avejidah
03-15-2006, 12:58 PM
If anyone cares, this is a pretty kewl way to play eq behind a restrictive firewall, and also optionally use showeq over the internet rather than LAN. I read another article about playing eq behind a restrictive firewall using ssh tunnels. I'm pretty sure eq has made it impossible(at least the article I read no longer works) using ssh and a dynamic port forward. So I made up my own way.
Ill be using a windows machine behind a firewall(lets "pretend" it's at my work =). This is the machine we'd like to play eq from, but a firewall is blocking us from connecting. Also I'll be using a linux machine at home. I'm using Debian Sarge 2.6, but use whatever you like(but don't ask me how to install crap, Debian is the l33t, easy to install, secure, been around for a long time. Redhat and the likes are absolute garbage IMO and their package management is crap. IMO, and I'm entitled to my opinion, any distro that does not use apt is not worth using.).
First thing that needs to be done is we need to find a port that we can squeeze data through. We only need one open port, and most likely you'll be able to get data through on port 53 UDP(because it's DNS) or port 80 TCP(because it's HTTP). To check for an open port you will need a packet sniffer on one computer(I'm putting one on the linux machine), and something to send a packet from the other computer(I'm using nemesis on the windows machine.). First get the packet sniffer. I use ethereal, you can use whatever you want. Tcpdump would also work well. To get ethereal on debian, issue this command:
apt-get install ethereal
then get the text based version by issuing this command:
apt-get install tethereal
If you are using something other than Debian, get ethereal from
http://www.ethereal.com/
It requires a few things like libpcap, but if you have showeq already running you probably have all the dependancies.
Next you need to get something to send a packet. Im going to use nemesis packet injection suite, but you can use anything. Nmap would also work well. Get nemesis from
http://nemesis.sourceforge.net/
and install it on the windows machine.
Now that that's done, you will need to find an open port. Lets first check if UDP port 53 is open. On the linux machine, start listening for traffic on port 53 by issuing this command:
tethereal port 53
Head over to the windows machine(or connect to it remotely or whatever you do) and send a udp packet to port 53 on the linux machine. In order to do this you will need to know the linux machines ip address. Get this from
http://www.whatismyip.com
or however else you get your IP Address(note: it must be your WAN address, not your LAN address. 192.168.*.* and 10.10.*.* are examples of LAN addresses. Also, if your linux machine is behind a router it's going to need port 53 udp forwarded to it. You should know how to use your own router.) For this example, let's assume that your IP Address is 1.1.1.1 for the linux machine, and the windows machine is 2.2.2.2. Supplement your own ip address, and issue the following command from your windows machine(issue the command from DOS, from the directory you installed nemesis into).
nemesis udp -y 53 -D 1.1.1.1
that says to send a udp packet over port 53 to ip address 1.1.1.1. Now on the linux box, if you see data coming from 2.2.2.2 over port 53 udp(in you packet sniffer), then you know you can get data through over port 53. Otherwise, you're going to need to do some more work to find an open port. Repeat the above steps, but on a different port. Like tcp port 80(HTTP) or tcp port 25(smtp) as they are commonly open in firewalls.
Now that we have found an open port, we need to squeeze all of our data through that port. I use a VPN(Virtual Private Network) to accomplish this task. On the linux machine you will need a vpn server, I use openVPN. On the windows machine you will need a VPN client, I use openVPN. On the linux machine issue this command to get the server:
apt-get install openvpn
or download and install it from:
http://openvpn.net/
Then download and install the client on the windows machine from:
http://openvpn.net/
You are going to have to read the manual a bit to get openvpn installed and working, there is great documentation at http://openvpn.net/, read the HOWTO (2.X). I'm not going to rewrite the whole doc on getting it installed, but in a nutshell the client and server both need to generate keys and share them. All in all, my first time took me about 10 minutes to get openVPN up and running, so just rtfm! The manual is short, and easy to read. While configuring openVPN's server, set it to listen for connections on udp port 53(or whatever open port you decided on). Now on the windows machine all you have to do is connect to the openVPN server, and start playing eq! The local network admins will not be able to tell what you are doing because all traffic will be encrypted(they will still see traffic, however).
Next open up a VNC server on the nix(or something else to display the desktop of the nix). I use vncserver. Issue these commands:
apt-get install vncserver
vncserver
Then connect to the vncserver(you will be connecting over the vpn, so data will be encrypted) from the windows machine. Now on the linux box(in your vnc window), open up showeq on the newly created tunneled network device(ifconfig to find out the name of the new tunneled network device).
showeq -i NewDeviceNameHere
Boom! Showeq over the internet from behind a restrictive firewall! Hope someone at least reads this. =)
avejidah
Ill be using a windows machine behind a firewall(lets "pretend" it's at my work =). This is the machine we'd like to play eq from, but a firewall is blocking us from connecting. Also I'll be using a linux machine at home. I'm using Debian Sarge 2.6, but use whatever you like(but don't ask me how to install crap, Debian is the l33t, easy to install, secure, been around for a long time. Redhat and the likes are absolute garbage IMO and their package management is crap. IMO, and I'm entitled to my opinion, any distro that does not use apt is not worth using.).
First thing that needs to be done is we need to find a port that we can squeeze data through. We only need one open port, and most likely you'll be able to get data through on port 53 UDP(because it's DNS) or port 80 TCP(because it's HTTP). To check for an open port you will need a packet sniffer on one computer(I'm putting one on the linux machine), and something to send a packet from the other computer(I'm using nemesis on the windows machine.). First get the packet sniffer. I use ethereal, you can use whatever you want. Tcpdump would also work well. To get ethereal on debian, issue this command:
apt-get install ethereal
then get the text based version by issuing this command:
apt-get install tethereal
If you are using something other than Debian, get ethereal from
http://www.ethereal.com/
It requires a few things like libpcap, but if you have showeq already running you probably have all the dependancies.
Next you need to get something to send a packet. Im going to use nemesis packet injection suite, but you can use anything. Nmap would also work well. Get nemesis from
http://nemesis.sourceforge.net/
and install it on the windows machine.
Now that that's done, you will need to find an open port. Lets first check if UDP port 53 is open. On the linux machine, start listening for traffic on port 53 by issuing this command:
tethereal port 53
Head over to the windows machine(or connect to it remotely or whatever you do) and send a udp packet to port 53 on the linux machine. In order to do this you will need to know the linux machines ip address. Get this from
http://www.whatismyip.com
or however else you get your IP Address(note: it must be your WAN address, not your LAN address. 192.168.*.* and 10.10.*.* are examples of LAN addresses. Also, if your linux machine is behind a router it's going to need port 53 udp forwarded to it. You should know how to use your own router.) For this example, let's assume that your IP Address is 1.1.1.1 for the linux machine, and the windows machine is 2.2.2.2. Supplement your own ip address, and issue the following command from your windows machine(issue the command from DOS, from the directory you installed nemesis into).
nemesis udp -y 53 -D 1.1.1.1
that says to send a udp packet over port 53 to ip address 1.1.1.1. Now on the linux box, if you see data coming from 2.2.2.2 over port 53 udp(in you packet sniffer), then you know you can get data through over port 53. Otherwise, you're going to need to do some more work to find an open port. Repeat the above steps, but on a different port. Like tcp port 80(HTTP) or tcp port 25(smtp) as they are commonly open in firewalls.
Now that we have found an open port, we need to squeeze all of our data through that port. I use a VPN(Virtual Private Network) to accomplish this task. On the linux machine you will need a vpn server, I use openVPN. On the windows machine you will need a VPN client, I use openVPN. On the linux machine issue this command to get the server:
apt-get install openvpn
or download and install it from:
http://openvpn.net/
Then download and install the client on the windows machine from:
http://openvpn.net/
You are going to have to read the manual a bit to get openvpn installed and working, there is great documentation at http://openvpn.net/, read the HOWTO (2.X). I'm not going to rewrite the whole doc on getting it installed, but in a nutshell the client and server both need to generate keys and share them. All in all, my first time took me about 10 minutes to get openVPN up and running, so just rtfm! The manual is short, and easy to read. While configuring openVPN's server, set it to listen for connections on udp port 53(or whatever open port you decided on). Now on the windows machine all you have to do is connect to the openVPN server, and start playing eq! The local network admins will not be able to tell what you are doing because all traffic will be encrypted(they will still see traffic, however).
Next open up a VNC server on the nix(or something else to display the desktop of the nix). I use vncserver. Issue these commands:
apt-get install vncserver
vncserver
Then connect to the vncserver(you will be connecting over the vpn, so data will be encrypted) from the windows machine. Now on the linux box(in your vnc window), open up showeq on the newly created tunneled network device(ifconfig to find out the name of the new tunneled network device).
showeq -i NewDeviceNameHere
Boom! Showeq over the internet from behind a restrictive firewall! Hope someone at least reads this. =)
avejidah