Solved

port monitoring and fowarding

Posted on 2004-10-10
2
420 Views
Last Modified: 2010-05-18
I am stuck behind a firewall with the only ports open on the proxy being 3128 and 21 (for FTP).  What I am contemplating, is writing an application to watch certain ports and forward those ports to 3128 so I can get out from behind the firewall.

For example, steam, the valve software requires the following ports open in order to connect:
UDP 1200
UDP 27000 to 27015 inclusive
TCP 27030 to 27039 inclusive

What I would like to do is monitor the traffic on those ports and forward it to the proxy server at port 3128.  Steam is just an example, but a good example of a program that cannot be configured to work with a proxy server.

Any information is appreciated, not really looking for source code, but the theory behind doing this.  Of course source code will also work as a reference to the design.  I have done TCP programming before, but I am not sure how to monitor certain ports.  It will be developed for both my Win32 and Linux boxes.

TIA

0
Comment
Question by:boodabelly
2 Comments
 
LVL 3

Accepted Solution

by:
georg74 earned 500 total points
ID: 12449944
hi boodabelly,

there are few already available toos to do this,
also in public domain / as open source.

when you talk about proxy, which kind of proxy is it?
where is it located? on the firewall machine or
somewhere (anywhere) on the internet?

if you have to pass all packets through one port,
you need "tunneling".

with VPN (this is tunneling + authentication + encryption),
you get a "virtual network interface". to the
application, it appears as if you were somewhere else,
i.e. not behind that firewall.

when writing such software, you normally open TCP or UDP
sockets, i.e. you wait for packets.
on arrival, you wrap the packet again and forward it to its destination.
on the destination, there is a demangler software, waiting
for example on port 3128, which accepts the wrapped packet,
unpacks it and inserts it into the TCP/IP stack locally as if it were
coming from the original source.

but this is just the half of the story. for communication to work you
have to intercept related (!) packets coming from the application
before they are sent to the stack. This is accomplished by setting
so called hook functions. OS provides API for this. For example,
look for SetWindowsHookEx(); once intercepted, you wrap the
packet so that it is routed properly on the route back.

HTH,
georg
0
 
LVL 1

Author Comment

by:boodabelly
ID: 12450844
The proxy is on the firewall here.  I will search for through the open source projects and see what I can find.  I do not know exactly how to make this work, or how this network is setup.  Only way to find out is to start playing =).  That is the information that I was looking for and luckily I have done quite a bit of Windows API programming, I will just have to look into the reference material for Linux.

Thank you for the answer.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ckserve 7 186
A URL to launch a Java client class - for server testing? How is it done? 2 96
Maya SDK Getting total rotation from Rotation Anim Curves 1 39
count7 challenge 12 125
What is RenderMan: RenderMan is a not any particular piece of software. RenderMan is an industry standard, defining set of rules that any rendering software should use, to be RenderMan-compliant. Pixar's RenderMan is a flagship implementation of …
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question