After too much headache. The code is in very low quality, just a proof of concept that can be implemented.
The implemented idea was made by changing sshd-netty, and adding a function to unpack the http request and remove the HOST HEADER (this needs to be improved here). Only 1 port on the server is used, and it is kind of a reverse proxy for clients ... I would like the help of the developers to improve the code in question. My knowledge in Netty and Mina is very limited. Appreciate: Source: https://github.com/ricardojlrufino/sshd-dyn-tunneling Testing: Open 2 connections: ssh -v -R http1:9000:localhost:8001 localhost -p 4440 ssh -v -R http2:9000:localhost:8002 localhost -p 4440 Make requests: curl -v -H "Host: http1" http1:9000 curl -v -H "Host: http2" http2:9000 Start test servers: https://github.com/ricardojlrufino/sshd-dyn-tunneling/blob/tunel/src/test/resources/setup_remotes.sh Ricardo JL Rufino ---------------------------------------------------------------------- CriativaSoft <http://www.criativasoft.com.br> - *Desenvolvimento de Sistemas com QualidadeAnalista e Engenheiro de Software* *Skype*: ricardojlrufino *Linkedin*: br.linkedin.com/pub/ricardo-rufino/5a/696/81a <[email protected]> Em sáb, 4 de mai de 2019 às 15:04, Ricardo JL Rufino < [email protected]> escreveu: > > As a proof of concept, I made up the idea of each connection, opening a > new port on the server. Some changes were necessary in TcpipClientChannel > and DefaultForwardingFilter. To allow this. > > See: > > https://github.com/ricardojlrufino/sshd-dyn-tunneling/blob/tunel/src/main/java/sshd/MyDefaultForwardingFilter.java#L672 > > https://github.com/ricardojlrufino/sshd-dyn-tunneling/blob/tunel/src/main/java/sshd/MyTcpipClientChannel.java#L90 > > Now the client does not have to know the port that will be opened from the > server. This allows me to call many times: > > ssh -v -R http1: 9000: localhost: 8001 localhost -p 4440 > ssh -v -R http1: 9000: localhost: 8002 localhost -p 4440 > > This was my first attempt, but I believe it's possible to implement this > without opening multiple ports on the server, and doing this redirection > based on the subdomain > > Any idea how to do this implementation? > > > Ricardo JL Rufino > ---------------------------------------------------------------------- > CriativaSoft <http://www.criativasoft.com.br> - > *Desenvolvimento de Sistemas com QualidadeAnalista e Engenheiro de > Software* > *Skype*: ricardojlrufino > *Linkedin*: br.linkedin.com/pub/ricardo-rufino/5a/696/81a > <[email protected]> > > > Em sáb, 4 de mai de 2019 às 12:23, Ricardo JL Rufino < > [email protected]> escreveu: > >> I'm trying to implement a "dynamic" proxy forward to access localhost >> from Internet, like Ngrok. >> >> This guy does essentially the same thing: https://serveo.net/#intro (but, >> without a client) >> >> The idea would be to use the SAME port on the server, and make a dynamic >> proxy for each client, based on a subdomain >> >> The problem is that the default implementation throws error on the second >> connection .. saying that the port is already open. >> >> org.apache.sshd.common.forward.DefaultForwardingFilter # doBind >> >> Who has an idea of how to implement this? The advantage of this is that >> you do not even need a CLIENT like Ngrok for that ... just using normal ssh >> would be possible. >> >> ssh -R http2:9000:localhost:8002 localhost -p 4440 >> ssh -R http2:pSERVER:localhost:pLOCAL localhost -p SSHD_PORT >> >> an option I imagined, is to generate the ports dynamically on the server: >> IGNORING THE 'pSERVER' port, and creating an HttpProxy, to do the >> redirection for each port. But I find this very inefficient, I believe it >> would be possible to do only by analyzing the request header and making the >> redirects for the corresponding channels / connections >> >> >> >>
