summaryrefslogtreecommitdiff
path: root/docs/en/README
diff options
context:
space:
mode:
Diffstat (limited to 'docs/en/README')
-rw-r--r--docs/en/README308
1 files changed, 0 insertions, 308 deletions
diff --git a/docs/en/README b/docs/en/README
deleted file mode 100644
index 8901699..0000000
--- a/docs/en/README
+++ /dev/null
@@ -1,308 +0,0 @@
-AF - Active Port Forwarder v0.5.5 - README
-Copyright (C) 2003,2004 jeremian - <jeremian [at] poczta.fm>
-===================
-
-================================================================================
-
-GRAY-WORLD.NET / Active Port Forwarder
-==========================
-
- The Active Port Forwarder program is part of the Gray-World.net projects.
-
- Our Gray-World Team presents on the http://gray-world.net website the projects
- and publications we are working on which are related to the NACS (Network
- Access Control System) bypassing research field and to the computer and
- network security topics.
-
-================================================================================
-
-=======
-SUMMARY
-=======
-
-INTRO
-
-1. INSTALLATION
- 1.1 Instructions
- 1.2 Required libs
- 1.3 Tested platforms
-2. USAGE
- 2.1 afserver
- 2.2 afclient
-3. EXAMPLES
- 3.1 tcp mode
- 3.2 reverse udp mode
-4. BUGS/PROBLEMS
-
-NOTES
-
-THANKS
-
-================================================================================
-
-=====
-INTRO
-=====
-
-Active port forwarder is a software tool for secure port forwarding.
-It uses ssl to increase security of communication between a server and a client.
-Originally, it was developed to forward data point to point. However, the need
-for bypassing firewalls in order to connect to internally located computers
-influenced the further development of the project.
-
-AF is dedicated for people, who don't have an external ip number and want to
-make some services available across the net.
-
-Moreover, zlib is used to compress the transferred data.
-
-Using one, permanent data/control channel with flow control / packet buffering
-provides good performance and reasonably small latency.
-
-Multiple clients allow to create more sophisticated tunneling scheme.
-
-================================================================================
-
-===============
-1. INSTALLATION
-===============
-
- 1.1 Instructions
- ----------------
-
-1. Download the compressed sources from http://www.gray-world.net/pr_af.shtml
-2. Unpack them with tar zxvf
-3. Type "make".
-4. If something goes wrong - mail the author or post a message on
- http://gray-world.net/board/
-
- 1.2 Required libs
- -----------------
-
-1. openssl - http://www.openssl.org/
-2. zlib - http://www.gzip.org/zlib/
-
- 1.3 Tested platforms
- --------------------
-
-1. Linux:
- Gentoo, Slackware, Mandrake - built without any problems
-2. Freebsd:
- 4.4, 4.9 - have to use patch from project homepage
-3. Windows:
- win32 - cygwin version is available on the project homepage
-
-================================================================================
-
-========
-2. USAGE
-========
-
- 2.1 afserver
- ------------
-
- Options:
- -n, --hostname - it's used when creating listening sockets
- (default: name returned by hostname function)
- -l, --listenport - listening port number - users connect
- to it (default: 50127)
- -m, --manageport - manage port number - second part of the active
- port forwarder connects to it (default: 50126)
- -t, --timeout - the timeout value for the client's connection
- (default: 5)
- -u, --users - the amount of users allowed to use this server
- (default: 5)
- -C, --clients - the number of allowed clients to use this server
- (default: 1)
- -U, --usrpcli - the number of allowed users per client (default: $users)
- -M, --climode - strategy used for connecting users with clients (default: 1)
- Available strategies:
- 1. fill first client before go to next
-
- -c, --cerfile - the name of the file with certificate
- (default: cacert.pem)
- -k, --keyfile - the name of the file with RSA key (default: server.rsa)
- -f, --cfgfile - the name of the file with the configuration for the
- active forwarder (server)
- -p, --proto - type of server (tcp|udp) - for which protocol it will be
- operating (default: tcp)
- -O, --heavylog - logging everything to a logfile
- -o, --lightlog - logging some data to a logfile
- -v, --verbose - to be verbose - program won't enter the daemon mode
- (use several times for greater effect)
-
- --nossl - ssl is not used for transfering data (but it's still
- used to establish a connection) (default: ssl is used)
- --nozlib - zlib is not used for compressing data (default:
- zlib is used)
- --pass - set the password used for client identification
- (default: no password)
-
- -4, --ipv4 - use ipv4 only
- -6, --ipv6 - use ipv6 only
-
- -h, --help - prints this help
-
- 2.2 afclient
- ------------
-
- Options:
- -h, --help - prints this help
- -n, --servername - where the second part of the active
- port forwarder is running (required)
- -m, --manageport - manage port number - server must be
- listening on it (default: 50126)
- -d, --hostname - the name of this host/remote host - the final
- destination of the packets (default: the name
- returned by hostname function)
- -p, --portnum - the port we are forwarding connection to (required)
- -k, --keyfile - the name of the file with RSA key (default: (none))
- -u, --udpmode - udp mode - client will use udp protocol to
- communicate with the hostname
- -U, --reverseudp - reverse udp forwarding. Udp packets will be forwarded
- from hostname:portnum (-p) to the server name:portnum
- (-m)
- -O, --heavylog - logging everything to a logfile
- -o, --lightlog - logging some data to a logfile
- -v, --verbose - to be verbose - program won't enter the daemon mode
- (use several times for greater effect)
- --pass - set the password used for client identification
- (default: no password)
- -4, --ipv4 - use ipv4 only
- -6, --ipv6 - use ipv6 only
- -l, --load - load a module for user's packets filtering
- -L, --Load - load a module for service's packets filtering
-
-================================================================================
-
-===========
-3. EXAMPLES
-===========
-
- 3.1 tcp mode
- ------------
-
- local network |FireWall| Internet
- ||
- || User 1
- || /(tcp)
- AF Client <---Encrypted/Compressed channel---> AF Server
- / || | \(tcp)
- /(tcp) || (tcp)| User 2
- / || \
- Http server || User 3
- ||
-
-
-The use of it is extremely simple. Let's suppose we want to create a http server
-on our computer and we are behind a masquerade or a firewall:
-
-1) We have to find some machine on the net with an external ip and a shell
- account.
-
-2) Use "make" to compile everything on that machine. (you can freely remove the
- afclient and client.rsa files)
-
-3) You can edit the config file or just type from the console (to use the config
- type -f <cfgfile>) :
- $ ./afserver
- This will work, if you want to use default values:
- - hostname will be taken from hostname function (it would be ideally, if
- there is appropriate registration in /etc/hosts)
- - server will be listening for users on port 50127
- - server will be listening for client on port 50126
- - server will be for maximum 5 users
- - server will forward tcp packets
- - there will be no logging and no verbose messages
- - there will be no password identification
- - ip protocol family will be unspecified
-
-4) We use "make" on our machine (we can delete everything apart from afclient
- and client.rsa)
-
-5) We are typing from the console:
- $ ./afclient -n <name of the server> -p 80
- Where <name of the server> is a string like : 'bastion.univ.gda.pl' or
- '153.19.7.200'
-
-6) We can now enter with a web-browser to: <name of the server>:50127 and we
- will enter to our computer in the fact.
-
- 3.2 reverse udp mode
- --------------------
-
- local network |FireWall| Internet
- || (udp)
- || User 1-------AF Client
- || /(tcp)
- AF Client <---Encrypted/Compressed channel---> AF Server
- / || |
- /(udp) || (tcp)|
- / || /
- Game server || AF Client-------User 2
- || (udp)
-
-
-Let's see how to use af to forward udp packets. Suppose we want to create a game
-server on our computer (udp port 27960 on our machine):
-
-1) - 4) is the same like in example 1. (but we add option: -p udp)
-
-5) We are typing from the console:
- $ ./afclient -u -n <name of the server> -p 27960
- Where <name of the server> is a name (or ip) of a host where our server is
- running.
-
-6) Connecting to our game is more complicated. The user must use afclient to do
- this. He has to specify the server he is connecting to and the port, which
- his program will be listening on:
- $ ./afclient -U -d <hostname> -p <portnum> -n <name of the server> \
- -m <server port>
- Where <hostname> is the name of the user machine (who wants to connect to our
- game). <portnum> is the port he will be connecting to. <name of the server>
- is the name of the host where our server is running. <server port> is the
- port on which the server is listening for users. In order to connect to our
- game, the user has to connect to <hostname>:<portnum>.
-
-================================================================================
-
-================
-4. BUGS/PROBLEMS
-================
-
-There are no known/open bugs at the moment.
-
-================================================================================
-
-=====
-NOTES
-=====
-
-Active port forwarder is still under development, so please sent any comments,
-bugs notices and suggestions about it to <jeremian [at] poczta.fm>
-
-If you have some problems or want to share your opinions with others, feel free
-to post a message at http://gray-world.net/board/
-
-================================================================================
-
-======
-THANKS
-======
-
- Big thanks to the GW Team:
-
- to Alex <alex [at] gray-world.net>
- and Simon <scastro [at] entreelibre.com> for testing AF and a lot of advices.
-
- Thanks to Ilia Perevezentsev <iliaper [at] mail.ru> who read and corrected the
-README file.
-
- And thanks for using this software!
-
-LICENSE
--------
-
- Active Port Forwarder is distributed under the terms of the GNU General
- Public License v2.0 and is copyright (c) 2003,2004 jeremian <jeremian [at]
- poczta.fm>. See the file COPYING for details.
-