forked from jakkarth/icmptx
-
Notifications
You must be signed in to change notification settings - Fork 0
IP-over-ICMP tunnel
License
arkivm/icmptx
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
This is the ICMPTX program. This software is most recently available from http://github.com/jakkarth/icmptx ICMPTX is a program that allows a user with root privledges to create a virtual network link between two computers, encapsulating data inside of ICMP packets. -- license -- This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this ICMPTX. If not, see <http://www.gnu.org/licenses/>. -- basic usage instructions -- First, make sure you have the tun module from your 2.6 kernel loaded up or compiled into your kernel on both ends of your tunnel. Second, compile the code on both the client machine and the server you wish to tunnel your traffic between. Third, on the server side, do something like ./icmpx -s 1.2.3.4 & sleep 1 ifconfig tun0 10.0.3.1 netmask 255.255.255.0 Fourth, on the client side, do something like ./icmptx -c 1.2.3.4 & sleep 1 ifconfig tun0 10.0.3.2 netmask 255.255.255.0 Replace 1.2.3.4 with your internet-accessible IP on the server. At this point you should have a simple link between the client and server. On the client, you should be able to ping 10.0.3.1 and get a response. Note that there are several levels of irony involved in receiving the responses. SSH tunneling can be used at this point for secure communication over the channel. Note that there is no encryption capability provided directly by ICMPTX. Once you've confirmed that the tunnel does in fact work, routing should be easily accomplished. The tun interfaces are just like any other ethernet devices on your system and can be used as such, for example: route add -net 192.168.0.0/24 gw 10.0.3.1 executed on the client could add a route to your server's DMZ segment. Access to systems on the 192.168.0.0/24 subnet from the client would then be transparently tunneled through the ICMPTX connection. -- who's to blame for all this? -- ICMPTX has an interesting lineage. The code for the ICMP handling was originally included from the itunnel program. Tun interface handling was included from the VTun project, originally authored by Maxim Krasnyansky. The two were brought together by edi / teso. From there, Siim Põder cleaned up the code and wrote a short article about it, possibly still available at http://www.linuxexposed.com/content/view/153/52/ . That seems to be where Thomer Gil found it, after which he further cleaned it up and presented it at http://thomer.com/icmptx/, which is where I, John Plaxco, came across it. Further and newer information may be available at the project's homepage at http://github.com/jakkarth/icmptx.
About
IP-over-ICMP tunnel
Resources
License
Stars
Watchers
Forks
Packages 0
No packages published
Languages
- C 97.9%
- Makefile 2.1%