understanding example (proxying over ssh)

Tue Feb 19 21:39:16 PST 2013

Hi, Juli,

I've created the server and client conf files, and both the server side and
the client side wanproxy seem to be running. You mentioned that I can send
some random files over http to the client and wanproxy will forward it to
the "intranet:80".  I am not sure how should I do this, plus, should there
be some process (eg: apache webserver) running on the intranet and
listening on port 80 before I can send some random file to it? Could you
please be more specific about how I may test to see if wanproxy is working
correctly?

Thank you.

On Tue, Feb 19, 2013 at 11:53 AM, Juli Mallett <juli at clockworksquid.com>wrote:

> Boxiang,
>
> That looks exactly right to me.  Is it working for you in practice?
>
> Thanks,
> Juli.
>
> On Tue, Feb 19, 2013 at 11:50 AM, Boxiang Pan <aquarypbx at gmail.com> wrote:
> > Hi, Juli,
> >
> > We will remove the ssh forwarding part then.  Here's a digram with our
> conf
> > files that I drew to show what I meant in the previous email. So all
> traffic
> > that goest to "127.0.0.1:3300" on the client machine (192.168.0.100)
> will be
> > forward to the server (192.168.0.101:3301) , and then the server will
> > forward the traffic to the intranet (192.168.0.102:80). Is this correct?
> >
> > Thank you.
> >
> >
> > On Tue, Feb 19, 2013 at 12:47 AM, Juli Mallett <juli at clockworksquid.com>
> > wrote:
> >>
> >> Your understanding sounds correct to me at a glance.  A diagram may be
> >> more helpful than text, though.
> >>
> >> Your client and server should be separate machines, whether on the
> >> same LAN or with a WAN in between them.  SSH is just being used here
> >> to encrypt and authenticate the traffic between the client and server,
> >> and to forward ports on localhost so that you don't have to have ports
> >> listening where something else could connect to them.
> >>
> >> If that's confusing or unnecessary for your testing, I would suggest
> >> that you remove the SSH port forwarding from the picture entirely.
> >> It's not necessary for correct operation, and seems to be more of a
> >> stumbling block than I had assumed when I used it in the example on
> >> the website.
> >>
> >> Thanks,
> >> Juli.
> >>
> >> On Tue, Feb 19, 2013 at 12:19 AM, Boxiang Pan <aquarypbx at gmail.com>
> wrote:
> >> > Hi,
> >> >
> >> > I am still having some doubts understanding the first example
> (proxying
> >> > over
> >> > ssh) at wanproxy.org/examples.shtml.
> >> >
> >> > Please correct me if I am wrong. From my understanding, we have a
> client
> >> > machine, on which we have client.conf and run wanproxy -c client.conf.
> >> > In
> >> > the client.conf, it listens on if0.host on port if0.port, then forward
> >> > the
> >> > connection to peer0.host on peer0.port.
> >> >
> >> > Next, we have a server machine, on which we have server.conf. In
> >> > server.conf, it listens incoming connection on if0.host on if0.port (
> >> > This
> >> > implies that "peer0.host, peer0.port" in client.conf should be the
> same
> >> > as
> >> > "if0.host, if0.port" in server.conf) , and forward the connection to
> >> > peer0.host ("intranet" in the example) on peer0.port. Finally, on the
> >> > server
> >> > machine, we run "ssh -L 3301:localhost:3301 username at server wanproxy
> -c
> >> > server.conf " , where the username is the login name of the server
> >> > machine.
> >> > (question: what should localhost in the above command be if my client
> >> > and
> >> > server are separate machines on the same LAN?)
> >> >
> >> > Besides the server and the client, we also have a third machine
> >> > "intranet",
> >> > that listens on "peer0.port" in the server.conf ( 80 in the example).
> >> > This
> >> > machine does not need to have wanproxy installed.
> >> >
> >> > What we did here was to forward everything that goes to "if0.host ,
> >> > if0.port"  in client.conf , by the proxy at "if0.host, if0.port" in
> >> > server.conf,  to the "intranet" machine at port 80.  For example, if I
> >> > type
> >> > "ssh user at 127.0.0.1 -p 3300", it will actually connect to "intranet"
> on
> >> > port
> >> > 80.
> >> >
> >> > Please correct me if I am wrong. Thank you very much.
> >> >
> >> > --
> >> > Boxiang Pan
> >> >
> >> > Department of Electrical and Computer Engineering
> >> > University of California, San Diego
> >> > Tel: 858-999-7655
> >> >
> >> >
> >
> >
> >
> >
> > --
> >
> > Boxiang Pan
> >
> > Department of Electrical and Computer Engineering
> > University of California, San Diego
> >
> >
> >
>

-- 
潘博翔
Boxiang Pan

Department of Electrical and Computer Engineering
University of California, San Diego
Tel: 858-999-7655
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wanproxy.org/pipermail/wanproxy-wanproxy.org/attachments/20130219/936ad259/attachment-0003.htm>