My router has a proxy service. Can I test it as a Virtual Service (Port Forwarding)?
Some routers have proxy services enabled which intercept IP packet streams and do a variety of useful tasks, such as modifying IP headers or caching application data for faster subsequent transactions.
The vservice.tcl
test module included with CDRouter allows
user-defined Virtual Services, also known as Port Mappings, to be
tested. A test engineer can configure CDRouter to forward packets
through specified TCP or UDP ports on the WAN side of the
router. CDRouter will intercept these packets on the LAN side of the
router to determine the outcome of the test.
The testvar virtualWANTransType
specifies how the
source IP address is expected to appear when received and inspected by
the CDRouter LAN client. Setting it to none
indicates that CDRouter
will expect the source IP address to be that of the remote
host. Setting it to public
indicates that CDRouter will expect the
IP source address to be the WAN port address of the router, and
setting it to private
indicates the IP source address should be the
router’s LAN port address.
CDRouter can be configured to test proxy services enabled for a
particular protocol or port, such as FTP on port 21, by treating them
as Virtual Services. Because the proxy service might rewrite the IP
source address of the packet, the results may not be consistent with
the value set in virtualWANTransType
for other
un-proxied Virtual Services. We recommend using a separate
configuration specific to testing proxy services for this reason.
Here is an example of a configuration for testing an FTP proxy service
using the vservice.tcl
test module:
testvar virtualTcpServicePort1 21
testvar virtualTcpServiceHost1 10.0.1.201
testvar virtualTcpServiceName1 ftp
Additionally, the virtualWANTransType
testvar must be
set to public
:
testvar virtualWANTransType public
Finally, the port for the proxy service must also be listed in the
testvar firewallTcpOpenPorts
list if the firewall.tcl
test module is also going to be run:
testvar firewallTcpOpenPorts "21"