mirror of https://github.com/tLDP/LDP
updated
This commit is contained in:
parent
318e8b02cc
commit
de5d71700d
|
@ -5,7 +5,7 @@
|
|||
|
||||
<title>Firewall Piercing mini-HOWTO</title>
|
||||
<author>François-René Rideau, <tt>fare@tunes.org</tt></author>
|
||||
<date>v0.8, 19 April 2001</date>
|
||||
<date>v0.7, 4 November 2000</date>
|
||||
|
||||
<abstract>
|
||||
Directions for using ppp over ssh or telnet
|
||||
|
@ -40,11 +40,12 @@ Don't come crying to me.
|
|||
|
||||
<sect1>Legal Blurp
|
||||
<p>
|
||||
Copyright © 1998-2001 by François-René Rideau.
|
||||
Copyright © 1998-2000 by François-René Rideau.
|
||||
|
||||
This document is free software published under the
|
||||
<url url="http://www.geocities.com/SoHo/Cafe/5947/bugroff.html"
|
||||
name="bugroff license">.
|
||||
This document is free software; you can redistribute it and/or modify it
|
||||
under the terms of the GNU General Public License
|
||||
as published by the Free Software Foundation;
|
||||
either version 2 of the License, or (at your option) any later version.
|
||||
</sect1>
|
||||
|
||||
|
||||
|
@ -127,14 +128,13 @@ You can and you shall protect them from the outside world,
|
|||
but you can't protect them from themselves.
|
||||
|
||||
Because there exists such things as system administrators
|
||||
who are either unresponsive, absent, overworked, plain incompetent,
|
||||
who are either unresponsive, absent, plain incompetent,
|
||||
or more generally managed by incompetent people,
|
||||
it so happens that a user may find himself behind a firewall
|
||||
that he may cross, but only in awkward ways.
|
||||
This mini-HOWTO explains a generic and portable way
|
||||
to pierce tunnels into firewalls,
|
||||
by turning any tiny small bit trickle
|
||||
into a full-fledged information superhighway,
|
||||
by turning any tiny small crack into a full-fledged information superhighway,
|
||||
so the user can seamlessly use standard tools to access computers
|
||||
on the other side of the firewall.
|
||||
The very same technique can be used by competent system administrators
|
||||
|
@ -414,8 +414,10 @@ Automatic reconnection is left as an exercise to the reader.
|
|||
REMOTE_ACCOUNT=root@remote.fqdn.tld
|
||||
REMOTE_PPPD="pppd ipcp-accept-local ipcp-accept-remote"
|
||||
LOCAL_PPPD="pppd silent 192.168.0.1:192.168.0.2"
|
||||
$LOCAL_PPPD pty "ssh -t $REMOTE_ACCOUNT $REMOTE_PPPD"
|
||||
cotty -d -- $LOCAL_PPPD -- ssh -t $REMOTE_ACCOUNT $REMOTE_PPPD
|
||||
</verb>
|
||||
|
||||
(Note: this command requires <tt>cotty</tt> 0.4 or later.)
|
||||
</sect1>
|
||||
</sect>
|
||||
|
||||
|
@ -605,12 +607,6 @@ to modify <tt>fwprc</tt>
|
|||
Now, if the only way through the firewall is a WWW proxy
|
||||
(usually, a minimum for an Internet-connected network),
|
||||
you might want to use
|
||||
<url url="http://www.snurgle.org/~griffon/" name="Chris Chiappa">'s
|
||||
script
|
||||
<url url="http://www.snurgle.org/~griffon/ssh-https-tunnel"
|
||||
name="ssh-https-tunnel">.
|
||||
|
||||
Another promising program for piercing through HTTP is
|
||||
<url url="http://lars.nocrew.org/" name="Lars Brinkoff">'s
|
||||
<url url="http://www.nocrew.org/software/httptunnel/"
|
||||
name="httptunnel">,
|
||||
|
@ -646,6 +642,7 @@ but it shouldn't be difficult.
|
|||
If necessary, fall back to using the
|
||||
<htmlurl url="http://www.linuxdoc.org/HOWTO/mini/Term-Firewall.html"
|
||||
name="Term-Firewall mini-HOWTO">.
|
||||
|
||||
|
||||
If you have an 8-bit clean connection and you're root on linux both sides
|
||||
of the firewall, you might want to use ethertap for better performance,
|
||||
|
|
Loading…
Reference in New Issue