I have tested a private proxy.
On the share side zrok forwards all to Squid
zrok share private localhost:90 --backend-mode proxy --headless
On the access side,
zrok access private rgvq2mq9ljss
we try the simplest possible, the GET method over http
curl --proxy http://127.0.0.1:9191 http://www.google.com/relative_path_to
Now what we see in squid's log file:
1744920849.438 1 127.0.0.1 NONE_NONE/400 3734 GET /relative_path_to - HIER_NONE/- "-"
Somewhere on the route the host has disappeared from url. There is no hope that reverse and forward proxies will accept it.
Certainly private sock5 works fine. But it is a very restrictive scenario.
With working zrok's proxy we can forward http/https to haproxy/squid.
For the GET method over http we can do something like this on the haproxy side
http-request set-var(txn.myhost) req.hdr(Host)
http-request set-uri %[pathq]
But for https zrok's proxy does not allow CONNECT, moreover my ipad sends CONNECT without Host in the header
, because the Host is in the uri. Firefox will send Host header also.
Regarding the tcpTunnel. It works pretty well. Thank you! I have managed to connect a zrok's tcp tunnel to Squid and Danted.
There is a nasty error however.
Squid zrok share private 127.0.0.1:8080 --backend-mode tcpTunnel
ERROR zrok/endpoints.TXer: read error '127.0.0.1:90' -> 'ziti-edge-router connId=2147483740, logical=ziti-sdk[router=tls:domian.name:3022]': read tcp 127.0.0.1:44650->127.0.0.1:90: use of closed network connection
ERROR zrok/endpoints.TXer: read error '127.0.0.1:90' -> 'ziti-edge-router connId=2147483709, logical=ziti-sdk[router=tls:domian.name:3022]': read tcp 127.0.0.1:38430->127.0.0.1:90: use of closed network connection
Danted zrok share private 127.0.0.1:8080 --backend-mode tcpTunnel
ERROR zrok/endpoints.TXer: read error '127.0.0.1:8080' -> 'ziti-edge-router connId=2147483800, logical=ziti-sdk[router=tls:domian.name:3022]': read tcp 127.0.0.1:60658->127.0.0.1:8080: use of closed network connection
The similar thing goes on the access side:
zrok access private 7t5wq3iarbgk --headless -v
ERROR zrok/endpoints.TXer: read error '127.0.0.1:57218' -> 'ziti-edge-router connId=51, logical=ziti-sdk[router=tls:domian.name:3022]': read tcp 127.0.0.1:9191->127.0.0.1:57218: use of closed network connection