LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 09-21-2009, 11:43 AM   #1
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,006

Rep: Reputation: 30
Anyone know of a way to tunnel RTMP through a HTTP proxy?


I had a problem recently where users could not play some flash video files through the proxy server because the flash uses the RTMP protocol. So, although they load a webpage through the proxy server, the flash player then requests a direct connection through a different port on RTMP completely bypassing the proxy server and this port is blocked off on the firewall. Is there a way to tunnel these RTMP requests through port 80 or somehow tell the proxy server to tunnel it from the client?
 
Old 09-25-2009, 11:39 AM   #2
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,006

Original Poster
Rep: Reputation: 30
The HTTP request looks like this:
Code:
The actual HTTP request looks something like this:
Accept: */*
Accept-Language: en-GB
x-flash-version: 10,0,22,87
UA-CPU: x86
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Alcohol Search; GTB5; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.04506.30; InfoPath.2; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Host: webstat.channel4.com
Connection: Keep-Alive
Cookie: s_cc=true; s_c4_gppn=programmes/battle-scarred/4od; s_nr=1253896501718; s_sq=channel4dotcom%3D%2526pid%253Dprogrammes/battle-scarred/4od%2526pidt%253D1%2526oid%253Dhttp%25253A//www.channel4.com/programmes/battle-scarred/4od%2525232935225%2526ot%253DA%2526oi%253D93; foresee.session=%7B%22cpps%22%3A%7B%22Area%22%3A%22Programmes%22%2C%22Content%20Area%22%3A%22BIP%3A%20battle-scarred%22%7D%2C%22alive%22%3A1%2C%22browser%22%3A%7B%22name%22%3A%22Explorer%22%2C%22version%22%3A7%2C%22platform%22%3A%22Windows%22%7D%2C%22timeout%22%3A5%2C%22start%22%3A1253896239406%2C%22pv%22%3A5%2C%22current%22%3A%22http%3A%2F%2Fwww.channel4.com%2Fprogrammes%2Fbattle-scarred%2F4od%22%2C%22cdi%22%3A1%2C%22lc%22%3A%7B%22channel-4-browse%22%3A5%7D%2C%22ls%22%3A%7B%22channel-4-browse%22%3Atrue%7D%2C%22ec%22%3A%7B%22channel-4-browse%22%3A0%7D%2C%22sd%22%3A%7B%22name%22%3A%22channel-4-browse%22%2C%22idx%22%3A1%7D%2C%22previous%22%3A%22http%3A%2F%2Fwww.channel4.com%2Fprogrammes%2F4od%22%2C%22finish%22%3A1253896500468%7D; s_vi=[CS]v1|255E78190515B86E-60000180A0002C66[CE]; OAX=Vp2JFkq88EMADHyT; RMFD=011MrDhDO104XAN|O104YE7|O104YUH|O104bpJ; s_ic_one=4oDpage_promomodule; s_icid=4oDpage_promomodule; enamel=1; RMFS=011MrDmpU204U0I|U104bFb|U204bpO|U104cCZ
Presumably we could use the url_rewriter to do some work and make sure that only the proxy server is used and tunnels these requests back through the proxy?

Or can we reroute connections to destination ports 1935 through the proxy by putting something on the client?

Last edited by qwertyjjj; 09-25-2009 at 11:45 AM.
 
Old 09-26-2009, 04:22 AM   #3
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,006

Original Poster
Rep: Reputation: 30
redirect RTMP

My proxy server used to work fine with some sites redirecting video by providiing a geo specific IP address.
Some sites now are using the flash RTMP protocol, which makes a direct connection to the internet on port 1935, sometimes also 443 and 80.

Would it work redirecting the traffic from the browser through a socks proxy instead? WHat are the security implications of running a socks proxy on the server?
And what is a good linux socks proxy? I can see tsocks in the dag list but that's gtransparent so would give away my real IP address?

Last edited by qwertyjjj; 09-26-2009 at 04:36 AM.
 
Old 09-27-2009, 08:20 AM   #4
GrapefruiTgirl
Guru
 
Registered: Dec 2006
Location: underground
Distribution: Slackware64
Posts: 7,594

Rep: Reputation: 550Reputation: 550Reputation: 550Reputation: 550Reputation: 550Reputation: 550
I have merged your two threads together, as they are dealing with the same issue.

Sasha
 
Old 05-03-2010, 08:32 AM   #5
highlandsun
LQ Newbie
 
Registered: Jan 2005
Posts: 7

Rep: Reputation: 0
The Adobe Flash plugin will automatically try to connect using port 80 and 443 if it can't get through on 1935. It will attempt to use RTMP tunneled inside HTTP on these ports. But I'm not sure if it will use the browser's proxy settings when using these other ports.

You can certainly use iptables to redirect the port 1935 traffic. We do this already to use the rtmpsuck proxy. (See http://rtmpdump.mplayerhq.hu/ ) rtmpsuck just passes the traffic directly thru to the net too, but it would be easy to add an option to the code to tell it to use some other proxy address instead. The library already supports SOCKS4, so it's just a matter of adding a command line option for it.
 
Old 05-03-2010, 10:59 AM   #6
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,006

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by highlandsun View Post
The Adobe Flash plugin will automatically try to connect using port 80 and 443 if it can't get through on 1935. It will attempt to use RTMP tunneled inside HTTP on these ports. But I'm not sure if it will use the browser's proxy settings when using these other ports.

You can certainly use iptables to redirect the port 1935 traffic. We do this already to use the rtmpsuck proxy. (See http://rtmpdump.mplayerhq.hu/ ) rtmpsuck just passes the traffic directly thru to the net too, but it would be easy to add an option to the code to tell it to use some other proxy address instead. The library already supports SOCKS4, so it's just a matter of adding a command line option for it.
iptables can't redirect the client traffic though?
The client tries to connect on port 1935 but it doesn't use the proxy settings at all it uses port 80 on the proxy and the port 1935 on the direct connection so the destination computer gets 2 requests from different ip addresses.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
HTTP Tunnel in SLES 9 for SSH/SFTP, how to? JimCotoe Linux - Networking 2 05-13-2009 08:02 AM
Creating proxy tunnel Fill Linux - Networking 2 04-02-2009 02:55 PM
Http Tunnel - Ubuntu and Webmin Boffy Linux - Server 5 02-17-2009 02:36 PM
"socks5" -> "http" proxy protocol, or ssh tunnel to sock5 ? I'm beyond http p vmicho Linux - Networking 2 12-16-2003 05:32 AM
Encrypting HTTP over SSH tunnel kleptophobiac Linux - Networking 5 08-20-2003 03:59 PM


All times are GMT -5. The time now is 08:47 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration