Documentation
¶
Index ¶
- Variables
- func Serve(addr string, port int, user, pass string) error
- func ServeMulti(addr string, port int, creds map[string]string) error
- func ServeStunTLS(addr string, port int, sshAddr, certFile, keyFile string) error
- func SetupSOCKS() error
- func SetupSOCKSExternal(user, password string) error
- func SetupSOCKSExternalWithUsers(users []config.UserConfig) error
- func SetupSOCKSWithAuth(user, password string) error
- func SetupSOCKSWithUsers(users []config.UserConfig) error
- type Server
- type StunTLSServer
Constants ¶
This section is empty.
Variables ¶
var RunAsUser string
RunAsUser overrides the system user for the SOCKS5 service. When non-empty the service runs as this user instead of config.SystemUser. Set this before calling any Setup* function when WARP routing is active.
Functions ¶
func ServeMulti ¶ added in v1.6.0
ServeMulti starts the built-in SOCKS5 proxy with multiple credentials.
func ServeStunTLS ¶ added in v1.6.0
ServeStunTLS starts the built-in TLS+WebSocket SSH proxy.
func SetupSOCKS ¶
func SetupSOCKS() error
SetupSOCKS creates the SOCKS5 proxy service (localhost only, no auth).
func SetupSOCKSExternal ¶
SetupSOCKSExternal creates the SOCKS5 proxy on all interfaces (for direct SOCKS5).
func SetupSOCKSExternalWithUsers ¶ added in v1.6.0
func SetupSOCKSExternalWithUsers(users []config.UserConfig) error
SetupSOCKSExternalWithUsers creates the SOCKS5 proxy on all interfaces with multiple users.
func SetupSOCKSWithAuth ¶
SetupSOCKSWithAuth creates the SOCKS5 proxy with a single user (localhost only).
func SetupSOCKSWithUsers ¶ added in v1.6.0
func SetupSOCKSWithUsers(users []config.UserConfig) error
SetupSOCKSWithUsers creates the SOCKS5 proxy with multiple users (localhost only).
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server is a SOCKS5 proxy server supporting CONNECT with optional auth. Credentials can be swapped at runtime via SetCredentials — used to propagate user add/remove events without restarting the listener and dropping live client connections.
func NewServer ¶
NewServer creates a SOCKS5 server with a single credential pair. For multiple users, use NewServerMulti.
func NewServerMulti ¶ added in v1.6.0
NewServerMulti creates a SOCKS5 server with multiple credential pairs.
func (*Server) ListenAndServe ¶
ListenAndServe starts the SOCKS5 server (blocking).
func (*Server) SetCredentials ¶ added in v1.6.3
SetCredentials replaces the server's credential set atomically. Existing connections are unaffected; new connections authenticate against the new set. Pass an empty map to disable auth.
type StunTLSServer ¶ added in v1.6.0
type StunTLSServer struct {
// contains filtered or unexported fields
}
StunTLSServer accepts TLS connections and forwards traffic to SSH. It auto-detects the client protocol by peeking at the first bytes:
- "GET " → WebSocket: HTTP upgrade, then relay WS binary frames ↔ TCP
- "CONNECT" → HTTP CONNECT proxy: tunnel through to SSH backend
- "SSH-" → Raw SSH over TLS (stunnel-compatible)
- other → Payload mode: skip non-SSH prefix bytes, then relay to SSH
func NewStunTLSServer ¶ added in v1.6.0
func NewStunTLSServer(listenAddr, sshAddr, certFile, keyFile string) *StunTLSServer
NewStunTLSServer creates a TLS+WebSocket SSH proxy.
func (*StunTLSServer) ListenAndServe ¶ added in v1.6.0
func (s *StunTLSServer) ListenAndServe() error
ListenAndServe starts the TLS listener (blocking).
Source Files