forked from matthiasl/eproxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME
65 lines (45 loc) · 2.07 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
Title: README file for my TCP proxy/firewall
Author: Matthias ([email protected])
----------------------------------------------------------------------
Warning! Abandonware:
Corelatus used this code as a firewall for about five years.
Eventually, we decided that an IPtables based firewall was
sufficient for our needs. I've put the code on github because
someone asked me to. I'm no longer actively maintaining it.
What is this?
A firewall babysitter and FTP/TCP proxy written in Erlang.
Features:
- ZoneEdit Dynamic DNS client.
- Generic TCP port forwarder. Lets SSH, IMAP, POP,
SMTP, NNTP, CVS, etc. through the firewall.
- Incoming TCP port forwarder. Forwards external
connections to a certain machine on the inside.
- Bandwidth rationing. Problem: someone else is downloading an
ISO, so now all the interactive SSH connections are sluggish
for the next couple of hours. Solution: throttle the download
in the proxy.
What do I need to run it?
* A machine with two ethernet interfaces acting as a firewall
* The 'pump' DHCP client
* Erlang R9B-1 or later
You can also use R9B-0 or R8B-x, but if you want FTP to work in
your browser, you need to supply a patched 'ftp' module. Luke
Gorrie posted the patch to the mailing list on 13. January 2003.
How do I start it?
1. Unpack the files somewhere.
2. run 'make'
3. mv firerc.demo firerc
4. Take a look at "firerc". Edit it.
5. Start erlang and the proxy, perhaps something like:
erl -detached -s reflect go
How do I get UDP packets through my firewall?
This proxy doesn't have any UDP support. You can, of course, get
the UDP packets through some other way, such as configuring your
system to be a router.
What's the licence?
I've put all the source under a BSD licence. I did that because
I figured a BSD licence would let most people do what they want.
If you want some other licence, mail me, preferably with some
reasoning.
See also: the 'todo' file
// eof