The RFC for socks5 protocol: http://www.ietf.org/rfc/rfc1928.txt
Here’s the procedure of CONNECT command for TCP based connection:
Client | Server ---------------------------------------------------- 1. Client init connection 2. Client send initial auth method selection message 3. Server reply the selected auth method 4. [ Authenticate based on selected auth method ] optional, not required when auth method is 0x00: No Auth 5. Client send request for destination address 6. Server connect to the destination address 7. Server reply with the bound address and port of the connected target address 8. Begin transfer data between client and destination 9. Close connection after transfer finished
Notes:
- The procedure applies to a connection, e.g. each http request opens a new connection, so each request will go through the procedure described above
- The destination address maybe an IP v4/v6 address or a domain name, when it’s a domain name, it still could be an ip address in dotted format. Here’s a real example:
www.youku.com is using the CDN service provided by http://www.chinacache.com, so different visitor will visit different server based on the location. I found that the browser (at least chrome) will put ip address like 65.255.34.6 in the domain name field, and mark the address as a domain name - When server send response to client, it should send the port number that the server assigned to connect the target address. So we can only send the response after connected to the upstream