CN102685094A - Reverse proxy system and method - Google Patents
Reverse proxy system and method Download PDFInfo
- Publication number
- CN102685094A CN102685094A CN2011104233670A CN201110423367A CN102685094A CN 102685094 A CN102685094 A CN 102685094A CN 2011104233670 A CN2011104233670 A CN 2011104233670A CN 201110423367 A CN201110423367 A CN 201110423367A CN 102685094 A CN102685094 A CN 102685094A
- Authority
- CN
- China
- Prior art keywords
- server
- client
- address
- acting server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 13
- 239000000284 extract Substances 0.000 claims abstract description 9
- 238000012544 monitoring process Methods 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 3
- 238000004891 communication Methods 0.000 claims description 3
- 238000012795 verification Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
本发明涉及反转代理系统及方法,代理服务器通过客户端发送的邮件提取客户端的IP地址和端口号,并向客户端发送连接请求,客户端监听到请求并建立连接,客户端转发浏览内网资源浏览器信息的请求,通过代理服务器实现对资源服务器信息的访问;本发明将代理服务器作为客户端连接外网主机,从而建立一个连接通道,外网主机通过这个通道实现对内网资源的访问,而不会影响防火墙的设置。
The invention relates to a reverse proxy system and method. The proxy server extracts the IP address and port number of the client through the mail sent by the client, and sends a connection request to the client. The client listens to the request and establishes a connection, and the client forwards and browses the intranet. The request for resource browser information realizes access to resource server information through a proxy server; the present invention uses the proxy server as a client to connect to an external network host, thereby establishing a connection channel, and the external network host realizes access to intranet resources through this channel , without affecting the firewall settings.
Description
Technical field
Agency plant and method the present invention relates to reverse.
Background technology
Acting server is to replace the user to send request to source data server, and gives subscriber's main station the result that source data server is returned.If but acting server also in Intranet, external user just can not be connected to the acting server of Intranet.
Summary of the invention
The purpose of this invention is to provide a kind of counter-rotating agency plant and method, to solve acting server in Intranet, external user can not be connected to the acting server of Intranet, visit Intranet problem of resource.
For realizing above-mentioned purpose, counter-rotating agency plant of the present invention comprises:
The Internet main frame is connected in the Internet net, is used for sending the mailbox of the mail of specified format to the acting server appointment through mail server; In be provided with Client Agent, be used to be provided with address and the port numbers of monitoring link, be arranged on email address, the username and password of registration mailbox in the acting server;
Acting server is used for scan mail and extracts the Internet host IP address and the port numbers of sending mail, is used to set up the communication channel between Internet main frame and the Resource Server;
Mail server is used for the transmission of Internet main frame to the acting server mail;
Resource Server is used for storage resources information, and the access request of response agent server;
The Intranet that the interconnection of said Resource Server and acting server constitutes, acting server also respectively with outer net in Internet main frame and mail server network interconnection.
Counter-rotating Proxy Method of the present invention may further comprise the steps:
(1) in client Internet main frame, starts Client Agent, address and port numbers that Client Agent is monitored link are set, be arranged on email address, the username and password of registration mailbox in the acting server; Mailbox through registration sends the mailbox of the mail of specified format to the acting server appointment;
(2) acting server starts and scan mail; Whether check has the mail that registered appointment mailbox sends in the comfortable system in the mail; And checking whether land order correct, if correct, then from mail, extract the Internet host IP address and the port numbers of sending mail;
(3) acting server sends connection request through IP address and the port numbers extracted to the Internet of client main frame, and Client Agent is then agreed to connect if listen to connection request; Client browser is set to through the local client proxy access;
(4) client browser sends the request of browsing the Intranet Resource Server to Client Agent, and Client Agent receives and sends to acting server to request through interface channel; Acting server is according to client-requested access resources server; And feed back to Client Agent to the response of Resource Server through interface channel; Client Agent is given browser responsive feedback again, realizes the visit of client Internet main frame to the Intranet Resource Server.
Further, the mail of specified format is meant and comprises annex in the mail in the said step (1), and this annex is a text, and form does<b ><IP>Address</IP><Port>PORT</port>,</b>Wherein: address is the address of external host, and PORT is the port numbers that external host receives link.
Further, said step at first starts acting server in (2), and the acting server scan mail is checked the mail that whether has registered appointment mailbox in the comfortable system in the mail; If do not exist, wait for a period of time and continue scanning; If exist, check whether the subject territory of this mail header is to land order; If it is correct to land order, extract IP address and port numbers in the Email attachment.
Further, the subject territory of said mail header is landed order and is done
LOGIN<Space>Username<Space>Password,Wherein:<space>The expression space; Username representes user name; Password representes password.
Counter-rotating agency plant of the present invention and method connect the outer net main frame with acting server as client, thereby set up an interface channel, and the outer net main frame is realized the visit to the Intranet resource through this passage, and can not influence the setting of fire compartment wall.
Description of drawings
Fig. 1 is a counter-rotating acting server fundamental diagram of the present invention.
Embodiment
As shown in Figure 1, the counter-rotating agency plant comprises:
The Internet main frame is connected in the Internet net, is used for sending the mailbox of the mail of specified format to the acting server appointment through mail server; In be provided with Client Agent, be used to be provided with address and the port numbers of monitoring link, be arranged on email address, the username and password of registration mailbox in the acting server;
Acting server is used for scan mail and extracts the Internet host IP address and the port numbers of sending mail, is used to set up the communication channel between Internet main frame and the Resource Server;
Mail server is used for the transmission of Internet main frame to the acting server mail;
Resource Server is used for storage resources information, and the access request of response agent server;
The Intranet that the interconnection of above-mentioned Resource Server and acting server constitutes, acting server also respectively with outer net in Internet main frame and mail server network interconnection.
The concrete steps of counter-rotating Proxy Method are following:
[1] at first open acting server, acting server uses the POP agreement, logs on predefined public network mailbox, downloads online mail, and deletes this mail.Check the sender of mail, if the Email Sender is the good Email Sender of predefine, the Email Sender is correct; Checking mail matter topics, if theme is LOGIN user password, just extract user and password verifies, if checking is correct, is exactly this user's correct verification mail.If an item mistake is arranged, authentication failed.Used the double verification mode to prove user's correctness.
[2] after user rs authentication was accomplished, acting server extracted the IP address and the port numbers of main frame from annex.If extraction mistake; Server is not done any action; Otherwise initiate a thread,, just set up the passage of an acting server and Internet main frame if this thread is connected the successful connection of Internet main frame according to the IP address in the annex with port numbers; The Intenate main frame is just analyzed these requests the acting server acting server is issued in the request of Intranet resource through this passage, and visits the Intranet Resource Server on request.The Intranet Resource Server to acting server request reply, and acting server is returned to the Internet main frame to response result.
[3] connect retry.Break off if connect, acting server retry again connects if get nowhere several times continuously will and break off several times.
[4] Client Agent.Have an agency in client, the user can be provided with the address and the port numbers of agents listen.When Client Agent started, it was monitored on remote address that the user is provided with and port; It passes through to send smtp protocol to the theme of user's user name password composition LOGIN user password form to port of monitoring and IP address, be transmitted to acting server by the mailbox of on acting server, registering and monitor mailbox, and continuation is monitored.Do not resend again if also connect to arrive, cancel connection up to the user.If listen to connection, just agree to connect, to notify the user successful connection, and open local listen address 127.0.0.1 and port, this port can be provided with by user oneself.Client Agent remote address and port are to be used for the connection request of snoop agents server, and local address and port are the requests that is used for monitoring browser.
[5] user is provided with cost machine: 127.0.0.1 to own browser agent server address, and port is set to the local agent port.In address field, import the interior net address of to visit then; Browser just sends request to Client Agent; Client Agent request through it and being connected of Intranet acting server, a acting server to Intranet, the Intranet acting server is according to the requirement request Intranet resource of browser.The Intranet agency service is returned to Client Agent to the result through connection, and Client Agent returns the result to browser.
The present invention only needs on Intranet and Internet main frame, to install the Intranet acting server respectively and local agent need be to the configuration of other main frames.The Intranet acting server initiatively connects the Internet main frame, can the passing through NAT agency.The Internet main frame makes system have certain flexibility through the IP address and the port numbers of mail box notice Internet main frame.
Claims (5)
- One kind the counter-rotating agency plant, it is characterized in that this system comprises:The Internet main frame is connected in the Internet net, is used for sending the mailbox of the mail of specified format to the acting server appointment through mail server; In be provided with Client Agent, be used to be provided with address and the port numbers of monitoring link, be arranged on email address, the username and password of registration mailbox in the acting server;Acting server is used for scan mail and extracts the Internet host IP address and the port numbers of sending mail, is used to set up the communication channel between Internet main frame and the Resource Server;Mail server is used for the transmission of Internet main frame to the acting server mail;Resource Server is used for storage resources information, and the access request of response agent server;The Intranet that the interconnection of said Resource Server and acting server constitutes, acting server also respectively with outer net in Internet main frame and mail server network interconnection.
- One kind the counter-rotating Proxy Method, it is characterized in that this method may further comprise the steps:(1) in client Internet main frame, starts Client Agent, address and port numbers that Client Agent is monitored link are set, be arranged on email address, the username and password of registration mailbox in the acting server; Mailbox through registration sends the mailbox of the mail of specified format to the acting server appointment;(2) acting server starts and scan mail; Whether check has the mail that registered appointment mailbox sends in the comfortable system in the mail; And checking whether land order correct, if correct, then from mail, extract the Internet host IP address and the port numbers of sending mail;(3) acting server sends connection request through IP address and the port numbers extracted to the Internet of client main frame, and Client Agent is then agreed to connect if listen to connection request; Client browser is set to through the local client proxy access;(4) client browser sends the request of browsing the Intranet Resource Server to Client Agent, and Client Agent receives and sends to acting server to request through interface channel; Acting server is according to client-requested access resources server; And feed back to Client Agent to the response of Resource Server through interface channel; Client Agent is given browser responsive feedback again, realizes the visit of client Internet main frame to the Intranet Resource Server.
- 3. counter-rotating Proxy Method according to claim 2 is characterized in that, the mail of specified format is meant and comprises annex in the mail in the said step (1), and this annex is a text, and form does<b ><IP>Address</IP><Port>PORT</port>,</b>Wherein: address is the address of external host, and PORT is the port numbers that external host receives link.
- 4. counter-rotating Proxy Method according to claim 3 is characterized in that, said step at first starts acting server in (2), and the acting server scan mail is checked the mail that whether has registered appointment mailbox in the comfortable system in the mail; If do not exist, wait for a period of time and continue scanning; If exist, check whether the subject territory of this mail header is to land order; If it is correct to land order, extract IP address and port numbers in the Email attachment.
- 5. counter-rotating Proxy Method according to claim 4 is characterized in that, the subject territory of said mail header is landed order and done LOGIN<Space>Username<Space>Password,Wherein:<space>The expression space; Username representes user name; Password representes password.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104233670A CN102685094A (en) | 2011-12-16 | 2011-12-16 | Reverse proxy system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104233670A CN102685094A (en) | 2011-12-16 | 2011-12-16 | Reverse proxy system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102685094A true CN102685094A (en) | 2012-09-19 |
Family
ID=46816465
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011104233670A Pending CN102685094A (en) | 2011-12-16 | 2011-12-16 | Reverse proxy system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102685094A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103607333A (en) * | 2013-11-22 | 2014-02-26 | 深圳维盟科技有限公司 | Local area network port proxy method for port proxy server |
| CN104702591A (en) * | 2014-12-29 | 2015-06-10 | 国家电网公司 | Method and system for penetrating through firewall based on port forwarding multiplexing technology |
| CN105100263A (en) * | 2015-08-20 | 2015-11-25 | 百度在线网络技术(北京)有限公司 | Reverse proxy method and apparatus |
| CN105897849A (en) * | 2015-12-22 | 2016-08-24 | 乐视云计算有限公司 | Cross-process service method and system and proxy server |
| CN105991568A (en) * | 2015-02-09 | 2016-10-05 | 苏州精易会信息技术有限公司 | Proxy realizing device |
| CN107566260A (en) * | 2017-10-23 | 2018-01-09 | 合肥时代智慧高新投资管理有限公司 | It is a kind of to exempt from the unified identity authentication method that client exempts to log in based on subscriber mailbox |
| CN108881518A (en) * | 2018-08-01 | 2018-11-23 | 上海华测导航技术股份有限公司 | A kind of method, apparatus, storage medium and system accessing Intranet equipment |
| CN109756474A (en) * | 2018-11-23 | 2019-05-14 | 国电南瑞科技股份有限公司 | A method and device for cross-regional service invocation of a power dispatching automation system |
| CN110708395A (en) * | 2019-10-24 | 2020-01-17 | 深圳前海环融联易信息科技服务有限公司 | Data acquisition method and device, computer equipment and storage medium |
| CN111083044A (en) * | 2019-12-27 | 2020-04-28 | 沈阳通用软件有限公司 | Method for deploying IPv4 e-mail outgoing agent on Windows terminal |
| CN111343080A (en) * | 2020-02-28 | 2020-06-26 | 北京芯盾时代科技有限公司 | Proxy-based mail service method, server, client and system |
| CN114401133A (en) * | 2022-01-13 | 2022-04-26 | 中电福富信息科技有限公司 | Equipment monitoring vulnerability detection system based on agent |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1255395A2 (en) * | 2001-04-30 | 2002-11-06 | Xerox Corporation | External access to protected device on private network |
| US6665721B1 (en) * | 2000-04-06 | 2003-12-16 | International Business Machines Corporation | Enabling a home network reverse web server proxy |
| CN1981496A (en) * | 2004-07-28 | 2007-06-13 | 日本电气株式会社 | Connection method, communication system, device, and program |
| CN102065111A (en) * | 2009-11-13 | 2011-05-18 | 北京神州绿盟信息安全科技股份有限公司 | Reverse proxy method and reverse proxy server |
-
2011
- 2011-12-16 CN CN2011104233670A patent/CN102685094A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6665721B1 (en) * | 2000-04-06 | 2003-12-16 | International Business Machines Corporation | Enabling a home network reverse web server proxy |
| EP1255395A2 (en) * | 2001-04-30 | 2002-11-06 | Xerox Corporation | External access to protected device on private network |
| CN1981496A (en) * | 2004-07-28 | 2007-06-13 | 日本电气株式会社 | Connection method, communication system, device, and program |
| CN102065111A (en) * | 2009-11-13 | 2011-05-18 | 北京神州绿盟信息安全科技股份有限公司 | Reverse proxy method and reverse proxy server |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103607333A (en) * | 2013-11-22 | 2014-02-26 | 深圳维盟科技有限公司 | Local area network port proxy method for port proxy server |
| CN104702591A (en) * | 2014-12-29 | 2015-06-10 | 国家电网公司 | Method and system for penetrating through firewall based on port forwarding multiplexing technology |
| CN104702591B (en) * | 2014-12-29 | 2019-06-28 | 国家电网公司 | A kind of method and system based on port forwarding multiplexing technology firewall-penetrating |
| CN105991568A (en) * | 2015-02-09 | 2016-10-05 | 苏州精易会信息技术有限公司 | Proxy realizing device |
| CN105100263A (en) * | 2015-08-20 | 2015-11-25 | 百度在线网络技术(北京)有限公司 | Reverse proxy method and apparatus |
| CN105897849A (en) * | 2015-12-22 | 2016-08-24 | 乐视云计算有限公司 | Cross-process service method and system and proxy server |
| CN107566260B (en) * | 2017-10-23 | 2020-10-02 | 合肥时代智慧高新投资管理有限公司 | Client-free login-free unified identity authentication method based on user mailbox |
| CN107566260A (en) * | 2017-10-23 | 2018-01-09 | 合肥时代智慧高新投资管理有限公司 | It is a kind of to exempt from the unified identity authentication method that client exempts to log in based on subscriber mailbox |
| CN108881518A (en) * | 2018-08-01 | 2018-11-23 | 上海华测导航技术股份有限公司 | A kind of method, apparatus, storage medium and system accessing Intranet equipment |
| CN109756474A (en) * | 2018-11-23 | 2019-05-14 | 国电南瑞科技股份有限公司 | A method and device for cross-regional service invocation of a power dispatching automation system |
| CN109756474B (en) * | 2018-11-23 | 2021-02-05 | 国电南瑞科技股份有限公司 | A method and device for cross-regional service invocation of a power dispatching automation system |
| CN110708395A (en) * | 2019-10-24 | 2020-01-17 | 深圳前海环融联易信息科技服务有限公司 | Data acquisition method and device, computer equipment and storage medium |
| CN111083044A (en) * | 2019-12-27 | 2020-04-28 | 沈阳通用软件有限公司 | Method for deploying IPv4 e-mail outgoing agent on Windows terminal |
| CN111343080B (en) * | 2020-02-28 | 2020-12-04 | 北京芯盾时代科技有限公司 | Proxy-based mail service method, server, client and system |
| CN111343080A (en) * | 2020-02-28 | 2020-06-26 | 北京芯盾时代科技有限公司 | Proxy-based mail service method, server, client and system |
| CN114401133A (en) * | 2022-01-13 | 2022-04-26 | 中电福富信息科技有限公司 | Equipment monitoring vulnerability detection system based on agent |
| CN114401133B (en) * | 2022-01-13 | 2023-12-01 | 中电福富信息科技有限公司 | Equipment monitoring vulnerability detection system based on agent |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102685094A (en) | Reverse proxy system and method | |
| CN103905497B (en) | Realize the method, apparatus and application platform of third-party application business website log | |
| CN106936853B (en) | A method of cross-domain single sign-on based on system integration-oriented cross-domain single sign-on system | |
| CN101247297B (en) | Device, system and method for automatically configuring application terminal in home network | |
| CN104158808B (en) | Portal authentication method and its device based on APP applications | |
| US8572696B1 (en) | Contextual data aided security protection | |
| CN108476165B (en) | An information interaction method, client and device | |
| CN102571857B (en) | Method and system for realizing logging in XMPP (Xmlbased Messaging and Presence Protocol) server | |
| CN105743684B (en) | The configuration method and router of router under a kind of ap mode | |
| CN101582856B (en) | Session setup method of portal server and BAS (broadband access server) device and system thereof | |
| CN102739684B (en) | Portal authentication method based on virtual IP address, and server thereof | |
| WO2013158830A1 (en) | Authentication of service requests | |
| CN103685584B (en) | A kind of anti-Domain Hijacking method and system based on tunneling technique | |
| CN104539902B (en) | The remote access method and system of a kind of IPC | |
| TW200922281A (en) | Posting server, content transmission system, and posting server control method | |
| CN102904801B (en) | Message reminder method and device | |
| CN105516061A (en) | Remote server access method and web server | |
| WO2010037327A1 (en) | Notifying method and equipment for e-mail arrival | |
| CN103036993A (en) | Browser client-side and method of achieving website logging | |
| JP4789100B2 (en) | E-mail transmission system | |
| WO2010037290A1 (en) | Method and system for transmitting cross-domain remote mail | |
| CN102790675B (en) | Authentication method of network connection, network device and network authentication system thereof | |
| CN105721509B (en) | A kind of server system | |
| JP2011186912A (en) | Relay processing method, program and device | |
| CN202587024U (en) | Reversed agent system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120919 |