chetan51 / sidestep Goto Github PK

I would like an option that would prevent Sidestep from changing OS X proxy settings.

This would allow us to use Sidestep for tunnelling only the applications we want instead of the entire traffic.

It doesn't seem like something hard to implement, and I would code it myself but first I want to see if it's accepted as a feature. I do not want to endup maintaining my own fork.

Use this: http://stackoverflow.com/questions/899209/how-do-i-test-if-a-string-is-empty-in-objective-c

Seems like some of the newer changes broke Sidestep on 10.5 machines.

I don't know if this specific to my setup, but when I enable the Reroute Traffic Through Proxy Server Now Lion asks me my user session password 3 times before actually rerouting.

Any solution to reduce or remove this requirement?

I don't know if this could be related by the built-in Firewall is activated.

Maybe there's already a recipe for how to do this, if so I'd love some direction.

My specific use case is that when sidestep runs, I need to update .gitconfig with proxy = socks5://localhost:9050, and on disconnect, disable the line.

My bash script actually comments or uncomments those lines, one in [http and one in [https], if anyone is interested, these are the commands in my .bash_profile:

alias gpoff="sed -i '' '/proxy/s/^/;/g' ~/.gitconfig"
alias gpon="sed -i '' '/proxy/s/^;//g' ~/.gitconfig"

Which simply changes these lines in .gitconfig from

[http]
    proxy = socks5://localhost:9050
[https]
    proxy = socks5://localhost:9050

to

[http]
;   proxy = socks5://localhost:9050
[https]
;   proxy = socks5://localhost:9050

Thanks!

Hey,

Sidestep seems like a really sweet app but I'm wondering if there's any way to setup automatic redirection within certain protected networks as well?

Thank you
Fredrik

When I connect to a WPA2 network on Lion, Sidestep still re-routes through my proxy server. I see the following messages in my system.log. The network "NextSpace" is a WPA2 network.

Sep 13 10:16:49 laptop Sidestep[16736]: Environment: {
"AUTH_HOSTNAME" = "_.__.com";
"AUTH_USERNAME" = *_;
DISPLAY = NONE;
"SSH_ASKPASS" = "/Applications/Sidestep.app/Contents/Resources/SSHAskPass";
"SSH_AUTH_SOCK" = "/tmp/launch-Q5iWJB/Listeners";
}
Sep 13 10:16:50 laptop ntpd[48]: bind(26) AF_INET6 fe80::e2f8:47ff:fe08:3e4a%5#123 flags 0x11 failed: Can't assign requested address
Sep 13 10:16:50 laptop ntpd[48]: unable to create socket on en1 (35) for fe80::e2f8:47ff:fe08:3e4a#123
Sep 13 10:16:53 laptop Sidestep[16736]: Environment: {
"AUTH_HOSTNAME" = "..com";
"AUTH_USERNAME" = *;
DISPLAY = NONE;
"SSH_ASKPASS" = "/Applications/Sidestep.app/Contents/Resources/SSHAskPass";
"SSH_AUTH_SOCK" = "/tmp/launch-Q5iWJB/Listeners";
}
Sep 13 10:16:53 laptop applepushserviced[78]: <APSCourier: 0x7fdcb3114840>: Stream error occurred for <APSTCPStream: 0x7fdcb3139b00>: The operation couldn’t be completed. (kCFErrorDomainCFNetwork error 2.)
Sep 13 10:16:55 laptop configd[15]: network configuration changed.
Sep 13 10:16:55 laptop UserEventAgent[11]: CaptiveNetworkSupport:CaptivePublishState:1211 en1 - Probe
Sep 13 10:16:55 laptop UserEventAgent[11]: CaptiveNetworkSupport:CaptiveStartDetect:2343 Bypassing probe on NextSpace because it is protected and not on the exception list
Sep 13 10:16:55 laptop UserEventAgent[11]: CaptiveNetworkSupport:CaptivePublishState:1211 en1 - Unknown
Sep 13 10:16:55 laptop configd[15]: network configuration changed.
Sep 13 10:16:56 laptop Rowmote Helper[291]: Est <AsyncUdpSocket: 0x1b38910> (5843)
Sep 13 10:16:56 laptop Sidestep[16736]: Environment: {
"AUTH_HOSTNAME" = "_.__.com";
"AUTH_USERNAME" = *_*;
DISPLAY = NONE;
"SSH_ASKPASS" = "/Applications/Sidestep.app/Contents/Resources/SSHAskPass";
"SSH_AUTH_SOCK" = "/tmp/launch-Q5iWJB/Listeners";
}

Seems to be issues with Lion at least in my case no connection to remote host. Actually connection is established but when checking IP it gives my WAN and not that of my server which is hosted off site. I have only been able to check this on one Mac, hopefully in a few days more or so a few more people can check this out.

I previously used Sidestep to connect to an EC2 VPN, and when I did it would show that it was connected by showing the disjointed arrow. I've switched to using a VPN I setup in OS X's Network preferences, the option "Reroute through VPN," in Sidestep and now when I'm connected it shows an unsecured icon in the menubar when it's connected.

I had been happily using Sidestep for some time, and loved the fact that it automatically triggered, but at some point I started to wonder whether it actually did what it advertised what was on the tin. I activated it, opened up whatismyip.com and imagine my surprise when it displayed my original IP address. So I started digging further.
I looked into the Proxy system settings, and the proxy was not enabled. I tried to enable it myself, but OS X (10.8 at the time) refused to activate it.
So I copy/pasted the ssh command from Sidestep and tried to connect manually. I then manually enabled the proxy system setting, and I found many instances of the following:

debug1: channel 2: free: direct-tcpip: listening port 9050 for 6-p-07-ash2.channel.facebook.com port 443, connect from 127.0.0.1 port 54921, nchannels 4
debug1: Connection to port 9050 forwarding to socks port 0 requested.
debug1: channel 2: new [dynamic-tcpip]
channel 3: open failed: administratively prohibited: open failed

After some more digging I found that the server I intended to use had set AllowTcpForwarding no in its config.

The "Test Connection" button in Sidestep meanwhile still happily reported that everything was working perfectly.

Could a test for this case please be added? Otherwise you are luring users into a false sense of security by displaying that traffic is rerouted over the tunnel, while in practice it is not.

Hello,

Everytime I open Sidestep, it does not automatically connect to the set SSH profile. I have to connect within the preferences, then try connecting, then re-enter the password (which doesn't save in the Keychain btw) and then it finally connects. What's the problem, or is it me?

Even if the original and the new networks are both open.

Many open networks use some kind of webform for authentication and/or user agreement of the TOS. It would be great if Sidestep could detect the presence of these kinds of redirects and wait for the user to authenticate/agree. Once the internet connection is succesfully set up, Sidestep should automatically setup the proxy connection.

AFAIK Apple currently uses a hardcoded URL to a known file in iOS to test for an internet connection, if this fails it shows the user the webform for authenticating/agreeing. Something similar could be used by Sidestep perhaps?

Change the default port to something other than the default vidalia/tor port.

Sidestep will configure the SSH tunnel when used in Mavericks Developer Preview 3, but it doesn't appear to switch over the SOCKS proxy setting in Network Preferences - I have to toggle that manually to use the proxy.

Check this.

I use sidestep as a tunnel a bit like a VPN. Not necessarily because it's secure, but because it enables the bypass of firewalls and access to my home network.

As such, it would be good to have a feature to automatically connect, regardless of wether the network is 'secure' or not.

Every time Sidestep is launched, it asks for the user's password for access to 'system.preferences'. There should be a way to remember this password so that the user is not always prompted.

Sidestep: 1.3.2
OS X: 10.6.8

Would be very useful to be able to create multiple settings for different servers and the select which one to connect to from the menu.

Just configured SOCKS proxy using an SSH server. After connecting to open network, Sidestep icon changes suggesting it has connected to SSH server. But I don't see any changes to SOCKS proxy. The browser also shows same external IP address before and after Sidestep connects. Am I missing something? Am I supposed to see SOCKS proxy enabled after Sidestep connects to SSH server?

Is there something we can add to the SSH command to support UDP over SOCKS?

Sidestep is easy and cool, but it only support socks proxy...

I like to use

ssh -L lport:host:rport user@host -N

to create HTTP proxy other than socks proxy, if Sidestep add HTTP(HTTPS) proxy support, that would be more cool!

An SSID white/blacklist to prevent Sidestep from.. sidestepping on certain unsecured wireless networks I trust.

Hi,

I installed Sidestep and configured it to use SSH on my webhosting server. The connection test in the preferences runs successfully.
If I reroute the traffic manually, I can't get any connection afterwards. If I set it back to normal routing without SSH it works as usual.

What am I missing and how can I find a point to fix it?

Regards,
b1tchnow

Not sure if this is inherent to how proxies work, but when I connect it seems to ignore any records in my /etc/hosts file. As a developer I kind of need those and it's now a choice between hosts file and secure proxy :/

Since one of the 10.7.X updates the "restore direct connection" menu item doesn't work anymore. As a workaround I'm always disabling the SOCKS proxy in the net settings and killing the ssh tunnel afterwards.. Reopening sidestep after that.

If you need any more information tell me. Right now I'm running 10.7.4 with newest XCode (if that matters). Haven't compiled Sidestep myself.

Allow us to use encryption of various cipher types by adding the c flag to the ssh command: -c 3des-cbc. SSH is a powerful beast, so perhaps this (and other issues) is best added to the app by adding a simple text entry field for extra arguments. You could then take these user-entered arguments and append them to the SSH terminal command.

Connecting to the proxy server using Sidestep works fine, but the proxy settings are never changed in the Network settings. When I manually enable the SOCKS proxy in the Network settings, everything works fine. I am using Sidestep version 1.3.2. I have another computer running Lion 10.7.4 with the same version of Sidestep that doesn't have this problem.

I have a VPN configured and saved but Sidestep is not showing it as an option in the "Available VPN Services". I've restarted Sidestep, but that hasn't made a difference. I'm running 10.9 Mavericks...anyone else seeing this?

I'm using the following command, but not luck...

-i ~/.ssh/personalKey

Sidestep crashs without error message when I choose "Connect" in the menu.

Infos:

• Sidestep: 1.3.2
• OSX: 10.8.1

Currently sidestep maintains the redirection state when a computer goes to sleep and wakes up.

The SSH connection usually fails if the computer goes to sleep, but this is not always detected by Sidestep.

The new Xcode noticed two code errors in AppController.m:

if (GrowlSpam_ConnectingToProxy == 0) {
    [growl message:connectingConnectionStatusText];
    GrowlSpam_ConnectingToProxy == 1; // Want single "="?
}

And:

// Reset GrowlSpam variable to allow notifications now that spam should have ended
GrowlSpam_ConnectingToProxy == 0; // Here as well?

It's nice that support profile switching, make life easy.

Will the app be updated to work with Gatekeeper, as an identified developer etc ?

When using a 4 digit port number, e.g., 5822 Sidestep inserts a comma so it becomes 5,822 which makes connecting impossible.

Hi,

I'm using SideStep to re-route all (the possible) traffic through my server (using SSH), and was trying to get Transmit using my server too.

I'm really not a Proxy / Socks guru at all. Under Transmit there are a lot of proxy options like SOCKS 4, SOCKS 4a, SOCKS 5...

I tried severals but didn't get my FTP connections to work.

Any feedback on this?

Thanks,
Jérémy