Proxy server?

Heiko Wundram modelnine at modelnine.org
Wed Jul 30 14:22:34 CEST 2008


Am Mittwoch, 30. Juli 2008 13:48:08 schrieb Gary:
> "Diez B. Roggisch" <deets at nospam.web.de> wrote in message
> news:6f6sk7Fa4tf5U1 at mid.uni-berlin.de...
>
> > Gary schrieb:
> > > "Diez B. Roggisch" <deets at nospam.web.de> wrote in message
> > > news:6f5rteF89muqU2 at mid.uni-berlin.de...
> >
> > You can't make any TCP/IP communication run through a proxy, unless it's
> > transparent.
>
> Thanks for all the info.

This is not entirely true. There are libc-plugins (i.e. LD_PRELOAD hacks) 
which use SOCKS (which is a generic proxying protocol for [TCP/]IP) to 
redirect all locally originating TCP/IP traffic _which is managed through the 
socket interface of the libc_ in the application that you applied the 
LD_PRELOAD hack to through a specified SOCKS-proxy (this should capture 
pretty much everything, except for communication originating in the 
*nix-kernel itself). I seem to recall that something similar exists for 
WinSock, but I wouldn't know for sure.

Check the web for documentation on setting up a SOCKS proxy, and for the 
respective libc-plugins or WinSock SOCKS "hack".

If you cannot make the user use SOCKS through a means like this (in which case 
there has to be no application support) or by instructing a specific 
application to use a SOCKS proxy directly (which all browsers can out of the 
box AFAIK), and you don't have the possibility to put yourself somewhere in 
the middle by means of a transparent proxy (i.e., a firewall applicance which 
does this; I seem to recall that there was some FreeBSD-based software which 
basically did just this kind of transparent proxying for a network), you're 
out of luck, just like Diez said.

-- 
Heiko Wundram



More information about the Python-list mailing list