🧦 SOCKS5 proxies
![artistical representation of rama socks5 proxy as llama carying cargo through space while wearing socks](../img/proxy_llama_socks5.jpeg)
There are currently
no examples found in the /examples
dir
on how to create such a proxy using rama. If you are interested in contributing this
you can create an issue at https://github.com/plabayo/rama/issues and we'll
help you to get this shipped.
Description
You'll notice that the above graph is the exact same one used in the http(s) Proxies chapter. This is no coincidence, as topology wise they are the same.
The key differences are:
- SOCKS5 proxies do not operate on the application layer, and sit directly on the application layer;
- This means they have no need to touch for example the http packets at all, unless they want to;
- It is also one of the reasons that they are typically said to be faster, given the SOCKS protocol, is fairly trivial and cheaply to interpret;
- These proxies also support UDP traffic, which is not commonly associated with HTTP proxies;
The SOCKS5 protocol is however in plaintext, just like is the case with HTTP Proxy authentication. Depending on your client support you can tunnel it through a TLS connection, which from the Rama proxy perspective you can easily achieve.
Similar to HTTP proxies, a SOCKS5 proxy can only do routing of connections, but can just as easily sniff the application packets and as such be a MITM proxy. It can even go further and actively mold the packets and therefore be more of a Distortion proxy.
Transport Proxies
Proxies that operate on the TCP/UDP layers are also referred to as "transport proxies". Socks5 proxies are an example of this. An http proxy can also be a transport proxy, and in fact most commcercial proxies out in the wild are just that. The key difference with socks5 proxies is however that for plain text requests it is still the (http) proxy that will see the http request to be proxied, while even for plain text requests (read: not encrypted with TLS) socks5 proxies do not have to see the requests.
That said, regardless if you expose yourself as an http proxy or socks5 proxy, you can if you want to still run your proxy as a Man In The Middle Proxy, and at that point you are no longer a transport proxy, but do see the http requests coming by, regardless if they were initially secured via tls.