-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
22 lines (18 loc) · 885 Bytes
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
This is a simple measure to tunnel through DPI engines that monitor TCP traffic
and drop connections that contain ssh protocol headers. A simple (and low in
computational overhead) byte level transformation is sufficient in most cases.
Deployment:
- Place TUN1 on ssh client side
- Place TUN2 on ssh server side
- TUN1 connects to TUN2 and tunneled traffic are transformed
+-------+ +----+ +----+ +------ +
| SSH + ---> |TUN1| --> DPI FW --> |TUN2| --> | SSH |
| Client| | | | | | Server|
+-------+ +----+ +----+ +-------+
ports: 42022 42122 22
TODO:
- Custom nyte stream transformation as need arise
- connect() is a blocking call and can be improved with fcntl and made
non-blocking
- statistics support
- logging supoprt