Is it possible if firewall blocking all http trafic but udp protocol is open connect to internet? because skype use udp protocol to connect and users can use skype. But is technicaly possible to cheat it and use proxy to connect to web via udp protocol?
Asked
Active
Viewed 526 times
4 Answers
3
You're better off using an in-line content filtering device rather than a stateful firewall for content filtering.
MDMarra
- 100,734
- 32
- 197
- 329
1
Obviously you could use a proxying technique, for exampe OpenVPN, which works on udp protocol.
Olivier S
- 2,739
- 1
- 14
- 14
-
Well, except that OpenVPN isn't a proxy. – MDMarra Nov 06 '11 at 19:02
1
As @Olivier mentioned, you can perform UDP tunneling through the OpenVPN.
Take a look at this to route all client traffic through the OpenVPN. You can also do it with OpenSSH.
quanta
- 51,413
- 19
- 159
- 217
-
As I skimmed that article about OpenSSH, it seems to me that it is about tunneling UDP *over* TCP / SSH. – wzzrd Nov 09 '11 at 07:41
0
No, I don't think what you want to do is technically possible.
Firstly, and most importantly, webservers listen on TCP port 80, so unless you found some webservers which were listening for HTTP over UDP (which is itself a scary idea), then you'd be shit outta luck, even if you did get past the firewall.
Secondly, it sounds like you're trying to circumvent a firewall that's in place for a reason. What you're doing is potentially against the rules, or maybe a law, and generally regarded as bad practice.
Thirdly, even if you did want to break past the firewall, disregarding rules and measures put in place to stop you, then you'd still need a server on the outside to "translate" UDP traffic into TCP traffic. So yes, for that bit, you'd need some kind of proxy. Apparently OpenVPN can do it, but I think you should seriously consider the security and policy implications of what you're attempting.
Tom O'Connor
- 27,480
- 10
- 73
- 148