Just a quick note to let everyone know that the beta of Aventail's Socks5
server is available for public consumption. It is based off of the NEC
code, with quite a few extensions. We would appreciate any feedback from
the members of this list, especially on missing features you would like to
see.
You can download the beta from http://www.aventail.com/download.html - its
approximately 4 megs per platform. Beta1 is available for:
o HP/UX 9.x o Linux/x86
o IRIX 6.x o Solaris/x86
o Solaris/Sparc
Beta2 will be available for all these platforms as well as SunOS, and
hopefully BSDI, pending a few bug fixes.
Before you decide to download it, here's a list of the main things that
differentiate us from the publicly available NEC code:
o The ability to dynamically load new modules at run-time. The modules can
provide several types of new functionality:
* Authentication/Encryption: new socks authentication methods, along with
the ability to override the 'standard' username/password. Comes with
lots of authentication modules. Client and server versions of
Username/Password and CHAP[1] backended in a variety of ways - flat files,
RADIUS, and the native unix password system (also supports shadow
passwords).
* Authorization: specify an alternate access control list mechanism. No
examples yet, but you could backend to a SQL database or something
similar to get the equivalent of permit/deny lines.
* Packet filters: specify a filter to be run on each chunk of data before
it is proxied to/from the destination. Comes with an HTTP filter with
a flexible method of specifying sites that are 'banned'. Also able to
specify tags or attributes of tags in HTML documents that should be
removed - this allows you to remove scripts, plug-ins, etc. from
incoming documents.[2] This can also use the Microsystems Software
CyberPatrol[3] blocked-content-lists.
* Commands: New socks5 commands. No samples yet, but I plan on turning
the ping/traceroute commands into a module.
o Bug fixes
o GUI admin tool - written in Perl/Tk. Can control most of the basics.
The beta2 version of the admin tool is much more complete (not to mention
prettier)
o Natively socksified applications and runsocks'ified apps can use loadable
modules as well.
and more, but this message is already too long for my tastes. If anyone
has any questions, please feel free to drop me a line.
-Bill P.
PS: I know the distribution size is large, because it includes a copy of
Perl and Perl/Tk for the administration tool. This will be split up
into different packages for download soon, hopefully for the next beta,
due out soon.
[1] CHAP over socks as defined in the Internet Draft
ftp://ds.internic.net/internet-drafts/draft-vanheyningen-socks-chap-00.txt
[2] I will be writing a short intro to how to configure the http filter
soon. Will try to get it done in time for beta2. A sample config file
is at http://www.aventail.com/avfilter.conf
[3] http://www.microsys.com/cyber/default.htm
--
William Perry wmperry @
aventail .
com
Unix Server Development Lead & Emacs-W3 Author
Aventail, Corp. http://www.aventail.com
|
|
