This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

7.003 SOCKS problems

Replacing 5.x with 7.003...

I've enabled the SOCKS proxy, with or without user authentication.

Trillian (IM client) is pointed at the proxy, with or without a user/password.

Trillian appears to connect, but no friends show up online, and LOTS of stuff appears in the PF log, e.g.
packet dropped fwrule=60003 outif=br0 srcIP=192.168.11.1 dst=11.13 srcport=1080 dstport=3777 tcpflags=ACKRST

So, It looks like the PF rules are blocking the INTERNAL SOCKS traffic!

br0 is the internal bridge between 2 e100 nics.

11.1 is the FW
11.13 is one PC running trillian

I don't have any drop rules, and I believe 60003 is the default rule.

Am I supposed to setup rules for the SOCKS proxy?
This was NOT how it worked in 5.x or 6.x, btw.

I have the IPS, HTTP proxy, VOIP, P2P, and IM Security all currently disabled, btw.
It does not seem to work any better with IM Security enabled and set to "Do not block"

Thanks,
Barry

This thread was automatically locked due to age.

Parents

0 BarryG over 18 years ago

Is anyone using SOCKS in 7.x?

Thanks,
Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 18 years ago in reply to BarryG

I'm not, and I can't think of a customer (other than you) that's messing with it... but I have an idea. I used to have some 6.x installs that would actually block internal user access to port 8080 (the http proxy) although all the settings were correct. Manually adding a packet filter rule to allow the internal network to access the internal ASG IP address on port 8080 fixed these troublesome units... perhaps try the same on your port 1080... if that fixes it, then there must be a bug in the packet filter setup.
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 18 years ago in reply to BrucekConvergent

I'll try that, but from the logs, it looks like it's the other direction that the problem.
e.g, traffic comes in from an IM server outside, to the SOCKS proxy, and the SOCKS proxy tries to send to the client, from port 1080 on the INT interface, and the PF drops it then.
I guess I can try to create a rule for that too.

Thanks,
Barry
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BarryG over 18 years ago in reply to BrucekConvergent

I'll try that, but from the logs, it looks like it's the other direction that the problem.
e.g, traffic comes in from an IM server outside, to the SOCKS proxy, and the SOCKS proxy tries to send to the client, from port 1080 on the INT interface, and the PF drops it then.
I guess I can try to create a rule for that too.

Thanks,
Barry
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 BarryG over 18 years ago in reply to BarryG

Hmm... added a service definition and 2 rules, but it's still not working.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 18 years ago in reply to BarryG

ps auxw|grep -i socks
shows nothing.

Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 18 years ago in reply to BarryG

Using a sniffer, I do see some traffic between the client and server, but I enabled logging on the two rules I created and nothing is appearing in the logs.

The sniffer shows the "SOCKS 5 connect to server request" from the client, but there is no response.

Thanks,
Barry
Cancel
Vote Up 0 Vote Down

Cancel
0 BarryG over 18 years ago in reply to BarryG

SOCKS proxy is working now, in 7.005

Thanks,
Barry
Cancel
Vote Up 0 Vote Down

Cancel