Home of SpoonProxy software.
 Purchase Products    Sitemap    Contact    About Us    Home
 Search
 





 
 
 Home

 
 About Us

 
 Contact Information

 
 SpoonProxy

 
 SpoonFTP

 
 Strategic Partners

 
 Non U.S. Resellers

 
 Other Services

 
 Email Webmaster


 

I Can't get ICQ to connect.  What should I check?

#1:  Remember, SOCKS support in SpoonProxy expires after 30 days and ICQ relies on SOCKS.  So first make sure you are using either a non-expired demo, or that you have registered SpoonProxy or ICQ will not work.

#2:  9 times out of 10, problems with ICQ are due to an invalid DNS configuration.  Verify that DNS is mapped properly by attempting to ping something like www.microsoft.com from one of your client machines.  It will time out, but it should resolve to an IP address.   If it does not resolve an IP, then DNS is not working (and consequently neither will ICQ.)

Complete instructions on mapping DNS.

#3:  Make sure you have no references to mirabilis.com in your hosts file on the client machine.  If there is one there, delete it.

Back to Top


Can PPTP/VPN be proxied?

AFAIR, PPTP uses TCP port 1723. However, PPTP cannot be proxied since proxies act on the layers higher than network by definition. Packet filtering and stateful inpection firewalls are "PPTP-able". Can be done with Microsoft Proxy Server 2.0 using DMZ.

Back to Top


I am getting a WSAENOBUFS error when I try to make a connection.   What do I do?

To get rid of the WSAENOBUFS error, try to reduce the number of mapped ports (especially TCP). If that doesn't help, add the following value using RegEdit:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP\MaxConnections

For Win95 with Winsock 1.1, add it as a DWORD. Change the value to something larger than 100 decimal (64 hexadecimal).

For Win98 or Win95 with Winsock 2, add it as a string. Change the value to something larger than 100.

I found that 256 isn't a bad value, but your needs may be different.

Please note: Our advice on MaxConnections only applies to the MS TCP/IP stack.

For WinNT, it depends on the amount of non-paged memory you have available. According to people inside Microsoft, the WinNT/Win2K kernel allocates sockets out of the non-paged memory pool. The size of this pool is fixed, and is dependent on the amount of physical memory in the system.

For NT4 on Intel x86 machines, the non-paged memory pool stops growing at 1/8 the size of physical RAM, with a maximum of 128 megabytes. The maximum is 256 MB on Windows 2000. Thus for NT4, the size of the non-paged pool stops increasing when you hit 1 GB of RAM. On Win2K, you hit the wall at 2 GB.

The data associated with each socket adds up to just under 2 KB. Assuming regular reading and writing on each conneciton, you have to add to that a 4 KB read buffer and a 4K write buffer, at least. (4 KB is due to the x86's memory management unit's page size.) Assuming the simple case of 10 KB of data per connection and 128 MB of non-paged memory, the theoretical maximum on NT4 is about 12,800 connections, and on Win2K 25,600 connections.

Back to Top

I sometimes receive "SpoonProxy V2.0 Socket Error" with the suggestion to either "map fewer ports" or to "increase the maximum number of connected sockets" on the proxy machine.  What does that mean?

One of the most common reasons for that error is a lack of resources on your server system, so it's possible that increasing the memory from 40Mb could help. You could also go to WinNT 4.0, which has a more dynamic scheme for managing connections. If your server is running Win95 or Win98 and the MS TCP/IP stack, you can increase the maximum number of connections by adding a registry entry. Using RegEdit, add a value called MaxConnections to the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP

For Win95, the value should be added as a DWORD. For Win98, the value should be added as a string.

100 decimal is the system default when the value is not present, so you want something larger than that, such as 256. After you add the value, restart Windows and you will be running with a higher maximum number of connections.

Back to Top

How do I make Battlenet and Starcraft work with SpoonProxy?

In addition to running Hummingbird SOCKS on the client machine, you must also do a UDP mapping in SpoonProxy of port 6112 IN and OUT to the INTERNAL IP address of the machine the Starcraft/Battlenet software is running on, i.e in my setup the IP is 192.168.0.2, and voila! I can join and create games now as well as chatting!

If you still have trouble after doing the above, try creating a file in your starcraft directory called wspcfg.ini and adding the lines:

[starcraft]
RemoteBindUDPPorts=6112
ServerBindUDPPorts=6112

Back to Top

I want to know if your software can support multiple modems (usually 2 modems) on the server PC?

SpoonProxy does not bind to a specific interface for sending or receiving. It lets Winsock take care of what will be routed through which interface. However, if there are two or more IP addresses, the configured routing will determine which interface will carry the connection.  But SpoonProxy will only attempt to control one dial-up networking interface at the most.  If there are multiple dial-up networking interfaces, you will have to use some other utility to keep them all connected.

Multiple modems does not necessarily mean multiple IP addresses.  If you have an ISP that allows you to use multiple modems for increased bandwidth, you may have configured a dial-up networking entry to use Multilink.  In that case, SpoonProxy would still be in control of only one dial-up networking entry, even though the dial-up networking entry might be configured with multiple modems.

Back to Top

How do I use SpoonProxy if my ISP has its own Proxy Server?

If your ISP uses its own proxy server, you can still use SpoonProxy.   What you need to do is map your ISP's proxy port (usually port 8080) IN and OUT to the IP address of your ISP's proxy and then use port 8080 as you normally would as the port for your HTTP connections in your browser. Be aware that you can't run both the HTTP proxy and a port mapping on port 8080. If you wish to run the HTTP Proxy in addition to having a port mapping you'll need to use a different incoming port for one or the other or both.

For more detailed instructions on this issue see Configuring SpoonProxy to work other proxy servers or content-filtering services.

Back to Top

My ISP says I've got an Open Relay on my SMTP port 25. What does this mean and how do I fix it?

An "open relay," is a mail server that allows third-parties to send mail to other third-parties. For security reasons and to thwart spammers, almost all ISP's limit use of their SMTP servers to their customers only. (For detailed information on Open Relays see http://mail-abuse.org.)

To make sure you have not un-intentionally created aOpen Relay, first, make sure you are using the latest version of SpoonProxy. Then in SpoonProxy under Properties, make sure that the Incoming Restrictions tab has the "Include Local Addresses" box checked. This checkbox enables only local only IP's on your private subnet to use your proxy server, but disallows any other IP's. Additionally, on the SpoonProxy TCP Map tab, click Edit for your port 25 entry (SMTP) and make sure the "Incoming Restrictions" box is checked there. That checkbox applies your incoming restrictions to that protocol and port.

Back to Top

When starting IE 5.0 when the server machine does not already have dial-up networking initiated, SpoonProxy does begin to dial, but IE 5 immediately returns with the page not found error screen.  IE 4 did not do this.  Is there another setting in IE 5 that I need to know about, or is this an IE 5 bug?

It's not really a bug in IE5, it's a "feature" that Microsoft added in that version. And yes you can turn it off.

To do so in IE5, go to Tools >> Internet Options and select the "Advanced" Tab. Under "Browsing" you'll see a checkbox for "Show Friendly HTTP Error Messages." Uncheck that box.

Back to Top

Why can't my client workstations cannot ping the external world?

Your client machines will not be able to ping the outside world and receive a reply unless you're running a gateway on your internal network.  You will, however, notice that if you map DNS in SpoonProxy and set your SpoonProxy machine's IP as your client's DNS server that a ping to an external server name from a client machine will resolve an IP address, but it will still receive no ping reply.  (The same will hold true for tracert.)


Back to Top


I use SpoonProxy with a dialup connection. Can I change the HTTP Connect Page or the reload time?

Create a file called "connect.html" in the SpoonProxy directory. To do so, copy the current page by using View Source from your browser when the page comes up (or copy the following code and modify it), changing the refresh setting from 10 seconds to 4 seconds (for example.) The new page would look something like this:

<HTML><HEAD><META HTTP-EQUIV=REFRESH CONTENT=4>
<TITLE>SpoonProxy Connecting</TITLE></HEAD>
<BODY><H2>SpoonProxy Connecting...</H2>
The dial-up networking connection is not yet active.
<P>This page should reload every 4 seconds until the
connection is established. If the page fails to reload,
use your browser's Reload or Refresh button.
</BODY></HTML>

Back to Top

I'm having trouble understanding the Incoming/Outgoing Restrictions tab. Can you give me more examples?

For incoming restrictions, the "from" is the first IP address in the range; the "to" is the last IP address in the range. Instead of "from" and "to," think of it as "first" and "last." Note that if you're allowing a single address or a single network IP, the "from" and "to" values will be identical.

The mask is for both "from" and "to." As an example, let's say I want to allow access from just one machine, 192.168.0.2, on my internal network. I would use a "from" of 192.168.0.2, a "to" of 192.168.0.2, and a mask of 255.255.255.255. A logical AND is performed using the mask when comparing an incoming address to your restricted address list. Since ANDing anything with 255.255.255.255 leaves the original value, it's useful for comparing a single IP.

As another example, let's say I want to allow access from my entire internal network. I'm using 192.168.0.0 with a netmask of 255.255.255.0. There are two ways you can specify this in the incoming restrictions. One way is to use the mask of 255.255.255.255 and specify a "from" of 192.168.0.0 and a "to" of 192.168.0.255. The other way is to use a mask equal to the netmask, of 255.255.255.0. Then use a "from" of 192.168.0.0 and a "to" of 192.168.0.0. To see how this works with a single address in the range, when you AND 192.168.0.2 with 255.255.255.0, you get 192.168.0.0, which is equal to both the "from" and the "two" values in this last example, and is thus allowed.

Back to Top

Does Dialpad work with SpoonProxy? What do I need to do?

1. SpoonProxy 2.3 / DialPad Configuration (8/1/00)
2. Open SpoonProxy
3. Click Properties
4. Select the UDP Map Tab
5. Click Add, and map Port 51200 IN and OUT to the INTERNAL IP address of the client machine you run DialPad on. Click Okay.
6. Do the same thing for port 51201, and apply changes.
7. Select the TCP Map Tab.
8. Click Add, and map port 51210 IN and OUT to the INTERNAL IP address of the client machine you run DialPad on. Apply changes.
9. Client machine browser must be running "socksified" with Hummingbird SOCKS or SOCKScap, but no other changes are necessary. For links and instructions on configuring SOCKS to work with SpoonProxy please visit http://www.pi-soft.com/spoonproxy/

 

Back to Top

How do I upgrade to the latest version of SpoonProxy?

You can simply upgrade from prior versions of SpoonProxy since version 2.0. Your settings and registration should stay intact. There is no charge to registered users to perform this upgrade.

If for some reason you needed to revert to a version earlier than 2.5, however, you would need to completely uninstall and re-install from scratch due to major changes since that version.

You may note the new default ports for HTTP, and HTTPS, and browser FTP have changed in the current version. You can leave your SpoonProxy ports for those at 2222, 2525 and 2323 respectively even when running version 2.5 even though the new defaults are 8080, 8081 and 8021 respectively.

Back to Top

Can you provide an overview of features and parameters that can be set in SpoonProxy?

General:

1) Hide initially (hides the SpoonProxy window when running on Win95/98/Me platforms, leaving a tray icon). This has no effect when SpoonProxy is running as a service (WinNT/2k/XP).

2) HTTP connect page. When using Dialup, SpoonProxy can present a "connecting" page for when the connection is being established. The contents of the page are configurable.

3) Privacy: Block e-mail addresses in HTTP proxy requests. This causes removal of e-mail addresses from browser requests.

4) Privacy: Block referring page in HTTP proxy requests. This causes removal of the referring page from browser requests.

5) Privacy: Block browser type in HTTP proxy requests. This causes removal of the browser type from browser requests.

Incoming:

1) From-address, to-address, and netmask. Each entry provides access to a single IP or group of IPs.

2) Include local addresses. This will automatically allow local addresses if they are assigned to network interfaces on the machine. Local addresses are defined per RFC 1918.

Outgoing:

1) From-address, to-address, and netmask. Each entry provides or denies access to a single IP or group of IPs.

2) Allow access to only these sites. Allows access to all defined entries.

3) Deny access to only these sites. Denies access to all defined entries.

TCP Map:

1) Port, service, destination. Each entry defines the port number, service type, and destination IP/port (if applicable). There are a number of different types of services, including pass-through (simple TCP mapping), HTTP, Secure HTTP, FTP, SOCKS, Admin (for web administration of SpoonProxy), Status (for connection status), etc.

UDP Map:

1) Port, service, destination. Each entry defines the port number, service type, and destination IP/port. The only service available to UDP is pass-through.

Logging:

1) Enable/disable logging. Note that SpoonProxy logs are mainly used for debugging purposes. Pi-Soft has a status service to provide information to logging applications, but has not published the specification or created a logging application yet.

2) Log file path.

3) Maximum log file size. If the size is zero, dated log filenames are used, and a maximum of eight log files are kept.

4) Trace levels. These are all used for debugging purposes.

Registration:

1) Registered-to entry. Provided by the customer.

2) Organization name entry. Provided by the customer.

3) Registration key entry. Provided by Pi-Soft.

Dialup:

1) Dial-up entry. You may select from existing Dial-up Networking entries.

2) Idle timeout. Specify the amount of idle time before the dial-up connection is closed. If no time is specified, the dial-up connection is opened when SpoonProxy starts and re-opened if the connection is lost.

3) Redial on disconnect. Mainly for WinNT/2k, since by default WinNT/2k will redial a lost connection.

4) Login information. User name and password. These entries are required for when SpoonProxy runs as a service.

Back to Top

Do we have to maintain an internal userdatabase for your proxy or is it possible to use NT-security information instead?

We have a new, unreleased feature which implements a user database for SOCKS and web authentication. We have not yet released this feature because we're working on adding the NT security option as an additional feature.

Back to Top

I have over 100 users per location. How many users can connect to one specific proxy?

For 100 users per location, we recommend getting a fast server with a lot of memory. However, we do not have specific benchmarks. We do have a number of customers who handle 40-50 users without a problem, but we have not solicited data on the number of users handled by SpoonProxy in specific locations.

But from my experience in running a high-volume TCP/IP server, I would recommend the following: Minimum 400 MHz processor. 512 MB of memory. Windows 2000.

Back to Top

Does SpoonProxy cache web pages? If so, how?

SpoonProxy does not cache web pages, although it does cache DNS lookups since they typically take the most time out of any interchange. Instead, SpoonProxy relies on caching by the browser. We've considered adding caching, but since a good number of our customers use SOCKS which has no provision for server caching of web pages, we decided against it.

Back to Top

I'm running Windows XP on my client machine and having trouble with Java aplets

Microsofts VM is not shipped with the WIN XP CD. And there is no option to update the addon from the install routine of XP. You will need to download the VM from Microsoft to solve the problem (about 5MB). See http://www.microsoft.com/java/ for more information.

Back to Top

I've recently upgraded to version 2.6.0.21 and can no longer get SpoonProxy to establish a dialup connection on my NT/Windows 2000/Xp machine. What's wrong?

As of version 2.6.0.21 a change was made to the install program so that it stops and starts the SpoonProxy service during install/uninstall. Starting with this version you can only get SpoonProxy to work as a non-configurator on NT/2k/XP by running it as a service. In other words, the application mode has been removed.

The three modes of SpoonProxy were:

1) Service
2) Application (no longer available on NT/Win2K/2000)
3) Configurator

Because application mode has been removed as of version 2.6.0.21 you must run SpoonProxy as a service under NT/Win2K/2000 in order for it to function as a proxy server. Running the program from the start menu in this case will run it in "configurator mode" only.

When SpoonProxy runs as a service, dial-up networking info must be entered correctly on the SpoonProxy dialup tab since the service doesn't have access to the password info associated with the dialup account which is associated with a user account. People running NT/2k/XP and using dial-up networking may have gotten around their invalid info entries by running SP as an application instead of as a service. That would have worked fine with every version released except for 2.6.0.21.

Back to Top

My firewall tells me I am being pinged by www.pi-soft.com. Why is that?

Basically, any TCP or UDP conversation with a machine can cause the start of PMTU discovery, which attempts (through the use of PING) to determine the best MTU size for the return path to the source of the conversation.

In other words, you browse http://www.pi-soft.com (or some other web site), or telnet to it or whatever, and that machine will ping your machine (or firewall/proxy server) every 15 minutes or so for a while to determine the most efficient method to talk back to you. It eventually stops on its own.

Back to Top

 

 

 

We Support What You Use

There are literally thousands of internet programs that will work with our software, and not all are listed on our support pages. We do our best to keep up and add support for new programs as needed.

If you can't find your answer to your question in our FAQ, or on our support pages, or in our discussion group, please use our support form.

 
 
     
 
Copyright © 1996-2000 Pi-Soft Consulting, LLC