HTTP-Tunnel

This document is some information of HTTP-Tunnel design and architecture in BarbaTunnel.

Goal

Bypass firewall by creating fast, reliable and consistence tunnel via POST and GET concurrent requests same as what standard HTTP browser do. Firewall or any man in the middle will just see that user downloading some binary file such as image or zip. HTTP-Connections does not need to stay open, they will close after specific time or transfer. The serious closing and opening HTTP connection will not interrupt the actual tunnel connection.

Features

Barba Courier

Barba Courier send packet to other peer via concurrent standard HTTP browser connection.
BarbaCourier Diagram

Involved Class

BarbaCourier, BarbaCourierServer, BarbaCourierClient

Tasks

HTTP-Tunnel Client

Involved Class

BarbaClientHttpCourier, BarbaClientHttpConnection, BarbaClientSocket

Procedure

  1. BarbaClient create a BarbaClientHttpConnection.
  2. BarbaClientHttpConnection create an BarbaClientCourier.
  3. BarbaClientCourier initial the BarbaClientSocket for incoming and outgoing then send fake request to server with its tunnel connection id.
  4. BarbaClientHttpConnection Process packets via BarbaClientCourier.

HTTP-Tunnel Server

Involved Class

BarbaServerHttpHost, BarbaServerHttpCourier, BarbaServerHttpConnection, BarbaServerSocket

Procedure

  1. BarbaServer create BarbaServerHttpHost.
  2. BarbaServerHttpHost listen to incoming TCP ports for Http Tunnel.
  3. For each incoming tcp socket, BarbaServerHttpHost wait for HTTP request and extract tunnel connection id from it.
  4. If incoming BarbaConnection id was new, BarbaServerHttpHost create new BarbaServerHttpConnection and add the new socket to its BarbaServerHttpCourier.
  5. If incoming session already exists BarbaServerHttpHost will add the socket to its BarbaServerHttpCourier.
  6. BarbaServerHttpConnection Process packets via BarbaServerHttpCourier.