What is Redsocks?

What is Redsocks?

Redsocks is the tool that allows you to proxify(redirect) network traffic through a SOCKS4, SOCKS5 or HTTPs proxy server. The other possible way is to use application level proxy, when the proxy client is implemented in the same language as an application is written in.

What is Tproxy?

iptables has a target called TPROXY which gives us additional flexibility to send intercepted traffic to a specific local IP address and simultaneously mark it too.

What port is Tproxy?

port 25
iptables has a target called TPROXY which gives us additional flexibility to send intercepted traffic to a specific local IP address and simultaneously mark it too. This says: take everything destined for a port 25 on TCP and deliver this for a process listening on 127.0.

How does redsocks work as a DNS server?

The code acts as DNS server that multiplexes several UDP queries into single stream of TCP queries over keep-alive connection to upstream DNS server that should be recursive resolver. TCP connection may be handled by redsocks itself if firewall is configured with corresponding rules.

When is redsocks useful in a firewall?

redsocks – transparent TCP-to-proxy redirector This tool allows you to redirect any TCP connection to SOCKS or HTTPS proxy using your firewall, so redirection may be system-wide or network-wide. When is redsocks useful? you want to route part of TCP traffic via OpenSSH DynamicForward Socks5 port using firewall policies.

How to get the IP address from redsocks?

I started looking into source code of redsocks, one thing I found so far is that redsocks use getsockopt (,SO_ORIGINAL_DST,) to obtain the destination address before DNAT. What’s not clear to me is the following processing, and src/dst ip address of the return packet from redsocks.

Do you need a transparent proxy for redsocks?

That was original redsocks development goal; you use DVB ISP and this ISP provides internet connectivity with some special daemon that may be also called “Internet accelerator” and the accelerator acts as a proxy and has no “transparent proxy” feature and you need it.