Is is possible to use Socks5 proxy when communicating over Ruby Socket?
I need to communicate with a Modbus device from a fixed IP. As my Rails app is hosted on Heroku, I'm thinking about using IPBurger addon to get the fixed IP. The addon gives me a Socks5/HTTP and HTTPS proxies. The Modbus library I want to use (RModbus) is build using Sockets:
https://github.com/rmodbus/rmodbus/blob/master/lib/rmodbus/tcp.rb
I'm considering forking the library and making the necessary changes to be able to pass the proxy details to it. How can I define a proxy in the Ruby Socket? What are my other options?
Related
Browsers leaks Public IP through WebRTC protocols while routing traffics through browser specific proxies such as chrome vpn extensions. but using Native VPN Application (OS Specific) doesn't produce public ip through WebRTC.
How to overcome this problem and force chromium to use proxy IP instead of public IP for WebRTC communication.
Note- Blocking WebRTC from Browser does hide the public ip but many websites eg. google.com, godaddy.com treats you as a bot and blacklist you from using some of their services.
This issue is more related to browser fingerprinting than ungoogling stuffs..
No Extensions available to solve this problem till now but some of the automation tools such as Kameleo.com is able to do such things but those are pricy.
Possible solutions
Force chromium to use proxy ip through ICE Framework TURN/STUN signaling services
I also don't know how to seup STUN connection so please also guide me for the coding part.
https://isaacbrains.com
TLDR: Configure and deploy your own TURN server and configure your WebRTC app to use relay candidates only via iceTransportPolicy and use only TURN for your iceServers.
Something like this:
let config = {
iceServers: [{urls: "turn:turn.yourdomain.com:3478"}],
iceTransportPolicy:"relay"
};
WebRTC does not use browser proxies. Browser proxies bridge connections via http/https to websites. And browser proxies don't fit into the model WebRTC uses to connect to another client ad-hoc packet transfer of UDP packets.
STUN exists primarily for clients to discover and share their own public IP address and port mapping. It sounds like you want to avoid STUN since you don't want srflx candidates anyway.
TURN is a relay server protocol for WebRTC, VOIP, and other types of P2P connections. It's primary job is to be a fallback when direct client to client communication is not possible. But it sounds like you want to avoid that altogether and just have the SDP advertise your relay (TURN) addresses only.
I'm working on a desktop C++ application which uses OpenSSL sockets (a raw TLS socket, not HTTPS) to communicate with our server.
One of our clients are required to route their traffic through a proxy. The client is using ZScaler in Tunnel with Local Proxy mode.
In theory, it's possible to reconfigure ZScaler to force our traffic through a proxy chosen by ZScaler. However, I want to investigate solutions where our application uses the Windows OS-level proxy settings rather than relying on ZScaler configuration.
I've read this post:
openssl s_client using a proxy
But I'm uncertain whether those answers apply to my situation, because that user didn't mention whether they're using Windows or Linux, and they appear to be talking about an HTTP/HTTPS proxy. Also, that question appears to be asking about the s_client function, rather than simply creating a TLS socket to my server through a "Tunnel with Local Proxy" on Windows.
So, my questions are:
Can OpenSSL be used to open an SSL socket to a server through Tunnel with Local Proxy?
Can we make an OS call to determine the IP/socket for the Tunnel with Local Proxy configuration?
If this is possible, then I have another question: suppose we have a single proxy at 10.100.10.0:5000.
If one user in our client's office opens a socket to our server via their proxy, will a 2nd user be unable to connect from their office because they're bottlenecked at single proxy socket?
Put another way: what is the standard way of implementing proxy-awareness for a Windows application using OpenSSL?
Note: This question was originally posted to Network Engineering stack exchange, but it was closed because it refers to an issue above OSI layer 4.
Note: I'm looking for a solution that does not require administrator permissions on the user PC. I would prefer for our application to discover and use OS-level proxy settings without making any administrative changes to the machine, i.e. by calling netsh.
Can OpenSSL be used to open an SSL socket to a server through Tunnel with Local Proxy?
OpenSSL doesn't do it for you but OpenSSL does not prevent it either. The tunnel has to be established before you do the TLS handshake to the endpoint. Depending on what kind of proxy this is you might need to use a HTTP CONNECT method for this or might need to use the SOCKS protocol or whatever your proxy requires. In case of ZScaler this is likely the HTTP CONNECT method but you need to make sure that the connection to the target IP and port is actually allowed by the security policy.
Once you've established the tunnel to the endpoint using the proxy you can just build the SSL socket on top of the TCP socket for the tunnel. Just do the usual SSL setup (i.e. SSL_new etc) and then associate the SSL object with the existing socket using SSL_set_fd. Then proceed as usual with the handshake, i.e. SSL_connect or similar.
Can we make an OS call to determine the IP/socket for the Tunnel with Local Proxy configuration?
I don't know but Winsock use system proxy settings might answer this part.
If one user in our client's office opens a socket to our server via their proxy, will a 2nd user be unable to connect from their office because they're bottlenecked at single proxy socket?
This should not be a problem. It is perfectly normal to have multiple connections through the proxy.
I want to use to the xmpp4r gem to send notifications to gtalk from my Rails app. However I am behind a HTTP proxy and hence cannot use regular jabber. Also, xmpp4r supports HTTPBind but it seems gtalk does not. So is there a way to use HTTPBind with gtalk?
Use proxifier http://rubygems.org/gems/proxifier.
If your proxy is configured on the environment already (ex. by setting the environment variable http_proxy) you can simply add the following two lines to your code.
require "proxifier"
require "proxifier/env"
This enhances the used TCPSocket to support connection via proxy.
xmpp4rproxifier
I'm writing a simple chat application. The only "front-end" required is a single html file, a javascript file, and a few stylesheets. The majority of the application is the server-side EventMachine WebSocket server.
I'm also trying to host this on Heroku.
I currently have a sinatra app that just serves the static files, and a separate app that serves the WebSocket server (on a different port).
Is there a way I can combine these so that I can start up one application which serves/responds to port 80 (for the static files) and another port for the WebSocket server?
It's probably not a good idea to have your WebSocket server run on a different port. WebSockets run on port 80 specifically because that port is not blocked on most networks. If you use a different port, you will find users behind some firewalls unable to use your application.
Running your event server separate from your web server is probably the best way to go.
If you want something a bit more experimental, Goliath has WebSocket support in the master branch and can also serve the needed resources. If you look in the examples directory there is a WebSocket server that also serves it's HTML page.
I have a Socket client (Socket.tcp) that I'd like to proxy through another machine. I've blooked in to SOCKS libraries (https://github.com/samuelkadolph/ruby-proxifier), but it seems to require having an active proxy on the machine the code is running, which would proxy ALL network traffic on the machine?
Ideally, this will be a Sidekiq background job where just the worker's code is proxied, not the other code on the server (it will be within a Rails application).
I see the Net::SSH library (https://net-ssh.github.io/ssh/v2/api/classes/Net/SSH/Proxy/SOCKS5.html) has some stuff around SOCKS, but I'm unsure if this is the best approach (does this lib establish the SOCKS proxy?).
Any pointers to proxying an individual socket client would be really helpful. Thanks!
Ended up going with a ssh -D tunnel on the application server and keeping a reference to the proxy in application and patching the network library to use https://github.com/samuelkadolph/ruby-proxifier.