Operating systems

Port Forwarding with Perl

September 10, 2008, 05:00 AM — 

Many people are thinking of ssh tunnels when they talk about port forwarding. It's easy to set up and you probably have everything you need (i.e., ssh) on most any system you want to use it on. Port forwarding does not have to be done through a tunnel, however, nor does it require ssh. Any script or program that rewrites packets in such a way as to accomplish the forwarding of packets from one port or system to another can be used for port forwarding. This doesn't mean that it's easy to build this kind of script or program, but it does mean thay tools like this are available.

One good example of a port forwarding script is Accordata's Port-Proxy. A Perl script which uses a number of modules such as IO::Socket and IO::Select, port-proxy.pl requires that you install your port forwarding specifications in a configuration file which it reads when invoked. The line "forward=1111, localhost:2222", for example, forwards connections sent to port 1111 to port 222 on the same system. If you put the following lines in your configuration file, port-proxy will listen on both ports 1111 and 3333 and will pass connections to the latter to fermion.particles.net.

Listen on 1111; forward to localhost:2222
Listen on 3333; forward to fermion.particles.net:4444

You can see that the specified ports are listening using netstat. One thing you might notice in this netstat output that is different than what we would see if we were forwarding the ports using ssh is that these LISTENs will accept connections from any system; unlike ssh, they do not listen only for connection requests generated locally. This means that you could easily set up systems to "daisy chain" port connections from one system to the next.

tcp4       0      0  *.1111          *.*             LISTEN
tcp4       0      0  *.3333          *.*             LISTEN

NOTE: The "*" in "*.1111" and "*.3333" means listen for requests from any system.

You can download port-proxy from Accordata GmbH using this URL:

http://www.accordata.de/downloads/port-proxy/index.html

The site is both in German and English. The notes online say that port-proxy has been tested with Linux and Windows, but I've used it on Solaris and Mac OS X as well. If you have Perl installed on your system and a reasonable set of modules, it will probably work for you as well.

If you test with two systems, you can run a listen script like that I wrote about last week on, say, port 4444 on the remote system.

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

I like it!
Comments

You have options about

You have options about whether ssh forwarded ports listen on localhost-only, or not, but I think ultimately it (ssh) would be used in specific cases where you wouldn't want naked transport anyway.
| reply

http://www.ffxi-gil.org

You can do it without perl. Create an ssh publickey and copy it into remotehost's ~/.ssh/authorized_keys. This avoids using any password at all (and is actually more secure in some respects). then you can do:

ssh -L 5900:vnctarget:5900 remotehost

and then

vncviewer localhost

will get you VNC access to vnctarget. Just tested it.
| reply

Other useful port forwarding tools

There are two additional port forwarding tools which I've found very useful:

stunnel (http://www.stunnel.org/)
udptunnel (http://www1.cs.columbia.edu/~lennox/udptunnel/)

One example of these two used in combination is to forward a UDP packet via a SecureTCP pipe.

You will need to download and compile the sources using gcc.
| reply
peer-to-peer

jfruh
Apple syncing patent can't come soon enough

pasmith
New Twitter features borrow from 3rd party clients

Esther Schindler
Open Source Changes the Software Acquisition Process

mikelgan
How to set up continuous podcast play on the new iTunes

David Strom
Five important Windows 7 mobility features

sjvn
Guard your Wi-Fi for your own sake                        

Sandra Henry-Stocker
Grepping on Whole Words

 

Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325

Join the conversation here

The Daily Tip

The Daily TipQuick, practical advice for IT pros. Made fresh daily.

Hot tips:

Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.

Newsletters

Subscribe to ITWORLD TODAY and receive the latest IT news and analysis.

I would like to receive offers via email from ITworld partners.
By clicking submit you agree to the terms and conditions outlined in ITworld's privacy policy.
Featured Sponsor

AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper.

In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost.

On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now.

Marketplace