为什么 SOCKS5 需要通过 UDP 中继 UDP? [英] Why does SOCKS5 require to relay UDP over UDP?
问题描述
SOCKS5 协议,由 RFC1928 提供对 UDP 的支持.
The SOCKS5 protocol, described by RFC1928 provides support for UDP.
总而言之,希望通过 SOCKS5 服务器中继 UDP 数据包的客户端必须至少:
To summarize, a client wishing to relay UDP packets through a SOCKS5 server must, at least:
- 打开到 SOCKS5 服务器的 TCP 连接;
- 发送
UDP ASSOCIATE请求(参见 第 4 节a>); - 从服务器接收地址和端口,它必须发送UDP数据包进行中继;
- 将数据报 (UDP) 发送到该地址,并封装了一些标头(参见 第 7 节).
- open a TCP connection to the SOCKS5 server;
- send a
UDP ASSOCIATErequest (cf section 4); - receive from the server the address and port where it must send UDP packets to be relayed;
- send datagrams (UDP) to that address, encapsulated with some headers (cf section 7).
以下是一些相关引文,来自第 6 节:
Here are some relevant quotations, from section 6:
当 UDP ASSOCIATE 请求到达的 TCP 连接终止时,UDP 关联终止.
A UDP association terminates when the TCP connection that the UDP ASSOCIATE request arrived on terminates.
在对 UDP ASSOCIATE 请求的回复中,BND.PORT 和 BND.ADDR 字段指示客户端必须发送要中继的 UDP 请求消息的端口号/地址.
In the reply to a UDP ASSOCIATE request, the BND.PORT and BND.ADDR fields indicate the port number/address where the client MUST send UDP request messages to be relayed.
和第 7 节:
基于 UDP 的客户端必须在响应 UDP ASSOCIATE 请求时在 BND.PORT 指示的 UDP 端口将其数据报发送到 UDP 中继服务器.
A UDP-based client MUST send its datagrams to the UDP relay server at the UDP port indicated by BND.PORT in the reply to the UDP ASSOCIATE request.
为什么这么复杂?为什么不在预先存在的 TCP 连接中发送 UDP 数据包?
澄清,我希望 SOCKS 代理通过 TCP 流接收 UDP 数据包,然后使用实际的 UDP 将它们传输到目标.然后从目标接收 UDP 数据包并将它们发送回 TCP 流.
To clarify, I am expecting the SOCKS proxy to receive UDP packets over a TCP stream and then transmit them to the target using actual UDP. And then receive UDP packets from the target and send them back down the TCP stream.
这是一些背景信息.
我的目标是实现反向网络共享,以便 Android 设备可以使用它所连接的计算机的互联网连接,而无需root 访问设备和计算机(
My goal is to implement reverse tethering, so that an Android device may use the internet connection of the computer it is plugged on, without requiring root access both on the device and the computer (SimpleRT works but requires root access on the computer).
我的第一个想法是在电脑上用 ssh -D 启动一个简单的 SOCKS5 服务器,这样我只需要实现客户端.由于adb reverse...
My first idea was to start a simple SOCKS5 server with ssh -D on the computer, so that I only needed to implement the client. The packets would be transmitted from the device to the computer over adb, thanks to remote port forwarding provided by adb reverse…
不幸的是,OpenSSH SOCKS 服务器 不支持UDP.但这只是实现的一个限制,我可以使用另一个 SOCKS 服务器代替.
Unfortunately, OpenSSH SOCKS server does not support UDP. But it was just a limitation from the implementation, I could have used another SOCKS server instead.
但是,adb reverse也不支持UDP转发.
However, adb reverse does not support UDP forwarding either.
因此我的问题是关于 SOCKS5 协议.
Hence my question about SOCKS5 protocol.
我目前正在编写一个 PoC,通过 TCP 实现我自己的(简单)协议,该协议能够中继 UDP 数据包,但我对无法使用标准协议(并从现有实现中受益)感到失望.
I am currently writing a PoC implementing my own (simple) protocol over TCP, which is able to relay UDP packets, but I am disappointed not to be able to use a standard protocol (and benefit from existing implementations).
推荐答案
我正在回答我自己的问题:这可能是为了避免 TCP 机制(数据包重传,head-of-line 阻塞...).
I am answering to my own question: it's probably to avoid TCP mechanisms (packet retransmission, head-of-line blocking…).
对于本地反向网络共享工具,这不是问题,所以我在不使用 SOCKS 的情况下通过 TCP 实现了 UDP.
For a local reverse tethering tool, it is not a problem though, so I implemented UDP over TCP without using SOCKS.
这篇关于为什么 SOCKS5 需要通过 UDP 中继 UDP?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
