple filter

Hope you find those useful

Best Regards, Marcino239

marcino239 avatar Mar 25 '21 20:03 marcino239

How does the authentication work? I've tested this (added --socks5-auth), but I'm still able to connect with and without passing credentials. I'm sure the code is reached, because entering wrong credentials format (e.g no colon) does exit the client immediately.

EDIT: I hardcoded credentials into the socks5 server and then it works! Printing the config.socks5Config.Auth results in an empty string The socks5 server is started, when passing them to the chisel client, but at the server side (not having those config in its struct)

Actually, the --socks5-auth value should be sent over the tunnel when connected and used when creating the socks5 server at the server side, because it's a socks server foreach tunnel/client. It is possible to sent them to the server together within the SshRequest with the Version and the Remotes (Client.computed object) and use them in the creation of the socks5 server. For a (reverse) socks server at the client, the credentials are available already

kblanckaert avatar Jan 11 '23 15:01 kblanckaert