Accordata Port-Proxy V0.95
Port-Proxy is Perl script to forward ports from the local system to another system.When using https-tunneling you are able to go through an firewall.
Features:
- Port forwarding an the same system
- Port forwarding to an remote system
- Testet with Linux and Windows
- Forward over https-tunnel to port 443
- Forward over https-tunnel to any port
- Install Perl
- Download the zip
- Unzip to an any directory
- Edit configuration file
- Start programm
Configuration
All the configuration is done in the file port-proxy.conf, which is readed from the current directory when starting port-proxy.pl.There are the following parameters which can apear multiple times:
forward=local addr,destination addr,[proxy 1],[proxy 2]
| local addr |
Define where port-proxy listen for connections. It can be either a port or an address with port (eg. 127.0.0.1:8080; localhost:8080) Without an address your system listens on all interfaces, also an dialup line. |
| destination addr |
Defines the destination as addr:port (eg. 192.168.0.1:80 or remotehost.com:80) Please note: If you use an proxy, this address is from the view of the proxy. If you use localhost or 127.0.0.1 it addresses the proxy host. If you enter the special address [PROXY], port-proxy.pl behave like an https proxy an reads the destination from the connecting client. |
| proxy 1 | Defines an https proxy to use. |
| proxy 2 | Defines an 2nd https proxy to use. This is usally port-proxy.pl listening an port 443 |
Defines which destinations are allowed if you use [PROXY] as destination.
Addr is executed with perl regex and my be something like this:
allow_proxy_to=localhost:23 # allow telnet
allow_proxy_to=192.168..*:80 # http to all 192.168.x.x
Example 1: Port forwarding
Task: Allow access to a service on a know host
[client] --- [proxy] --- [remote]
Your client has no access to [remote], but has access to [proxy]
To fetch mail from [remote], you may configure on [proxy]:
forward=110,remote.com:110
Your client connects to [proxy] an port 110 an fetches mail from remote.com.
Example 2: Port forwarding with https tunnel
Task: Your client want to telnet to a know host, but is behind an firewall with only access to an https proxy.
Configuration on Client (not working): forward=localhost:9023,remote.com:23,https-proxy:8080
Since most proxys allow only connection to port 443 you don't has access to remote.com:23.
To get it work, you need to setup telnet on port 443 at remote.com:
- Insert in inetd.conf of remote.com: 443 stream tcp nowait root /usr/sbin/tcpd in.telnetd
- Use configuration: forward=localhost:9023,remote.com:443,https-proxy:8080
- On your client use: telnet localhost 9023
[client] --- [https-proxy] --- [remote host proxy:443] -- [remote service]
To cover the problems noted above, port-proxy.pl can behave like an proxy listening an port 443 and forward to your needed service.
You need to run port-proxy.pl on [client] and [remote]
port-proxy.conf on your client (telnet example):
forward=localhost:9023,localhost:23,https-proxy:8080,remote.com:443
(Note: 'localhost:23' is from the view of remote.com. Therefore it addresses telnet on remote.com)
port-proxy.conf on remote.com:
forward=443,[PROXY] # Listen on port 443 and behave like an https proxy
allow_proxy_to=localhost:23 # telnet
Connection flow:
- On client: telnet localhost:9023
- port-proxy.pl connects to https-proxy:8080
- https-proxy connects to remote.com:443
- port-proxy.pl an remote.com connects localhost:23 (telnet)
Running port-proxy.pl
perl port-proxy.pl [-d] [-D] [-c conffile]| -d | Enable debug output |
| -D | Become a background process (detach don't work on windows) |
| -c conffile | Specify an config file |
perl port-proxy -D -c /etc/port-proxy.conf
from http://www.accordata.de/downloads/port-proxy/index.html
