understanding example (proxying over ssh)

Boxiang Pan aquarypbx at gmail.com
Wed Feb 20 00:05:54 PST 2013


I've tried both, but now the error message on the client becomes:
1361347253.168476 [/wanproxy/proxy/proxy0/connector] ERR: void
ProxyConnector::splice_complete(Event): Unexpected event: <Error>/32
[Broken pipe]

Here's my client.conf:

create codec codec0
set codec0.codec XCodec
activate codec0

create interface if0
set if0.family IPv4
set if0.host "127.0.0.1"
set if0.port "3300"
activate if0

create peer peer0
set peer0.family IPv4
set peer0.host "192.168.122.20"
set peer0.port "3301"
activate peer0

create proxy proxy0
set proxy0.interface if0
set proxy0.interface_codec None
set proxy0.peer peer0
set proxy0.peer_codec codec0
activate proxy0

Here's server.conf:

create codec codec0
set codec0.codec XCodec
activate codec0

create interface if0
set if0.family IPv4
set if0.host "192.168.122.20"
set if0.port "3301"
activate if0

create peer peer0
set peer0.family IPv4
set peer0.host "192.168.122.30"
set peer0.port "80"
activate peer0

create proxy proxy0
set proxy0.interface if0
set proxy0.interface_codec codec0
set proxy0.peer peer0
set proxy0.peer_codec None
activate proxy0

my client is at 192.168.122.10
my server is at 192.168.122.20
my intranet is at 192.168.122.30

Thank you.

On Tue, Feb 19, 2013 at 11:51 PM, Juli Mallett <juli at clockworksquid.com>wrote:

> Set if0.host to 0.0.0.0 or 192.168.0.101 on the server.  The problem is
> that WANProxy on the server is only listening on localhost; you need it to
> listen on an interface the client can reach it on.
>
>
> On Tue, Feb 19, 2013 at 11:45 PM, Boxiang Pan <aquarypbx at gmail.com> wrote:
>
>> Hi, Juli,
>>
>> As the first step, we just want to make sure that we setup and run
>> wanproxy correctly .
>>
>> Here's what it shows when client started running:
>> [image: Inline image 1]
>>
>> Here's the server when it started running:
>> [image: Inline image 2]
>>
>> I then run on the "intranet" machine
>>  " root at kvmtest:~# nc -l 80 > received.file "
>>
>> then run on the client machine:
>>  " root at kvmtest:~# nc 127.0.0.1 3300 < send.file
>>
>> As soon as I hit enter, I got this error from wanproxy on my client
>> machine :
>> [image: Inline image 3]
>>
>> Our client , server, and intranet are 3 virtual machines on one physical
>> machine , with ip address 192.168.122.10,  192.168.122.20, and
>> 192.168.122.30.
>>
>> What might have caused the error?
>>
>> Thank you.
>>
>> On Tue, Feb 19, 2013 at 10:03 PM, Juli Mallett <juli at clockworksquid.com>wrote:
>>
>>> Hi Boxiang,
>>>
>>> Well, I suppose it depends how you intend to evaluate/test/deploy
>>> WANProxy.  If you are going to be using it for HTTP traffic, you
>>> should set up a webserver on 'intranet'.  Whatever webserver you would
>>> use should be fine.
>>>
>>> If you just want to see it working, start netcat (nc) listening on
>>> port 80 on intranet, piped to dd to /dev/null.  Then start netcat on
>>> the client to connect to WANProxy, with its input coming from dd from
>>> a file, or /dev/zero, or whatever is most appropriate for your test.
>>> When that's done, do the test again, and see if the results are
>>> different.  Choose a big file so that you have time to use tcpdump or
>>> netstat or ntop to watch data going over the wire.
>>>
>>> You could also have the WANProxy server connect to a service running
>>> on server.  If all of the systems are on the same LAN, you will not
>>> see any performance improvement, because server getting the content
>>> from intranet should be no different to client getting the content
>>> from intranet.
>>>
>>> What do you want to demonstrate or test about WANProxy?  To just test
>>> that it's "working", use netcat, and have the server connect to netcat
>>> running on the server as well.  That way you should be able to
>>> transfer data faster than line rate.
>>>
>>> On Tue, Feb 19, 2013 at 9:39 PM, Boxiang Pan <aquarypbx at gmail.com>
>>> wrote:
>>> > Hi, Juli,
>>> >
>>> > I've created the server and client conf files, and both the server
>>> side and
>>> > the client side wanproxy seem to be running. You mentioned that I can
>>> send
>>> > some random files over http to the client and wanproxy will forward it
>>> to
>>> > the "intranet:80".  I am not sure how should I do this, plus, should
>>> there
>>> > be some process (eg: apache webserver) running on the intranet and
>>> listening
>>> > on port 80 before I can send some random file to it? Could you please
>>> be
>>> > more specific about how I may test to see if wanproxy is working
>>> correctly?
>>> >
>>> > Thank you.
>>> >
>>> >
>>> > On Tue, Feb 19, 2013 at 11:53 AM, Juli Mallett <
>>> juli at clockworksquid.com>
>>> > wrote:
>>> >>
>>> >> Boxiang,
>>> >>
>>> >> That looks exactly right to me.  Is it working for you in practice?
>>> >>
>>> >> Thanks,
>>> >> Juli.
>>> >>
>>> >> On Tue, Feb 19, 2013 at 11:50 AM, Boxiang Pan <aquarypbx at gmail.com>
>>> wrote:
>>> >> > Hi, Juli,
>>> >> >
>>> >> > We will remove the ssh forwarding part then.  Here's a digram with
>>> our
>>> >> > conf
>>> >> > files that I drew to show what I meant in the previous email. So all
>>> >> > traffic
>>> >> > that goest to "127.0.0.1:3300" on the client machine
>>> (192.168.0.100)
>>> >> > will be
>>> >> > forward to the server (192.168.0.101:3301) , and then the server
>>> will
>>> >> > forward the traffic to the intranet (192.168.0.102:80). Is this
>>> correct?
>>> >> >
>>> >> > Thank you.
>>> >> >
>>> >> >
>>> >> > On Tue, Feb 19, 2013 at 12:47 AM, Juli Mallett <
>>> juli at clockworksquid.com>
>>> >> > wrote:
>>> >> >>
>>> >> >> Your understanding sounds correct to me at a glance.  A diagram
>>> may be
>>> >> >> more helpful than text, though.
>>> >> >>
>>> >> >> Your client and server should be separate machines, whether on the
>>> >> >> same LAN or with a WAN in between them.  SSH is just being used
>>> here
>>> >> >> to encrypt and authenticate the traffic between the client and
>>> server,
>>> >> >> and to forward ports on localhost so that you don't have to have
>>> ports
>>> >> >> listening where something else could connect to them.
>>> >> >>
>>> >> >> If that's confusing or unnecessary for your testing, I would
>>> suggest
>>> >> >> that you remove the SSH port forwarding from the picture entirely.
>>> >> >> It's not necessary for correct operation, and seems to be more of a
>>> >> >> stumbling block than I had assumed when I used it in the example on
>>> >> >> the website.
>>> >> >>
>>> >> >> Thanks,
>>> >> >> Juli.
>>> >> >>
>>> >> >> On Tue, Feb 19, 2013 at 12:19 AM, Boxiang Pan <aquarypbx at gmail.com
>>> >
>>> >> >> wrote:
>>> >> >> > Hi,
>>> >> >> >
>>> >> >> > I am still having some doubts understanding the first example
>>> >> >> > (proxying
>>> >> >> > over
>>> >> >> > ssh) at wanproxy.org/examples.shtml.
>>> >> >> >
>>> >> >> > Please correct me if I am wrong. From my understanding, we have a
>>> >> >> > client
>>> >> >> > machine, on which we have client.conf and run wanproxy -c
>>> >> >> > client.conf.
>>> >> >> > In
>>> >> >> > the client.conf, it listens on if0.host on port if0.port, then
>>> >> >> > forward
>>> >> >> > the
>>> >> >> > connection to peer0.host on peer0.port.
>>> >> >> >
>>> >> >> > Next, we have a server machine, on which we have server.conf. In
>>> >> >> > server.conf, it listens incoming connection on if0.host on
>>> if0.port (
>>> >> >> > This
>>> >> >> > implies that "peer0.host, peer0.port" in client.conf should be
>>> the
>>> >> >> > same
>>> >> >> > as
>>> >> >> > "if0.host, if0.port" in server.conf) , and forward the
>>> connection to
>>> >> >> > peer0.host ("intranet" in the example) on peer0.port. Finally,
>>> on the
>>> >> >> > server
>>> >> >> > machine, we run "ssh -L 3301:localhost:3301 username at serverwanproxy
>>> >> >> > -c
>>> >> >> > server.conf " , where the username is the login name of the
>>> server
>>> >> >> > machine.
>>> >> >> > (question: what should localhost in the above command be if my
>>> client
>>> >> >> > and
>>> >> >> > server are separate machines on the same LAN?)
>>> >> >> >
>>> >> >> > Besides the server and the client, we also have a third machine
>>> >> >> > "intranet",
>>> >> >> > that listens on "peer0.port" in the server.conf ( 80 in the
>>> example).
>>> >> >> > This
>>> >> >> > machine does not need to have wanproxy installed.
>>> >> >> >
>>> >> >> > What we did here was to forward everything that goes to
>>> "if0.host ,
>>> >> >> > if0.port"  in client.conf , by the proxy at "if0.host, if0.port"
>>> in
>>> >> >> > server.conf,  to the "intranet" machine at port 80.  For
>>> example, if
>>> >> >> > I
>>> >> >> > type
>>> >> >> > "ssh user at 127.0.0.1 -p 3300", it will actually connect to
>>> "intranet"
>>> >> >> > on
>>> >> >> > port
>>> >> >> > 80.
>>> >> >> >
>>> >> >> > Please correct me if I am wrong. Thank you very much.
>>> >> >> >
>>> >> >> > --
>>> >> >> > Boxiang Pan
>>> >> >> >
>>> >> >> > Department of Electrical and Computer Engineering
>>> >> >> > University of California, San Diego
>>> >> >> > Tel: 858-999-7655
>>> >> >> >
>>> >> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> >
>>> >> > --
>>> >> >
>>> >> > Boxiang Pan
>>> >> >
>>> >> > Department of Electrical and Computer Engineering
>>> >> > University of California, San Diego
>>> >> >
>>> >> >
>>> >> >
>>> >
>>> >
>>> >
>>> >
>>> > --
>>> > 潘博翔
>>> > Boxiang Pan
>>> >
>>> > Department of Electrical and Computer Engineering
>>> > University of California, San Diego
>>> > Tel: 858-999-7655
>>> >
>>> >
>>>
>>
>>
>>
>> --
>> 潘博翔
>> Boxiang Pan
>>
>> Department of Electrical and Computer Engineering
>> University of California, San Diego
>> Tel: 858-999-7655
>>
>>
>>
>


-- 
潘博翔
Boxiang Pan

Department of Electrical and Computer Engineering
University of California, San Diego
Tel: 858-999-7655
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wanproxy.org/pipermail/wanproxy-wanproxy.org/attachments/20130220/9b9d8d6d/attachment-0003.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 43910 bytes
Desc: not available
URL: <http://lists.wanproxy.org/pipermail/wanproxy-wanproxy.org/attachments/20130220/9b9d8d6d/attachment-0009.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 55585 bytes
Desc: not available
URL: <http://lists.wanproxy.org/pipermail/wanproxy-wanproxy.org/attachments/20130220/9b9d8d6d/attachment-0010.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 42385 bytes
Desc: not available
URL: <http://lists.wanproxy.org/pipermail/wanproxy-wanproxy.org/attachments/20130220/9b9d8d6d/attachment-0011.png>


More information about the wanproxy mailing list