Using SOCKS Proxy Firewalls on Linux

Written by: Alex Feinberg (
Created on: December 24, 1998
Last updated: December 29, 1998
Development stage: Alpha

Many companies are now turning to Linux as a solution for cheap and reliable workstations. Many times they set those machines up right at employee's houses, so they can "tele-commute" to work. If you are in that situation, chances are your network is behind a firewall. Usually companies use socks-type proxy firewalls. Those firewalls allow for safety, monitoring yet reasonable privacy as well. However, you can't use many of those neat network applications such as IRC clients, e-mailers, news readers, FTP clients, telnet to outside the corporate network. This is a guide for those wanting to use the firewall to access outside machines with programs that don't readily support socks. This is also a guide for system administrators for configuring new machines, as all of this would apply to most any other Unix as well, with few differences.

First part is find out whether we have socks5 or socks4. Good idea is to ask the system administrator, or just do trial tests. Socks5 is the best protocol, let's try it first if we don't know whether we have socks5 or socks4. Also, if your firewall is wingate, it's socks5. If it's a unix machine, it's probably socks5, but it might be socks4 as well. Now we need to determine the hostname of the firewall machine. Just check the settings in Netscape or other web browser on your work machine.

Now we know the name of the server. We should now get the package itself so it all works. Like I said earlier, first let's try socks5, because it's better and most likely to be there. Download socks5 libraries with Netscape (which readily supports socks without any work) from Download the tar.gz package extract it (with tar zxvf file.tar.gz), cd to the directory formed. There run ./configure; make; make install. All done! If these steps went fine, we've compiled the libraries! Now we need to configure the libraries to work with your network. All we do is edit /etc/libsocks5.conf. Here's what mine looks like:

 noproxy - 1.2.3. - -
 socks5 - - - -

Now let's try to understand what all this means. 1.2.3. is the mask of the network I am on. This way if I'm using a socksified client to connect to a host inside the network, it won't be going through the firewall. is the firewall itself. Now let's try out the configuration. Use some of the premade clients built with socks5, such as rtelnet. Type rtelnet Wait for a reasonable time (up to ten minutes). Socks connects might be slow. Once it's connected you've done it! Now we can use runsocks to connect "socksify" anything else we want to, simply type runsocks program args. Simple huh?

In case we're still socks4, procedure is rather similar. Download socks4 from and build it the same way. Configuring it, however, is different. Here's an example configuration file (/etc/socks.conf):

 direct firewall
 sockd  @= 

Not rocket science, huh? Firewall is the hostname of the firewall server, is it's ip. Test it out and use it similarly.

For more interesting configuration examples, use examples, problems other things check out

Copyright © 1998 Alex Feinberg ( All rights reserved. Permission to use, distribute and copy this document is hereby granted. You may modify this document as long as credit to me is given.