You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@trafficserver.apache.org by Mohd Akhbar <my...@gmail.com> on 2014/11/19 14:31:55 UTC
ATS 5.1.1 with SOCKS proxy.
Hi,
I would like to know if ATS supports SOCKS proxy ? And if supportted,
is there a doc for that ?
There's list of config to use but dont know values for them
CONFIG proxy.config.socks.socks_config_file STRING socks.config
CONFIG proxy.config.socks.socks_needed=0
CONFIG proxy.config.socks.socks_version=4
CONFIG proxy.config.socks.socks_timeout=100
CONFIG proxy.config.socks.server_connect_timeout=10
CONFIG proxy.config.socks.per_server_connection_attempts=1
CONFIG proxy.config.socks.connection_attempts=4
CONFIG proxy.config.socks.server_retry_timeout=300
CONFIG proxy.config.socks.default_servers=
CONFIG proxy.config.socks.server_retry_time=300
CONFIG proxy.config.socks.server_fail_threshold=2
CONFIG proxy.config.socks.accept_enabled=0
CONFIG proxy.config.socks.accept_port=1080
CONFIG proxy.config.socks.http_port=80
These are defaults get from _stat.
Thank you.
Re: ATS 5.1.1 with SOCKS proxy.
Posted by Mohd Akhbar <my...@gmail.com>.
What i'm trying to achieve here is to use ATS to connect to a socks
proxy (provided by a ssh tunnel) as gateway to internet.
on the ssh tunnel, i use
ssh -c blowfish -D ats.local:1080 user@remote.server
the SSH tunnel and ATS is on the same machine.
previously, i use parent.config for internet access. In order to use
SOCKS i disable it by
CONFIG proxy.config.http.parent_proxy_routing_enable INT 0 (in records.config)
to use SOCKS proxy, i enable it in records.config by
CONFIG proxy.config.socks.socks_config_file STRING socks.config
(guess this is default)
CONFIG proxy.config.socks.socks_needed INT 1 ( i assume that ats
will fetch config from socks.config)
my socks.config content is
dest_ip=10.0.0.0-255.255.255.255 parent="ats.local:1080"
Now, when i restart ats (trafficserver restart - i'm on centos), i
cant connect to internet. Then in traffic.out got this error...
[TrafficServer] using root directory '/usr/local'
traffic_server: Socks.cc:65: void SocksEntry::init(ProxyMutex*,
SocksNetVC*, unsigned char, unsigned char): Assertion
`ats_is_ip4(&target_addr)' failed.
i got no clue on this error. By the way i'm using IPv4 only.
Thank you.
On Thu, Nov 20, 2014 at 11:27 PM, Yongming Zhao <mi...@gmail.com> wrote:
> the socks.config is a feature that can make origin on socks5 connections, it’s a feature that make proxy peering like parent.config. so, if you want ATS run as socks5 server, then don’t read that docs.
>
> I am sure we have the socks.config and socks server working after the open source, so please try it by patient.
>
> how ever, to run ATS as a socks server, please take a look at the origin PDF admin guide, page 211, "Setting SOCKS Proxy Options", you should only need to set one options to enable SOCKS server on port 1080
>> proxy.config.socks.accept_enabled=1
>
> good luck
>
>
>
> - Yongming Zhao 赵永明
>
>> 在 2014年11月19日,下午9:31,Mohd Akhbar <my...@gmail.com> 写道:
>>
>> Hi,
>>
>> I would like to know if ATS supports SOCKS proxy ? And if supportted,
>> is there a doc for that ?
>>
>> There's list of config to use but dont know values for them
>>
>> CONFIG proxy.config.socks.socks_config_file STRING socks.config
>> CONFIG proxy.config.socks.socks_needed=0
>> CONFIG proxy.config.socks.socks_version=4
>> CONFIG proxy.config.socks.socks_timeout=100
>> CONFIG proxy.config.socks.server_connect_timeout=10
>> CONFIG proxy.config.socks.per_server_connection_attempts=1
>> CONFIG proxy.config.socks.connection_attempts=4
>> CONFIG proxy.config.socks.server_retry_timeout=300
>> CONFIG proxy.config.socks.default_servers=
>> CONFIG proxy.config.socks.server_retry_time=300
>> CONFIG proxy.config.socks.server_fail_threshold=2
>> CONFIG proxy.config.socks.accept_enabled=0
>> CONFIG proxy.config.socks.accept_port=1080
>> CONFIG proxy.config.socks.http_port=80
>>
>>
>> These are defaults get from _stat.
>>
>>
>> Thank you.
>
Re: ATS 5.1.1 with SOCKS proxy.
Posted by Yongming Zhao <mi...@gmail.com>.
the socks.config is a feature that can make origin on socks5 connections, it’s a feature that make proxy peering like parent.config. so, if you want ATS run as socks5 server, then don’t read that docs.
I am sure we have the socks.config and socks server working after the open source, so please try it by patient.
how ever, to run ATS as a socks server, please take a look at the origin PDF admin guide, page 211, "Setting SOCKS Proxy Options", you should only need to set one options to enable SOCKS server on port 1080
> proxy.config.socks.accept_enabled=1
good luck
- Yongming Zhao 赵永明
> 在 2014年11月19日,下午9:31,Mohd Akhbar <my...@gmail.com> 写道:
>
> Hi,
>
> I would like to know if ATS supports SOCKS proxy ? And if supportted,
> is there a doc for that ?
>
> There's list of config to use but dont know values for them
>
> CONFIG proxy.config.socks.socks_config_file STRING socks.config
> CONFIG proxy.config.socks.socks_needed=0
> CONFIG proxy.config.socks.socks_version=4
> CONFIG proxy.config.socks.socks_timeout=100
> CONFIG proxy.config.socks.server_connect_timeout=10
> CONFIG proxy.config.socks.per_server_connection_attempts=1
> CONFIG proxy.config.socks.connection_attempts=4
> CONFIG proxy.config.socks.server_retry_timeout=300
> CONFIG proxy.config.socks.default_servers=
> CONFIG proxy.config.socks.server_retry_time=300
> CONFIG proxy.config.socks.server_fail_threshold=2
> CONFIG proxy.config.socks.accept_enabled=0
> CONFIG proxy.config.socks.accept_port=1080
> CONFIG proxy.config.socks.http_port=80
>
>
> These are defaults get from _stat.
>
>
> Thank you.
Re: ATS 5.1.1 with SOCKS proxy.
Posted by James Peach <ja...@me.com>.
> On Nov 19, 2014, at 4:25 PM, Mohd Akhbar <my...@gmail.com> wrote:
>
> Think i found it. But the guide does not make use of the socks.config
> file. Instead it modifies record.config for socks server and port. Do
> you have any success in it since i've seen your post back in Aug about
> ATS using socks proxy.
I don't know whether SOCKS works and I don't know anyone who has tried it, but my copy of the inktomi guide says:
socks.config
The socks.config file specifies the following information:
s The SOCKS servers through which Traffic Edge must go to access specific origin
servers and the order in which Traffic Edge goes through the SOCKS server list
You can specify your default SOCKS servers either in Traffic Manager or by editing the configuration variable proxy.config.socks.default_servers. However, the socks.config file lets you perform additional SOCKS configuration; you can send requests to specific origin servers through specific SOCKS servers.
s The origin servers you want Traffic Edge to access directly without going through the SOCKS server
s The username and password that Traffic Edge uses to connect to a SOCKS server (SOCKS Version 5 only)
IMPORTANT After you modify the socks.config file, you must restart Traffic Edge. Format
To specify the SOCKS servers through which Traffic Edge must go to reach specific origin servers, you must add a rule to the socks.config file with the following format:
dest_ip=ipaddress parent=server_name:port [round_robin=value]
ipaddress is the origin server IP address or range of IP addresses separated by - or /.
server_name is the hostname of the SOCKS server.
port is the port number through which Traffic Edge communicates with the SOCKS server.
value is either strict if you want Traffic Edge to try the SOCKS servers one by one or false if you do not want round-robin selection to occur.
To specify the origin servers you want Traffic Edge to access directly without going through the SOCKS server, you must enter a rule in the socks.config file in the following format:
no_socks ipaddress
ipaddress is a comma-separated list of the IP addresses or IP address ranges associated
with the origin servers you want Traffic Edge to access directly.
To specify the username and password Traffic Edge uses for authentication with the SOCKS Version 5 server, you must enter a rule in the socks.config file in the following format:
auth u username password
username is the username and password is the password used for authentication.
Note Each rule in the socks.config file can consist of a maximum of 400 characters. The order of the rules in the socks.config file is not important.
Examples
The following example configures Traffic Edge to send requests to the origin servers associated with the range of IP addresses 123.15.17.1 - 123.14.17.4 through the SOCKS server socks1 on port 1080 and socks2 on port 4080. Because the optional specifier round_robin is set to strict, Traffic Edge sends the first request to socks1, the second request to socks2, the third request to socks1, and so on.
dest_ip=123.14.15.1 - 123.14.17.4 parent=socks1:1080;socks2:4080
round_robin=strict
The following example configures Traffic Edge to access the origin server associated with the IP address 11.11.11.1 directly without going through the SOCKS server:
no_socks 11.11.11.1
The following example configures Traffic Edge to access the origin servers associated with the range of IP addresses 123.14.15.1 - 123.14.17.4 and the IP address 113.14.18.2 directly without going through the SOCKS server:
no_socks 123.14.15.1 - 123.14.17.4, 113.14.18.2
The following example configures Traffic Edge to use the username traffic_server and
the password secret for authentication with the SOCKS Version 5 server: auth u traffic_server secret
>
> Thanks.
>
> On Thu, Nov 20, 2014 at 12:29 AM, James Peach <jp...@apache.org> wrote:
>>
>>> On Nov 19, 2014, at 5:31 AM, Mohd Akhbar <my...@gmail.com> wrote:
>>>
>>> Hi,
>>>
>>> I would like to know if ATS supports SOCKS proxy ? And if supportted,
>>> is there a doc for that ?
>>
>> If you google around for the old Inktomi administrators' guide, it's documented in there.
>>
>>>
>>> There's list of config to use but dont know values for them
>>>
>>> CONFIG proxy.config.socks.socks_config_file STRING socks.config
>>> CONFIG proxy.config.socks.socks_needed=0
>>> CONFIG proxy.config.socks.socks_version=4
>>> CONFIG proxy.config.socks.socks_timeout=100
>>> CONFIG proxy.config.socks.server_connect_timeout=10
>>> CONFIG proxy.config.socks.per_server_connection_attempts=1
>>> CONFIG proxy.config.socks.connection_attempts=4
>>> CONFIG proxy.config.socks.server_retry_timeout=300
>>> CONFIG proxy.config.socks.default_servers=
>>> CONFIG proxy.config.socks.server_retry_time=300
>>> CONFIG proxy.config.socks.server_fail_threshold=2
>>> CONFIG proxy.config.socks.accept_enabled=0
>>> CONFIG proxy.config.socks.accept_port=1080
>>> CONFIG proxy.config.socks.http_port=80
>>>
>>>
>>> These are defaults get from _stat.
>>>
>>>
>>> Thank you.
>>
Re: ATS 5.1.1 with SOCKS proxy.
Posted by Mohd Akhbar <my...@gmail.com>.
Think i found it. But the guide does not make use of the socks.config
file. Instead it modifies record.config for socks server and port. Do
you have any success in it since i've seen your post back in Aug about
ATS using socks proxy.
Thanks.
On Thu, Nov 20, 2014 at 12:29 AM, James Peach <jp...@apache.org> wrote:
>
>> On Nov 19, 2014, at 5:31 AM, Mohd Akhbar <my...@gmail.com> wrote:
>>
>> Hi,
>>
>> I would like to know if ATS supports SOCKS proxy ? And if supportted,
>> is there a doc for that ?
>
> If you google around for the old Inktomi administrators' guide, it's documented in there.
>
>>
>> There's list of config to use but dont know values for them
>>
>> CONFIG proxy.config.socks.socks_config_file STRING socks.config
>> CONFIG proxy.config.socks.socks_needed=0
>> CONFIG proxy.config.socks.socks_version=4
>> CONFIG proxy.config.socks.socks_timeout=100
>> CONFIG proxy.config.socks.server_connect_timeout=10
>> CONFIG proxy.config.socks.per_server_connection_attempts=1
>> CONFIG proxy.config.socks.connection_attempts=4
>> CONFIG proxy.config.socks.server_retry_timeout=300
>> CONFIG proxy.config.socks.default_servers=
>> CONFIG proxy.config.socks.server_retry_time=300
>> CONFIG proxy.config.socks.server_fail_threshold=2
>> CONFIG proxy.config.socks.accept_enabled=0
>> CONFIG proxy.config.socks.accept_port=1080
>> CONFIG proxy.config.socks.http_port=80
>>
>>
>> These are defaults get from _stat.
>>
>>
>> Thank you.
>
Re: ATS 5.1.1 with SOCKS proxy.
Posted by James Peach <jp...@apache.org>.
> On Nov 19, 2014, at 5:31 AM, Mohd Akhbar <my...@gmail.com> wrote:
>
> Hi,
>
> I would like to know if ATS supports SOCKS proxy ? And if supportted,
> is there a doc for that ?
If you google around for the old Inktomi administrators' guide, it's documented in there.
>
> There's list of config to use but dont know values for them
>
> CONFIG proxy.config.socks.socks_config_file STRING socks.config
> CONFIG proxy.config.socks.socks_needed=0
> CONFIG proxy.config.socks.socks_version=4
> CONFIG proxy.config.socks.socks_timeout=100
> CONFIG proxy.config.socks.server_connect_timeout=10
> CONFIG proxy.config.socks.per_server_connection_attempts=1
> CONFIG proxy.config.socks.connection_attempts=4
> CONFIG proxy.config.socks.server_retry_timeout=300
> CONFIG proxy.config.socks.default_servers=
> CONFIG proxy.config.socks.server_retry_time=300
> CONFIG proxy.config.socks.server_fail_threshold=2
> CONFIG proxy.config.socks.accept_enabled=0
> CONFIG proxy.config.socks.accept_port=1080
> CONFIG proxy.config.socks.http_port=80
>
>
> These are defaults get from _stat.
>
>
> Thank you.