Article delegate-en/4565 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: udp associate upstreaming
17 Sep 2009 07:39:55 GMT <p2aiqbdyi-rcwevef6oulr.ml@ml.delegate.org>


Hi!

Answeres are inline...

>Hi,

>In message <_A4560@delegate-en.ML_> on
>09/15/09(23:33:50)
>you <p2aiqbdyi-rcwevef6oulr.ml@ml.delegate.org> wrote:
> |There is a bug in the way delegate handles socks5 upstreaming of udp
> |associated packets.
> |In the udp assicate command request that delegate sends to the upstream
> |socks5 proxy, delegate sets the 途emote addressGfield to the
>address of
> |the destination host instead of his own address.
> |The upstream socks5 proxy then answers with an error message on the >tcp
> |stream between delegate and the upstream proxy.
> |
> |May this be fixed in an upcoming release?

>Could you tell me the name of your upstream SOCKS server?
>It might take a while for me to remember exactly what was the intension
>of my implementation of the SOCKS client for UDP ASSOCIATE in >DeleGate...

Currently, we are using the NEC Socks5 Server for internet upstreaming.
Because this software is no longer maintained, we are looking for a
substitution. DeleGate seems to be the only proxy software that supports
Socks5 proxy chaining of UDP associate requests.

><URLhttp://www.ietf.org/rfc/rfc1928.txt>:
>>UDP ASSOCIATE
>>  The UDP ASSOCIATE request is used to establish an association within
>>  the UDP relay process to handle UDP datagrams.  The DST.ADDR and
>>  DST.PORT fields contain the address and port that the client expects
>>  to use to send UDP datagrams on for the association.  The server MAY
>>  use this information to limit access to the association.  If the
>>  client is not in possesion of the information at the time of the UDP
>>  ASSOCIATE, the client MUST use a port number and address of all
>>  zeros.

>It is possible that I thought the DST.ADDR might be used by a SOCKS proxy
>to restrict and fix the destination address to be relayed.  And I used
>DST.ADDR to switch among upstream SOCKS proxies based on it.
>In the existing implementation of DeleGate, you seem to able to suppress
>the behavior of DeleGate with
>
>  SOCKS="server:port:*"
>
>instread of
>
>  SOCKS="server"

When starting DeleGate (version 9.9.4) with SOCKS="server:port:*",
DeleGate tries to use the CONNECT method instead of UDP associate to
communicate with the upstream proxy.

My interpretation of the RFC ("The DST.ADDR and DST.PORT fields contain
the address and port that the client expects to use to send UDP datagrams
on for the association.") is, that, in the UDP Associate Request of the
client, DST.ADDR should be the IP Address of the client that will read the
incoming UDP datagrams of the proxy server. Same for the DST.PORT, which
seems to be correctly implemented in DeleGate.

BR,
Mathias Hess



  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V