Port tunneling

Overlord · 05-01-2001 1:32am #1

Lo lads.
I need to get thru a port specific firewall.
Now this firewall will leave packets thru a few ports 21, 80 etc. So I was thinking a VPN client on my machine connecting to a remote VPN server on the net which used an allowed port would work and allow me use all applications ? Are there any such VPNs available for download?
Any help would be appreciated!

quozl · 05-01-2001 5:40pm

I've been looking for something like that for ages. All I've found is socks2http. It passes socks requests through http to another socks2http which turns it back into socks.
So if you have http access you have full socks access. I've never tried that in here as I dont have an external server to run the other end of the socks2http tunnel on. It'd be handy for some things, but I'd imagine game pings would suck ****.
quozl

amp · 05-01-2001 7:50pm

I doubt it as it'd make the firewall next to useless.

Lunacy Abounds! Play GLminesweeper!
art is everything and of course nothing and possibly also a sausage

quozl · 05-01-2001 8:11pm

its is technically feasible. In fact easy amp. I just could not be arsed in learning enough networking code. its my weak point.
All it needs is two servers, one takes all data, encapsulates it to include what port/dest really should be then passes it through say the smtp port. A port which usually allows access to and from any outside machine. I know it does on the firewall where I work. If not then say the port for your internet meeting program or whatever. That outside machine reads the data stream, removes packet headers and reroutes the data to its real destination.
Easy money.
quozl
PS If anyone finds a prog written to do this or wants to write one, let me know please

And the point is to make the firewall useless. This is a firewall bypass from inside.

[This message has been edited by quozl (edited 05-01-2001).]

Dotsie~tmp · 06-01-2001 5:36am

I cant see why sock2http wont work here.

Example.
I want to run mirc through my companies firewall which only allows say mail and web access. I start up socks2http set it as the socks-proxy in mirc options and set the http-proxy server in s2h as say fester.esatclear.ie:8080. Wouldnt the firewall just see this as you requesting a web page? I may be wrong (may? ahahah).

One thing im not sure of. Are you required to set the http-proxy in socks2http as a server thats on you local network? Would a chain of two http proxies help then? BTW if im talking boll0x just ignore me.

If this is any help SocksCap will enable 32-bit WinSock applications running under Windows 9x and Windows NT, to use a SOCKS proxy server.

Dotsie
ICQ: 44472574
www.dotsies.com
dotsie@dotsies.com

Overlord · 07-01-2001 6:44pm

yup mirc would work in that scenario alright but im trying to get q3 working

bit awkward as it tried to connect on a lot of differnt ports

Void · 08-01-2001 11:56am

I'll have a crack at this.
Collie sent me some sample proxy code before, but I lost it. Anyone know his email?
As woody (!) said, the problem is that Q3 uses loads of ports. Not just loads of ports, but it will negotiate it's connection with TCP first, and then switch to UDP for the actual game state information. It might even leave a TCP channel open for infrequent data. These are all guesses of course, but the actual specification for Q3 packets will be available somewhere. Does anyone know can this be done with normal socket programming or will raw sockets be needed? And no, it won't be easy Quozl.

Koopa · 11-01-2001 12:38pm

quake3 does not negotiate its connection with TCP first , in fact i dont think it uses TCP for anything at all, except to connect to socks proxies.

it sends a UDP challenge to the server, the server responds.. it even authenticates on the q3 cdkey server using UDP, not TCP.

the snag is, i dont think the firewall allows UDP out on any port, so we have to figure out a way to proxy quake3 using TCP and then back

also, quake1 worked fine when we connected with it to archroy.barrysworld.com:80 (its running a qizmo quakeworld proxy which listens for incoming TCP connections on port 80, and works like a normal qizmo proxy after that)

quozl · 12-01-2001 7:14am

> And no, it won't be easy Quozl.[/B][/QUOTE]
I have been codeing c for 7 years. Including large network programs. I'm a pretty good judge of how easy it will be. And its not a particularly difficult job. Its more a boring slow one. No great thinking, no complicated alghoritms, nothing. Just boring, boring network code,
imo anyway
quozl

Overlord · 17-01-2001 4:21pm

Void (Petah!) the firewall DOES in fact allow udp thru on the ports. I have connected with qw thru port 80 with qizmo on normal udp connect. So we have at least 4 or5 ports that allow udp and tcp. Should be enough to work with ? So if u can get some sort of port mapping done i think it would work?

<font face="Verdana, Arial" size="2">Originally posted by quozl:
> And no, it won't be easy Quozl.</font>

I have been codeing c for 7 years. Including large network programs. I'm a pretty good judge of how easy it will be. And its not a particularly difficult job. Its more a boring slow one. No great thinking, no complicated alghoritms, nothing. Just boring, boring network code,
imo anyway
quozl

[/B][/QUOTE]

Quozl - Right since your so l33t at programming how about actually doing something to help - it will make your name worldwide and help loads of ppl to play q3 thru firewalls instead of complaning that its "too boring"

Port tunneling

Comments