# psocks

Experimental async SOCKS5 (TCP/UDP) proxy server based on [fast-socks5](https://github.com/dizda/fast-socks5/blob/master/examples/server.rs), featuring allowlist access control (drop everything but allowed by user) with JSON/API based on [Rocket](https://rocket.rs) framework.

## Goals

* Ad/tracking protection (before sending a DNS request)
* Reduce CPU usage by filtering extra SSL traffic on background

## Roadmap

* [x] Web JSON/API
  * [x] Block stats
  * [x] In-memory list update (without server restart)
    * [x] Persist changes option (see `-c`, `--cache`)
* [ ] Web UI
* [ ] Performance optimization

## Usage

``` bash
RUST_LOG=trace cargo run -- --allow=http://localhost/allow.txt \
                            --allow=/path/to/allow.txt \
                            --cache=/path/to/cache.txt \
                            no-auth
```
* set `socks5://127.0.0.1:1080` proxy in your application
* open http://127.0.0.1:8010 in browser for stats:
  * `/api/allow/{domain.com}` - add rule to the current session (and `--cache` if defined)
  * `/api/block/{domain.com}` - delete rule from the current session (and `--cache` if defined)
  * `/api/list` - Return active rules (from server memory)
  * `/api/cache/clean` - clean `--cache` file (returns deleted rules or `null` if not enabled)

### Allow list example

``` /path/to/allow.txt
# /path/to/allow.txt

// exact match
duckduckgo.com

// google.com with subdomains
.google.com

// IP resolved
1.2.3.4
```
* see also: [my personal asset](https://codeberg.org/postscriptum/psocks-list)

### systemd

``` bash
git clone https://codeberg.org/postscriptum/psocks.git
cd psocks
cargo build --release --locked
sudo install target/release/psocks /usr/local/bin
sudo useradd -s /usr/sbin/nologin -Mr psocks
sudo mkdir /var/lib/psocks && sudo chown psocks:psocks /var/lib/psocks
sudo mkdir /var/log/psocks && sudo chown psocks:psocks /var/log/psocks
```

``` /etc/systemd/system/psocks.service
#/etc/systemd/system/psocks.service

[Unit]
After=network-online.target
Wants=network-online.target

[Service]
User=psocks
Group=psocks

WorkingDirectory=/var/lib/psocks
ExecStart=/usr/local/bin/psocks \
              -a=https://codeberg.org/postscriptum/psocks-list/raw/branch/main/allow/internet.txt \
              -c=/var/lib/psocks/cache.txt \
              no-auth

Restart=always

Environment="RUST_LOG=psocks=warn"
Environment="NO_COLOR=1"

StandardOutput=file:///var/log/psocks/debug.log
StandardError=file:///var/log/psocks/error.log

[Install]
WantedBy=multi-user.target
```
* `sudo systemctl restart psocks`
* `sudo systemctl enable psocks`
* `sudo systemctl status psocks`