[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-users] http on lwip
From: |
hajot |
Subject: |
[lwip-users] http on lwip |
Date: |
Tue, 18 Aug 2009 14:34:33 +0200 |
Hi there
I use lwip for an embedded application. In recent field tests we encountered
problems probably with proxies and firewalls.Sorry if this problem is a little
bit off topic. But I hope that some professionals with experience on web
applications on embedded systems could help me or direct my to another
appropriate discussion group.
The problem:
- We use a proprietary terminal protocol that we tunnel in TCP frames for our
remote maintenance. The embedded application and the server application in our
facility use proprietary TCP ports outside the range of well known ports.
- Most of our worldwide fieldtest didn't show any problem but one in Poland.
The TCP connection could not be established. A short investigation on google
gave me posts from other discussion group that one should better make an
application work over http, cause european ISP often block ports or even make
protocol inspection and reject unknown services due to policy restrictions.
- I plan to tunnel the terminal protocol in http POST and GET commands or in
http responses.
The http tunneling idea:
Im not sure about the details and the mechanisms behind possible protocol
inspections. But to be absolutely sure that nothing gets blocked I have the
plan that the TCP connection initiator (our embedded system) always issues GET
or POST requestst:
- For the initial http request the embedded system will request a dummy website
hosted on a server in our infrastructure.
GET /helpline HTTP/1.1
Host: www.hostname.com
Cache-Control: no-cache
- The server will then embed a terminal command in a http response. A terminal
command is most often a two letter abbreviation of a command. E.g. le means
"list eventlog". A http response with this command could look like this:
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2
Content-Type: text/plain
le
- The embedded system will respond with an eventlog containing the last 3500
errors that occured on the system. Because of the huge amount of data, (see
Content-Length: 210000) the payload will be tunneled with a http POST request:
POST /helpline HTTP/1.1
Host: www.hostname.com
Content-Type: multipart/form-data; name="eventlog",
boundary=0f107778f4d9713c7f1bc70eb206ba67
Content-Length: 210000
--0f107778f4d9713c7f1bc70eb206ba67
Content-Disposition : form-data; name="eventlog"; filename="eventlog"
Content-Type: text/plain
**Event: 3500: 002 17:21:45 01.07 Mains overvolt. 00128
¦
¦
Event: 0001: 100 13:38:20 30.04 Rem usr logout 00001--
0f107778f4d9713c7f1bc70eb206ba67--
The questions:
- Could some experts confirm the mentioned problems with blocked ports and
unknown protocols ?
- Are there any concerns considering proxies and inspection techniques this
approach could miss ?
- A possible contractor would do the server implementation for us. He mentioned
that there are ready to use products and codes for http tunneling/detunneling.
I am looking for something similar in c open-source I could use on the embedded
side. Does somebody knows/hosts/maintains a similar project?
- What are the requirements for a multipart boundary (0f1077....) in the
example above. Has it to be a random number changing with each POST request. Or
can I put always the same number for a simple and primitive implementation?
Kind regards
Hans-Joerg (George)
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lwip-users] http on lwip,
hajot <=