Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/leonklingele/sockstun

SOCKSTun – Tunnel TCP sockets through a SOCKS proxy
https://github.com/leonklingele/sockstun

anonymity privacy socks socks-proxy socks5 tor torsocks

Last synced: 22 days ago
JSON representation

SOCKSTun – Tunnel TCP sockets through a SOCKS proxy

Host: GitHub
URL: https://github.com/leonklingele/sockstun
Owner: leonklingele
License: agpl-3.0
Created: 2019-02-12T12:50:14.000Z (almost 6 years ago)
Default Branch: master
Last Pushed: 2021-01-18T09:31:38.000Z (almost 4 years ago)
Last Synced: 2024-06-20T05:22:38.970Z (5 months ago)
Topics: anonymity, privacy, socks, socks-proxy, socks5, tor, torsocks
Language: Go
Size: 92.8 KB
Stars: 6
Watchers: 2
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# SOCKSTun – Tunnel TCP sockets through a SOCKS proxy

[![Build Status](https://travis-ci.org/leonklingele/sockstun.svg?branch=master)](https://travis-ci.org/leonklingele/sockstun)

`sockstun` allows to proxy TCP packets from one socket to another through a SOCKS proxy.

## Why this is useful

Some applications such as Apple's Mail app don't support running with `torsocks`.
If you prefer to connect to your mail server through Tor for privacy reasons, `sockstun` will help you.

## Installation

```sh
go get -u github.com/leonklingele/sockstun/...
sockstun -help
```

## Setup

### Overview

In this setup guide we want to proxy TCP traffic reaching the following local ports through a Tor SOCKS proxy running at `localhost:9125`:

- `localhost:1587` to `mail.leonklingele.de:587` (SMTP submission)
- `localhost:1993` to `mail.leonklingele.de:993` (IMAP)

### Setup guide

First, ensure the domain you want to connect to resolves to localhost, in our case:

```sh
$ echo "127.0.0.1 mail.leonklingele.de" | sudo tee -a /etc/hosts
```

Then, edit `sockstun`'s config file:

```sh
$ cat ~/.sockstun/config.toml
# SOCKS proxy URI
socks_uri = "socks5://localhost:9125"
# Read and write timeout, "0s" for no timeout
rw_timeout = "0s"

# Rule set
[rules]
[rules.mail-leonklingele-imap]
local = "localhost:1993"
remote = "mail.leonklingele.de:993"
[rules.mail-leonklingele-submission]
local = "localhost:1587"
remote = "mail.leonklingele.de:587"
```

__Note__: If using a Tor SOCKS proxy, remember to [not mix modes of anonymity](https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO#Remember:Modesofanonymitydonotmix) and always isolate streams on a per-client-protocol-, per-destination-address- and per-destination-port-basis!
See section [Setting up multiple Tor sessions](#setting-up-multiple-tor-sessions) on how to set up another Tor session.

Now simply start `sockstun`:

```sh
$ sockstun
enabling proxy rule mail-leonklingele-submission (localhost:1587->mail.leonklingele.de:587)
enabling proxy rule mail-leonklingele-imap (localhost:1993->mail.leonklingele.de:993)
```

To test the setup:

```sh
$ openssl s_client -connect mail.leonklingele.de:1993
[..]
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.
fucksy wucksie!!
fucksy BAD Error in IMAP command received by server.
```

Requests to `mail.leonklingele.de:1993` are now being proxied through Tor.

In order for Apple Mail to actually use the new setup, simply open Mail's preferences, and edit your account as follows:

Use Port `1993` instead of `993`:

![mail-settings-imap](https://www.leonklingele.de/sockstun/mail-settings-imap.png?20190212)

Use Port `1587` instead of `587`:

![mail-settings-submission](https://www.leonklingele.de/sockstun/mail-settings-submission.png?20190212)

#### Using Tor Hidden Services (.onion domains)

`sockstun` works with Tor Hidden Services, too!

```sh
$ cat ~/.sockstun/config.toml
# SOCKS proxy URI
socks_uri = "socks5://localhost:9125"
# Read and write timeout, "0s" for no timeout
rw_timeout = "0s"

# Rule set
[rules]
[rules.mail-leonklingele-imap]
local = "localhost:1993"
remote = "gdgd33bknbocpyno5fraft356hh6hc7xaejchjjh4cxnbhxzduq2fiqd.onion:993"
[rules.mail-leonklingele-submission]
local = "localhost:1587"
remote = "gdgd33bknbocpyno5fraft356hh6hc7xaejchjjh4cxnbhxzduq2fiqd.onion:587"
```

### Setting up multiple Tor sessions

It is advised to not use the same Tor instance for traffic of two different anonymity classes. Please read https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO#Remember:Modesofanonymitydonotmix before continuing.

Follow these steps to launch another instance of Tor with a SOCKS proxy listening at `localhost:9125`:

```sh
$ mkdir -p /usr/local/etc/tor/sockstun
$ cat < /usr/local/etc/tor/sockstun/torrc
DataDirectory /usr/local/etc/tor/sockstun
SocksPort 127.0.0.1:9125 IsolateClientProtocol IsolateDestAddr IsolateDestPort
EOF
$ tor -f /usr/local/etc/tor/sockstun/torrc
```