Skip to content

brigde is a dynamic port forwarder over HTTP (with HTTP PROXY support)

License

Notifications You must be signed in to change notification settings

luizluca/bridge

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 

Repository files navigation

bridge

brigde is a dynamic port forwarder over HTTP (with HTTP PROXY support)

In some places, network is locked behind a firewall and Internet connection is available only by using a proxy server. If you wishes to connect to your SSH at home, you're in trouble. However, there is a simple solution to this: tunneling over HTTPS. However, if you are one of those lucky guys that cannot use tunneling over HTTPS, this page can help you.

Using any protocol that can exchange information, it is possible to encapsulate a connection over it. Some not-so-common examples are: IP-over-DNS, IP-over-ICMP. This page shows a TCP tunneling solution (like ssh -L option) (ab)using HTTP.

The program is divided in two parts: the first one implements a HTTP server, that can be setup to run on any server. However, it is generally easier to have ports 80 or 8080 as authorized ports in your proxy server. The seconds part is the client program. It opens a local TCP port or reads STDIN. After a connection is received, it connects to the server program just like a browser would do and exchange packages using HTTP requests (in this case: GET, PUT, POST, DELETE). How to run

Download bridge file (attachments bellow this page). It is a ruby script that implements both server and client. It depends on webrick and net:http that are also ruby on rails dependencies. Run it as any other ruby script. Server is activated when two parameters are passed: local server port and relative URL

bridge$ ruby bridge 8080 /bridge

This brings up Webrick running in port 8080 and answering bridge requests at http://myserver:8080/bridge Now, it is time to run the client program:

client$ ruby bridge 8022 http://myserver:8080/bridge mysshserver.xxx.com 22

If everything goes OK, the client program starts to listen on port 8022 (user "-" intead of 8022 for STDIN/STDOUT). When someone connects to it, it translates the communication with HTTP commands and forwards them to myserver that effectively connects to mysshserver.xxx.com at port 22. As 22 is a ssh port, one can use this tunneling using:

client$ ssh localhost -p 8022
Password:

mysshserver $

Now, someone might like to use SSH to setup a SOCKS server, a reverse TCP port, etc or just connect to a remote VPN server.

This command can also be used as ProxyCommand in OpenSSH client. In this casem the use of bridge is more "transparent".

~/.ssh/config
Host *.xxx.com
    ProxyCommand bridge - http://myserver:8080/bridge %h %p
Host mysshserver2
    ProxyCommand bridge - http://myserver:8080/bridge mysshserver2.noip.org 8022

And call ssh as usual. For any xxx.com server:

client$ ssh mysshserver.xxx.com
Password:

mysshserver $

And for server2:

client$ ssh mysshserver2
Password:

mysshserver2 $

If you need that client connect to bridge over a HTTP Proxy, you can set the standard environment vars like http_proxy.

client$ http_proxy=http://myuser:pass@myproxy:3128 ruby bridge 8022 http://myserver:8080/bridge mysshserver.xxx.com 22

About

brigde is a dynamic port forwarder over HTTP (with HTTP PROXY support)

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages