Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

connect-proxy(1) [debian man page]

CONNECT-PROXY(1)					      General Commands Manual						  CONNECT-PROXY(1)

NAME

       connect-proxy -- connect over SOCKS4/5 proxy

SYNOPSIS

       connect-proxy [-dnhst45]  [-R resolve ]	[-p local-port ]  [-w secs ]  [-H [user@]proxy-server[:port]] ]  [-S [user@]socks-server[:port]] ]
       [-T proxy-server[:port] ]  [-c telnet-proxy-command ]  [host]  [port]

DESCRIPTION

       connect-proxy open connection over SOCKS4/5 proxies

       Please, note that any HTTP-Proxy tunnel won't work with content-inspection firewall (unless using SSL).

OPTIONS

       -H	 specifies a hostname and port number of the http proxy server to relay. If port is omitted, 80 is  used.  You	can  specify  this
		 value in the environment variable HTTP_PROXY and pass the -h option to use it.

       -S	 specifies  the  hostname  and	port  number of the SOCKS server to relay.  Like -H, port number can be omitted and the default is
		 1080. You can also specify this value pair in the environment variable SOCKS5_SERVER and give the -s option to use it.

       -4	 specifies SOCKS relaying and indicates protocol version to use.  It is valid only when used with '-s' or '-S'.  Default  is  '-5'
		 (protocol version 5)

       -R	 method  to  resolve the hostname. Three keywords ("local", "remote", "both") or dot-notation IP address are acceptable.  The key-
		 word "both" means, "Try local first, then remote". If a dot-notation IP address is specified, use this host  as  nameserver.  The
		 default  is "remote" for SOCKS5 or "local" for others. On SOCKS4 protocol, remote resolving method ("remote" and "both") requires
		 protocol 4a supported server.

       -p	 will forward a local TCP port instead of using the standard input and output.

       -P	 same to '-p' except keep remote session. The program repeats waiting the port with holding remote session without  disconnecting.
		 To connect the remote session, send EOF to stdin or kill the program.

       -w	 timeout in seconds for making connection with TARGET host.

       -d	 used for debug. If you fail to connect, use this and check request to and response from server.

USAGE

       To use proxy, this example is for SOCKS5 connection to connect to "host" at port 25 via SOCKS5 server on "firewall" host.

       connect-proxy -S firewall host 25

       SOCKS5_SERVER=firewall; export SOCKS5_SERVER; connect-proxy -s host 25

       For a HTTP-PROXY connection:

       connect-proxy -H proxy-server:8080  host 25

       HTTP_PROXY=proxy-server:8080; export HTTP_PROXY; connect-proxy -h host 25

       To forward a local port, for example to use ssh:

       connect-proxy -p 5550 -H proxy-server:8080 host 22 ssh -l user

       To use it along ssh transparently:

       # file://~/.ssh/config
       # not using proxy on lan
       Host 192.*
       ProxyCommand connect-proxy %h %p
       # mandatory to access the internet
       Host *
       ProxyCommand connect-proxy -H proxyserver:8080  %h %p

       Or for all users ( /etc/ssh/ssh_config )

ENVIRONMENT

       SOCKS5_USER, SOCKS5_PASSWORD, HTTP_PROXY_USER, HTTP_PROXY_PASSWORD, CONNECT_PASSWORD, LOGNAME, USER

SEE ALSO

       ssh (1).

WWW

       http://www.meadowy.org/~gotoh/projects/connect

AUTHOR

       This  manual  page  was	written by Philippe Coval rzr@gna.org for the Debian system (but may be used by others).  Permission is granted to
       copy, distribute and/or modify this document under the terms of the GNU General Public License, Version 2 any later  version  published	by
       the Free Software Foundation.

       On Debian systems, the complete text of the GNU General Public License can be found in /usr/share/common-licenses/GPL.

																  CONNECT-PROXY(1)

Check Out this Related Man Page

CONNECT-TUNNEL(1p)					User Contributed Perl Documentation					CONNECT-TUNNEL(1p)

NAME

       connect-tunnel - Create CONNECT tunnels through HTTP proxies

SYNOPSIS

       connect-tunnel [ -Lv ] [ -A user:pass ] [ -P proxy:port ]
		      [ -C controlport ] [ -T port:host:hostport ]

DESCRIPTION

       connect-tunnel sets up tunneled connections to external hosts by redirecting connections to local ports towards thoses hosts/ports through
       a HTTP proxy.

       connect-tunnel makes use of the HTTP "CONNECT" method to ask the proxy to create a tunnel to an outside server. Be aware that some proxies
       are set up to deny outside tunnels (either to ports other than 443 or outside a specified set of outside hosts).

OPTIONS

       The program follows the usual GNU command line syntax, with long options starting with two dashes.

       -A, --proxy-authentication user:password
	   Proxy authentication information.

	   Please note that all the authentication schemes supported by "LWP::UserAgent" are supported (we use an "LWP::UserAgent" internally to
	   contact the proxy).

       -C, --control-port controlport
	   The port to which one can connect to issue control commands to connect-tunnel.

	   See "CONTROL CONNECTIONS" for more details about the available commands.

       -L, --local-only
	   Create the tunnels so that they will only listen on "localhost".  Thus, only connections originating from the machine that runs
	   connect-tunnel will be accepted.

	   That was the default behaviour in connect-tunnel version 0.02.

       -P, --proxy proxy[:port]
	   The proxy is required to connect the tunnels.  If no port is given, 8080 is used by default.

	   See also "ENVIRONMENT VARIABLES".

       -T, --tunnel port:host:hostport
	   Specifies that the given port on the local host is to be forwarded to the given host and hostport on the remote side. This works by
	   allocating a socket to listen to port on the local side, and whenever a connection is made to this port, connect-tunnel forwards it to
	   the proxy (with the credentials, if required), which in turn forwards it to the final destination.

	   Note that this does not imply the use of any cryptographic system (SSL or any other). This is a simple TCP redirection. The security if
	   any, is the one provided by the protocol used to connect to the destination through connect-tunnel.

	   On Unix systems, only root can forward privileged ports.

	   Note that you can setup tunnels to multiple destinations, by using the --tunnel option several times.

       -U, --user-agent string
	   Specify User-Agent value to send in HTTP requests.  The default is to send "connect-tunnel/version".

       -v, --verbose
	   Verbose output.

	   This option can be used several times for more verbose output.

EXAMPLES

       To connect to a SSH server running on "ssh.example.com", on port 443, through the proxy "proxy.company.com", running on port 8080, use the
       following command:

	   connect-tunnel -P proxy.company.com:8080 -T 22:ssh.example.com:443

       And now point your favorite ssh client to the machine running connect-tunnel.

       You can also emulate a "standard" user-agent:

	   connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
			  -P proxy.company.com:8080 -T 22:ssh.example.com:443

       connect-tunnel can easily use your proxy credentials to connect outside:

	   connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
			  -P proxy.company.com:8080 -T 22:ssh.example.com:443
			  -A book:s3kr3t

       But if you don't want anybody else to connect to your tunnels and through the proxy with your credentials, use the --local-only option:

	connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
		       -P proxy.company.com:8080 -T 22:ssh.example.com:443
		       -A book:s3kr3t -L

       If you have several destinations, there is no need to run several instances of connect-tunnel:

	connect-tunnel -U "Mozilla/4.03 [en] (X11; I; Linux 2.1.89 i586)"
		       -P proxy.company.com:8080 -A book:s3kr3t -L
		       -T 22:ssh.example.com:443
		       -T 222:ssh2.example.com:443

       But naturally, you will need to correctly set up the ports in your clients.

       Mmm, such a long command line would perfectly fit in an alias or a .BAT file. ";-)"

ENVIRONMENT VARIABLES

       The environment variable "HTTP_PROXY" can be used to provide a proxy definition.

       The environment variable is overriden by the --proxy option, if passed to connect-tunnel.

AUTHOR

       Philippe "BooK" Bruhat, "<book@cpan.org>".

       I seem to have re-invented a well-known wheel with that script, but at least, I hope I have added a few interesting options to it.

SCRIPT HISTORY

       The first version of the script was a quick hack that let me go through a corporate proxy.

       Version 0.02 and version 0.03 were released on CPAN in 2003.

       Version 0.04 sits half-finished in a CVS repository at home: I couldn't decypher the spaghetti of my data structures any more. ":-("

       Version 0.05 (and higher) are based on "Net::Proxy", and included with the "Net::Proxy" distribution.

       Even though it's not rocket science, connect-tunnel has been cited in at least one academic works:

       o   HTTP Tunnels Through Proxies, Daniel Alman

	   Available at SANS InfoSec Reading Room: Covert Channels <http://www.sans.org/rr/whitepapers/covert/>

	   Direct link: <http://www.sans.org/rr/whitepapers/covert/1202.php>

COPYRIGHT

       Copyright 2003-2007, Philippe Bruhat. All rights reserved.

LICENSE

       This module is free software; you can redistribute it or modify it under the same terms as Perl itself.

perl v5.10.1							    2009-10-18							CONNECT-TUNNEL(1p)
Man Page