Port Forwarding

From FreekiWiki
Revision as of 10:46, 8 August 2012 by Ryan52 (talk | contribs)
Jump to navigation Jump to search

Preliminaries

In order to access our database from outside the LAN, you need to have an account on our outward facing server. Speak with an ASS or the Technocrats to see about getting one.

You will also need to have an SSH or VPN client installed on your computer. By default, Ubuntu comes with OpenSSH, and NetworkManager supports VPN connections.

A word of warning: Routing your web traffic through a proxy means that the sites you visit, and the unencrypted information you send will generally be logged on the proxy server. Additionally, things you send from the proxy server can be traced back to the proxy server. This means, in particular, that you should absolutely not do anything illegal while routing through our network, including torrenting copyrighted materials among other things.

Note: Segments of code will look like this:

$> su -
#> echo FOO
FOO
#>

Where the '$>' indicates a standard user prompt, '#>' indicates a super user prompt, and lines without a prompt indicate messages to the standard output.

SSH

Connecting to the Server

Open a terminal and enter the following:

$> ssh -vND 5678 USER@foyer.freegeek.org

Where 'USER' is your Free Geek account name. You should be prompted for your password. After successfully authenticating, you should see a lot of output that looks something like this:

debug1: Local connections to LOCALHOST:5678 forwarded to remote address socks:0
debug1: Local forwarding listening on ::1 port 5678.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 5678.
debug1: channel 1: new [port listener]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.

This window will print information regarding your SSH connection. Make sure to leave this terminal open while moving on to the next section!

Configuring your Browser

Now we need to configure our web browser to route its traffic through the SSH connection. The location of the configuration option to do this depends on your browser, but the concept remains the same.

Firefox

  1. Select Edit >> Preferences from the menu bar.
  2. In the preferences windows, select the Advanced tab, then the Network tab underneath that, and finally the Settings button.
  3. Now choose Manual Proxy Configuration, and enter the following:
SOCKS Host: localhost    Port: 5678
  1. Make sure SOCKS v5 is selected underneath that. Now click OK, and close the preferences window. You should now be able to access the FGDB. Try putting 'data' into your address bar.

Chromium (Google Chrome)

  1. Click the Wrench icon and select Preferences.
  2. Select Under the Hood, and then Change Proxy Settings.
  3. Now choose Manual Proxy Configuration, and enter the following:
SOCKS Host: localhost    Port: 5678
  1. Now click Close and close the preferences tab. You should now be able to access the FGDB. Try putting 'data' into your address bar.

Closing the Tunnel

  • When you're ready to close the tunnel, return to the Proxy Configuration window, and select No proxy or Direct Internet Connection, depending on your browser.
  • Pull up the terminal window with the SSH connection, and either close the terminal, or enter Ctrl+C to close the connection.

Making Shortcuts

You can do this in either an elegant, enlightened way (command-line) or a brutish, uncultured way (GUI).

CLI

Enter the following into a terminal:

$> cat >> ~/.bash_aliases
alias fg-tunnel='ssh -vND 5678 $USER@foyer.freegeek.org'
alias fg-browser='chromium-browser --proxy-server="socks://localhost:5678"'
^d

Where ^d means Ctrl+D. If you're exceptionally lazy, you could also do this:

$> cat >> ~/.bash_aliases
alias fg-lazy='fg-tunnel && fg-browser'
^d

Firefox doesn't directly allow proxy configurations from the command-line (booo). Instead, you can create different profiles for each proxy setting, and use the following command to switch between profiles when running Firefox (per StackOverflow):

firefox -no-remote -P <profilename>

GUI

  1. Right-click your desktop, and select Create Launcher...
    • Under Type, choose Application in Terminal.
    • Under Name, enter something like FG-SSH or FG-TUNNEL.
    • Under Command, enter ssh -vND 5678 $USER@foyer.freegeek.org
  2. Click OK, and create another launcher.
    • Under Type, choose Application.
    • Under Name, enter something like FG-chromium or Proxy,
    • Under Command, enter chromium-browser --proxy-server="socks://localhost:5678"

Now you can indulge in your barbaric clicky-ness to your heart's content.

VPN

To be written...