• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

redhat/H03-May-2022-7250

selinux/H07-May-2022-2319

web/H03-May-2022-

CHANGELOGH A D05-Sep-20113.9 KiB9578

LICENSEH A D05-Sep-20111.5 KiB2923

MakefileH A D03-May-20221.2 KiB5436

READMEH A D05-Sep-20114.9 KiB11990

md5.cH A D05-Sep-201112.1 KiB382262

md5.hH A D05-Sep-20113.3 KiB9220

ptunnel.8H A D05-Sep-20116.4 KiB124110

ptunnel.cH A D05-Sep-201157.1 KiB1,6231,297

ptunnel.hH A D03-May-202214.7 KiB420232

README

1PingTunnel Read Me
2==================
3
4What is ptunnel?
5----------------
6Ptunnel is an application that allows you to reliably tunnel TCP connections
7to a remote host using ICMP echo request and reply packets, commonly known as
8ping requests and replies.
9
10
11Contact details
12---------------
13You can the author, Daniel Stoedle, here:
14   <daniels@cs.uit.no>
15The official ptunnel website is located here:
16   <http://www.cs.uit.no/~daniels/PingTunnel/>
17The Windows port was created by Mike Miller:
18   <mike@mikeage.net>
19
20
21Compiling
22---------
23To compile ptunnel, simply run make. If everything goes well, you should end up
24with a binary called ptunnel. This serves as both the client and proxy. You can
25optionally install it using "make install". On Windows, run "make ptunnel.exe"
26to compile the Windows binary. You will need mingw installed, as well as the
27WinPcap library. WinPcap is available here:
28  <http://www.winpcap.org/install/bin/WpdPack_4_0_2.zip>
29
30
31Running
32-------
33Ptunnel works best when running as root, and usually requires running as root.
34Again, from the website:
35
36Client: ./ptunnel -p <proxy address> -lp <listen port> -da <destination address>
37                  -dp <dest port> [-c <network device>] [-v <verbosity>] [-u]
38                  [-x password]
39Proxy: ./ptunnel [-c <network device>] [-v <verbosity>] [-u] [-x password]
40
41The -p switch sets the address of the host on which the proxy is running. A
42quick test to see if the proxy will work is simply to try pinging this host -
43if you get replies, you should be able to make the tunnel work.
44
45The -lp, -da and -dp switches set the local listening port, destination address
46and destination port. For instance, to tunnel ssh connections from the client
47machine via a proxy running on proxy.pingtunnel.com to the computer
48login.domain.com, the following command line would be used:
49
50sudo ./ptunnel -p proxy.pingtunnel.com -lp 8000 -da login.domain.com -dp 22
51
52An ssh connection to login.domain.com can now be established as follows:
53
54ssh -p 8000 localhost
55
56If ssh complains about potential man-in-the-middle attacks, simply remove the
57offending key from the known_hosts file. The warning/error is expected if you
58have previously ssh'd to your local computer (i.e., ssh localhost), or you have
59used ptunnel to forward ssh connections to different hosts.
60
61Of course, for all of this to work, you need to start the proxy on your
62proxy-computer (we'll call it proxy.pingtunnel.com here). Doing this is very
63simple:
64
65sudo ./ptunnel
66
67If you find that the proxy isn't working, you will need to enable packet
68capturing on the main network device. Currently this device is assumed to be
69an ethernet-device (i.e., ethernet or wireless). Packet capturing is enabled by
70giving the -c switch, and supplying the device name to capture packets on (for
71instance eth0 or en1). The same goes for the client. On versions of Mac OS X
72prior to 10.4 (Tiger), packet capturing must always be enabled (both for proxy
73and client), as resent packets won't be received otherwise.
74
75To protect yourself from others using your proxy, you can protect access to it
76with a password using the <tt>-x</tt> switch. The password is never sent in
77the clear, but keep in mind that it may be visible from tools like top or ps,
78which can display the command line used to start an application.
79
80Finally, the -u switch will attempt to run the proxy in unprivileged mode (i.e.,
81no need for root access), and the -v switch controls the amount of output from
82ptunnel. -1 indicates no output, 0 shows errors only, 1 shows info messages, 2
83gives more output, 3 provides even more output, level 4 displays debug info and
84level 5 displays absolutely everything, including the nasty details of sends and
85receives. The -f switch allows output to be saved to a logfile.
86
87Security features: Please see the ptunnel man-page for instructions.
88
89
90Supported operating systems
91---------------------------
92Ptunnel supports most operating systems with libpcap, the usual POSIX functions
93and a BSD sockets compatible API. In particular, it has been tested on Linux
94Fedora Core 2 and Mac OS X 10.3.6 and above. As of version 0.7, ptunnel can also
95be compiled on Windows, courtesy of Mike Miller, assuming mingw and WinPcap is
96installed.
97
98
99Credits and contributors
100------------------------
101Thanks to L. Peter Deutsch for his open-source MD5 implementation, included with
102ptunnel, but also available here:
103http://sourceforge.net/projects/libmd5-rfc/
104
105Many thanks also to Mike Miller <mike@mikeage.net> for his work on creating a
106Windows port of ptunnel.
107
108Thanks to Sebastien Raveau <sebastien.raveau@epita.fr> for implementing various
109security features and SELinux support.
110
111Also thanks to Joe McKenzie, Steffen Wendzel and StalkR for contributing patches to
112ptunnel.
113
114License
115-------
116Ping Tunnel is Copyright (c) 2004-2011, Daniel Stoedle <daniels@cs.uit.no>,
117Yellow Lemon Software. All rights reserved. Ping Tunnel is licensed under the
118BSD License. Please see the LICENSE file for details.
119