Access to socks5 proxy installed in LAN from WAN.
Posted: Tue Apr 17, 2018 3:49 pm
It's very hard to find solution, because when I ask Google "mikrotik + socks +..." i receive a lot of information about internal RouterOS socks proxy.
I have SOCKS5 docker image, which is running normally at 192.168.1.104:32080, when i try smth like
And that's ok, apllications also working ok with this proxy (it is routed through VPN in Mikrotik, but i suppose that doesnt matter)
I have experience in port forwarding from wan to lan service, and know how to masquerade traffic, so that I can work with that service via external address from inside. I have such rules
but I couldn't connect to proxy not from real WAN, not from LAN by external IP. I am confused a bit, please give me a hint, what can be wrong?
After that request tcp counter in netmap rule increases, and that's all.
P.S. Mikrotik hAp ac, 6.41.4
I have SOCKS5 docker image, which is running normally at 192.168.1.104:32080, when i try smth like
Code: Select all
curl --socks5-hostname 192.168.1.104:32080 google.com
curl: (7) No authentication method was acceptable. (It is quite likely that the SOCKS5 server wanted a username/password, since none was supplied to the server on this connection.)
I have experience in port forwarding from wan to lan service, and know how to masquerade traffic, so that I can work with that service via external address from inside. I have such rules
Code: Select all
/ip firewall nat export
...
add action=netmap chain=dstnat dst-address=[my real static external ip] dst-port=32080 \
protocol=tcp to-addresses=192.168.1.104
add action=netmap chain=dstnat dst-address=[my real static external ip] dst-port=32080 \
protocol=udp to-addresses=192.168.1.104
add action=dst-nat chain=dstnat dst-address=[my real static external ip] dst-port=32080 \
protocol=tcp src-address=192.168.1.0/24 to-addresses=192.168.1.104
add action=dst-nat chain=dstnat dst-address=[my real static external ip] dst-port=32080 \
protocol=udp src-address=192.168.1.0/24 to-addresses=192.168.1.104
add action=masquerade chain=srcnat dst-address=192.168.1.104 dst-port=32080 \
protocol=tcp src-address=192.168.1.0/24 src-port=""
add action=masquerade chain=srcnat dst-address=192.168.1.104 dst-port=32080 \
protocol=udp src-address=192.168.1.0/24
Code: Select all
➜ ~ curl --socks5 [my real static external ip]:32080 google.com
curl: (7) Failed to connect to [my real static external ip] port 32080: Operation timed out
P.S. Mikrotik hAp ac, 6.41.4