[noCensorship] Re: Fed up with LP
- From: wayne <wayne@xxxxxxxxxxxxx>
- To: nocensorship@xxxxxxxxxxxxx, proxytools-users@xxxxxx
- Date: 3 May 2003 22:28:44 -0000
> From: "Madani AL" <madani55sa@xxxxxxxxxxx>
> To: nocensorship@xxxxxxxxxxxxx
> Subject: [noCensorship] Fed up with LP
Summary: I think the basic problem is that the sbm proxies aren't
being loaded in the LP build. The way to figure out why is to see
a log of that build.
> Dear Wayne
>
> I have to admit it. I have a mixed feeling toward LP
'Mixed', or 'fed up'?
Ya gotta admit, testing LP over the years has
taught you some things about Perl, networks and proxies.
That's good ... I think. :-)
> I know it is becoming more automated and easy to use for novice, but still
> full of whistles for the more advance users.
>
> I am exercising all sorts of fall downs when trying to run LP with SBM ISP
> (sbm.net.sa). No matter what changes I make, LP never pick up SBM proxies
> such as:
> 212.46.32.42
> 212.46.32.34
> 212.46.32.54
These are already present and enabled in hosts.xml, but they are
censoring. Censoring means they won't get chosen for commStrat 0,
layer 0.
They CONNECT to 80, 8080 at least, so they could be chosen for
commStrat 1, layer 0.
They should be chosen for commStrat 2 too.
They won't get chosen for any of these places unless they score
higher (are faster and more reliable) than the alternative choices.
> It will however accept any proxy in my config.
It believes the user has access to any proxies he puts in his own
config. It won't believe they are non-censoring (or even working),
unless the user has also added test results into that config which
prove that.
> File other than SBM proxies.
That's weird.
You made sure they were fast and reliable so they could get chosen,
I guess?
Note that they are also in the LP database, so they should have
been loaded from there even without your configuration.
If you haven't already done this, try using the distributed SBM
config file, rather than your own. There may be a problem with
yours. Did you add these proxies in there by hand, or by
using statProxy/mergeHosts?
> Auto config. never help at all.
That would be right. It would only add them to your config, with
test results, and if loading them from the config wasn't working
you wouldn't get anywhere.
> I changed config-last.xml and inserted manually needed SBM proxies and
> started LP with config. last chosen just to go around it.
That would work if you used them for commStrat 1, layer 0.
You added them there?
And the results were good? Probably.
> Lately, I noticed that hosts.xml file had no 10080.0.0- proxies [Disabling
> 10080 (non-censoring HTTP proxy - standard).0 - no layer 0 hosts available].
Yes, that has been the case (on and off) for some time now for KSA.
I'm not spending lots of time searching the Arabic groups where the
proxies are (at least, were) being posted.
Either people test them and post to me, or in lists I see, or
everyone tests their own and adds the results to their own config.
It's no skin off my nose if people don't share their results, but
many other people are then disadvantaged. That's pretty much the
way it's happening right now.
> This means that I had to search the network for other open proxies (within
> KSA or from the outside) just to start my LP. **Not funny isn?t it? **.
No.
So post them to me, and then they will be there for everyone.
What's the alternative? If you and just one other person there
had successfully tested some and sent to me, your LP would
probably have worked.
Still, the basic problem seems to be that your CONNECT capable
local ISP proxies are not being used in the LP build (10080,
commStrat 1, layer 0).
We should sort that out.
> As a last resort, bought several cards with some hours from the following
> ISPs:
Great! Someone willing to do some testing.
You're unique (and that's a fact!).
> 1. cyberia.net.sa:8080
> 2. nesma.net.sa:8080
> 3. sps.net.sa:8080
> 4. zajil.net:3128
> The test was very smooth for ISPs 2,3,4. No sweat. LP ran like Ferrari.
Heh, it's been some time since that kind of statement was made.
> For #1 (Cyberia), LP could not help it.
LP said it was
> As a matter of fact, Cyperia is just
> another name for proxy.ogertel.com
Ok, Ogertel is now gone from firewalls.xml. CVS soon.
> cyberia.net.sa
> Domain ID 20020818N001
> 212.119.67.14
> Name server ns1.cyberia.net.sa , 212.119.64.2
> Name server ns2.cyberia.net.sa , 212.119.64.3
Ok, added these two to the two already there (from ogertel:
212.119.67.2, and 212.119.67.3). If these two from ogertel aren't
working in cyberia, that might explain some things, but you would
have seen error messages.
Can you confirm that they all work:
nslookup www.panix.com 212.119.67.2
for example?
> When I started LP using [auto], it did not work
If it doesn't work, that's probably still ok.
LP just uses what it's got in the database.
> although every thing was ok:
> -----------------
> This is localProxy GUI (the 'front end'), version: 4.262
> Proxies found in environment: proxy.sbm.net.sa:80
> I'm assuming this IP address is 212.119.66.*
> I'm assuming this IP address is 212.119.66.*
> Setting default config KSA-ogertel
> master.xml has been generated ... loading
> Generating config-auto.xml ... done
> Starting localProxy engine with configuration: auto
> start line: perl localProxy2.pl -x 3 -g -d 0 -c auto
> Connected to localhost:10081....
> -----------
> Mapping the firewall rules, please wait ...
> Warning: filtering detected (probably transparent proxy) on port 25
> Warning: filtering detected (probably transparent proxy) on port 110
> Warning: filtering detected (probably transparent proxy) on port 7021
> [---]
You got that message on all the ports?
Port 80?
Is it correct? Do you have a transparent proxy?
> port 8000 is blocked
> port 8001 is open
> port 8002 is open
> port 8003 is open
> port 8004 is open
> port 8005 is open
> port 8006 is open
> port 8007 is open
> port 8008 is open
> port 8080 is blocked
> port 8081 is open
> port 8082 is open
> port 8083 is open
> port 8084 is open
> port 8085 is open
> port 8086 is open
> port 8087 is open
> port 8088 is blocked
> port 8089 is blocked
> port 8090 is open
> port 8091 is open
> port 8141 is open
> port 8180 is open
> port 8421 is open
> port 8616 is blocked
> port 8888 is blocked
> port 8965 is open
> port 9001 is open
> port 9081 is open
> port 9274 is blocked
> port 9589 is open
> port 10080 is open
> port 12345 is open
> port 14000 is open
> port 20034 is open
> Saving the results in master.xml
> Checking proxies: 212.119.67.14:8080, proxy.zajil.net:3128,
> proxy.ogertel.com:8080,
> panix.panix.com:10080,
This resolves to at least 3 IP addresses. If you added it because
you had a redirector running on Panix, you need to say which host (panix1,
2,3,...) or give the IP address.
> proxy.sbm.net
> .sa:80
> Checking proxy capabilities ...
> Warning: safe mode is off
> [---]
> statProxy v4.156 report from 212.119.66.*(KSA-ogertel):
> 212.119.67.14 :8080 PFFFPFPPPPPPPPFPFPFP 1.8/3.2 via:1.0 cache4.jed
> agent:BlueCoat-Security-Appliance
> -----------------
> This is localProxy Engine (the 'back end'), version: 4.252
[...]
> DNS addresses from o/s: 212.119.64.2, 212.119.64.3
> Name servers (o/s and firewall info): 212.119.64.2, 212.119.64.3
> Accessible subnets: 224.0.0.0/4, 212.119.67.8/24, 212.119.66.255/24,
> 212.119.66.*/24
Hmm, that's misleading. It actually has more subnets than this.
The list printed is only for the subnets it's added by examining
the auto config file. I've changed it to show all of them now.
Please update localProxy2.pl so that if you post a log next time,
it will include all the nets.
> DnsTimeout initialized: 5.5
> Sorting hosts (uses DNS, please connect)...
> Filled layer 10076.0.*.- (10/10), (max,min) score was (0.4, 0.016)
> Filled layer 10076.1.*.- (3/10), (max,min) score was (0.4, 0.00032)
> Filled layer 10076.1.-.* (10/10), (max,min) score was (0.6, 0.17)
> Filled layer 10076.2.*.- (10/10), (max,min) score was (0.4, 0.016)
> Filled layer 10022.1.*.- (0/10), (max,min) score was (-1, -1)
>
> Disabling 10022 (secure telnet (ssh) - SSH-panix3).1 - no layer 0 hosts
> available
> Filled layer 10119.1.*.- (1/10), (max,min) score was (0.4, 0.4)
> Filled layer 10080.0.*.- (0/10), (max,min) score was (-1, -1)
>
> Disabling 10080 (non-censoring HTTP proxy - standard).0 - no layer 0 hosts
> available
That's reasonable. No *nonCensoring* http proxies are available.
> Filled layer 10080.1.*.- (3/10), (max,min) score was (0.4, 0.00032)
But 3 proxies which are CONNECTCapable to standard outside proxy
ports are available. These would be Cyberia/Ogertel proxies.
> Filled layer 10080.1.-.* (10/10), (max,min) score was (1, 0.072)
> Filled layer 10080.2.*.- (10/10), (max,min) score was (0.4, 0.011)
> Filled layer 10082.0.*.- (1/10), (max,min) score was (0.052, 0.052)
> Filled layer 10082.1.*.- (3/10), (max,min) score was (0.4, 0.00032)
> Filled layer 10082.1.-.* (10/10), (max,min) score was (0.18, 0.061)
> Filled layer 10082.2.*.- (8/10), (max,min) score was (0.4, 0.00023)
> Rotating name servers: 1
> Checking all layer 0 hosts for connectivity...
> Results from isConnectable: 000111010100010100
> Unable to connect to 66.250.69.1:8572 216.126.204.54:8303 204.113.91.64:8001
> 216.126.204.24:8303 205.205.143.254:8002 16
> 8.9.253.251:3347 66.213.25.6:8867 216.126.204.21:8303 216.206.18.12:8002
> 200.23.144.129:8001 218.145.25.108:8081
bash-2.05b$ ./statProxyParallel.pl -t 0 -l so.txt
[...]
statProxy v4.25 report from xxx:
168.9.253.251 :3347 P 11.2/12.5
200.23.144.129 :8001 T ?/?
204.113.91.64 :8001 T ?/?
205.205.143.254 :8002 T ?/?
216.126.204.21 :8303 P 0.8/1.0
216.126.204.24 :8303 T ?/?
216.126.204.54 :8303 T ?/?
216.206.18.12 :8002 P 0.9/1.3
218.145.25.108 :8081 R ?/?
66.213.25.6 :8867 P 10.3/10.5
66.250.69.1 :8572 P 11.9/12.2
Wall clock time: 0.53 mins.
So, some of these were working.
Are these ports open/blocked for you?
3347, 8303, 8002, 8867, 8572
[...]
> Is that all???
> No. Believe it, LP works just fine when I use config- KSA-ogertel.xml file
> under Cyberia ISP.
I believe it :-)
I can see from that build that it has enough to work.
> Just to make it more complicated, I changed KSA-ogertel in firewalls.xml to
> KSA-cyberia
They were already the same except for the name servers.
See my question above.
> and started LP using config-KSA-cyberia.xml (just renamed the
> config-KSA-ogertel.XML).
Renaming doesn't make any difference either.
I've added a new config-KSA-cyberia.xml now, but the only thing
that means is that it will appear in the config lkist in LP now.
> LP could not make it.
I have trouble understanding that.
Possibly the name servers screwed it up. Check those.
It's a pity you didn't post that log too. I could have seen exactly
what went wrong. Can you do that?
> I other words LP could not
> deal with cyberia.net.sa. Only works with ogertel.com (which is not there
> any more as it is changed to cyberia.net.sa).
>
> Is that all ??
> Not yet.
> I went back to an old version of LP(4.3) which can be found in
> 2001-12-01.zip.
> This version is able to figure out all SBM proxies found in hosts.xml and
> use them as layer 0.
For 10080, commStrat 1, you mean?
Certainly not commStrat 0.
> Newer versions could not.
Ok, it sounds like that's the basic problem here.
> One more thing:
> I searched SaudiNIC's database for sbm at the following URL:
> http://www.saudinic.net.sa/cgi-bin/whois.cgi
> It returnred:
> ----------------
> sbm.net.sa
> Domain ID 19990326N000
> Name server neptune.sbm.net.sa , 212.46.32.65
> Name server pluto.sbm.net.sa , 212.46.32.33
Yep. I get these too.
> On the other hand, I typed :ipconfig (in Command Prompt) and got the
> following:
>
> Microsoft Windows XP [Version 5.1.2600]
> (C) Copyright 1985-2001 Microsoft Corp.
>
> C:\Documents and Settings\madani.MADANI-*.000>ipconfig /all
>
> Windows IP Configuration
>
> Host Name . . . . . . . . . . . . : madani-*
> Primary Dns Suffix . . . . . . . :
> Node Type . . . . . . . . . . . . : Unknown
> IP Routing Enabled. . . . . . . . : No
> WINS Proxy Enabled. . . . . . . . : No
>
> PPP adapter SBM-Local:
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
> Physical Address. . . . . . . . . : ********
> Dhcp Enabled. . . . . . . . . . . : No
> IP Address. . . . . . . . . . . . : 212.46.36.*
> Subnet Mask . . . . . . . . . . . : 255.255.255.255
> Default Gateway . . . . . . . . . : 212.46.36.*
> DNS Servers . . . . . . . . . . . : 212.46.32.35
> 212.46.32.45
The first one is refusing dns queries, and the second is down, or
firewalled from the outside.
Test these two as explained above, and remove from your setup if
necessary. If they are being dynamically allocated, then complain
to the ISP you dialled into at the time.
> By the way, SaudiNIC is the only database which resolved Cyberia.
>
>
> Summery:
> There is some thing not correct in the new versions of LP. Older versions
> work fine but not the new ones. I know that this message is too long
Messages are never too long if it's because they contain some
good information :-)
> but I
> hope it will help in solving the problem
A log of any of the failing builds will tell me what's wrong.
> Best regard
> madani
--
wayne@xxxxxxxxxxxxx
http://proxytools.sourceforge.net/
===8>============== noCensorship community ===============
List's webpage: //www.freelists.org/webpage/nocensorship
List's archive: //www.freelists.org/archives/nocensorship
To unsubscribe: nocensorship-request@xxxxxxxxxxxxx with 'unsubscribe' in the
SUBJECT field.
Moderator's email: nocensorship-moderators@xxxxxxxxxxxxx
===8>============== noCensorship community ===============
Other related posts:
