Support connecting to IRC via a SOCKS proxy [$15] #143
Comments
HTTP CONNECT can work too.... |
I'd really <3 this feature too. |
This would be incredibly useful. I'd love to be able to use znc over tor or any other arbitrary socks proxy. |
FYI this can be easily accomplished using Freenode via TOR: Assume you just want to use proxy.mycompany.com:8080 as your SOCKS proxy, then the command would be: Obviously you can replace the .onion address with another IRC server, or change the port. |
2018-09-28, this is probably the issue where I have changed my mind the most. Tor hidden services provide additional encryption in addition to TLS and they cannot be MITMed (or at least not "as easily"). Their development also seems to only going forwards with Tor Hidden Services version 3. Thus I might like to connect to freenode (and some other network) hidden service, while connecting to a IRCd on my localhost or LAN without Tor and like irl says below, I wouldn't need or want to use Tor with network using CJDNS or DN42. I guess the main point to my original comment is that there are other reasons to use Tor than hiding IP. I would recommend reading Tor's mode sof anonymity in their TorifyHOWTO And to end this round of editing, the original issue only requests SOCKS proxy support (I hope it to mean SOCKS5) and that there likely are other use cases for SOCKS proxy other than Tor (usually 127.0.0.1:9050) even with keeping in mind that the connection between ZNC and the proxy is not encrypted. 2018-09-28 -EDIT2: HexChat also has option to "bypass proxy for this server", WeeChat has proxy as server-specific option that may also be set globally, I don't know if those compare to ZNC, but ZNC would not be the only software featuring per-server proxies. I also forgot above that anonymity networks other than Tor also exist such as I2P which might also need a separate proxy (I haven't investigated it, sorry). |
Added $10. Please add |
I'd also like to ask for proxy support in ZNC |
+1 The socat example isn't exactly reliable. In response to @Mikaela, Tor is not the only use case for this. I'd like to use Tor to connect to Freenode and OFTC, but I'd still like to go directly to hackint (via dn42) and another network accessible via cjdns, so this would need to be a per server thing. Looking at how to implement this (hints to prospective developers, I'm not a C++ dev):
|
As it has been so long time since anything was said here, I would like to add this comment to notify that I have changed my mind on #143 (comment) again and added another set of strikethroughs and written the actual comment there. Unrelatedly the Bountysource integration in the original post is broken. |
I've been playing around with but I think its slow because I'm feeding it quite a large list of proxies:
and my znc.conf connects to around ~400 networks:
So maybe this solution would work just fine for somebody who is not me. Here's a list of proxies if anybody else wants to try it. Here's a list of proxies to get you started: (note these are HTTP CONNECT): https://termbin.com/8jc9 there's also some other options for the config that are worth checking out.
depending on what you want to use, you can use all of them like this:
if you want to get rid of the However, you'll probably immediately notice that its working very slowly |
also I agree socat is quite cumbersome if you use it: for this purpose, it ended up becoming two commands when I tried because I couldn't get chaining to work right with SSL: Also that
This configuration ensures a control socket which you can use to add and remove the actual proxies to it at run-time, you can do it with bash: However I have recently started re-writing this to fit into a python script and I haven't finished because I haven't wanted to do the work to actually do it right (with weight outs, draining, etc) but I have a start so if anybody else feels like this work needs to be done feel free to take over:
either way I'd be interested to see if anybody can substantiate a better means to ensure usefulness using FREE+PUBLIC+PROXY+SERVERS and actually make it easy to use, I started implementing this as a docker container along with my scanner: https://github.com/paigeadelethompson/netcrave-docker/blob/master/docker-compose.yml#L491 and I had pretty good success with this when I was testing it, it just need s to be finished: |
Also with regards to the haproxy solution id reccomend using something like this Iptables transproxy rules iptables -A OUTPUT -o lo -j ACCEPT |
Just want to say that this feature is still quite relevant :) |
Currently the wiki tells Tor users to use If ZNC supported SOCKS proxies, Tor users could simply enter Currently this doesn't work, MetaNova and another person tested it with the current proxychains instructions and failed due to "
|
There is a $5.00 bounty open on this issue at Bountysource
## --- There is a **[$15 open bounty](https://www.bountysource.com/issues/682-support-connecting-to-irc-via-a-socks-proxy?utm_campaign=plugin&utm_content=tracker%2F1759&utm_medium=issues&utm_source=github)** on this issue. Add to the bounty at [Bountysource](https://www.bountysource.com/?utm_campaign=plugin&utm_content=tracker%2F1759&utm_medium=issues&utm_source=github).The text was updated successfully, but these errors were encountered: