Re: Rephrasing my UDP question
- From: Anthony de Almeida Lopes <guerrilla_thought@xxxxxx>
- Date: Thu, 08 Dec 2005 18:25:33 -0800
(Foreward: Thanks to those who helped flesh out my ideas and guide me.)
I just finished a [very] rough draft of this system. If you're
interested check it out.
http://seacow.rapturesecurity.org/tmp/udp-tcp-udp-0.0.1.tar.bz2
It's likely to be rather buggy. Error checking is very lazy. You'll have
to change the DNS server to point to your own:
udpsa.sin_addr.s_addr = inet_addr("172.16.5.100"); /* DNS Server */
Read the "README" file for details on how to use it.
I just added the following to the README as well.
How it works:
The `client` listens on UDP port 53 on localhost (i.e. DNS) and forwards
DNS requests through TCP port 4242 on localhost which is tunneled through SSH
to TCP port 4242 on the localhost of your shell server. The `server` listsens on
that TCP port 4242 on the localhost of your shell server and then forwards
the DNS requests to your REAL DNS server.
When `server` gets a response from the real DNS server it forwards that packet through
the SSH tunnel to the `client` which forwards it back to the original application
doing the DNS lookup.
On Tue, 06 Dec 2005 22:04:20 -0800, Anthony de Almeida Lopes wrote:
> I'm just really confused as to how these UDP-over-TCP tunnel programs know
> how to send the UDP packet to the original application that sent the
> packet to be tunnled. I noticed that none of them use recvfrom(2) (except
> for debugging) and none of them keep any kind of linked list or anything
> to keep track of the packets.
>
> To be more clear:
> A program (say, mozilla or something) sends a DNS request to localhost:53
> ("nameserver localhost" is in your /etc/resolv.conf"). A program is
> listeing on on localhost:53 and forwards the packet to localhost:4242,
> which is connected to a remote host listening on remotehost:4242. The
> remotehost sends the packet over UDP and awaits a response and when it
> gets one, sends it back over 4242->4242 and the program on the localhost
> sends it back to the original program.
> Ijust do not understand how this works. How do the tunneling programs
> have any idea which programs should received which responses.
>
> For example: http://zarb.org/~gc/html/udp-in-ssh-tunneling.html
> and another program called "udptunnel"
> http://www1.cs.columbia.edu/~lennox/udptunnel/.
>
> My only idea is to use a combination of recvfrom(2) and linked lists to
> keep track of all of this.
>
> Anyone know how this works?
> -Anthony
.
- References:
- Rephrasing my UDP question
- From: Anthony de Almeida Lopes
- Rephrasing my UDP question
- Prev by Date: Re: tools. approaches, schemes!!
- Next by Date: Re: Application cannot find shared object
- Previous by thread: Re: Rephrasing my UDP question
- Next by thread: tool to view programs trace
- Index(es):
Relevant Pages
|
Loading
