Method and apparatus for tunneling TCP/IP over HTTP and HTTPS
First Claim
1. A packet switched network communications system comprising:
- a first network including a client running at least one client application;
a second network including a server supporting a plurality of resources; and
a direct, port forwarding function implemented on the client for a tunnel operation in which a secure connection is made to the server.
1 Assignment
0 Petitions
Accused Products
Abstract
A tunneling infrastructure provides TCP port forwarding from a client running on a client network to a server running on a server network, where the client and servers can be behind separate firewalls. To tunnel TCP, a “server socket” capability is provided, allowing the client to establish a connection to the server across the tunnel. A direct, port forwarding scheme is implemented. The client side is the driver for the tunnel operation. The client maintains multiple URL (Universal Resource Locator) connections to the server side tunnel allowing data to flow in both directions. The client'"'"'s SendToServer connection(s) use the HTTP POST method to send data from the client side to the server side. The client'"'"'s ReceiveFromServer connection(s) use the HTTP GET method, and allow data to be sent from the server side to the client side.
120 Citations
18 Claims
-
1. A packet switched network communications system comprising:
-
a first network including a client running at least one client application;
a second network including a server supporting a plurality of resources; and
a direct, port forwarding function implemented on the client for a tunnel operation in which a secure connection is made to the server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. In a packet switched network communications system including a first network including a client running at least one client application and a second network including a server supporting a plurality of resources, a first firewall guarding computer resources of the first network and including an application that enables connections from inside to outside the first firewall and a second firewall guarding computer resources of the second network and including an application that enables connection from inside to outside the second firewall, a method for tunneling implemented on the client for a tunnel operation in which a connection is made to a pre-determined HTTP (Hypertext Transfer Protocol) port in the second firewall comprising the steps of:
-
opening by the client a URL (Universal Resource Locator) connection to the server;
creating a tunnel message by the client and writing the tunnel message as data for a POST request;
reading by the server data from the POST request and acknowledging each tunnel message in response to the POST request;
creating by the server a tunnel message and writing tunnel messages to a response data stream; and
reading by the client the response data stream sent by the server in response to a GET request from the client.
-
-
18. A computer-readable storage medium accessible by a client in a packet switched network communications system including a first network including the client running at least one client application and a second network including a server supporting a plurality of resources, a first firewall guarding computer resources of the first network and including an application that enables connections from inside to outside the first firewall and a second firewall guarding computer resources of the second network and including an application that enables connection from inside to outside the second firewall, said storage medium having stored therein instructions for performing a method for tunneling in which a connection is made to a pre-determined HTTP (Hypertext Transfer Protocol) port in the second firewall, the method comprising the steps of:
-
opening by the client a URL (Universal Resource Locator) connection to the server;
creating a tunnel message by the client and writing the tunnel message as data for a POST request;
reading by the server data from the POST request and acknowledging each tunnel message in response to the POST request;
creating by the server a tunnel message and writing tunnel messages to a response data stream; and
reading by the client the response data stream sent by the server in response to a GET request from the client.
-
Specification