HTTP Tunneling Support in InstantPalace?

31 views
Skip to first unread message

Brian McKelvey

unread,
Sep 24, 2009, 3:41:49 AM9/24/09
to openpalace...@googlegroups.com
I was reading the code for InstantPalace and noticed that it supports HTTP Tunneling for the Palace socket connection, so that it can be used inside a corporate firewall.  I'm not aware of anyone actually using this functionality, and there's no mention of it at all on http://eagles.chatserve.com/iphelp.html which seems to be the most exhaustive guide to InstantPalace I can find.

I'm interested in adding the HTTP Tunneling support to OpenPalace, because I've already had some friends who have been unable to use it from their work computers due to firewall restrictions.  However, I suspect the server needs to support this.

What happens is that InstantPalace will try to make a normal socket connection to port 9998, and if it can't, it will by default try to connect to the same host via HTTP on port 9994.  However, according to netstat, my palace server is not listening on port 9994 and I didn't see any configuration options to make it do so.

Do any of you have any knowledge of this?

Heini, I suspect if anyone would know, it would be you.  :)

Brian

Michael Heiniger

unread,
Sep 24, 2009, 4:46:27 AM9/24/09
to openpalace...@googlegroups.com
I never used that feature, and i didn't found any settings on the server to enable it. In my opinion it doesn't make much sense, because most corporate firewalls block ports above 1000 instead of checking if its a Socket or HTTP connection, so port 9994 isn't a good solution anyways, it should be 80, 81, 82...

Heini

2009/9/24 Brian McKelvey <tur...@openpalace.org>

Brian McKelvey

unread,
Sep 24, 2009, 2:59:20 PM9/24/09
to openpalace...@googlegroups.com
Yeah.  I was thinking 443 might be the most logical strategic choice, since HTTPS connections require the proxy server to forward the TCP connection directly anyway.

HTTP Tunnel connections require an HTTP Tunnel Server to connect to in order to forward the connection properly.  The only way this would work without one is if the Palace Server frontend has support for this built in.

As a test, I tried setting up my local firewall rules to block outgoing connections on port 9998, and then opened up the InstantPalace page for Avatar Palace.  It did not successfully connect with the HTTP tunnel.

Brian

Brian McKelvey

unread,
Sep 24, 2009, 3:00:05 PM9/24/09
to openpalace...@googlegroups.com
Pardon me, I meant Anime Palace.

Brian
Reply all
Reply to author
Forward
0 new messages