[stunnel-users] socks4 support

Michal Trojnara Michal.Trojnara at mirt.net
Fri Nov 14 20:18:23 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear Users,

Please take a look at the latest stunnel-5.08b4 available for download
on https://www.stunnel.org/downloads.html

It adds support for SOCKS4 and SOCKS4a protocols.  The SOCKS protocol
itself is encapsulated within SSL/TLS encryption layer to protect the
final destination address.
http://www.openssh.com/txt/socks4.protocol
http://www.openssh.com/txt/socks4a.protocol

The BIND command of the SOCKS protocol is not supported.
The USERID parameter is ignored.

To setup SOCKS4 VPN configure the following client service:

    [socks_client]
    client = yes
    accept = 127.0.0.1:1080
    connect = vpn_server:9080
    verify = 4
    CAfile = stunnel.pem

The corresponding configuration on the vpn_server host:

    [socks_server]
    protocol = socks
    accept = 9080
    cert = stunnel.pem
    key = stunnel.key

Now test your configuration on the client machine with:

    curl --socks4a localhost http://www.example.com/

Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlRmVXgACgkQ/NU+nXTHMtHuZwCfXlH0YYTHYhThoXPrCgV4OhrE
BwsAoLgIpVWDOdBbISzrP53m2H9LUR6W
=9DEh
-----END PGP SIGNATURE-----


More information about the stunnel-users mailing list