From: Dan Cross <cross@math.psu.edu>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] Unix trampoline?
Date: Tue, 20 Jan 2004 11:29:54 -0500 [thread overview]
Message-ID: <200401201629.i0KGTsj01777@augusta.math.psu.edu> (raw)
In-Reply-To: Your message of "Tue, 20 Jan 2004 07:45:02 EST." <a30164d1f66f18dccea8c9990ac9bec1@9srv.net>
a@9srv.net writes:
>
> okay, i've been banging my head against a wall since
> yesterday trying to do a simple port-forward on unix.
> i'm having a heck of a time getting natd, ipfw, and
> ssh to all play nice together. i'd love to just skip
> the whole deal and run trampoline from aux/listen,
> but, obviously, i've got neither trampoline nor
> aux/listen on unix. anyone got either?
What about netcat started from inetd? That does largely the same
thing, and I've used it to good effect to shuttle bytes between the
HTTPS port on one machine to the SSH port on another. Alternately, I
have a Unix trampoline I wrote once and posted to 9fans. It's either
in the list archives, or in /usr/cross/src/unixsrc/c/misc/trampoline.c
on my machines, which you have an account on. I wrote it under MacOS
X, so it should work in your environment.
As an aside, completely unrelated to Anthony's question, a good way to
get around overly restrictive corporate firewalls: take an SSH client
that can deal with an HTTP proxy [PuTTY is a good one], and connect to
an SSH server answering on the HTTPS port of a server out on the
Internet somewhere, and forward a bunch of ports through it. Most HTTP
proxies will let you connect to remote HTTPS ports; if not, run the SSH
server on the HTTP port itself.
In my case, I have a Sun running an HTTP proxy on the localhost
interface. In my restrictive environment, I SSH through the HTTP proxy
in the local firewall to the HTTPS port of another Sun that forwards to
the SSH server on the first Sun (Why? I have a real HTTPS server
listening on the first Sun). I forward whatever ports I'm interested
in, including the HTTP proxy port, and I run my web browser using my
local machine as a proxy, which forwards to the Sun, which in turn
proxies my web traffic (and whatever else I want, like AIM). The Sun
is on a network I trust no one to be sniffing. Or, if they are, I
don't particularly care. At least this way, no one is sniffing my
local traffic unless they're monitoring my keystrokes or what goes
over the loopback interface.
- Dan C.
prev parent reply other threads:[~2004-01-20 16:29 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-01-20 12:45 a
2004-01-20 15:24 ` phillip stanley-marbell
2004-01-20 15:38 ` C H Forsyth
2004-01-25 7:22 ` Jack Johnson
2004-01-25 11:27 ` Bruce Ellis
2004-01-25 18:02 ` Charles Forsyth
2004-01-25 18:18 ` boyd, rounin
2004-01-20 16:29 ` Dan Cross [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200401201629.i0KGTsj01777@augusta.math.psu.edu \
--to=cross@math.psu.edu \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).