Comments (16)
Why not just set up a tcp server and on connection, pipe the socket to a new forwarded stream? Something like (assuming your remote web server is running on port 80):
var net = require('net');
// Connect to ssh server first.... then....
net.createServer(function(sock) {
// may want to sock.pause() first if on an older (pre-v0.10-ish?) node version
c.forwardOut(sock.remoteAddress, sock.remotePort, '127.0.0.1', 80, function(err, stream) {
if (err) throw err; // do something better than this
sock.pipe(stream);
stream.pipe(sock);
// sock.resume() here if you paused earlier
});
}).listen(8000);
That isn't tested, but you get the idea.... the http client connects to port 8000, which should then get transferred to the web server on the other side. No other work should be necessary.
from ssh2.
@mscdex
It seems to be fixed via the following code. :-)
net.createServer(function(sock) {
c.forwardOut(sock.remoteAddress, sock.remotePort, '127.0.0.1', 80, function(err, stream) {
if (err) throw err; // do something better than this
sock.on('data', function(data) {
if (stream.write(data) === false) {
sock.pause();
}
});
stream.on('drain', function() {
sock.resume();
});
stream.on('data', function(data) {
sock.write(data);
});
});
}).listen(8000);
from ssh2.
I was confused as well with 'local stream' vs local ip:port
Here is my understanding what forwardOut does:
- ask remote ssh server to establish tcp connection to rip:rport
- create local stream, pipe it to ssh 'tcp local' protocol
So what's the purpose of local ip / local port arguments?
from ssh2.
If I understand what you're asking correctly, it sounds like you might need/want to set up some kind of SOCKS proxy or something and forward connections that way? It would simplify things since you would only need to forward a single port over ssh.
However that may limit throughput some since all connections would just be using a single channel stream. That may or may not be a problem though depending on your needs.
from ssh2.
I was hoping to avoid setting up a socks proxy as it seemed like overkill. The client application I'm building will be connecting to different remote servers via ssh and communicating via websockets with an agent/daemon installed on each server.
Using fowardOut requires all traffic to be sent through the stream provided by the callback via stream.write() correct?
from ssh2.
Ok, so I think what you could do is when you receive the HTTP upgrade request for the websocket locally, start a forwardOut() (assuming you are already connected, if not connect first obviously). Then pass that request (header and all) through the tunnel. Then the remote web server should respond and continue with the websocket upgrade handshake as normal.
from ssh2.
Thanks for the tips! I'm going to see if I can figure out how to make the socket.io/engine.io client communicate through the stream provided by forwardOut(). I'll post an update if I get it working.
from ssh2.
I've been looking into this further. I've taken websockets out of the equation for now to keep things simple. Right now I'd just like to forward a standard http.get request through the ssh tunnel. It works when I manually write the raw headers into the stream (like in your example).
However I'm not able to make the request happen using an http.ClientRequest instance. Going through the node source code for the ClientRequest class I can see it trying to create a new socket connection. Should I be trying to get the http request to use the same socket as the ssh2 object? If so it looks like I can pass a file descriptor to the createHandle function but I'm not sure how to get the file descriptor of the socket ssh2 is using. Is there a better way?
An alternative would be to create an http server instance locally, connect to it and then pipe that stream into the ssh2 connection. I'd like to avoid that approach if possible as it seems like there should be a way to do it with the forwarded connection. Any ideas?
from ssh2.
That works perfectly! Thank you for taking the time to show me the light through the SSH tunnel! I'll add this example to the readme.
from ssh2.
Hello @mscdex , @rawberg :
I'm using the similar code like the previous posted example.
"Browser" <--> "Host PC Node"(net.createServer()
& ssh.forwardOut()
) <--(ssh)--> "Remote PC Server"
The response for the request of browser should be some ".js" files like "A.js", "B.js", but sometimes, the contents of ".js" are mixed.
Have you seen this case ?
from ssh2.
@sparkleholic Hard to say without seeing any code.
from ssh2.
Hi @mscdex
It is almost same code as suggested in previous comment.
var net = require('net');
// Connect to ssh server first.... then....
var localServer = net.createServer(function(sock) {
sock.pause();
c.forwardOut(sock.remoteAddress, sock.remotePort, '127.0.0.1', 8080, function(err, stream) {
if (err) throw err; // do something better than this
stream.pause();
sock.pipe(stream);
stream.pipe(sock);
sock.resume();
stream.resume();
});
});
localServer.listen(0 /*random*/, "127.0.0.1", null, (function() { ...}));
- Node 10.0.18 & 10.0.22 (Tested in Both)
- ssh2 0.2.12
This is not always happened. 1~2 times of 10.
from ssh2.
You should be able to just do this with streams2, I don't know if it will solve your problem though:
net.createServer(function(sock) {
c.forwardOut(sock.remoteAddress, sock.remotePort, '127.0.0.1', 80, function(err, stream) {
if (err) throw err; // do something better than this
sock.pipe(stream).pipe(sock);
});
}).listen(8000);
from ssh2.
I just tried... but unfortunately it still is causing a same problem. :-(
from ssh2.
Glad to hear you got it sorted out :-)
from ssh2.
I think I found the answer here - #99 (comment)
from ssh2.
Related Issues (20)
- Terrapin advice HOT 2
- Vulnerability CVE-2023-48795 Reported: Prefix Truncation Attack, Fix Requested HOT 2
- Pure JS fallback when WASM is not available
- Can't connect "ignoring handled error" HOT 9
- any method to execute command after ssh connected. HOT 10
- Get remote port forwarding -R local port HOT 2
- Question: HTTPSAgent reuse HOT 3
- Execute ssh command inside a "for of" HOT 7
- Test code should be excluded from the published package HOT 1
- Question: Missing documentation in the code
- forwardIn binding to 127.0.0.1 instead HOT 2
- App stops on error timeout even if handled HOT 3
- Not building in Cloudflare Workers HOT 1
- Issue Connecting to MongoDB via SSH Tunnel in Node.js HOT 1
- Issue/Suggestion :- Adding of maxEventListner on all the event HOT 4
- allow server to connect to forwarded agent from client HOT 1
- ecdsa-sha2-nistp256 private key support
- "Key auth required before password auth" error when connecting HOT 2
- READDIR hangs indefinitely HOT 12
- Specify `node-gyp` as a dependency. HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh2.