*********************************************************************
                          SOCKS5 Sample
*********************************************************************
         (c)2000 Microsoft Corporation. All rights reserved.


This sample firewall filter demonstrates the use of SOCKS protocol
version 5.


The filter hooks into the SOCKS control channel (TCP port 1080).
For each connection made to this port, an object (CSocksConnection)
is created. This object identifies CONNECT and BIND commands and
handles them.

First, there is a negotiation between the client and the SOCKS filter,
which is acting as a SOCKS server. In the negotiation the client offers
the server ways to authenticate the client. The Server picks one way
(in this sample, user name and password) and then the client sends
the Server a user name and password. The server checks the
authentication and if this user is allowed to make a connection the
SOCKS protocol continues as in the SOCKS 4A protocol.

When a CONNECT command is detected, the filter creates a session for
the client's IP address if needed, that is, if there is no session
already connected to that IP address. The filter then creates a
socket on this session, and makes a connection to the destination
address that was provided by the client in the CONNECT request.

When a BIND command is detected, the filter searches for the BIND
command's session. This session should exist because the BIND
command always comes after a CONNECT command. If this session does
not exist, the filter sends an error packet to the client. If the
session does exist, the filter creates a socket and makes bind,listen
and accept commands for the client. The filter then sends a reply to
the client with the external address of the proxy server to which
the external server should connect.

After accepting the connection from the server, the filter sends the
client a second packet with the internal address to which the client
should send the data.

If,in one of these commands, the client sends a domain name
instead of an IP address, a name resolution is performed by the SOCKS
filter.


Limitations:
  - This sample works only with SOCKS5.
  - This sample does not relate to the RFC-defined time limit
    for the establishment of the connection with the application
    server.
  - This sample only works with User/Password authentication.
  - This sample does not support IP v6.

Filter installation requirements are described in the "Filter Setup"
topic of the ISA SDK documentation.

The following is a summary of what you will find in each of the files
that make up this sample:

socksfltr.sln
socksfltr.vcproj
    Project and workspace files compatible with Visual C++ 7.0

socksfltr.cpp
    This file was generated by the ATL COM AppWizard.  It contains the
    DLL entry points, DllCanUnloadNow, DllGetClassObject,
    DllRegisterServer and DllUnregisterServer.   All are generated
    by the wizard.  The wizard-generated code was modified to also
    register the filter class as a firewall filter.

socksfltr.def
    Defines the functions that the DLL exports. This file was
    generated by the ATL COM AppWizard and was not modified.

socksfltr.idl
    Defines classes and interfaces defined by this DLL. The file was
    generated by the ATL COM AppWizard, and is updated by Visual C++
    when new ATL classes or objects are added.  Some of the code that
    Visual C++ puts in this file needs to be deleted.

socksfltr.rc
    This is a listing of all the Microsoft Windows resources that the
    program uses. The file was generated by the ATL COM
    AppWizard.  Some of the REGISTRY entries added by Visual C++ are
    not required, and were manually removed.

socksfilter.rgs
    This file is included as a Windows resource by socksfilter.rc.  ATL
    uses this file to register the filter object class as a COM class.

socksfilter.cpp
socksfilter.h
    These files implement the filter object class - a class that
    implements IWspFilter interface.  A single instance of this object
    is generated by the proxy.

socksconnection.cpp
socksconnection.h
    These files implement an object that handles each connection to
    the SOCKS port.
    These files include code that parses the packets passed
    and handles them.

Impersonator.cpp
Impersonator.h
    These files implement the impersonator interface 
    (IFWXImpersonator). The impersonator object holds user information 
    so that the Winsock proxy service can impersonate the user.



OutputdebugStringF.cpp
OutputDebugStringF.h
    These files are used to control the printing of debug output.

map.h
    This file contains the declarations of the data structure that
    are used in this sample: 1 map for the IP addresses, each IP
    address's session, and each session's list of sockets.


Resource.h
    This is the standard header file, which defines new resource
    IDs. Visual C++ reads and updates this file.
    The file was generated by the ATL COM AppWizard.

StdAfx.cpp
StdAfx.h
    These files are used to build a precompiled header (PCH) file
    named socksfilter.pch and a precompiled types file named
    StdAfx.obj. The files are generated by the ATL COM AppWizard.