Created
June 19, 2010 19:57
-
-
Save opie4624/445227 to your computer and use it in GitHub Desktop.
Reliable outbound SSH tunnel through a restrictive proxy. Read more: http://post.ly/k4O9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo | |
date | |
echo "----------------------------" | |
if ssh -O check tunnel@vpn.example.com; then | |
echo "Tunnel's up." | |
else | |
echo "Starting up tunnel..." | |
if ssh -R 2222:localhost:22 tunnel@vpn.example.com -f 'sleep 3300'; then | |
echo "Seems good." | |
else | |
echo "Didn't come up." | |
fi | |
fi | |
echo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ControlPath /tmp/ssh-%r-at-%h-%p.ctl | |
ControlMaster auto | |
Host vpn.example.com | |
DynamicForward 1080 | |
# Through 2 proxies | |
#ProxyCommand ~/proxytunnel-1.9.0/proxytunnel -v -p localhost:8888 -r www.example.com:443 -d %h:%p -H "User-Agent: ozilla/4.0 (compatible; MSIE 6.0; Win32)\n" | |
# Through 1 proxy | |
ProxyCommand ~/proxytunnel-1.9.0/proxytunnel -v -p www.exmaple.com:80 -d %h:%p -H "User-Agent: ozilla/4.0 (compatible; MSIE 6.0; Win32)\n" | |
ServerAliveInterval 30 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<VirtualHost 10.0.0.17> | |
DocumentRoot /var/www/localhost/htdocs | |
Customlog vpn.example.com-access.log combined | |
ErrorLog vpn.example.com-error.log | |
HostnameLookups On | |
ProxyRequests on | |
AllowCONNECT 22 2022 | |
ProxyVia on | |
### Deny everything by default | |
<Proxy *> | |
Order deny,allow | |
Deny from all | |
</proxy> | |
# <Proxy 123.45.67.89> | |
# <Proxy machine.example.com> | |
# <ProxyMatch .*\.example\.com> | |
<ProxyMatch (vpn|router)\.example\.com> | |
Order allow,deny | |
Allow from all | |
# Deny from all | |
# | |
# ### External (customer) sites allowed to connect | |
# Allow from customer1.example.net | |
# Allow from customer2.example.org | |
</ProxyMatch> | |
</VirtualHost> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment