Am Mittwoch, 30. Juli 2008 13:48:08 schrieb Gary:
"Diez B. Roggisch" <de***@nospam.web.dewrote in message
news:6f************@mid.uni-berlin.de...
Gary schrieb:
"Diez B. Roggisch" <de***@nospam.web.dewrote in message
news:6f************@mid.uni-berlin.de...
You can't make any TCP/IP communication run through a proxy, unless it's
transparent.
Thanks for all the info.
This is not entirely true. There are libc-plugins (i.e. LD_PRELOAD hacks)
which use SOCKS (which is a generic proxying protocol for [TCP/]IP) to
redirect all locally originating TCP/IP traffic _which is managed through the
socket interface of the libc_ in the application that you applied the
LD_PRELOAD hack to through a specified SOCKS-proxy (this should capture
pretty much everything, except for communication originating in the
*nix-kernel itself). I seem to recall that something similar exists for
WinSock, but I wouldn't know for sure.
Check the web for documentation on setting up a SOCKS proxy, and for the
respective libc-plugins or WinSock SOCKS "hack".
If you cannot make the user use SOCKS through a means like this (in which case
there has to be no application support) or by instructing a specific
application to use a SOCKS proxy directly (which all browsers can out of the
box AFAIK), and you don't have the possibility to put yourself somewhere in
the middle by means of a transparent proxy (i.e., a firewall applicance which
does this; I seem to recall that there was some FreeBSD-based software which
basically did just this kind of transparent proxying for a network), you're
out of luck, just like Diez said.
--
Heiko Wundram