WANProxy

• WANProxy.org
  • Get WANProxy
  • GitHub
  • Features
  • SSH optimization
  • libuinet
  • Additional tools
  • Performance
  • Examples
  • Errata
  • Mailing list
  • Contributors

Examples

Note: the examples may look a bit intimidating because the configuration file format is fairly verbose. Rest assured that most of the time you'll only need to change a few things, and that setup and operation are actually quite simple. If you have any questions or difficulty, do check in with the mailing list.

Proxying over SSH (a VPN) to an intranet webserver

In this configuration the local port 3300 will be forwarded to port 80 on the host named intranet by the remote server. The forwarding will happen over SSH and will not be sent in the clear across the WAN.

username is your login on the server that will be running the server-side proxy for SSH.

server is the name of the server that will be running the server-side proxy.

intranet is the name of the server that the connection will be forwarded to by the proxy.

127.0.0.1 specifies the IP interface to listen on, in this case the loopback interface, so that the only connections which will be allowed to wanproxy are ones which originate on server or the system which is running the client-side proxy. Use a LAN IP address if you want to proxy connections made by users from other machines to the system which is running the client-side proxy.

client.conf is the name of the configuration file for the client-side proxy.

server.conf is the name of the configuration file for the server-side proxy.

1. Create client.conf on the client-side proxy containing:

   create codec codec0
   set codec0.codec XCodec
   activate codec0
   
   create interface if0
   set if0.family IPv4
   set if0.host "127.0.0.1"
   set if0.port "3300"
   activate if0
   
   create peer peer0
   set peer0.family IPv4
   set peer0.host "localhost"
   set peer0.port "3301"
   activate peer0
   
   create proxy proxy0
   set proxy0.interface if0
   set proxy0.interface_codec None
   set proxy0.peer peer0
   set proxy0.peer_codec codec0
   activate proxy0

2. Start the client-side proxy:

   wanproxy -c client.conf

3. Create server.conf on the server-side proxy containing:

   create codec codec0
   set codec0.codec XCodec
   activate codec0
   
   create interface if0
   set if0.family IPv4
   set if0.host "localhost"
   set if0.port "3301"
   activate if0
   
   create peer peer0
   set peer0.family IPv4
   set peer0.host "intranet"
   set peer0.port "80"
   activate peer0
   
   create proxy proxy0
   set proxy0.interface if0
   set proxy0.interface_codec codec0
   set proxy0.peer peer0
   set proxy0.peer_codec None
   activate proxy0

4. Initiate an SSH port-forwarding session and start the server-side proxy:

   ssh -L 3301:localhost:3301 username@server wanproxy -c server.conf

Proxying over a WAN using SOCKS

In this configuration, the local port 3300 will be forwarded to a SOCKS proxy running on the remote server server. Using the local port 3300 as a SOCKS proxy will allow you to initiate connections remotely over WANProxy. This example assumes that server is routable from your system and that port 3301 is open on it. If you wish to make your SOCKS server available to other systems on the local network, simply change 127.0.0.1 to your LAN IP.

Both SOCKS4 and SOCKS5 are supported. SOCKS 4a is not. SOCKS protocol support is very minimal and only successful requests will get a response. No authentication is performed.

1. Create client.conf on the client-side proxy containing:

   create codec codec0
   set codec0.codec XCodec
   activate codec0
   
   create interface if0
   set if0.family IPv4
   set if0.host "127.0.0.1"
   set if0.port "3300"
   activate if0
   
   create peer peer0
   set peer0.family IPv4
   set peer0.host "server"
   set peer0.port "3301"
   activate peer0
   
   create proxy proxy0
   set proxy0.interface if0
   set proxy0.interface_codec None
   set proxy0.peer peer0
   set proxy0.peer_codec codec0
   activate proxy0

2. Start the client-side proxy:

   wanproxy -c client.conf

3. Create server.conf on the server-side proxy containing:

   create codec codec0
   set codec0.codec XCodec
   activate codec0
   
   create interface if0
   set if0.family IPv4
   set if0.host "server"
   set if0.port "3301"
   activate if0
   
   create peer peer0
   set peer0.family IPv4
   set peer0.host "localhost"
   set peer0.port "3302"
   activate peer0
   
   create proxy proxy0
   set proxy0.interface if0
   set proxy0.interface_codec codec0
   set proxy0.peer peer0
   set proxy0.peer_codec None
   activate proxy0
   
   create interface if1
   set if1.family IPv4
   set if1.host "localhost"
   set if1.port "3302"
   activate if1
   
   create proxy-socks proxy-socks0
   set proxy-socks0.interface if1
   activate proxy-socks0

4. Start the server-side proxy on server:

   wanproxy -c server.conf