Tunneling over ICMP
I’ve been wanting to write about this for a bit. I usually VPN (to the gateway at home) for surfing when roaming. This also gives me access to my shellbox with my ssh key. You can usually connect to port 443 (https) on most networks, even those that force you to use a SOCKS or HTTP proxy.
However sometimes this is not possible. But if you are lucky you can still use ICMP. A simple check would be see if you can ping a server.
If you can ping your server, you can use it as a proxy. Throughput will be limited. But it’s better than nothing!
I’m doing this on CentOS and luckily RPMForge carries the ptunnel package. Installing was easy. Alternatively you can get the source here.
Below is how to install and start the server side, you could wrap this in an init script but I choose not to do so.
yum install ptunnel
ptunnel -x secretkeyhere -c eth0
You only need the -c
flag if you have multiple interfaces.
Connecting with a client is easy too!
ptunnel -x secretkeyhere -p gateway.example.org -lp 8000 -da shellbox.example.org -dp 22 -c eth0
ssh -p 8000 127.0.0.1
In the example above ssh will connect to shellbox on port 22 using gateway as a proxy.
Of course you can use it to forward other ports. However, combine ssh with the dynamic port forwarding makes it very easy to get internet access.
Enjoy! And only use it for good 😉