LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Bidirectional UDP forwarding over TCP (http://www.linuxquestions.org/questions/linux-networking-3/bidirectional-udp-forwarding-over-tcp-4175474816/)

Danice123 08-26-2013 09:20 PM

Bidirectional UDP forwarding over TCP
 
I'm looking for a way to forward UDP over TCP, more specifically, over a SSH tunnel. I have read multiple articles on the subject, but my testing with those methods have not had very successful results. End goal is forwarding my Xbox Live connection over TCP, so the connection must be bi-directional. Is this possible? What do I need to do it?

munkz 08-26-2013 10:14 PM

tried this?
 
Hey bud,

So I use ssh tunnels for mysql clients. Now, I would imagine you could modify the following :
http://superuser.com/questions/53103...ugh-ssh-tunnel

What I do uses autossh ( check your repos ). Here is what I do ::

The autossh conf for the tunnel ( make sure to edit the ports to match what you need for your xbox )
Code:

# Check connection every 10 seconds, and after 3 tries (30 seconds), drop and
# let autossh re-connect.
ServerAliveInterval="10"
ServerAliveCountMax="3"
StrictHostKeyChecking="no"

LocalUser="root"
IdentityFile="/home/ssh_tun/.ssh/ssh_tun"

RemoteUser="SOME_XBOX_USER"
RemoteHost="YOUR XBOX SERVER{I have not a clue on this one}"
RemotePort="22"
# Array of ports to be forwarded:
#
# Example: Forward port 3307, listening on 127.0.0.1 on the remote side, to
# 127.0.0.1 port 3306 on the local side. Forward port 8081, listening on
# 127.0.0.1 on the local side, to 10.100.1.60 port 80 on the remote side.
#
ForwardPort=(
    "L 127.0.0.1:{PUT YOUR LOCAL XBOX PORT HERE}:127.0.0.1:{PUT YOUR XBOX REMOTE PORT HERE}"

Next, you would need to tell your system to forward the udp traffic. This would require access to the server though. Dough ms xbox will give ya a shell. But hell, why not?

Code:

server# mkfifo /tmp/fifo
server# nc -l -p {THE XBOX PORT ON YOUR LOCAL MACHINE} < /tmp/fifo | nc -u {INSERT YOUR XBOXES IP ADDRESS HERE} {INSERT THE PORT THE XBOX USES HERE) > /tmp/xboxpipe

Now, on the local machine ::
Code:

local# mkfifo /tmp/xbox_pipe
local# nc -l -u -p {INSERT XBOX PORT HERE} < /tmp/xbox_pipe | nc localhost {INSERT PORT SERVER IS LISTING ON HERE FOR THE PIPE} > /tmp/xbox_pipe

Now, I doubt that is what your trying to do. Not sure. The above would create a ssh tunnel which would forward udp traffic over the tunnel. I would imagine xbox sets up multiple ports though. I dont use it. But most stuff like that would use a default port on the server with the client getting some random underprivileged port for itself.

IF this is what you want keep in mind that I use a init for each tunnel. The remote machine ( server in your case ) needs to use keys on ssh. Any way, I think you may like to look into using iproute2. Check out http://en.wikipedia.org/wiki/Iproute2. Not sure which way to go with using ssh / encryption with this. Why does it have to be over ssh?

Danice123 08-26-2013 11:45 PM

Ohh I understand your confusion, I'm not forwarding on the xbox. I have a linux box with two ethernet cards bridged that will be forwarding the connections. I'll try this though, thanks!

munkz 08-27-2013 01:28 AM

sorry, I derped that one.

Danice123 08-27-2013 08:00 AM

I'm a little confused on the server command. I need the ip address of the xbox? That IP shouldn't be accessible from the server, as I am tunneling into it?

munkz 08-27-2013 05:00 PM

Oh, "server#" is meant as a example. Its the server's console prompt is all. I was wrong. Hence, I derped it. The command above assumed you controlled both server and client. You dont I guess. So, you wouldnt be able to run the server commands. Or client commands.

I apologize for that. It would seem you just need help ROUTING the traffic. If thats all your trying to do then checkout the following link ::

http://www.zois.co.uk/tn/tn-2007-10-10.html

Danice123 08-27-2013 11:10 PM

I think we are getting closer. I looked at the article, and it seems to be what I'm looking for, but I still have a few questions, if you don't mind. First, I've read that SSH tunnels are TCP only, so will routing port 3074 and 88 (both UDP) through a ssh tunnel work? And the second is about implementation, the script requires the ip of the Xbox, which I have, and then external IP of the router, which I'm a little confused on, would it be the external ip of the server I'm tunneling to?

munkz 08-28-2013 01:59 AM

I dont think your going to be able to tunnel to the microsoft controlled xbox live server.You only control your network. So, like this

XBOX (under your tv)
|
|
CONNECTION TO ROUTER
|
|
ROUTER
|
|
AOL ISP
|
|
xbox.live_server.nope

In the above you control the xbox and the router. You can not run ssh from the xbox. the xbox has no ssh client or server. In order to build a tunnel you must have an ssh client and server. While your router most likely will be running some ssh server, thats only gonna get you part way. I can help more if you tell me the reason you would like to tunnel your traffic. Is something filtering your traffic for xbox live?

munkz 08-28-2013 02:02 AM

If your at a school behind a web proxy you will need to get your xbox using a proxy ( not your schools) if its being blocked. I imagine you can xbox to use a proxy. Your xbox live will not work behind your current network? I looked at your other post for dhcp inside dhcp. do you know the guy I work with? kidding.

8)

Danice123 08-28-2013 10:07 AM

My problem, and reason for this setup is that my school has an http proxy. And Xbox has no proxy support what so ever. But you have my setup wrong here.

My setup is

Xbox
|
|
Ethernet to my router
|
|
Router
|
|
SSH tunnel to my external router
|
|
External Router
|
|
ISP
|
|
Hopefully xbox.com

So if I am able to route the connection through the ssh tunnel I should be able to use live. At least in theory, I obviously haven't got it to work.

munkz 08-28-2013 04:18 PM

Well if your using a "full" linux router like cento or redhat. Like, if your not using something like a linksys, you might try something openvpn on router2:


Assumptions : router1 ( at your dorm ) : linux setup as a router :
router2 ( at your house ) : linux setup as a router : if possible you could just get a vpn subscription rather than install

At router2 openvpn using the following guide ( no way I am typing all that ).
openvpn on cent 6

NOTE: I dont know what distro your running on either the router1 or router2. In short, adjust as needed for the install portion.

Next, you set up the client on router1. This will allow you to tunnel ALL traffic over the vpn connection and by pass all of your schools filters. Being that I have gone down this road with you I will help.

Let me know the following :
router1 : what distro? Is it a full pc or just a little router?
router2 : " "

That will help me tell you the next part. Getting openvpn going is not to hard. once router1 is connected as a client you will have a new interface called tun0 which you could point all traffic through.

Let me know.

munkz 08-28-2013 04:28 PM

oh yeah, sorry I did not sugggesst this before. OpenVPN is your best bet ( or a paid service like this vpn provider. Like I said, once you have a vpn to connect to getting router1 and your xbox online would be easy. I can say what your ping times will be for games though. You could try a free vpn provider to test it out though. However, if router2 is sitting on a nice pipe then just set up your own vpn server.

The bonus to all this? You will be able to tunnel all of your traffic through the schools firewall over a encrypted tunnel. Now none of your fellow dorm mates can sniff your traffic. lol. Any way, the more details you give me the more I can help. If you like I could even install it for you. er, yeah.

Danice123 08-28-2013 07:52 PM

OK, my setup now is Router 1 being a Arch Linux desktop and Router 2 being a rented VPS running Debian 6. I have been looking at VPN as an alternative, but I wasn't sure if I could get the xbox routed through the VPN. So if you think VPN is the best idea, I'll just need to look into replacing the VPS with a VPN service. I don't know if you know any good ones, they will need to support port 443 (my only open port) and should be in the US for best ping (that strongvpn one?).

And I'm gonna make my dorm mates pay me for this connection, as we will be the privilidged dorm room with live haha.

munkz 08-28-2013 08:05 PM

Yeah. VPN is the way to go. Should have thought of that. That would take all the special crap you would have to do. You get the added benefit of being able to tunnel all traffic through it. lol, you might even be able to sell access to others with an xbox. Look out for your bandwidth on the vps though. You can even make your vpn clients able to see each other. LAN games of ZOMBIES!!!!lol.

Love to know how it turns out.

Danice123 08-28-2013 08:57 PM

So to setup the VPN, I need to forward my eth1 connections to my tun0 correct? Is it as simple as bridging them? I've had some trouble getting it to work with some free VPNs. Is there a guide somewhere to routing a network interface through a VPN?

Edit: Sorry if I seem lazy, but I'm just about at the end of my rope with this whole thing haha. I've been googleing random crap for a week and I'd like to just be able to find what I'm looking for for once.


All times are GMT -5. The time now is 06:10 AM.