Can I use http tunnel to ping or traceroute through a proxy with firewall?

Asked 4/2, 2011 at 21:12 Answered 4/2, 2011 at 22:9

Solved networking tunneling http-tunneling

I don't know if there is a way to ping a target outside my LAN proxy which accepts only Http requests through a squid proxy... I read somewhere that one way to deal with such problem is to use a http tunnel so that the proxy still sees the request as a Http request. Can I use this to ping,say, www.google.com which otherwise is giving the following error because the firewall is rejecting the request:

$ ping www.google.com
ping: unknown host www.google.com

If so how is it done...?

I have installed httptunnel.Any help in how to use it will be much appreciated.

Clementia answered 4/2, 2011 at 21:12 Comment(0)

No. Ping and traceroute make use of lower layer network protocols (ICMP and/or UDP, in particular, which are layer 4 protocols) and will not work over an HTTP (layer 7) tunnel. In any case, even if you could convince the HTTP proxy to open a raw TCP session for you (which is how some HTTP tunneling works) you would not receive the necessary packets to confirm that the host is reachable. (ICMP echo reply, in the case of ping, or the time-to-live expired ICMP packets in the case of traceroute)

To test for connectivity in this situation, I think the best you can do is an HTTP "ping". (Try to establish an HTTP connection with the remote host and see if it works.) For example, you could do something like:

$ http_proxy=http://webproxy.example.com:3128 \
> curl -I http://google.com/ > /dev/null 2>&1 \
> && echo success || echo failure

Assuming you have curl installed, this would print "success" if google.com is reachable through your proxy and "failure" if not.

Menander answered 4/2, 2011 at 21:59 Comment(4)

Thank you. I tried it, but still it is showing failure... please tell me where I might be wrong – Clementia 5/2, 2011 at 4:38

Try a command of the format http_proxy=http://<your-proxy-address>:<your-proxy-port> curl -I http://google.com/, which might be more instructive. (In other words, first make sure you have the proxy address correct and the proxy is reachable. You can try telnet <proxy> <proxy-port> and see if it connects, or if the connection is refused.) – Menander 5/2, 2011 at 4:45

Also, try echo $http_proxy to see if it's already been set for you. If so, you can leave it out and just use curl. – Menander 5/2, 2011 at 5:18

@mpontillo, I understand that I can only curl -I google.com in the presence of a corporate proxy. If I am running RedHat Linux 7, how can I fix the fact that nvm ls -remote returns N/A when it return node 8.9.4? Thank you. – Cedillo 30/1, 2018 at 6:26

It's not exactly what you were looking for, but if you can access and external ssh server, you can run it through that, and the results will reflect the ping time to the ssh server:

$ ssh username@server 'ping -c 1 google.com' 
PING google.com (72.14.204.147) 56(84) bytes of data.
64 bytes from iad04s01-in-f147.1e100.net (72.14.204.147): icmp_seq=1 ttl=57 time=2.64 ms

--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 2.640/2.640/2.640/0.000 ms

Broider answered 4/2, 2011 at 22:9 Comment(0)

Recommended topics

Hot tags