What about SOCKS proxy?

alexs77 · November 12, 2014, 1:10pm

Hello

Is it possible to make Pulse use a local SOCKS5 proxy? I’ve read “what about http-proxy?”, but that was about http and there the message was, that Puise isn’t using http.

But what about SOCKS?

Regards, Alexander

calmh · November 12, 2014, 1:27pm

Not currently supported. Seems like something that could reasonably be supported though. Not sure if it’s possible to listen on a SOCKS proxy (I’m guessing no) but it could be used for outgoing connections.

Sergey · November 23, 2015, 10:32am

Hi! I noticed the following requst has been merged into the ST repository:

Could you please comment on how does it work? Does the syncthing marshal all outgoing connections via SOCKS? What about ingoing connections? What IP/PORT is reported to the global discovery server via this connections? Is it possible to setup handling ingoing connections from via SSH tunnel connected to the relay host?

Regards, Sergey

calmh · November 23, 2015, 11:13am

We should write a doc article on this. I’ll do the embryo here…

To make it work, you set the environment variable all_proxy=socks5://proxyip:port where proxyip:port is the actual IP and port number to the proxy.

All outgoing connections are then made via the proxy. There is no way to get incoming connections through the proxy, but Syncthing can connect out to a relay and get incoming connections that way. The global discovery server will see the proxy address, which is essentially worthless.

If you proxy over SSH, and configure Syncthing to listen on port 22000, and port forward port 22000 on the SSH server to the actual Syncthing IP, it should work I guess.

sebmaynard · January 20, 2016, 2:10pm

Got this working as described with no issues; I’m running behind a corporate firewall that only allows 22, 80 and 443.

term1# ssh -D 1081 seb@somehost

term2# all_proxy=socks5://localhost:1081 ./syncthing

Managed to add devices, add some shares then sync both ways with remote servers.

Thanks very much!

rumpelsepp · January 20, 2016, 9:30pm

I guess nowadays this should even work without the proxy, since we support global discovery and relaying through port 443, aka https.

sebmaynard · January 20, 2016, 9:43pm

I will try this in the morning!

canton7 · January 21, 2016, 9:30am

Although relaying will be slower than establishing a direct connection.

calmh · February 20, 2016, 9:30am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.