trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Peach <jamespe...@me.com>
Subject Re: ATS 5.1.1 with SOCKS proxy.
Date Thu, 20 Nov 2014 04:44:40 GMT

> On Nov 19, 2014, at 4:25 PM, Mohd Akhbar <mymohaja@gmail.com> wrote:
> 
> Think i found it. But the guide does not make use of the socks.config
> file. Instead it modifies record.config for socks server and port. Do
> you have any success in it since i've seen your post back in Aug about
> ATS using socks proxy.

I don't know whether SOCKS works and I don't know anyone who has tried it, but my copy of
the inktomi guide says:

socks.config

The socks.config file specifies the following information:
s The SOCKS servers through which Traffic Edge must go to access specific origin

servers and the order in which Traffic Edge goes through the SOCKS server list

You can specify your default SOCKS servers either in Traffic Manager or by editing the configuration
variable proxy.config.socks.default_servers. However, the socks.config file lets you perform
additional SOCKS configuration; you can send requests to specific origin servers through specific
SOCKS servers.

s The origin servers you want Traffic Edge to access directly without going through the SOCKS
server

s The username and password that Traffic Edge uses to connect to a SOCKS server (SOCKS Version
5 only)

IMPORTANT After you modify the socks.config file, you must restart Traffic Edge. Format

To specify the SOCKS servers through which Traffic Edge must go to reach specific origin servers,
you must add a rule to the socks.config file with the following format:

dest_ip=ipaddress parent=server_name:port [round_robin=value]

ipaddress is the origin server IP address or range of IP addresses separated by - or /.

server_name is the hostname of the SOCKS server.

port is the port number through which Traffic Edge communicates with the SOCKS server.

value is either strict if you want Traffic Edge to try the SOCKS servers one by one or false
if you do not want round-robin selection to occur.

To specify the origin servers you want Traffic Edge to access directly without going through
the SOCKS server, you must enter a rule in the socks.config file in the following format:

no_socks ipaddress
ipaddress is a comma-separated list of the IP addresses or IP address ranges associated

with the origin servers you want Traffic Edge to access directly.

To specify the username and password Traffic Edge uses for authentication with the SOCKS Version
5 server, you must enter a rule in the socks.config file in the following format:

auth u username password

username is the username and password is the password used for authentication.

Note Each rule in the socks.config file can consist of a maximum of 400 characters. The order
of the rules in the socks.config file is not important.



Examples

The following example configures Traffic Edge to send requests to the origin servers associated
with the range of IP addresses 123.15.17.1 - 123.14.17.4 through the SOCKS server socks1 on
port 1080 and socks2 on port 4080. Because the optional specifier round_robin is set to strict,
Traffic Edge sends the first request to socks1, the second request to socks2, the third request
to socks1, and so on.

dest_ip=123.14.15.1 - 123.14.17.4 parent=socks1:1080;socks2:4080
round_robin=strict

The following example configures Traffic Edge to access the origin server associated with
the IP address 11.11.11.1 directly without going through the SOCKS server:

no_socks 11.11.11.1

The following example configures Traffic Edge to access the origin servers associated with
the range of IP addresses 123.14.15.1 - 123.14.17.4 and the IP address 113.14.18.2 directly
without going through the SOCKS server:

no_socks 123.14.15.1 - 123.14.17.4, 113.14.18.2
The following example configures Traffic Edge to use the username traffic_server and

the password secret for authentication with the SOCKS Version 5 server: auth u traffic_server
secret

> 
> Thanks.
> 
> On Thu, Nov 20, 2014 at 12:29 AM, James Peach <jpeach@apache.org> wrote:
>> 
>>> On Nov 19, 2014, at 5:31 AM, Mohd Akhbar <mymohaja@gmail.com> wrote:
>>> 
>>> Hi,
>>> 
>>> I would like to know if ATS supports SOCKS proxy ? And if supportted,
>>> is there a doc for that ?
>> 
>> If you google around for the old Inktomi administrators' guide, it's documented in
there.
>> 
>>> 
>>> There's list of config to use but dont know values for them
>>> 
>>> CONFIG proxy.config.socks.socks_config_file STRING socks.config
>>> CONFIG proxy.config.socks.socks_needed=0
>>> CONFIG proxy.config.socks.socks_version=4
>>> CONFIG proxy.config.socks.socks_timeout=100
>>> CONFIG proxy.config.socks.server_connect_timeout=10
>>> CONFIG proxy.config.socks.per_server_connection_attempts=1
>>> CONFIG proxy.config.socks.connection_attempts=4
>>> CONFIG proxy.config.socks.server_retry_timeout=300
>>> CONFIG proxy.config.socks.default_servers=
>>> CONFIG proxy.config.socks.server_retry_time=300
>>> CONFIG proxy.config.socks.server_fail_threshold=2
>>> CONFIG proxy.config.socks.accept_enabled=0
>>> CONFIG proxy.config.socks.accept_port=1080
>>> CONFIG proxy.config.socks.http_port=80
>>> 
>>> 
>>> These are defaults get from _stat.
>>> 
>>> 
>>> Thank you.
>> 


Mime
View raw message