[Privoxy-users] Privoxy can't forward socks requests

Fabian Keil fk at fabiankeil.de
Wed Mar 29 09:24:41 UTC 2017 

"Alex" <gpost.alex at gmail.com> wrote:

> I have a little problem with privoxy. When I'm trying to connect to any
> host via socks of the privoxy I have a connection timeout problem. I'm
> trying to use privoxy as proxy for tor network. But if I'm trying to use
> tor network directly there is no any problem. I don't such problems at
> the HTTP proxy mode. Only socks traffic can't be forwarded.
> 
> I did try to install privoxy on Windows (version 3.0.24 and 3.0.26),
> CentOS (3.0.10 - from sources, 3.0.24 - RPM, 3.0.26 - RPM),
> Ubuntu-Server (3.0.26 - deb). And at every system I had the same
> problem: privoxy can't forward requests via socks. Does anyone have any
> ideas what can cause this type of problem?
> 
> Here is some debugging info:
> 
> $ ss -tan
> State       Recv-Q Send-Q  Local Address:Port     Peer Address:Port
> LISTEN      0      128      192.168.0.16:43700               *:*
> LISTEN      0      128         127.0.0.1:9050                *:*
> 
> $ curl -A test -x Socks5://192.168.0.16:43700 http://api.ipify.org
> curl: (28) SOCKS5 read timeout

The command above lets curl attempt to use Privoxy as Socks5 proxy.

While my impression is that this is what you want, Privoxy is an
HTTP proxy and does not accept Socks5 requests.

You don't get a proper error message because Privoxy is still
waiting for the request line before the request times out.

Technically Privoxy already received enough bytes to reject
the request as invalid so maybe we should let it explicitly
check for sock data and reject it with a similar response
like it already does for ftp requests.

> listen-address 192.168.0.16:43700
> forward / .

Note that the directive above is completely overruled by the next
one which uses the same pattern. While this is valid, you may want
to remove it or comment it out to make it more obvious that it has
no effect.

> forward-socks5t / 127.0.0.1:9050 .
> 
> There is no firewall or selinux. So I'm out of ideas why it don't work.

If you use:
$ curl -A test -x http://192.168.0.16:43700 http://api.ipify.org

Privoxy should accept the HTTP request from curl and use socks5
to forward it to Tor. This is how it's supposed to work.

From your description it's not obvious to me why you want to
use Privoxy as Socks5 proxy in the first place. Do you have
a program that makes http requests and supports socks5 proxies
but not http proxies?

Thanks for providing sufficient information with the report.

Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.privoxy.org/pipermail/privoxy-users/attachments/20170329/399dede9/attachment.bin>

More information about the Privoxy-users mailing list