Discussion:
[Zebedee-talk] Crash operating through proxy server
s***@beagle.com.au
2009-10-26 05:43:06 UTC
Permalink
Hi All,
This is my first attempt at using Zebedee so please excuse if I have done done
something silly.
I am attempting to set up a VNC tunnel through an M$ ISA Proxy Server. The
proxy uses per-connection NTLM Authentication. To get around the
authentication issue I am running the very handy python authentication script
NTLMAPS, which make the proxy appear to connecting apps like it does not use
authentication.
So my connection sequence is

VNC Client -> Zebedee Client -> NTLMAPS -> LAN -> ISA Proxy -> Internet ->
Zebedee Server -> VNC Server

When I attempt to make the connection Zebedee crashes. This is the log file of
the client at Verbosity 5 (as much as it can log before it crashes). It's
running in a WinXP SP3 box.

+++++++++++++++++
zebedee(2704/3428): line 9:
zebedee(2704/3428): line 10: server false # It's a client
zebedee(2704/3428): key = 'server', value = 'false'
zebedee(2704/3428): line 11: detached false # stay on console
window (at this stage anyway)
zebedee(2704/3428): key = 'detached', value = 'false'
zebedee(2704/3428): line 12: listenip 127.0.0.1 # forbid
connection from other machines
zebedee(2704/3428): key = 'listenip', value = '127.0.0.1'
zebedee(2704/3428): line 13: serverhost suthers.no-ip.org # home dynamic IP
address
zebedee(2704/3428): key = 'serverhost', value = 'suthers.no-ip.org'
zebedee(2704/3428): line 14: tunnel 5900:*:5900 # take local port
5900 & tunnel to remote machine 5900
zebedee(2704/3428): key = 'tunnel', value = '5900:*:5900'
zebedee(2704/3428): line 15: serverport 443 # use the https
port for the tunnelled connection
zebedee(2704/3428): key = 'serverport', value = '443'
zebedee(2704/3428): line 16: httpproxy 127.0.0.1:8080 # spec of our ISA
server - ACTUALLY the port of NTLMAPS, which is handling the proxy
authentication
zebedee(2704/3428): key = 'httpproxy', value = '127.0.0.1:8080'
zebedee(2704/3428): line 17:
zebedee(2704/3428): line 18:
zebedee(2704/3428): line 19:
zebedee(2704/3428): line 20: message "THIS IS A CLIENT!!!!!!"
zebedee(2704/3428): key = 'message', value = 'THIS IS A CLIENT!!!!!!'
zebedee(2704/3428): THIS IS A CLIENT!!!!!!
zebedee(2704/3428): line 21:
zebedee(2704/3428): line 22: # On Windows systems you might use the
following:
zebedee(2704/3428): line 23:
zebedee(2704/3428): line 24: # command '"c:\Program
Files\ORL\VNC\vncviewer.exe" localhost:%d'
zebedee(2704/3428): line 25:
zebedee(2704/3428): line 26: # On UNIX systems you might use the following:
zebedee(2704/3428): line 27:
zebedee(2704/3428): line 28: # command 'vncviewer localhost:%d'
zebedee(2704/3428): line 29:
zebedee(2704/3428): line 30: compression zlib:6 # Request normal Zlib
compression
zebedee(2704/3428): key = 'compression', value = 'zlib:6'
zebedee(2704/3428): client listener routine entered
zebedee(2704/3428): creating TCP-mode local listener socket for port 5900
zebedee(2704/3428): listening on 127.0.0.1
zebedee(2704/3428): local port 5900 has socket 132
zebedee(2704/3428): Listening on local port 5900
zebedee(2704/3428): waiting for client connection
zebedee(2704/3428): select returned 1
zebedee(2704/3428): connection ready on socket 132
zebedee(2704/3428): accepted connection from 127.0.0.1
zebedee(2704/3428): spawning handler function thread
zebedee(2704/3428): handler thread created
zebedee(2704/3428): waiting for client connection
zebedee(2704/1420): client routine entered
zebedee(2704/1420): client on local port 5900 tunnels to target
suthers.no-ip.org:5900
zebedee(2704/1420): target address is 2031302c
zebedee(2704/1420): making connection to suthers.no-ip.org:443
zebedee(2704/1420): connecting to suthers.no-ip.org:443 via proxy
127.0.0.1:8080
zebedee(2704/1420): connected to proxy
zebedee(2704/1420): written connect string
zebedee(2704/1420): read 111 bytes from proxy: HTTP/1.1 200 Connection
established

Via: 1.1 SJC-IS1

Connection: Keep-Alive

Proxy-Connection: Keep-Alive
+++++++++++++++++++++++++++

I realise my situation is very complex, but if someone has some suggestions as
to where to start troubleshooting would be most helpful.

I have successfully set up a tunnel & VNC'd between 2 machines within the LAN
just to make sure I have the settings correct for VNC to be talking to both
ends of the tunnel.

It would be good to eliminate NTLMAPS for simplicity. Has anyone got Zebedee
operating through a proxy that required per-connection authentication?
Tom Sneddon
2009-10-30 13:48:33 UTC
Permalink
Bill,

Not knowing how you have Zebedee set up I'll just let you know one thing
that I've experienced over the last several years.

In my configuration files I do not use "maxbufsize 16384". For some
reason I had Zebedee crashing all the time with "maxbufsize 16384".
Reducing maxbufsize to 8192, 4096, or even 2048 can actually give better
performance over a slow dial-up connection.

Please post your Zebedee configuration files (edited for your privacy,
of course) so that others might spot something amiss.

Thanks,
Tom Sneddon
Post by s***@beagle.com.au
Hi All,
This is my first attempt at using Zebedee so please excuse if I have done done
something silly.
I am attempting to set up a VNC tunnel through an M$ ISA Proxy Server. The
proxy uses per-connection NTLM Authentication. To get around the
authentication issue I am running the very handy python authentication script
NTLMAPS, which make the proxy appear to connecting apps like it does not use
authentication.
So my connection sequence is
VNC Client -> Zebedee Client -> NTLMAPS -> LAN -> ISA Proxy -> Internet ->
Zebedee Server -> VNC Server
When I attempt to make the connection Zebedee crashes. This is the log file of
the client at Verbosity 5 (as much as it can log before it crashes). It's
running in a WinXP SP3 box.
+++++++++++++++++
zebedee(2704/3428): line 10: server false # It's a client
zebedee(2704/3428): key = 'server', value = 'false'
zebedee(2704/3428): line 11: detached false # stay on console
window (at this stage anyway)
zebedee(2704/3428): key = 'detached', value = 'false'
zebedee(2704/3428): line 12: listenip 127.0.0.1 # forbid
connection from other machines
zebedee(2704/3428): key = 'listenip', value = '127.0.0.1'
zebedee(2704/3428): line 13: serverhost suthers.no-ip.org # home dynamic IP
address
zebedee(2704/3428): key = 'serverhost', value = 'suthers.no-ip.org'
zebedee(2704/3428): line 14: tunnel 5900:*:5900 # take local port
5900 & tunnel to remote machine 5900
zebedee(2704/3428): key = 'tunnel', value = '5900:*:5900'
zebedee(2704/3428): line 15: serverport 443 # use the https
port for the tunnelled connection
zebedee(2704/3428): key = 'serverport', value = '443'
zebedee(2704/3428): line 16: httpproxy 127.0.0.1:8080 # spec of our ISA
server - ACTUALLY the port of NTLMAPS, which is handling the proxy
authentication
zebedee(2704/3428): key = 'httpproxy', value = '127.0.0.1:8080'
zebedee(2704/3428): line 20: message "THIS IS A CLIENT!!!!!!"
zebedee(2704/3428): key = 'message', value = 'THIS IS A CLIENT!!!!!!'
zebedee(2704/3428): THIS IS A CLIENT!!!!!!
zebedee(2704/3428): line 22: # On Windows systems you might use the
zebedee(2704/3428): line 24: # command '"c:\Program
Files\ORL\VNC\vncviewer.exe" localhost:%d'
zebedee(2704/3428): line 28: # command 'vncviewer localhost:%d'
zebedee(2704/3428): line 30: compression zlib:6 # Request normal Zlib
compression
zebedee(2704/3428): key = 'compression', value = 'zlib:6'
zebedee(2704/3428): client listener routine entered
zebedee(2704/3428): creating TCP-mode local listener socket for port 5900
zebedee(2704/3428): listening on 127.0.0.1
zebedee(2704/3428): local port 5900 has socket 132
zebedee(2704/3428): Listening on local port 5900
zebedee(2704/3428): waiting for client connection
zebedee(2704/3428): select returned 1
zebedee(2704/3428): connection ready on socket 132
zebedee(2704/3428): accepted connection from 127.0.0.1
zebedee(2704/3428): spawning handler function thread
zebedee(2704/3428): handler thread created
zebedee(2704/3428): waiting for client connection
zebedee(2704/1420): client routine entered
zebedee(2704/1420): client on local port 5900 tunnels to target
suthers.no-ip.org:5900
zebedee(2704/1420): target address is 2031302c
zebedee(2704/1420): making connection to suthers.no-ip.org:443
zebedee(2704/1420): connecting to suthers.no-ip.org:443 via proxy
127.0.0.1:8080
zebedee(2704/1420): connected to proxy
zebedee(2704/1420): written connect string
zebedee(2704/1420): read 111 bytes from proxy: HTTP/1.1 200 Connection
established
Via: 1.1 SJC-IS1
Connection: Keep-Alive
Proxy-Connection: Keep-Alive
+++++++++++++++++++++++++++
I realise my situation is very complex, but if someone has some suggestions as
to where to start troubleshooting would be most helpful.
I have successfully set up a tunnel & VNC'd between 2 machines within the LAN
just to make sure I have the settings correct for VNC to be talking to both
ends of the tunnel.
It would be good to eliminate NTLMAPS for simplicity. Has anyone got Zebedee
operating through a proxy that required per-connection authentication?
Tim Uckun
2009-10-31 08:17:30 UTC
Permalink
In my configuration files I do not use "maxbufsize 16384".  For some
reason I had Zebedee crashing all the time with "maxbufsize 16384".
Reducing maxbufsize to 8192, 4096, or even 2048 can actually give better
performance over a slow dial-up connection.
I think I remember having the same problem a while ago. I stick with 8192.
Suthers Spam Account
2009-11-01 02:14:30 UTC
Permalink
Thanks for your replies Tom & Tim,

I do not have 'maxbufsize' specified in either server or client config files. What does it default to?

Here's the server config file. I can post the client one when I get to work.

+++++++++++++++++++++++
#
# Zebedee server sample config file for tunnelling VNC traffic.
# Edited by Bill

verbosity 5
logfile zebedee.log

server true # Yes, it's a server!
detached true # Convert to daemon if possible

# Set up allowed VNC targets on localhost.
# By default this only allows tunnels to ports 5900 and 5901.

target localhost:5900-5901/tcp
serverport 443 # Listen on https port for incoming tunnels

# Other parameters

compression zlib:9 # Allow maximum Zlib compression
keylength 256 # Allow key length up to 256 bits
++++++++++++++++++++++

Thanks again

Bill
In my configuration files I do not use "maxbufsize 16384".  For some
reason I had Zebedee crashing all the time with "maxbufsize 16384".
Reducing maxbufsize to 8192, 4096, or even 2048 can actually give better
performance over a slow dial-up connection.
I think I remember having the same problem a while ago. I stick with 8192.

------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Zebedee-talk mailing list
Zebedee-***@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/zebedee-
s***@beagle.com.au
2009-11-01 23:37:34 UTC
Permalink
Here's my client config file.

++++++++++++++++++++++++++++
#
# Zebedee configuration file to start up a tunnelled VNC session
#
#

verbosity 5
#logfile zebedee.log

server false # It's a client
detached false # stay on console window (at this stage anyway)
listenip 127.0.0.1 # forbid connection from other machines
serverhost suthers.no-ip.org # home dynamic IP address
tunnel 5900:*:5900 # take local port 5900 & tunnel to remote machine
5900
serverport 443 # use the https port for the tunnelled connection
httpproxy 127.0.0.1:8080 # spec of our ISA server - ACTUALLY the port of
NTLMAPS, which is handling the proxy authentication



message "THIS IS THE CLIENT!!!!!!"

compression zlib:6 # Request normal Zlib compression
++++++++++++++++++++++++++++++++

Thanks again

Bill

Loading...