SSH port forwarding capable application

0 votes
asked Jan 25, 2010 by user-12 (google) (160 points)
edited Jul 12, 2012

I want to use rebex to creat a SSH port forwarding capabilitie applicatication like as tunnelier. who can help me ?

3 Answers

+2 votes
answered Jan 25, 2010 by Lukas Pokorny (114,150 points)
edited Jan 12, 2016 by Lukas Pokorny

Update: A simple API for local and remote SSH port forwarding (tunneling) has been added in Rebex Terminal Emulation 2016 R1. Check out some sample code, and sorry for the long wait!

The SSH functionality required to make this possible is already included in both Rebex SFTP and Rebex SSH Shell and can be used to implement a Tunnelier-like application, but we have yet to add a simple API to make this easy. This is planned for one of the future releases.

If you don't want to wait, download our SshTunnel sample application (C# and VB.NET) and give it a try - it uses the current version of Rebex SFTP or SSH Shell to tunnel connections from the specified local port through the specified SSH server to the specified target IP address and port.

The application forwards all traffic from the IP/port in the "Local" field (127.0.0.1:8080 by default) to IP/port in the "Remote" field (209.85.129.99:80 by default). The default tunnelling setting tunnels connections to port 8080 to port 80 of google.com, making it possible to connect to Google through the specified SSH server by typing http://localhost:8080/ in the local web browser. Replacing Google's IP/port (209.85.129.99) will make it tunnel to a different address.

C# and VB.NET source code is included with the sample application. The two classes in Tunnel.cs are the sample core. Any feedback is welcome!

commented Jan 31, 2010 by Lukas Pokorny (114,150 points)
Sorry, we don't have any example Socks5 server code.
commented Feb 1, 2010 by user-12 (google) (160 points)
Is it like this: 67.78.543.2:2040 ?
commented Feb 1, 2010 by Lukas Pokorny (114,150 points)
I don't understand this question. What does "it" mean? Also, 67.78.543.2 is not even a valid IP address.
commented Feb 2, 2010 by user-12 (google) (160 points)
How does socks5 server code form?
commented Feb 3, 2010 by Lukas Pokorny (114,150 points)
I am sorry, but I don't understand the last question either. I asked one of my colleagues to send you an e-mail and try to explain what we can offer and what we can't. Sorry for inconvenience!
0 votes
answered Jan 25, 2010 by user-12 (google) (160 points)
edited Jul 12, 2012

I only can access to google page when use it. How can i access to another page such as whatismyip.com or microsoft.com with it ?

I like VB.NET code, can you give me it ? tks

commented Jan 25, 2010 by Lukas Pokorny (114,150 points)
I edited my original answer to include a link to a ZIP file with both C# and VB.NET version, please download it again. I also added more thorough description of what it actually does. To tunnel to a different website, use another IP address instead of 209.85.129.99, but it has to be a website that actually runs at that IP address (unlike google.com, microsoft.com does listen at 207.46.192.254, but redirects the browser to a hostname-based address). If you have more questions, please add your comments to my original reply.
commented Apr 15, 2012 by Stefan Koell (270 points)
edited Apr 15, 2012

Lukas, thank you for the sample. It's helping a lot. One question though: can you do tunneling in the other direction? So that when something connects to a specific port on the SSH server, the communication is redirected to the SSH client to a specific port?

commented Apr 17, 2012 by Lukas Pokorny (114,150 points)
edited Apr 17, 2012

Stefan - yes, there are StartTcpIpForward/StopTcpIpForward/AcceptTcpIpForward and OpenTcpIpTunnel methods in the SshSession class that can be used for this, but these are not sufficiently documented yet. We plan to write a sample application for them soon.

However, there are not hard to use - you just have to establish a tunnel using StartTcpIpForward method and then call the AcceptTcpIpForward to accept incoming connections. Once the AcceptTcpIpForward returns a channel, you can (for example) pass it to a worker thread and call AcceptTcpIpForward again to accept another connection (in case you support multiple simultaneous connections).

The "address" value is passed to the server as-is and it's described here in RFC 4254. Please note that many servers will only allow listens on loopback addresses (such as locahost/127.0.0.1).

commented Apr 22, 2012 by Stefan Koell (270 points)
edited Apr 22, 2012

Hi Lukas, there's an issue with your sample you've provided: if the remote end of tunnel isn't listening when I connect the app will crash when I connect to the local port.

It's crashing at the line StartTunneling(socket, channel); in the OutgoingTunnel implementation. The exception is: [Rebex.Networking]Rebex.Net.SshException: Cannot open channel; connect failed. Connection refused.

Any idea how to handle this situation?

commented Apr 22, 2012 by Lukas Pokorny (114,150 points)
edited Jul 12, 2012

We'll look into this. In the meantime, please try a different tunneling sample from http://www.rebex.net/getfile/901f8b8b1b5549b7ad8243dc2dfc412f/SshTunnelNew-VB.zip (VB only at the moment). It solves several issues reported here. To add tunnels, edit Form1.vb file.

0 votes
answered Apr 22, 2012 by RoyZ (140 points)
edited Jul 12, 2012

Hi,

I'm trying to run your sample code, but after 15-30 seconds of inactivity, Receiver method gets a SocketException with ErrorCode 10053 or 10054. If I ignore this error, the connection re-establish itself and the data continues to go through the tunnel. On the other hand, when I pull my Ethernet cable from my computer I get exactly the same exception.

I need to distinguish between the too cases, so I will be able to display the connection status. Do you have any idea how to do it?

Thanks, Roy

commented Apr 22, 2012 by Lukas Pokorny (114,150 points)
edited Jul 12, 2012

We'll look into this. In the meantime, please try a different tunneling sample from http://www.rebex.net/getfile/901f8b8b1b5549b7ad8243dc2dfc412f/SshTunnelNew-VB.zip (VB only at the moment). It solves several issues reported here. To add tunnels, edit Form1.vb file.

commented Jun 14, 2012 by RoyZ (140 points)
edited Jun 14, 2012

Hi Lukas. Thank you for the code you have sent. It does look and handle errors better. I don't get false disconnection exceptions which is very good. I currently have several problems: 1. The code does not work on the .NET3.5CF. 2. It still takes ~30 seconds to detect disconnection. 3. After disconnection, I can't reconnect. I'm getting the following exception: "System.Net.Sockets.SocketException: Only one usage of each socket address (protocol/network address/port) is normally permitted"

...