Challenge Overview
Challenge Overview
-
Research the existing web socket tunnel tools or libraries and create a PoC application to demonstrate its functionality.
Technology Stack
-
Websocket Tunnel
-
HTTP
-
Firewall
-
C++
Requirements
-
Access web application running behind private network and strict Firewall
-
Establish a TCP socket tunnel over websocket connection, for circumventing strict firewalls and access any web application.
-
The situation is as follows, an HTTP client wants to make request to an HTTP server behind a firewall and does not have a public IP.
-
Network 2: Note that we also need a TCP server will mediate between browser and relay server (websocket server). The TCP server and the browser will be co-located.
-
Network 2 represents a technician laptop connecting to Network1.
-
Network 1 is where the webapps are available behind the firewall.
-
The relay server is on the public cloud.
-
A similar kind of environment will be needed for POC . It's recommened to use Azure to setup the network for testing.
Websocket tunnel creates an HTTPS tunnel that can connect servers sitting behind an HTTP proxy and firewall to clients on the internet. Websocket server capable of handling many concurrent tunnels allowing a central websocket client to make requests to many servers sitting behind firewalls. Each client/server pair are joined through a token.
The websocket tunnel app implements a tunnel through the firewall. The assumption is that the websocket tunnel client app running on the HTTP-server box can make outbound and inbound HTTPS requests. In the end there are 4 components running on 3 servers involved:
-
the http-client application on a client box initiates HTTP requests (Remote Machine in network 2)
-
the http-server application on a server box behind a firewall handles the HTTP requests (Webserver in Network 1)
-
the websocket tunnel server application (Websocket Server with Public IP address)
-
the websocket tunnel client application (Websocket Client on Network 1 pass request to webserver)
We want the tunnel to be open between laptop and relay server till the time the session is needed any amount of commands/requests and responses can move back and forth
The relay server should be able to handle multiple sessions, and it can be used to serve multiple applications (e.g. 1200 apps per relay).
In this challenge, we want you to perform research on existing websocket tunnel tools or libraries, and create PoC to show that it can meet the requirements above.
You need to find the best tool or library to address the requirement, and please describe it clearly if it has any limitations.
For the PoC, there should be simple web app running on the server behind the firewall, and the laptop browser should be able to access this via web socket tunnel.
We also expect a component to be installed on the laptap, which is responsible for the communication between the laptop and the relay server. This component must be developed with C++.
Final Submission Guidelines
Submission Deliverable
-
PoC code
-
It’s not required to setup a firewall in this challenge, but if you can, we can give you a bonus.
-
For the component installed on the laptop, you can choose C++ or other languages for now. Just make sure it can be easily converted to C++ later.
-
-
Necessary documentation to describe your solution
-
Detailed Deployment Guide and Verification Guide