Version 9 of Socks proxy

Updated 2006-11-21 22:11:26

Describe SOCKS 4/5 proxy [L1 ]. When used in conjunction with Tor [L2 ] this can be used to anonymize all network traffic from Tcl.


MJ - When connecting to a SOCKS4 proxy one request-response pair has to be handled before using the socket as a normal socket. The following proc should come close in handling this request response pair. I was unable to test this with a real SOCKS4 proxy, but ethereal at least recognizes the request as a valid SOCKS4 request.

 # connect to host port through the SOCKS4 proxy. authenticate with username (default empty)
 # returns a socket that can be used to send and receive traffic from the remote host
 proc socks4connect {proxy_host proxy_port ip port {username {}}} {
        set connect_request \x04\x01
        append connect_request [binary format S $port]        
        append connect_request [binary format c4 [split $ip .]]
        append connect_request $username
        append connect_request \x00

        set s [socket $proxy_host $proxy_port]
        fconfigure $s -translation binary -buffering none
        puts -nonewline $s $connect_request

        set response [read $s 8]
        if {[string index $response 1] ne "\x5a"} {
                error "connection request rejected by proxy"
        } else {
                return $s
        }
 }

 set s [socks4connect phost pport ip port]
 # s can now be used as a normal socket

One of the major drawbacks of using SOCKS4 when trying to anonymize you browsing behaviour is that you need to provide an IP address. This means the hostname has to be resolved to an IP somehow (usually by DNS) this does mean that the administrator of the DNS server can get an idea of you online behaviour by the lookups that are done. This issue is resolved by SOCKS4a [L3 ] SOCKS4a allows hostnames in the connect request leading to:


[Category Networking]