Make a 'tunnel' through a proxy server

Aug 02, '01 08:21:11PM

Contributed by: skinlayers

From http://www.nocrew.org/software/httptunnel.html:

"httptunnel creates a bidirectional virtual data connection tunnelled in HTTP requests. The HTTP requests can be sent via an HTTP proxy if so desired. This can be useful for users behind restrictive firewalls. If WWW access is allowed through a HTTP proxy, it's possible to use httptunnel and, say, telnet or PPP to connect to a computer outside the firewall."

Translation: As long as your proxy allows access to web pages, and you have access to both a machine inside the firewall as well as a machine outside the firewall capable of running httptunnel, you can run any one TCP/IP service through the firewall -- such as Apple Filing Protocol (iDisk, iTools, AppleTalk/AppleShare via TCP/IP), gnutella, Unreal Tournement server, etc. -- between the two machines.

Read the rest of this article if you'd like a step-by-step how-to on getting httptunnel working on OS X...

Skinlayers

[Editor's note: You'll need the Developer's Tools installed to compile the program.]

So far, httptunnel works on *NIX machines and Windows (both Win32 and WinNT). As an experiment, I was able to download and compile the source code. To do this:

  1. 1) goto http://www.nocrew.org/software/httptunnel.html
  2. Download the latest stable source (at the time of this writing, it's "httptunnel-3.0.5.tar.gz")
  3. Open a Terminal window
  4. Goto the directory that you downloaded the source to
  5. untar the source code. Using the above file as an example, it would be:
    tar zxf httptunnel-3.0.5.tar.gz
  6. go into the folder created. In the above example it would be httptunnel-3.0.5
  7. type: ./configure [hit Enter]
  8. type: make [hit Enter] followed by sudo make all [hit Enter]
  9. enter your admin password at the prompt
This installs the programs hts (httptunnel server) and htc (httptunnel client) in /usr/local/bin/.

To use:
You have to run hts on the machine outside the firewall (i.e. Computer at home connect via DSL or Cable modem). Typing:
hts -h
at the Terminal will give you various server options. hts must be told:

a) what port to listen for incoming requests on
b) where to redirect those requests

The port that hts listens for requests on is arbitrary. Any port will work as long as it is not already in use.

htc is run on the machine inside of the firewall. It must be told:

a) what host it's connecing to (i.e. the machine outside the firewall running hts)
b) what port to connect to on the host (the arbitrary port mentioned earlier)
c) (optional, but most useful) what proxy to use

Example:
I want to share files between my OS X box at home and my OS X box at work using AFP (TCP/IP port 548). My proxy server is at 10.0.0.1 and does HTTP proxing on port 8888, the IP address of my computer outside the firewall is 123.456.789.10, and I'll be using 666 as my arbitrary port.

On the OS X box outside the firewall, from the Terminal type I would type:
hts -F 127.0.0.1:548 666
This will forward all incoming HTTP requests on port 666 to port 548 on the machine hts is running on (note: 127.0.0.1 always means "this" computer).

On the OS X box inside the firewall , from the Terminal type I would type:
htc -F 548 -P 10.0.0.1:8888 123.456.789.10:666
Now the machine inside the firewall I would use the Finder's "Go -> Connect to Server..." menu item. For the server name I would enter 127.0.0.1 (since the machine inside the firewall is acting as the server redirecting to outside the firewall). Presto! You should now be able to move files both ways through the firewall transparently.

Comments (6)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20010802202111922