How to configure TCP only?

[ShrirajHegde]

I have to use this proxy in a network where all UDP traffic is blocked. I have set up the docker container and the proxy works on the non-restricted network but doesn't work on the restricted network.

How do I check what is going wrong? How to use it in TCP only?

[serjs]

By default socks5 proxy use TCP protocol. I have not specialized UDP realization. How do you start socks5 server, as Docker image?

Please provide log with some requests. Also keep in mind, if you have UDP restricted network, it's also can be a DNS problem, because DNS uses UDP by default for resolving IP of domains. In this case, try to reach (1.1.1.1 as example).

[ShrirajHegde]

Thank you very much for the response.

I am running the container with the following command.

docker run -d --name socks5 -p 21:1080 \
    -e PROXY_USER=$USER \
    -e PROXY_PASSWORD=$PASSWORD \
    serjs/go-socks5-proxy

I am using port 21 because it's one of the few unblocked outgoing ports on my network.

Here's the connection on unrestricted network : https://pastebin.com/cGzVJNst

Restricted network: https://pastebin.com/YrnZsLEQ

DNS doesn't seem to be a problem (here I used socks5h but even local DNS resolution succeeds.)

I am not sure how to get the logs, please let me know how I can view the logs on server-side. But I think the connection is being blocked before leaving the network.

[serjs]

I thing there are no socks5 server responsibility for not answering your requests, in this case. Because Failed to receive SOCKS5 connect request ack. is telling us that there are not reponse for some timeout based request.

What about simple telnet <server_ip>:21 to check that docker handle your tcp requests on 21 port? First of all you need to make sure, that exposed ports on host machine available from your client. You can try nginx imgage as e.g. or simplehttpserver image for playing with exposed ports.

BTW, you can specify TCP only listeing port by using -p 21:1080/tcp for sure (based on doc)

[ShrirajHegde]

Hello,

I have tried with -p 21:1080/tcp, and I am able to connect to the server with telnet <server_ip> <port>.

I think the network firewall blocks proxy connections.

Thank you for the help.

Off-topic, but could you suggest some way to bypass the firewall? OpenVPN works, but it's a bit cumbersome due to keep alive connection and takes time to establish connection. WireGuard is UDP only and the workarounds don't work on android.

[serjs]

I don't know exactly all restriction cases in you network. But check out some tools like ptunnel (for ICMP bypass your firewall, if ICMP not limited) or shadowsocks solutions.