通过 HTTP/s 隧道传输任何类型的 TCP 流量 [英] Tunnel any kind of TCP traffic through HTTP/s
问题描述
我正在寻找一种软件来通过 HTTPS 隧道传输 RDP 或其他二进制 TCP 流量.因为很多客户端只允许HTTP/S(防火墙只开放80和443端口).
I am looking for a software to tunnel RDP or other binary TCP traffic through a HTTPS tunnel. Because many clients only have HTTP/S permitted (only port 80 and 443 open in the firewall).
但是需要将 RDP(和其他协议)从 DMZ 中的机器转发到客户端.
But there's a need to forward RDP (and other protocols) from machines in DMZ to clients.
是否有任何开源软件或企业软件可以解决这个问题?
Is there any kind of open source or enterprise software for this problem?
F5 big ip 之类的解决方案存在问题,我必须创建连接用这个软件配置.如果可以通过使用 api 来做到这一点,那将是一个很好的解决方案.但我宁愿只获得隧道组件,而无需使用整个网关软件.因为我需要用自己的软件创建隧道(1000ds),并且需要将隧道访问限制为允许的用户(由会话 cookie 标识)
Solutions like F5 big ip has the problem that I have to create the connection configuration with this software. If it would be possible to do this by use of an api it would be an good solution. But i would prefer only to get the tunnel component without bying a whole gateway software. Beacuse i need to create tunnels (1000ds of) out of my own software and its a need to restrict tunnel access to permitted user (Identifyed by session cookie)
http://http-tunnel.sourceforge.net/
如果隧道客户端可能不是专用服务器,而是在客户端浏览器中运行的 Flash 的 Java 小程序,那么它将 100% 满足我的需求.
If it would be possible that the tunnel client would not be a dedicated server but a java applet of flash running within the clients browser, it would match by 100% my needs.
推荐答案
有大量项目通过 HTTP(S) 建立 TCP 隧道.您将需要做一些工作来选择最适合您需要的(并可能稍作修改).
There are a huge number of projects that tunnel TCP over HTTP(S). You will have to do a bit of work to select the one that best suits your needs (and probably modify it slightly).
SuperTunnel (Java).看起来不错,他们似乎已经考虑过如何处理表现不佳的代理.
SuperTunnel (Java). Looks nice, they seem to have given some thought to how to deal with not-well-behaved proxies.
JHttpTunnel (Java).gnu httptunnel 的一个端口,我认为使用相同的网络协议.
JHttpTunnel (Java). A port of gnu httptunnel, I think uses the same network protocol.
Netty HTTP 隧道(Java,Netty 的一部分,一个非常好的网络库;示例代码).我认为这需要客户端和服务器都使用 Netty,但除此之外,还可以直接替代 Netty 中的常规套接字.
Netty HTTP Tunnel (Java, part of Netty, a very nice networking library; sample code). I think this requires both client and server to use Netty, but aside from that is a drop-in replacement for the regular sockets in Netty.
ProxyChains(C、Unix,非常流行)
ProxyChains (C, Unix, very popular)
GNU httptunnel(C,不支持 HTTPS,这可能是所有http隧道的祖父)
GNU httptunnel (C, no HTTPS support, this is probably the granddaddy of all http tunnels)
node-http-tunnel (Node.js)、
node-http-tunnel (Node.js), Net::HTTPTunnel (Perl), nRedir (Python), Corkscrew, htunnel, ...
我认为 SuperTunnel 和 JHttpTunnel 都可以包含在客户端的小程序或 Java 应用程序中,它们不需要作为独立代理运行.
I think SuperTunnel and JHttpTunnel can both be included in an applet or Java app of your own on the client side, they do not need to run as standalone proxies.
Netty 也会这样做,但是(我认为)它要求您的服务器也使用 Netty:换句话说,它允许您将常规 TCP connect() 替换为使用 Netty 的服务器TCP-over-HTTP connect(),但不会代理与其他服务器的任意连接(除非您编写自己的简单代理).
Netty will also do that, but (I think) it requires that your server also use Netty: in other words, it allows you to replace regular TCP connect() to a server using Netty with TCP-over-HTTP connect(), but does not proxy arbitrary connections to other servers (unless you write your own simple proxy).
这篇关于通过 HTTP/s 隧道传输任何类型的 TCP 流量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
