Feature request - redirection based on destination ip/network

[jirib]

Hi,

thanks for your redsocks first!

But can there be a feature to define "parent" tcp-port of proxy-server based on destination ip, network as there are probably multiple redsocks block allowed?

Current:

redsocks {
local_ip = 0.0.0.0;
local_port = 12345;
ip = 127.0.0.1;
port = 1081;
type = socks5;
}

We would like:

redsocks {
local_ip = 0.0.0.0;
local_port = 12345;
dest_ip = 192.168.1.10
ip = 127.0.0.1;
port = 1081;
type = socks5;
}

redsocks {
local_ip = 0.0.0.0;
local_port = 12345;
dest_net = 10.3.37.0/24
ip = 127.0.0.1;
port = 1082;
type = socks5;
}

It would be great! Thanks.

[przemoc]

It's already possible, but you have to use iptables for proper filtering. You can find an example in the script from my Making SOCKS proxy transparent tip.

[darkk]

Yes, przemoc have already answered the question — you can solve the task with two redsocks blocks and select one of them using iptables rules. You should have two different local_port settings in the blocks in this case.

[jirib]

OK I agree it can be done by this way but copying way how for example dante is doing it (based on destination) would be nice :) thanks anyway.

[darkk]

iptables is much more powerful than simple destination-based filter.
I see no good reason to implement this logic in redsocks, anyway, running additional redsocks { local_post = xxx } block should not induce performance penalty unless you have too much destinations. :-)

[darkk]

So current solution is to use several redsocks { local_port = ***; } sections and redirect different traffic to different ports at firewall level.