Welcome to the MacNN Forums.

Arta · Dec 28, 2001, 08:56 PM

I don't know if this forum is suitable for posting this question, but I thought I may get more technical people reading my posting! So here it is:

My iBook is connected to Internet through my university's ethernet network, which has a FireWall and NO Socks Server. The FireWall blocks all protocols except for HTTP and FTP (specific ports only). This means death for many applications, namely chat softwares (ICQ, Messengers,...), specific clients (hotline/Carracho), Napster (god bless its soul), LimeWire, and all types of streaming media. I can not use any of these stuff.

On the other hand, all Windows people easily run Yahoo Messenger and ICQ, and also Windows Media Player easily receives streaming data and displays it. The Mac version (Classic and X) of the same softwares do not work!

What's going on?

Also, Windows users can download and install a small piece of software, which I think redirects/forces all I/O to pass through those allowed HTTP ports. I don't know exactly what it does, but after installing that software, they can use virtually everything (hotline and other stuff).

Is there anything similar available for OS X?

Thanks for your time, I miss hotline and carracho and chatting so please help

Apocalypse · Dec 29, 2001, 01:15 PM

I have a feeling that you must have something configured incorrectly since that description of the firewall behavior is not consistent with the way that they tend to be configured. Although I suppose a firewall could mask packets based on their destination port, I sincerely doubt that is the way it is setup (since it would do so without discrimination and the Windows mules would be in the same boat as you).

Also, this supposed fix you are referring to couldn't work without a proxy server running somewhere outside the domain (to allow a sort or "port spoofing") that would receive these packets and then re-direct the request to the appropriate server.

Here is a brief explanation of IP communications:
-you put "www.apple.com" into OmniWeb (or some other browser) and hit enter
-your system will connect to your primary DNS server (and then secondary if that doesn't work) on port 53 (I think) from some other port on your system (usually several thousand and change, 5378 for example) and ask for the IP corresponding to "apple.com"
-the DNS server sends a packet back to port 5378 on your system with the IP: 17.254.3.183 (5378 is then closed)
-your browser now opens a connection to port 80 at 17.254.3.183 from some other port (7698 for example) on your system and writes "GET / HTTP/1.0" into the socket
-17.254.3.183 now sends the HTML of the Apple homepage back to your port 7698 from its port 80 and closes the socket (thus closing port 7698 on your system and freeing a socket on theirs)
-your browser then renders the page

However, if your ftp client and web browser work while nothing else does, I don't know what the proper diagnosis is. I would assume that their is some configuration glitch on your end since that is the only thing that I think could explain the different behavior seen on your machine compared to a Windows machine.

Find some Linux jockey around their and see what he/she knows. Usually they get really annoyed by things like this and figure it out.

Post back with more detailed information surrounding the problem (what works, what doesn't, etc) if you can.

Hope that helps,
Jeff.

Arta · Dec 29, 2001, 09:42 PM

These are more details:

Only web and FTP works on my computer. I had to set different proxy settings for FTP and HTTP, which I had done in System Preferences, so both of them work. TCP port for both of them is 8080. In the help page it is clearly mentioned that there is no socks firewall server that we can use, so applications that have such option in their settings must not work.

On the other hand, there is an "Automatic Configuration Script" which Windows users can use to set in their control panel, but this technique seems not to be supported in Mac. Do you know if there is any way I can use automatic config script in Mac?

Windows Users who use this automatic configuration script, are able to use:

HTTP
FTP
Yahoo Messenger
ICQ
Windows Media Player (streaming)

They can NOT use:
MSN Messenger
QuickTime Player
Audio Galaxy

On the Mac, both Classic and X I can use ONLY:

HTTP
FTP

Nothing more...

These are some links you can check to see a brief description. I feel there is something in the automatic config script in Windows...
http://www.strath.ac.uk/IT/StudentRes/summary.html
. http://www.strath.ac.uk/IT/StudentRe...ss-limits.html

Originally posted by Apocalypse:
<STRONG>
Post back with more detailed information surrounding the problem (what works, what doesn't, etc) if you can.

Hope that helps,
Jeff.</STRONG>

Apocalypse · Dec 30, 2001, 01:15 AM

That helps a lot more. It makes sense now that there is a proxy server involved. Since some of those pages are labeled as under construction and last modified Sept 15, 99 I am assuming that the IT department there is incompetent and useless (most are).

I have two ideas for you:
1. Find the proxy script and try to get a copy of it. Then post it here or host it somewhere with a link from here and we can try to hack our way through it.
or
2. If there are Unix GUI programs on their Unix servers and if they have access to the outside world without using the proxy you could run the programs you need from there and export them to your display with XDarwin. This is also good since you can use their servers to do all the work of running and ICQ client and rendering pages in Netscape while you reserve clock cycles on your system for important things like playing MP3s (I do this with some of the Linux boxes on my network so my OS X box is free for music and compiling - works REALLY well). The only problem is if they have bandwidth restrictions that would be contributed to by your accessing the Unix servers.

See if either of those are do-able. Hopefully all these posts will attract some other guys to this thread who are better with proxies.

Hope that helps,
Jeff.

Angus_D · Dec 30, 2001, 05:00 AM

Just wondering why this is in OS X - Developer when it's clearly a Usage & Support issue...

Arta · Jan 3, 2002, 10:42 AM

Ok I have three things to mention here:

1- The Automatic Configuration Script used for Windows machines is as follows:

"http://www-config.strath.ac.uk/proxy.config"

2- A quote from the HELP SECTIONS says:
"The network uses a HTTP proxy, and any application which does not support the option to use one, is unable to be configured to work with it directly. However, most applications to allow support for Socks 4/5 proxies, in which case, it is possible to allow some or most of their functions to work. First, you must obtain a copy of a program called HTTP Tunnel, available from <A HREF="http://www.icqproxy.com"" TARGET=_blank>www.icqproxy.com"</A>

Is there anything similar ro "HTTP Tunnel" for X?

3- If you think this topic is irrelevant to this forum, I kindly ask the moderator/admin to move the threads to OS X General.

1. Find the proxy script and try to get a copy of it. Then post it here or host it somewhere with a link from here and we can try to hack our way through it.

Apocalypse · Jan 3, 2002, 07:41 PM

This makes much more sense now (I knew this would require some sort of system outside the domain)! I don't know how proxy config scripts work and that one is too short for me to try and learn how it works. However, I will look into how to do this sort of tunneling in OS X (the Unix layer should make it pretty straight-forward). The only potential problem is finding the HTTP-proxy free servers and hoping that they don't use any special authentication that we can't circumvent.

I can't guarantee anything but I will try,
Jeff.