Return-Path: X-Original-To: apmail-trafficserver-users-archive@www.apache.org Delivered-To: apmail-trafficserver-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 83DAFC9B1 for ; Fri, 21 Nov 2014 09:09:24 +0000 (UTC) Received: (qmail 42729 invoked by uid 500); 21 Nov 2014 09:09:24 -0000 Delivered-To: apmail-trafficserver-users-archive@trafficserver.apache.org Received: (qmail 42672 invoked by uid 500); 21 Nov 2014 09:09:24 -0000 Mailing-List: contact users-help@trafficserver.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@trafficserver.apache.org Delivered-To: mailing list users@trafficserver.apache.org Received: (qmail 42662 invoked by uid 99); 21 Nov 2014 09:09:24 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 21 Nov 2014 09:09:24 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of mymohaja@gmail.com designates 209.85.216.169 as permitted sender) Received: from [209.85.216.169] (HELO mail-qc0-f169.google.com) (209.85.216.169) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 21 Nov 2014 09:09:18 +0000 Received: by mail-qc0-f169.google.com with SMTP id w7so3418615qcr.0 for ; Fri, 21 Nov 2014 01:07:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=gwyY6fepaTMayyWg0HSce1k67rgxK6qZBjNnd58mNOo=; b=LFPfnEOyASd0YXbCZh7Ocuj4JtSBhSMZQs+QbSqBrCEmUIQ5RkcJernZebqBjcTMj6 p3ub8o+9XLdnJOPFhoylli6CFHprjlnqxwQ1nZ86wszdRKbXuKA8nHe1sDHWj1nglB91 WRnX0Tbi3djtj7nGRIpkmPCRpBbej9s0qMOINBQZRmpY2AoYt2a3a1H3sW0tpwAkgZjs ThJPVZgxcUaUslsQTmsguqDsk9TF+9tIWDWg30S13gV9LIU4f+gX9MOrh8ut3pGEy9ab 3jDfWsADKUOWNpeqwspSosWTvEXJG5w0Uy36OgjrW5UGBni5Lt/uMOdxnwwBOAkVeVPU umIQ== MIME-Version: 1.0 X-Received: by 10.224.11.10 with SMTP id r10mr5052671qar.42.1416560848068; Fri, 21 Nov 2014 01:07:28 -0800 (PST) Received: by 10.229.188.129 with HTTP; Fri, 21 Nov 2014 01:07:27 -0800 (PST) In-Reply-To: <4D513D04-944F-4ECE-AD41-2097042B325D@gmail.com> References: <4D513D04-944F-4ECE-AD41-2097042B325D@gmail.com> Date: Fri, 21 Nov 2014 17:07:27 +0800 Message-ID: Subject: Re: ATS 5.1.1 with SOCKS proxy. From: Mohd Akhbar To: users@trafficserver.apache.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Virus-Checked: Checked by ClamAV on apache.org What i'm trying to achieve here is to use ATS to connect to a socks proxy (provided by a ssh tunnel) as gateway to internet. on the ssh tunnel, i use ssh -c blowfish -D ats.local:1080 user@remote.server the SSH tunnel and ATS is on the same machine. previously, i use parent.config for internet access. In order to use SOCKS i disable it by CONFIG proxy.config.http.parent_proxy_routing_enable INT 0 (in records.con= fig) to use SOCKS proxy, i enable it in records.config by CONFIG proxy.config.socks.socks_config_file STRING socks.config (guess this is default) CONFIG proxy.config.socks.socks_needed INT 1 ( i assume that ats will fetch config from socks.config) my socks.config content is dest_ip=3D10.0.0.0-255.255.255.255 parent=3D"ats.local:1080" Now, when i restart ats (trafficserver restart - i'm on centos), i cant connect to internet. Then in traffic.out got this error... [TrafficServer] using root directory '/usr/local' traffic_server: Socks.cc:65: void SocksEntry::init(ProxyMutex*, SocksNetVC*, unsigned char, unsigned char): Assertion `ats_is_ip4(&target_addr)' failed. i got no clue on this error. By the way i'm using IPv4 only. Thank you. On Thu, Nov 20, 2014 at 11:27 PM, Yongming Zhao wrote: > the socks.config is a feature that can make origin on socks5 connections,= it=E2=80=99s a feature that make proxy peering like parent.config. so, if = you want ATS run as socks5 server, then don=E2=80=99t read that docs. > > I am sure we have the socks.config and socks server working after the ope= n source, so please try it by patient. > > how ever, to run ATS as a socks server, please take a look at the origin = PDF admin guide, page 211, "Setting SOCKS Proxy Options", you should only n= eed to set one options to enable SOCKS server on port 1080 >> proxy.config.socks.accept_enabled=3D1 > > good luck > > > > - Yongming Zhao =E8=B5=B5=E6=B0=B8=E6=98=8E > >> =E5=9C=A8 2014=E5=B9=B411=E6=9C=8819=E6=97=A5=EF=BC=8C=E4=B8=8B=E5=8D=88= 9:31=EF=BC=8CMohd Akhbar =E5=86=99=E9=81=93=EF=BC=9A >> >> Hi, >> >> I would like to know if ATS supports SOCKS proxy ? And if supportted, >> is there a doc for that ? >> >> There's list of config to use but dont know values for them >> >> CONFIG proxy.config.socks.socks_config_file STRING socks.config >> CONFIG proxy.config.socks.socks_needed=3D0 >> CONFIG proxy.config.socks.socks_version=3D4 >> CONFIG proxy.config.socks.socks_timeout=3D100 >> CONFIG proxy.config.socks.server_connect_timeout=3D10 >> CONFIG proxy.config.socks.per_server_connection_attempts=3D1 >> CONFIG proxy.config.socks.connection_attempts=3D4 >> CONFIG proxy.config.socks.server_retry_timeout=3D300 >> CONFIG proxy.config.socks.default_servers=3D >> CONFIG proxy.config.socks.server_retry_time=3D300 >> CONFIG proxy.config.socks.server_fail_threshold=3D2 >> CONFIG proxy.config.socks.accept_enabled=3D0 >> CONFIG proxy.config.socks.accept_port=3D1080 >> CONFIG proxy.config.socks.http_port=3D80 >> >> >> These are defaults get from _stat. >> >> >> Thank you. >