understanding example (proxying over ssh)

Tue Feb 19 11:50:29 PST 2013

Hi, Juli,

We will remove the ssh forwarding part then.  Here's a digram with our conf
files that I drew to show what I meant in the previous email. So all
traffic that goest to "127.0.0.1:3300" on the client machine
(192.168.0.100) will be forward to the server (192.168.0.101:3301) , and
then the server will forward the traffic to the intranet (192.168.0.102:80).
Is this correct?

Thank you.

On Tue, Feb 19, 2013 at 12:47 AM, Juli Mallett <juli at clockworksquid.com>wrote:

> Your understanding sounds correct to me at a glance.  A diagram may be
> more helpful than text, though.
>
> Your client and server should be separate machines, whether on the
> same LAN or with a WAN in between them.  SSH is just being used here
> to encrypt and authenticate the traffic between the client and server,
> and to forward ports on localhost so that you don't have to have ports
> listening where something else could connect to them.
>
> If that's confusing or unnecessary for your testing, I would suggest
> that you remove the SSH port forwarding from the picture entirely.
> It's not necessary for correct operation, and seems to be more of a
> stumbling block than I had assumed when I used it in the example on
> the website.
>
> Thanks,
> Juli.
>
> On Tue, Feb 19, 2013 at 12:19 AM, Boxiang Pan <aquarypbx at gmail.com> wrote:
> > Hi,
> >
> > I am still having some doubts understanding the first example (proxying
> over
> > ssh) at wanproxy.org/examples.shtml.
> >
> > Please correct me if I am wrong. From my understanding, we have a client
> > machine, on which we have client.conf and run wanproxy -c client.conf. In
> > the client.conf, it listens on if0.host on port if0.port, then forward
> the
> > connection to peer0.host on peer0.port.
> >
> > Next, we have a server machine, on which we have server.conf. In
> > server.conf, it listens incoming connection on if0.host on if0.port (
> This
> > implies that "peer0.host, peer0.port" in client.conf should be the same
> as
> > "if0.host, if0.port" in server.conf) , and forward the connection to
> > peer0.host ("intranet" in the example) on peer0.port. Finally, on the
> server
> > machine, we run "ssh -L 3301:localhost:3301 username at server wanproxy -c
> > server.conf " , where the username is the login name of the server
> machine.
> > (question: what should localhost in the above command be if my client and
> > server are separate machines on the same LAN?)
> >
> > Besides the server and the client, we also have a third machine
> "intranet",
> > that listens on "peer0.port" in the server.conf ( 80 in the example).
> This
> > machine does not need to have wanproxy installed.
> >
> > What we did here was to forward everything that goes to "if0.host ,
> > if0.port"  in client.conf , by the proxy at "if0.host, if0.port" in
> > server.conf,  to the "intranet" machine at port 80.  For example, if I
> type
> > "ssh user at 127.0.0.1 -p 3300", it will actually connect to "intranet" on
> port
> > 80.
> >
> > Please correct me if I am wrong. Thank you very much.
> >
> > --
> > Boxiang Pan
> >
> > Department of Electrical and Computer Engineering
> > University of California, San Diego
> > Tel: 858-999-7655
> >
> >
>

-- 

Boxiang Pan

Department of Electrical and Computer Engineering
University of California, San Diego
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wanproxy.org/pipermail/wanproxy-wanproxy.org/attachments/20130219/2107c1c8/attachment-0002.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wanproxy diagram.pdf
Type: application/pdf
Size: 132031 bytes
Desc: not available
URL: <http://lists.wanproxy.org/pipermail/wanproxy-wanproxy.org/attachments/20130219/2107c1c8/attachment-0002.pdf>