Recent

Author Topic: How to properly construct a TCP Tunnel in Delphi  (Read 1079 times)

yahoo000

  • New Member
  • *
  • Posts: 20
How to properly construct a TCP Tunnel in Delphi
« on: January 20, 2021, 07:17:17 pm »
I'm working into a project that needs to implement a Reverse Socks5 connection. In practical terms, the browser (Chrome/FireFox/Opera/IE) will connect on a local socks server (127.0.0.1:8080), and on this same server I will have a remote client connection on another port (192.168.0.9:8081).

Once I open a website on the browser, multiple requests can be done (html, images, scripts...), I should pass them from the port 8080 to the connection on port 8081. The remote client should execute the requests and send the answer back over port 8081, once it comes I should redirect this answer over the tunnel to port 8080 and deliver to browser.

I tried to create a diagram to show my data flow:

(https://i.imgur.com/kX1Hj2P.png)

I'm working into a project that needs to implement a Reverse Socks5 connection. In practical terms, the browser (Chrome/FireFox/Opera/IE) will connect on a local socks server (127.0.0.1:8080), and on this same server I will have a remote client connection on another port (192.168.0.9:8081).

Once I open a website on the browser, multiple requests can be done (html, images, scripts...), I should pass them from the port 8080 to the connection on port 8081. The remote client should execute the requests and send the answer back over port 8081, once it comes I should redirect this answer over the tunnel to port 8080 and deliver to browser.

I tried to create a diagram to show my data flow: enter image description here

I pretend to use Indy(IdTCPServer / IdTCPClient) classes, but doesn't matter what class will be used.

The problem comes when I need to send the requests over the connection on port 8081:

  • I don't know how many requests the browser will make, so I open only 1 connection on port 8081. Should I pass all the requests over this connection?

    If the answer for the first question was Yes, once I have the Socks5 Answers to deliver back, how the Server will know the connection on port 8080 that the answer should be delivered?

    If the answer for the first question was No, so I should create new connections on port 8081 to process the requests. Once I receive one new connection, I send the request to this connection, execute on client, deliver back over this connection. But I should keep track of the browser connection that did the request, to deliver it. And more, I should send a text or something, over the first connection on port 8081, to request a new connection. Isn't that over complicated?

Am I missing some point on how to construct a TCP tunnel properly? Is not possible to make a tunnel that will just pass requests/answers to the right connections, without interference of the Server?

lucamar

  • Hero Member
  • *****
  • Posts: 4219
Re: How to properly construct a TCP Tunnel in Delphi
« Reply #1 on: January 20, 2021, 10:12:07 pm »
Strictly speaking, what you're trying to do is a "proxy", not a "tunnel". It shouldn't be too difficult: implement a "server" listening on localhost:8080, pass each request it receives to a client communicating on 192.168.0.9:8081 and serve back the response, changing ("shadowing") IPs as needed.

IIRC TCP is (roughly speaking) a state-less protocol so there is no need to keep the connections beyond what's needed, much less if all you're proxying is HTTP traffic from a browser; instead, use one connection for each request/response pair on the client side.

That's very basically all there is to it ;)

Am I missing some point on how to construct a TCP tunnel properly? Is not possible to make a tunnel that will just pass requests/answers to the right connections, without interference of the Server?

The remote server shouldn't care a fig about what you're doing in what, for it, is the client side. I think one problem you might have is of concept, about what is a client an what a server. It goes like this: in your local machine,
  • the browser is a client communicating with ...
  • your proxy's "server" side, which pass all requests to ...
  • your proxy's "client" side, which then comunicates with ...
  • the remote server, whichever it is.
the response then travels backwards, so for all effects and purposes your proxy is the server from the browser's p.o.v. and the client from the remote server p.o.v.

ETA: Note also that you might encounter one problem, which is that the browser might consult your network DNS subsytem and bypass your proxy by going directly to the remote server (that is, opening a TCP/IP connection to, say, 201.23.2.89:80*)


* Just an example; I don't who that is, I took the numbers out of a hat :)
« Last Edit: January 20, 2021, 10:25:57 pm by lucamar »
Turbo Pascal 3 CP/M - Amstrad PCW 8256 (512 KB !!!) :P
Lazarus/FPC 2.0.8/3.0.4 & 2.0.12/3.2.0 - 32/64 bits on:
(K|L|X)Ubuntu 12..18, Windows XP, 7, 10 and various DOSes.

 

TinyPortal © 2005-2018