A lot of people live behind a firewall or worst a proxy. The scope is to obtain a public IP behind a proxy with content filtering. To solve this problem we need as connection 2 normal http GET/POST to a cgi, and we need to incapsulate into those streams ppp streams.


PPP export streams on stdout so we need a daemon on the client that get this streams, make the http GET to the server where the cgi is running, make also the POST to send the data and connect the inbound stream to the GET and the outbound stream to the POST. The cgi for hiding purpose can upload and download mime/anything stream, so you can change for your content filtering system. On server side there will be a cgi and a daemon, the cgi share memory with the daemon where it push inbound and get outbound stream. The daemon connect to the local server ppp that can give you an ip address.

The connection on http 1.1 is permanent and the inactivity timeout is satisfied by ppp itself (with LCP ping).


the scheme


by Robert J. Newmark mailto: newmark@dyne.org

VPN_over_HTTPS (last edited 2008-06-26 09:55:59 by anonymous)