2.2.5 Proxy Server
As you can see we are running a local network using a single IP address so it is necessary
to give our clients access for a lot of reason, say ftp, www access, telnet - just to name
a few. But it is not possible directly from the client hosts to access outside networks
thus comes the necessity of setting a proxy server on 'maple' which will serve our clients
with necessary services. There are a lot of Proxy servers available but we decided to use
delegate for the following features available on the tool:
- Ftp Proxy
- Telnet Proxy
- Http Proxy(forwarding)
- Pop Proxy
It is available at http://wall.etl.go.jp/delegate/ or from the ftp site:
ftp://ftp.etl.go.jp/pub/DeleGate/delegate5.8.5.tar.gz
. Just download it and you will get the file in delegate???.tar.gz format, say,
delegate5.8.5.tar.gz. And follow as below:
maple@junan:/home/junan{1013}% cat delegat5.8.5.tar.gz | gunzip | tar
xfv -
..................
maple@junan:/home/junan{1014}% ls -l | grep ^d
drwxr-xr-x 15 junan wheel 512 Dec 29 17:49 delegate5.8.5
maple@junan:/home/junan{1014}% cd delegate5.8.5
maple@junan:/home/junan{1015}% make
(If you don't have your current working directory include in path then
there will be message telling you so, set the current directory to your path:
maple@junan:/home/junan{1016}% set path=($path .)
maple@junan:/home/junan{1017}% echo $path
/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/bin /usr/X11R6/bin /home/jun
an/bin .)
Now try again make:
maple@junan:/home/junan{1018}% make
You should get a binary version of delegated in the src directory. But
if you can't find one try:
maple@junan:/home/junan{1019}% find . -name delegated -print
./src/delegated
Copy it anywhere you want it, it will run without any need for
configuration files:
Now Try some nice commands:
maple@junan:/home/junan{1020}% delegated -P8080
PROXY="202.251.33.1:80"
It will forward any httpd request received at port 8080 to the server
202.251.33.1 port 80, which is our school proxy server. So, all our clients hosts have to
do is set up their browsers pointing to maple(192.168.0.3) port 8080.
maple@junan:/home/junan{1020}% delegated -P8023 SERVER=telnet
This will run a telnet server on maple at the port 8023. So let's try to
use it from a localhost:
mapletown@junan:/home/junan{498}% telnet maple 8023 # don't forget the
port number
Trying 192.168.0.3...
Connected to maple.ant.yatsushiro-nct.ac.jp.
Escape character is '^]'.
-- @ @ maple.ant.yatsushiro-nct.ac.jp PROXY-telnet server DeleGate/5.7.2
-- ( - ) { Hit '?' or enter `help' for help. }
DeleGate/5.7.2 (October 30, 1998)
AIST Research Product No. 1994-ETL-8715-1
Copyright (c) 1994-1998 Yutaka Sato
Copyright (c) 1994-1998 Electrotechnical Laboratry (ETL), AIST, MITI
WWW: http://wall.etl.go.jp/delegate/
-- -- -- This (proxy) service is maintained by 'root@localhost'
>> Host name: mercury # put a valid name here(I got the name mercury in
# /etc/hosts)
-- Trying mercury [202.251.34.161:23] ...
-- Connected to mercury.
SunOS UNIX (mercury-gw)
login:
So, you will be login in to mercury from a local host using this telnet
server. Let's try a proxy ftp server:
maple@junan:/home/junan{1020}% delegated -P8021 SERVER=ftp
It will run a ftp proxy server(I mean a forwarding server) on maple at
the port 8021.
So, let's try from a localhost:
mapletown@junan:/home/junan{499}% ftp maple 8021
Connected to maple.ant.yatsushiro-nct.ac.jp.
220- maple.ant.yatsushiro-nct.ac.jp PROXY-FTP server (DeleGate/5.7.2) ready.
220- @ @
220- ( - ) { DeleGate/5.7.2 (October 30, 1998) }
220- AIST Research Product No. 1994-ETL-8715-1
220- Copyright (c) 1994-1998 Yutaka Sato
220- Copyright (c) 1994-1998 Electrotechnical Laboratry (ETL), AIST, MITI
220- WWW: http://wall.etl.go.jp/delegate/
220- --
220- You can connect to a SERVER by `user' command:
220- ftp> user username@SERVER
220- or by `cd' command (after logged in as an anonymous user):
220- ftp> cd //SERVER
220- ** Toggle CACHE by `cd .' (CACHE is enabled by default)
220- This (proxy) service is maintained by 'root@localhost'
220-extended FTP [MODE XDC]
Name (maple:junan): s96281 # put the login name here of the target host
331 Password required for s96281.
Password: # password for the target host
230- User s96281 logged in.
230 Now you can select a FTP SERVER by cd //SERVER
ftp> cd //mercury # the host that has a user specified above
250-- CWD for s96281@mercury.
220- mercury-gw FTP server (SunOS 4.1) ready.
331- Password required for s96281.
230- User s96281 logged in.
250-- @ @
250 \( - )/ -- { connected to `mercury' }
ftp>
So, you are logged in now to an outside host.
So, that's all. Now your clients can access outside networks via your maple host. For more
information please refer to the manual pages available with the package. It should be
something named Manual.txt(under doc directory). You can install it with make install,
though. Now let's put a script at /usr/local/etc/rc.d directory of delegate so that it
gets start up at the boot time:
#!/bin/sh
# file creatd by Junan on
# Fri Feb 5 18:17:31 JST 1999
DELEGATED=/usr/local/sbin/delegated
If [ -x $DELEGATED ]
then
echo "starting a httpd forward server...."
$DELEGATED --P8080 PROXY="202.251.33.1:80"
echo "starting a telnet forward server...."
$DELEGATED --P8023 SERVER=telnet
echo "starting a ftp forward server...."
$DELEGATED --P8021 SERVER=ftp
Don't forget to:
maple# chmod 700 delegated.sh
maple# ls -l delegated.sh
-rwx------ 1 root wheel 169 Feb 1 14:38 delegated.sh |