|
gryphon has asked for the wisdom of the Perl Monks concerning the following question:
Greetings fellow monks,
First of all, please pardon my networking newbie-ness. I've recently found myself behind a nasty corporate firewall that I would like to bypass. There is a client proxy server program the company suggests be installed. This program sits on your local desktop and reroutes traffic from any app to the corporate proxy server so that you don't have to go mess around with the proxy settings of every app on your desktop. This client proxy program makes just about every app on my desktop function with the exception of Trillian.
It's not so much that I'm married to Trillian as I'm annoyed that it doesn't work and am therefore driven to find a solution. (Corporate desktop support doesn't support Trillian, so I'm on my own.) Note also that AIM and MSN Messenger both work perfectly.
My thought was that the client proxy program was just ignoring or not playing nice with Trillian. So why not build my own proxy that will sit on top of the desktop corporate proxy? I used HTTP::Proxy to build the following:
#!/usr/bin/perl
use strict;
use warnings;
use HTTP::Proxy qw(:log);
my $proxy = new HTTP::Proxy;
$proxy->port(8089);
$proxy->logfh(*STDOUT);
$proxy->logmask(ALL);
$proxy->start;
Sure, it's extremely basic and almost exactly what was in the example script. Well, used on my system, it works perfectly with such things as Mozilla, IE, mIRC, etc. However, it doesn't work with Trillian. The worst part is that I can't seem to get any kind of error message that makes any sense from either Trillian or HTTP::Proxy.
Stuff from Trillian
[09:59] *** Creating connection "passport@gryphonshafer.com"
[09:59] *** Disconnecting.
[09:59] *** Connecting to MSN as "passport@gryphonshafer.com", attempt
+ #1.
[09:59] *** Failed to connect to MSN (10056).
Stuff from HTTP::Proxy
[Mon Oct 13 10:00:26 2003] Forked child process -1320
[Mon Oct 13 10:00:27 2003] (-1320) Request: CONNECT http://messenger.h
+otmail.com:1863
[Mon Oct 13 10:00:27 2003] (-1320) Response: 501 Not Implemented
[Mon Oct 13 10:00:27 2003] (-1320) Response: Content-Length: 46
[Mon Oct 13 10:00:27 2003] (-1320) Connection closed by the client
[Mon Oct 13 10:00:27 2003] (-1320) Served 1 requests
[Mon Oct 13 10:00:27 2003] Reaped child process -1320
[Mon Oct 13 10:00:27 2003] Remaining kids:
[Mon Oct 13 10:00:38 2003] Processed 1 connection(s)
So obviously Trillian is able to find and connect to the HTTP::Proxy instance, but for some reason, it's unable to get out to various servers. I'm quite confused about the 501 response. That certainly can't be coming from the MSN Messenger server nor the local desktop proxy client since the MSN Messenger client works fine. I doubt the 501 is coming from HTTP::Proxy also, so it must be coming from the corporate proxy, but the corporate proxy supports MSN Messenger.
Anyway, as you can see, I'm confused and not really sure what to try next. Does anyone have any suggestions?
gryphon
code('Perl') || die;
|
Re: HTTP::Proxy and Trillian
by robartes (Priest) on Oct 13, 2003 at 18:09 UTC
|
Hi,
As others have said, the immediate reason this is not working is that HTTP::Proxy does not support the HTTP CONNECT method, which Trillian uses to connect to MSN through a proxy. HTTP::Proxy does not support this (although you could probably implement it through its filter functionality) - it's just a basic HTTP request repeater.
However, even if you do use a proxy that does HTTP CONNECT (there's a nice and simple one here, although that one's C, not Perl) that will probably not help you: if your company's firewall does not allow outgoing connections to port 1863, putting an HTTP CONNECT proxy on your workstation will not help you, unfortunately.
| [reply] |
|
|
Greetings robartes,
It could be that the AIM and MSN Messenger clients attempt a CONNECT first, then on failure try a GET/POST instead. I've heard that AIM actually tries a few different ports, eventually dropping to HTTP GET on 80. Perhaps Trillian attempts CONNECT, fails, complains, and stops.
If this is the case, would looking at Net::HTTPTunnel be worth my time? Or perhaps another solution?
The other idea I had (again, from the brain of a networking newbie) was to create a custom client/server proxy pair. The client would sit on my system and act just like a proxy except that it would convert all requests to it into HTTP GET on port 80 and ship them to the "server". That server is, say, my box at home. It would pick up the requests, translate them back, gather data, ship back to me in my isolation chamber here at the office.
Is this a dumb idea?
gryphon
code('Perl') || die;
| [reply] |
|
|
Funnily enough, I considered Net::HTTPTunnel, but that needs another HTTP proxy that does the CONNECT. From your description, I thought that this was not an option for you. However, if you have such a proxy on your corporate network, and such use of it is allowed, you can use Net::HTTPTunnel to create a local socket on your workstation you can connect Trillian to (although you could just as easily use that hypothetical corporate proxy directly).
Translating IM messages into HTTP requests - as you are proposing - is possible, but it's a bit like getting a camel to sleep on a trampoline - it will work, but it's extremely awkward, both for you and the camel (not to mention the trampoline). The problem with IM traffic is that it is not just you requesting stuff, as in HTTP, but also the server sending you things on its own initiative. That will not work in HTTP, unfortunately, unless the IM server supports some kind of store and forward scheme for messages, which you can then poll regularly. But I have no knowledge of servers like that, so I cannot help you there.
| [reply] |
|
|
if your company's firewall does not allow outgoing connections to port 1863, putting an HTTP CONNECT proxy on your workstation will not help you, unfortunately.
If his own proxy to passes such connections through the company firewall, it should work.
Makeshifts last the longest.
| [reply] |
|
|
| [reply] |
|
|
|
|
Hi there
I Have installed trillion and added MSN with all the configs, it was running ok for few weeks, 1863 supported by the network, however sudnely can not connect and got the following message "Error while connecting (Error Code: 10056). Disconnecting". tries 10 times
Please advise
| [reply] |
Re: HTTP::Proxy and Trillian
by Aristotle (Chancellor) on Oct 13, 2003 at 17:33 UTC
|
$ echo -ne 'CONNECT http://localhost HTTP/1.0\n\n' | nc localhost 8089
HTTP/1.1 501 Not Implemented
Date: Mon, 13 Oct 2003 17:31:42 GMT
Server: libwww-perl-daemon/1.26
Content-Length: 46
Method CONNECT is not supported by this proxy
So it is HTTP::Proxy
Makeshifts last the longest.
| [reply]
[d/l] |
|
|
Yes it is.
HTTP::Proxy does not support CONNECT yet.
By the way, most of the filter API is going to change in version 0.10,
when I find enough time to release it.
Snapshots of the the development version are available
at http://http-proxy.mongueurs.net/dist/
CONNECT support is planned, but (much) later.
| [reply] |
Re: HTTP::Proxy and Trillian
by MidLifeXis (Monsignor) on Oct 13, 2003 at 17:34 UTC
|
Do the other applications connect using the CONNECT method? It is possible that the outer proxy (corporate) is not allowing a CONNECT method. Perhaps IE and MSN Messenger are using GET or POST?
| [reply] |
|
|
