Article delegate-en/4143 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: performance measurements and socks question
17 Sep 2008 15:24:50 GMT (Yutaka Sato)
The DeleGate Project


In message <_A4140@delegate-en.ML_> on 09/17/08(20:04:55)
you "Andre E." <> wrote:
 |I've talked with my colleagues and we discussed various possibilities, 
 |but we did not
 |come up with a solution yet. So here is a more detailed explanation 
 |about what we
 |would like to achieve.
 |We have the following requirement: A webserver on host WS and port Y
 |needs to be accessible via a tunnel that goes through several proxies
 |and ends at a specific proxy P1 on a port X. All the connections which
 |connect to P1:X should than be forwarded transparently to WS:Y.
 |Furthermore, this should be done "on-the-fly" in the sence that services
 |chance their tunnels and proxies through which they are available in
 |regular time intervals. This is needed for offering so-called hidden
 |services in context of anonymous communication.
 |We currently have a local service which builds a tunnel via two proxies
 |(e.g with CONNECT) to the third proxy. Now we need a possibility to
 |open a port X which than acts as a transparent relay.
 |WS:Y === P3 === P2 === P1:X
 |What are the right ways to do it? Does Delegate have mechanisms to
 |facilitate this? I thought about VSAP protocoll, but unfortunately
 |haven't found much information about it on english. It is basically
 |required that all the connections which are made on port X to P1, are
 |send via the tunnel to WS:Y.

First of all and needless to say, you must not use illegally any
proxies and must follow the acceptable usage policy of each proxy.
Could you tell me the situation where such relay is necessary?
Secondly, the way to make multiple hops of proxies for your requirement
depends on what kind of the proxies they are and what kind of access
control they do.
I think any of VSAP, HTTP ACCPET, or extended SOCKS BIND/CONNECT, will
work for your purpose if P2 and P3 support SOCKS CONNECT or HTTP proxy
allowing unrestricted SSLtunnel (CONNECT method).

  9 9   Yutaka Sato <>
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]