desproxy is just an answer to a question I have been wondering, for about a year: ¿Is there any way to make TCP connections trought HTTP proxies? Short answer: YES! Long answer: YES, but at the expense of decreased flexibility. Maybe it isn't useful for you (I hope that's not your case), or its too difficult for you newbie. desproxy just stands between your proxy and your favourite TCP application, waiting for a connection to make a TCP tunnel trought the HTTP proxy. Let's see one example
Real life example
Imagine you're inside a corporation, with a HTTP/1.1 compliant proxy (proxy.corporation.com:8080) that is the only way to get out there... But, hey! you want to chat using your favourite irc server (irc.foo.bar:6667 isn't that?) so you launch "desproxy" this way:Now, desproxy is listening on your local port 6667, waiting for a connection (from your irc client). So you launch xchat, zircon... and type
desproxy irc.foo.bar 6667 proxy.corporation.com 8080 6667
/server 127.0.0.1 6667
xchat now tries to connect with your local port 6667, desproxy "hears the bell" and after accepting the incoming connection, makes a connection to the irc server (irc.foo.bar 6667) trough the HTTP proxy (proxy.corporation.com 8080). When it gets the connection with the irc server, desproxy hooks the two sockets together, so xchat gets the wellcome message from the irc server as if it were connected to /server irc.foo.bar 6667 .
Usage: desproxy remote_host remote_port proxy_host proxy_port local_portremote_host & remote_port: Address of the machine you want to connect to.
proxy_host & proxy_port : Address of the HTTP proxy.
local_port : The one in which desproxy will listen waiting for connections.
Programs reported to work using "desproxy"
Programs that WILL NOT work using "desproxy"
Those that accept (or request) connections to start from the other side of the proxy (remote to local), like classic ftp (not passive).
desproxy-inetddesproxy-inetd is just a flavor of desproxy that doesn't bind to a local port but reads directly from standard input (and doensn't display anything beside the raw incoming "tunnelized" connection.
Usage: desproxy-inetd remote_host remote_port proxy_host proxy_portNOTE the lack of local_host. desproxy-inetd is designed to work like any other inetd daemon. Here is my /etc/inetd.conf line for fetchmail:
pop3 stream tcp nowait mail /usr/bin/desproxy-inetd desproxy-inetd atlas.uvigo.es 110 httpproxy.uvigo.es 8080
desproxy-inetd works great to test if your proxy supports TCP tunneling; just launch
desproxy-inetd ftp.gnu.org 21 your.proxy your_proxy_portand wait to see the FTP prompt! does it work? great! NO?...
desproxy-socks4serverdesproxy-socks4server is a Socks version 4 server using desproxy . That means you can manage dinamic connections trough your HTTP proxy. For example you can use MSIE, MS Messenger, News readers, Irc clients... every application supporting a socks server/proxy.
desproxy-socks5serverdesproxy-socks5server is a Socks version 5 server, just like desproxy-socks4server is a Socks version 4 server.
desproxy-dnsdesproxy-dns is a dns forwarder using desproxy. It's used in conjuction with a socks server, because many clients need dns access to resolve names prior to passing them to the socks server. It supports UDP & TCP access, and forwards dns queries using TCP connections to public DNS servers. You can use any DNS server you wish, just search the web for one and give it a try!
TroubleshootingA normal desproxy session looks like this:
miguel@Kosmos3000$ desproxy 127.0.0.1 21 127.0.0.1 4480 2222
(c) Miguelanxo Otero Salgueiro 2001
Listening on port 2222
Connection request from 127.0.0.1, port 1227
Connecting to http proxy (127.0.0.1:4480)
Bidirectional connection stablished
(127.0.0.1:21) <-> (localhost)
proxy -> local (72) bytes
local -> proxy (13) bytes
proxy -> local (35) bytes
local -> proxy (14) bytes
proxy -> local (447) bytes
End of connection.
Here, I connect to my local ftp server (127.0.0.1:21) using my local proxy (127.0.0.1:4480). You can see were the connection from another session was accepted (from 127.0.0.1 too :)), how after the connection is accepted desproxy connects to the proxy and some REAL interchange of bytes (a FTP login session).
"desproxy" is quite self explanatory about errors. "desproxy-inetd" is far more obscure, because the way inetd uses it (can't print error messages).
Basically there are two kind of errors:
Some common HTTP errors (as reported by the proxy)
(TODO) -> To do, not yet implemented.
(MINOR) -> temporary fault or maybe YOUR fault!
COPYINGdesproxy is licensed using the GNU GENERAL PUBLIC LICENSE.
Please read GPL.html for more details.