-
-
Save leto/950711 to your computer and use it in GitHub Desktop.
$ ./sshuttle --dns -r leto@example.com 0/0 -vv | |
Starting sshuttle proxy. | |
Binding: 12300 | |
Listening on ('127.0.0.1', 12300). | |
DNS listening on ('127.0.0.1', 12300). | |
[local sudo] Password: | |
Sorry, try again. | |
[local sudo] Password: | |
firewall manager ready. | |
c : connecting to server... | |
c : executing: ['ssh', 'leto@example.com', '--', 'P=python2; $P -V 2>/dev/null || P=python; "$P" -c \'import sys; skip_imports=1; verbosity=2; exec compile(sys.stdin.read(764), "assembler.py", "exec")\''] | |
c : > channel=0 cmd=PING len=7 (fullness=0) | |
server: assembling 'cmdline_options.py' (29 bytes) | |
server: assembling 'helpers.py' (693 bytes) | |
server: assembling 'ssubprocess.py' (13702 bytes) | |
server: assembling 'ssnet.py' (5100 bytes) | |
server: assembling 'hostwatch.py' (2242 bytes) | |
server: assembling 'server.py' (2380 bytes) | |
s: latency control setting = True | |
s: available routes: | |
s: 173.255.217.0/24 | |
s: > channel=0 cmd=PING len=7 (fullness=0) | |
s: > channel=0 cmd=ROUTES len=17 (fullness=7) | |
s: Waiting: 1 r=[4] w=[5] x=[] (fullness=24/0) | |
s: Ready: 1 r=[] w=[5] x=[] | |
s: mux wrote: 15/15 | |
s: mux wrote: 25/25 | |
s: Waiting: 1 r=[4] w=[] x=[] (fullness=24/0) | |
c : connected. | |
Connected. | |
c : Waiting: 3 r=[3, 5, 9] w=[9] x=[] (fullness=7/0) | |
c : Ready: 3 r=[9] w=[9] x=[] | |
c : < channel=0 cmd=PING len=7 | |
c : > channel=0 cmd=PONG len=7 (fullness=7) | |
c : < channel=0 cmd=ROUTES len=17 | |
firewall manager: starting transproxy. | |
>> iptables -t nat -N sshuttle-12300 | |
>> iptables -t nat -F sshuttle-12300 | |
>> iptables -t nat -I OUTPUT 1 -j sshuttle-12300 | |
>> iptables -t nat -I PREROUTING 1 -j sshuttle-12300 | |
>> iptables -t nat -A sshuttle-12300 -j RETURN --dest 127.0.0.0/8 -p tcp | |
>> iptables -t nat -A sshuttle-12300 -j REDIRECT --dest 0.0.0.0/0 -p tcp --to-ports 12300 -m ttl ! --ttl 42 | |
>> iptables -t nat -A sshuttle-12300 -j REDIRECT --dest XX.7.43.10/32 -p udp --dport 53 --to-ports 12300 -m ttl ! --ttl 42 | |
>> iptables -t nat -A sshuttle-12300 -j REDIRECT --dest XX.7.33.10/32 -p udp --dport 53 --to-ports 12300 -m ttl ! --ttl 42 | |
c : mux wrote: 15/15 | |
c : mux wrote: 15/15 | |
c : Waiting: 3 r=[3, 5, 9] w=[] x=[] (fullness=14/0) | |
Write failed: Broken pipe | |
c : Ready: 3 r=[9] w=[] x=[] | |
firewall manager: undoing changes. | |
>> iptables -t nat -D OUTPUT -j sshuttle-12300 | |
>> iptables -t nat -D PREROUTING -j sshuttle-12300 | |
>> iptables -t nat -F sshuttle-12300 | |
>> iptables -t nat -X sshuttle-12300 | |
c : fatal: server died with error code 255 |
~$ sshuttle --dns -vr user@xx.xxx.xx.xxx 0/0 --ssh-cmd 'ssh -i public.pem'
Starting sshuttle proxy.
firewall manager: Starting firewall with Python version 3.5.2
firewall manager: ready method name nat.
IPv6 enabled: False
UDP enabled: False
DNS enabled: True
TCP redirector listening on ('127.0.0.1', 12300).
DNS listening on ('127.0.0.1', 12300).
Starting client with Python version 3.5.2
c : connecting to server...
Starting server with Python version 2.7.6
s: latency control setting = True
s: available routes:
s: 2/10.8.0.0/24
s: 2/10.8.0.2/32
s: 2/10.10.8.0/22
s: 2/192.168.0.0/22
c : Connected.
firewall manager: setting up.
iptables -t nat -N sshuttle-12300
iptables -t nat -F sshuttle-12300
iptables -t nat -I OUTPUT 1 -j sshuttle-12300
iptables -t nat -I PREROUTING 1 -j sshuttle-12300
iptables -t nat -A sshuttle-12300 -j RETURN --dest 127.0.0.0/8 -p tcp
iptables -t nat -A sshuttle-12300 -j REDIRECT --dest 0.0.0.0/0 -p tcp --to-ports 12300 -m ttl ! --ttl 42
iptables -t nat -A sshuttle-12300 -j REDIRECT --dest 127.0.1.1/32 -p udp --dport 53 --to-ports 12300 -m ttl ! --ttl 42
packet_write_wait: Connection to 49.206.24.241 port 22: Broken pipe
firewall manager: undoing changes.
iptables -t nat -D OUTPUT -j sshuttle-12300
iptables -t nat -D PREROUTING -j sshuttle-12300
iptables -t nat -F sshuttle-12300
iptables -t nat -X sshuttle-12300
c : fatal: server died with error code 255
any solution for this. I can able to ssh by following the below command but sshuttle is not working
ssh -i public.pem user@xx.xxx.xx.xxx
--exclude
This solved my problem.
Thanks 👍
This fixed the problem for me:
I added the--exclude XXX.XXX.XX.XXX
option, where the Xs are the IP addresses of the server.
Here is a link to the original answer:
https://www.reddit.com/r/archlinux/comments/7kxdvw/trouble_running_sshuttle_these_days/
This totally makes sense, I was getting the error broken pipe
and server died with error code 255
, but of course, the connection to the server was lost as soon as the firewall started enforcing every connections, including the current ssh client.
wow Thanks 👍
--exclude XXX.XXX.XX.XXX
Yup, thanks! 👍
sshuttle <user>@<server-ip> --exclude <server-ip> ...
Thanks! 💯
any dns solution?