Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.
Hi all, please see this major site announcement: https://www.boards.ie/discussion/2058427594/boards-ie-2026

Forcing 9339/TCP down an already existing, working SSH tunnel

  • 18-01-2010 10:23PM
    #1
    runswithascript
    Registered Users, Registered Users 2 Posts: 2,846 ✭✭✭


    I tunnel my Firefox traffic through Socks 4 127.0.0.1:5555 to PuTTY 127.0.0.1:5555 -D which pushes it down an SSH tunnel to a remote OpenSSH server and it works just fine with virtually everything.

    My problem is that when I use the Facebook Flash app Texas HoldEm Poker although it starts to load, it tries connecting to several servers and then returns the error:
    Your firewall may be blocking access to port 9339.
    The same app works fine if used locally server side, as do regular Facebook apps over the tunnel client side.

    There is a commercial program which does allow it to work and the developer has told me:
    9339 is a TCP port. The tunnel client associates the facebook URL with that port. So, When a connection request is received for that URL the tunnel servers listens on that port. Once the return data is received it sends that data back to the tunnel client.
    He also sent me these screenshots:

    9htljc.jpg

    osegyw.jpg

    Is it possible to do the same with PuTTY?


Comments

  • #2
    bricks
    Registered Users, Registered Users 2 Posts: 443 ✭✭bricks


    Some webapps seem to do this, they ignore the proxy/socks settings in Firefox and just send direct.
    Port 9939 along with any other ports would normally be sent via socks and go into the tunnel.

    One thing to try is see what happens if it has no other route to use, it may use the proxy then. To do this run the following commands.
    route add 1.2.3.4 mask 255.255.255.255 3.4.5.6
    route delete 0.0.0.0

    1.2.3.4 is the socks IP
    and 3.4.5.6 is the IP of your default gateway.
    Note the above route commands are temporary and don't last a reboot.

    The other option is to use a VPN.


  • #3
    runswithascript
    Registered Users, Registered Users 2 Posts: 2,846 ✭✭✭runswithascript


    bricks wrote: »
    1.2.3.4 is the socks IP
    and 3.4.5.6 is the IP of your default gateway.
    Note the above route commands are temporary and don't last a reboot.

    My socks IP being 127.0.0.1, as that's what I point Firefox at when I tunnel through PuTTY, or is it the remote SSH server's IP?

    And is my default gateway the default gateway of the remote SSH server or the regular default gateway of the client box when not using a proxy?


  • #4
    bricks
    Registered Users, Registered Users 2 Posts: 443 ✭✭bricks


    LA3G wrote: »
    My socks IP being 127.0.0.1, as that's what I point Firefox at when I tunnel through PuTTY, or is it the remote SSH server's IP?

    And is my default gateway the default gateway of the remote SSH server or the regular default gateway of the client box when not using a proxy?

    The default gateway is the same as the one on your PC. (As seen in ipconfig)
    The other IP is the remote SSH servers IP.


  • #5
    runswithascript
    Registered Users, Registered Users 2 Posts: 2,846 ✭✭✭runswithascript


    bricks wrote: »
    The other IP is the remote SSH servers IP.

    I will try it on Friday when I am next at the remote box.

    If when it has no other route to use and the Facebook app does in fact work what does this mean, and what if it does not?

    Can I assume the subnet mask is not in fact 255.255.255.255 but instead that of the remote SSH server?

    Somebody has said I should look into Socks wrapping which I am also researching.

    I want to exhaust all possibilities of it working over SSH before attempting VPN because it is something I have no experience with.


  • #6
    runswithascript
    Registered Users, Registered Users 2 Posts: 2,846 ✭✭✭runswithascript


    Resolved using Sockscap, a lightweight freeware socks wrapper.

    It allows me to open Firefox Portable 'proxified' and all recursive applications that it opens, including Adobe Flash.

    My only problem now is that I use the same browser for work and personal use and Sockscap overrides Firefox's connection settings and any settings configured on proxy addons etc so everything is forced down the tunnel but that is a topic for another thread.


  • Advertisement
  • #7
    ethernet
    Registered Users, Registered Users 2, Paid Member Posts: 3,519 ✭✭✭ethernet


    LA3G wrote: »
    My only problem now is that I use the same browser for work and personal use and Sockscap overrides Firefox's connection settings and any settings configured on proxy addons etc so everything is forced down the tunnel but that is a topic for another thread.
    Have you had a look at FoxyProxy? Easy to switch between proxies or have traffic for certain sites use a proxy while the others all use another connection.


  • #8
    runswithascript
    Registered Users, Registered Users 2 Posts: 2,846 ✭✭✭runswithascript


    ethernet wrote: »
    Have you had a look at FoxyProxy? Easy to switch between proxies or have traffic for certain sites use a proxy while the others all use another connection.

    Yes, it was one of the first addons I tried months ago when my only problem was configuring the SSH tunnel with Firefox.

    From what I remember the commercial bloated FoxyProxy addon had limitations without paying a fee and did not allow dynamic ports, whereas the free lightweight addons SwitchProxy Tool and AutoProxy or one of its variants do allow virtually all internet use. That said none of the three would negate Flash Player ignoring the connection settings of Firefox Portable and connecting directly.

    The problem and solution outlined in this thread is resolved, but I appreciate your input :)

    I am now working on related problem which is an extension of this.

    Configure Flash Player ALONE to connect via an existing, working SOCKS SSH tunnel?


Advertisement