modelnine at modelnine.org
Wed Jul 30 14:22:34 CEST 2008
Am Mittwoch, 30. Juli 2008 13:48:08 schrieb Gary:
> "Diez B. Roggisch" <deets at nospam.web.de> wrote in message
> news:6f6sk7Fa4tf5U1 at mid.uni-berlin.de...
> > Gary schrieb:
> > > "Diez B. Roggisch" <deets at nospam.web.de> wrote in message
> > > news:6f5rteF89muqU2 at mid.uni-berlin.de...
> > You can't make any TCP/IP communication run through a proxy, unless it's
> > transparent.
> Thanks for all the info.
This is not entirely true. There are libc-plugins (i.e. LD_PRELOAD hacks)
which use SOCKS (which is a generic proxying protocol for [TCP/]IP) to
redirect all locally originating TCP/IP traffic _which is managed through the
socket interface of the libc_ in the application that you applied the
LD_PRELOAD hack to through a specified SOCKS-proxy (this should capture
pretty much everything, except for communication originating in the
*nix-kernel itself). I seem to recall that something similar exists for
WinSock, but I wouldn't know for sure.
Check the web for documentation on setting up a SOCKS proxy, and for the
respective libc-plugins or WinSock SOCKS "hack".
If you cannot make the user use SOCKS through a means like this (in which case
there has to be no application support) or by instructing a specific
application to use a SOCKS proxy directly (which all browsers can out of the
box AFAIK), and you don't have the possibility to put yourself somewhere in
the middle by means of a transparent proxy (i.e., a firewall applicance which
does this; I seem to recall that there was some FreeBSD-based software which
basically did just this kind of transparent proxying for a network), you're
out of luck, just like Diez said.
More information about the Python-list