FireWall-1 FAQ: SOCKS
Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.
I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.
If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)
SOCKS is a generic application proxy that provides limited access control. So long as the client software is SOCKS-aware, applications can use it. SOCKS v4 only supported TCP, SOCKS v5 supports UDP and ICMP. As far as FireWall-1 is concerned, communications to a SOCKS proxy server always happen on TCP port 1080 (this is configurable) and does not do any filtering of SOCKS traffic beyond what it sees in the TCP headers (i.e. a connection from a client machine to a SOCKS server on port 1080). Communications from a SOCKS proxy server look like normal traffic coming from a client machine, which FireWall-1 can filter. FireWall-1 itself does not contain a SOCKS proxy, nor are there any plans to implement a SOCKS proxy in the future.
You can find more information from SOCKS.