I look for simple tunnel

I look for simple tunnel
I have 1 computer on linux behind NAT (with root privileges), 2
computer on HP-Unix with simple user's privileges.
I look for tunnel which is simple for compilation and does not require
on kernel patches.
On HP-UNIX I - would start
#> server port1-listens port2-listens
On Linuks behind NAT I would initiate connection and keep it for all
time
#> client myport-listening IPhpunix port2-from-server_hp_unix

example
#>server 60000 60001
#>client 80 60001
wherever on world #> lynx 2computer:60000 would redirect me to
1computer:80 by 60000:2computer:60001 <===>x:1computer:80


I know, vtun can do it for me, BUT vtun requires root privileges
(I'm only simple user on HP-unix) and vtun requires a special kernel
driver which is available only for Linux, BSD and Solaris. (HP-unix
root user is not my acquaintance)


Vtun is not for me :'-(

another simple tunnel exists?



--
Serwis Usenet w portalu Gazeta.pl -> http://www.gazeta.pl/usenet/

On Tue, 24 Jun 2003 01:40:48 GMT, James Knott <(E-Mail Removed)>
wrote:

>Kasek wrote:
>
>> I look for simple tunnel
>> I have 1 computer on linux behind NAT (with root privileges), 2
>> computer on HP-Unix with simple user's privileges.
>> I look for tunnel which is simple for compilation and does not require
>> on kernel patches.
>> On HP-UNIX I - would start
>> #> server port1-listens port2-listens
>> On Linuks behind NAT I would initiate connection and keep it for all
>> time
>> #> client myport-listening IPhpunix port2-from-server_hp_unix
>>
>> example
>> #>server 60000 60001
>> #>client 80 60001
>> wherever on world #> lynx 2computer:60000 would redirect me to
>> 1computer:80 by 60000:2computer:60001 <===>x:1computer:80
>>
>>
>> I know, vtun can do it for me, BUT vtun requires root privileges
>> (I'm only simple user on HP-unix) and vtun requires a special kernel
>> driver which is available only for Linux, BSD and Solaris. (HP-unix
>> root user is not my acquaintance)
>>
>>
>> Vtun is not for me :'-(
>>
>> another simple tunnel exists?
>
>Well, I use CIPE, but it also requires root privs to set it up, to any user
>can start and stop it. Given the security implications, tunnels should
>require root user.

This is only choice programmers, who were programming it.
There is no obstacles theoretically to exist simple listening on two
high ports harbours tunnel (and so will suffice used user privileges)
and doing such redirects, how I wrote.

Maybe simple tunnel exist?
PS .For example http-tunnel (hts and htc) )is a small, simple, easy
for compilation on any unix - tunnel. But it do not it I want.
At host REMOTE, start hts like this:
hts -F localhost:23 8888
At host LOCAL, start htc like this:
htc -F 2323 -P PROXY:8000 REMOTE:8888
or, if using a buffering HTTP proxy:
htc -F 2323 -P PROXY:8000 -B 48K REMOTE:8888

Now you can do this at host LOCAL:
telnet localhost 2323
and you will hopefully get a login prompt from host REMOTE.




--
Serwis Usenet w portalu Gazeta.pl -> http://www.gazeta.pl/usenet/

On Tue, 24 Jun 2003 02:15:59 +0200, Kasek <(E-Mail Removed)> wrote:
> I look for simple tunnel
> I have 1 computer on linux behind NAT (with root privileges), 2
> computer on HP-Unix with simple user's privileges.
> I look for tunnel which is simple for compilation and does not require
> on kernel patches.
> On HP-UNIX I - would start
> #> server port1-listens port2-listens
> On Linuks behind NAT I would initiate connection and keep it for all
> time
> #> client myport-listening IPhpunix port2-from-server_hp_unix
>
> example
> #>server 60000 60001
> #>client 80 60001
> wherever on world #> lynx 2computer:60000 would redirect me to
> 1computer:80 by 60000:2computer:60001 <===>x:1computer:80

Is the HP box running any ssh daemon and directly accessible from the
internet? Ssh can tunnel tcp ports (if allowed). For example:

ssh -L 60000:127.0.0.1:60001 me@2computer

or in ~/.ssh/config

LocalForward 60000 127.0.0.1:60001

Then connecting to localhost:60000 would connect you to 2computer:60001
(which to 2computer would appear to be coming from its localhost).

In my case our HP3000 (running MPE/iX) is not directly accessible from
internet. But I can do an ssh tunnel to our Linux smtp server to access
HP3000 on remote LAN from Reflection (vtmgr) on a Win98 box on my LAN (in
~/.ssh/config for that Host):

GatewayPorts yes
LocalForward 1537 192.168.1.2:1537
LocalForward 1570 192.168.1.2:1570

Win98_vtmgr--->Linux_LAN_IPort--->remote_Linux--->HP3000_LAN_IPort

--
David Efflandt - All spam ignored http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://cgi-help.virtualave.net/ http://hammer.prohosting.com/~cgi-wiz/