# psocks Filtering asynchronous SOCKS5 (TCP/UDP) proxy server based on [fast-socks5](https://github.com/dizda/fast-socks5/blob/master/examples/server.rs), featuring allowlist-based access control that drops everything except what is allowed by the user. Includes JSON/API based on [Rocket](https://rocket.rs) framework. ## Goals * Ad/tracking protection (before sending a DNS request) * Reduce CPU usage by filtering extra SSL traffic on background ## Roadmap * [x] SOCKS5 (TCP/UDP) server * [x] Web JSON/API * [ ] Web UI ## Usage ``` bash RUST_LOG=trace cargo run -- --allow=http://localhost/allow.txt \ --allow=/path/to/allow.txt \ no-auth ``` * set `socks5://127.0.0.1:1080` proxy in your application * use http://127.0.0.1:8010 for API: * `/api/allow/{domain.com}` - add rule to the current session * `/api/block/{domain.com}` - delete rule from the current session * `/api/rules` - return active rules (from server memory) ### Allow list example ``` /path/to/allow.txt # /path/to/allow.txt // exact match duckduckgo.com // google.com with subdomains .google.com // IP 1.2.3.4 ``` * see also: [my personal asset](https://codeberg.org/postscriptum/psocks-list) ### systemd ``` bash git clone https://codeberg.org/postscriptum/psocks.git cd psocks cargo build --release --locked sudo install target/release/psocks /usr/local/bin sudo useradd -s /usr/sbin/nologin -Mr psocks sudo mkdir /var/log/psocks && sudo chown psocks:psocks /var/log/psocks ``` ``` /etc/systemd/system/psocks.service #/etc/systemd/system/psocks.service [Unit] After=network-online.target Wants=network-online.target [Service] User=psocks Group=psocks ExecStart=/usr/local/bin/psocks \ -a=http://localhost/allow.txt \ no-auth Restart=always Environment="RUST_LOG=psocks=warn" Environment="NO_COLOR=1" StandardOutput=file:///var/log/psocks/debug.log StandardError=file:///var/log/psocks/error.log [Install] WantedBy=multi-user.target ``` * `sudo systemctl restart psocks` * `sudo systemctl enable psocks` * `sudo systemctl status psocks`