Article delegate-en/2880 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A2879@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: socks eval problems
31 Mar 2005 18:23:22 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


In message <OFE7D22935.774B0EBA-ON80256FD5.003C0000-0000XFD5.003D21AA@db.com> on 03/31/05(20:07:44)
you "Stephen Davies" <ph4fqbdyi-7pkjwofuerfr.ml@ml.delegate.org> wrote:
 |Hi, I am evaluating the delegate proxy as a socks server to proxy 
 |connections to internal/external hosts. We have finished the http eval, 
 |and it works fine.
 |
 | The box the proxy is running on is single homed. I cannot get it to proxy 
 |connections using anonymous v5 connections from a permeo socks client.

I'd like to know what happens if you test the DeleGate with
another Socks client, with a web browser for example.

 |I am running it with the following params:
 |
 |/usr/local/delegate/bin/delegated -P10.128.54.232:1080 -vvdT SERVER=socks 
 |OWNER=nobody ADMIN=test@test.. RESOLV=file,dns DGROOT="" SHARE=""
 |
 | Am I missing something here? The output shows that the connection is 
 |accepted by the delegate process and that the remote end is reachable, 
 |then the connection is disconnected. During this time the delegate process 
 |does not try to initiate a connection to the origin server.
 |
 |TIA for any assistance. Steve.
 |
 |This is the debug output:
...
 |03/31 11:50:10.11 [8459] 1+1: [0] REACHABLE=://:0-_-{}:{}
 |03/31 11:50:10.11 [8459] 1+1: PERMITTED: socks://-

If your client send a SocksV5 packet, the DeleGate will show it
like this:

 >04/01 02:59:56.79 [3558] 1+1: [0] REACHABLE=://:0-_-{}:{}
 >04/01 02:59:56.79 [3558] 1+1: PERMITTED: socks://-
 >04/01 02:59:56.79 [3558] 1+1: [SocksV5-serv] VER[5] NMETHODS[1] [0][0]

The reason of the problem might be because the DeleGate could not
peek the packet.  If you test it with the enclosed patch, we will
be able to get some hint.

Cheers,
Yutaka
--
  D G   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

*** dist/delegate8.11.1/src/socks.c	Tue Mar  1 18:19:09 2005
--- src/socks.c	Fri Apr  1 03:15:34 2005
***************
*** 522,530 ****
--- 522,537 ----
   */
  int service_socks(DGC*Conn)
  {	CStr(ibuf,16);
+ 	int rcc;
  
+ 	/*
  	if( recvPeekTIMEOUT(FromC,AVStr(ibuf),1) != 1 )
+ 	*/
+ 	if( (rcc = recvPeekTIMEOUT(FromC,AVStr(ibuf),1)) != 1 )
+ 	{
+ 		daemonlog("F","Socks can't peek packet %d %d\n",rcc,errno);
  		return -1;
+ 	}
  
  	if( !source_permittedX(Conn) ){
  		CStr(shost,256);

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V