PASS - Proxy Accept Socket Service

Jeremie Miller

The Jabber.org Foundation

Cascade IA
52033
US
jeremie@jabber.org

06/01/2001


Introduction

Doing direct client-client file transfers presents a major problem for clients that are behind a firewall or NAT. PASS will allow clients to still do real-time file transfers via a 3rd party, and not only be limited to file transfers but allow any two clients to create a raw TCP socket between them for any purpose, such as VoIP (SIP/RTP), BEEP, or binary game data.


Registration/Setup

The first step is to communicte with PASS to set it up.

Request:
  <iq type="set" to="pass.jabber.org">
    <query xmlns='jabber:iq:pass'>
      <expire>600</expire>
    <query>
  </iq>
Result:
  <iq type="result" from="pass.jabber.org">
    <query xmlns='jabber:iq:pass'>
      <server port="43253">1.2.3.4</server>
    <query>
  </iq>

After this point, PASS is now listening on the given IP and port for incoming connections on behalf of the jabber entity. The provided IP and port can now be sent to any other entity as a connection point, for file transfers or any other use.

Other ideas include: having a "use" field to describe what it's for in the set, and allowing a iq get to see what's currently set, or any usage limitations, warnings, expiration boundaries, timeouts, etc. Also, what about using iq:register to have a permanent one (for a local web server for instance) and use presence to enable/disable it? Doesn't seem useful in that general sense.


Incoming Connections

When an incoming connection is attempted to that IP and port, PASS will send an iq request to the entity it's listening on behalf of.

  <iq type="set" to="user@jabber.org/resource">
    <query xmlns='jabber:iq:pass'>
      <client port="1234">4.3.2.1</client>
      <proxy port="43523">1.2.3.4</proxy>
    <query>
  </iq>

The entity should now immediately connect to the given proxy IP and port, and upon connection all data written to that socket will be copied to the client connection, and vice-versa. Any disconnect in either side will cause a disconnect in the other. If the iq set to the entity fails or returns an error, the client socket will be dropped as well. The client xml element provides the information about the remote end of the incoming socket.

Abuse in bandwidth or resources could become an issue, so PASS will have to include very strict and detailed rate and usage limits, allowing only limited usage by single entities, and rate limiting bandwidth used if necessary for both single connections or overall usage.