Yutaka Sato wrote:
> In message <_A4140@delegate-en.ML_> on 09/17/08(20:04:55)
> you "Andre E." <firstname.lastname@example.org> wrote:
> |I've talked with my colleagues and we discussed various possibilities,
> |but we did not
> |come up with a solution yet. So here is a more detailed explanation
> |about what we
> |would like to achieve.
> |We have the following requirement: A webserver on host WS and port Y
> |needs to be accessible via a tunnel that goes through several proxies
> |and ends at a specific proxy P1 on a port X. All the connections which
> |connect to P1:X should than be forwarded transparently to WS:Y.
> |Furthermore, this should be done "on-the-fly" in the sence that services
> |chance their tunnels and proxies through which they are available in
> |regular time intervals. This is needed for offering so-called hidden
> |services in context of anonymous communication.
> |We currently have a local service which builds a tunnel via two proxies
> |(e.g with CONNECT) to the third proxy. Now we need a possibility to
> |open a port X which than acts as a transparent relay.
> |WS:Y === P3 === P2 === P1:X
> |What are the right ways to do it? Does Delegate have mechanisms to
> |facilitate this? I thought about VSAP protocoll, but unfortunately
> |haven't found much information about it on english. It is basically
> |required that all the connections which are made on port X to P1, are
> |send via the tunnel to WS:Y.
> First of all and needless to say, you must not use illegally any
> proxies and must follow the acceptable usage policy of each proxy.
> Could you tell me the situation where such relay is necessary?
> Secondly, the way to make multiple hops of proxies for your requirement
> depends on what kind of the proxies they are and what kind of access
> control they do.
> I think any of VSAP, HTTP ACCPET, or extended SOCKS BIND/CONNECT, will
> work for your purpose if P2 and P3 support SOCKS CONNECT or HTTP proxy
> allowing unrestricted SSLtunnel (CONNECT method).
> 9 9 Yutaka Sato <email@example.com> http://delegate.org/y.sato/
> ( ~ ) National Institute of Advanced Industrial Science and Technology
> _< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
> Do the more with the less -- B. Fuller
Sorry if this seems a bit pushy but I have another question ;)
In context of the thread, I would be nice if it were possible to
establish a connection to the server, maybe via VSAP oder HTTP and bind
port. On this connection we would like to start a SCP-Session (Stream
Control Protocol) for every connection which arrives a the opened port.
By this we would only need one TCP connection to the hidden service
(e.g. HTTP server), instead of having a new connection for every client
Might this be implemented in the future? If this is not the case, we
will probably try to incorporate this functionality.
Again, sorry for being pushy, this is due to considering my time schedule.