Do not work on http proxy
nxtreaming opened this issue · 10 comments
I compiled the latest code, but I fail to launch a HTTP proxy:
// step 1
tunsocks -H 127.0.0.1:8080
// step 2 : in a new shell
curl -x http://127.0.0.1:8080 https://google.com
the curl command will be timeout.
Where am I wrong?
Thanks.
How are you connecting tunsocks to a network? Is the stdin/stdout connected to a VPN?
From the readme:
-L [bind_address:]port:host:hostport
Listen on a local port and optional bind address. When a connection
is accepted, tunsocks makes a connection on the remote network to
host:hostport and then pipes the two connections together. If
host port is not specified, it defaults to port.
For example I setup a http server in 1.2.3.4:80
I run tunsocks by following:
tunsocks -L 0.0.0.0:8080:1.2.3.4:80
I expect I can visit my localhost to fetch the content of 1.2.3.4:80
But when I try the following command:
curl -v http://127.0.0.1:8080
I am terminated by " curl: (52) Empty reply from server", but in the same time, I get some dump in tunsocks output.
How are you connecting tunsocks to a network? Is the stdin/stdout connected to a VPN?
No, I do not know how to connect tunsocks to a network
Could you show an example?
Thanks.
From the README:
By default, tunsocks accepts network traffic on stdin, and outputs network traffic on stdout. The "VPNFD" environmental variable can be used to pass an alternate fd.
If you just want to experiment with tunsocks without a raw packet connection (such as a VPN), you can use the '-S' option to have tunsocks make outbound connections via the host's IP stack. This is mainly for debug and stability isn't guaranteed.
tunsocks is typically started by a VPN app:
openconnect --script-tun --script "tunsocks -D 8080 -R ssh -L 8888:webproxy.example.com:80" vpn.example.com
I use OpenVPN, I think it should have the same functions as openconnect
Just for your example
openconnect --script-tun --script "tunsocks -D 8080 -R ssh -L 8888:webproxy.example.com:80" vpn.example.com
-R port:host:hostport
tunsocks listens on the specified port on the remote network. When
a connection is accepted, tunsocks connects to host:hostport on
the local network and then pipes the two connections together. If
hostport is not specified, it defaults to port, if host is not
specified, it defaults to localhost.
Why " -R ssh" here? -R should be followed by port:host:hostport?
Many linux/unix network programs (including tunsocks) will resolve port names via /etc/services. -R ssh is equivalent to -R 22, which is equivalent to -R 22:localhost:22 as described above.
I see.
Thanks.
Releated: -S for debug
- run tunsocks by following :
tunsocks -H 0.0.0.0:8080 -S
- fetch content by curl
I will get a segmentation fault
Please check the attachment.
Yes, there's a bug when handling invalid proxy requests, I'll add a patch for that. But it does work if the request is valid:
tunsocks -H 0.0.0.0:8080 -S -d 8.8.8.8
(Note DNS server option)
curl -x http://127.0.0.1:8080 http://google.com
(Note the specification of a proxy server)
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
Thanks for quick fix.