Forward all ports

[gerardo-junior]

I was trying to make a transparent nat proxy and I found this mallet project which has not worked in the last version of chisel but it is a great idea for a "simple vpn p2p" and I think it would be nice to have it natively in chisel or just range port forwarding.

example.

chisel client chiselserver 10.0.0.5:127.0.0.1 # to all ports (tcp/udp) is forwarding

ssh 10.0.0.5 # => server localhost (127.0.0.1)

(I don't know how the windows firewall works and how hard it is to nat)

[aus]

This is possible with something like tun2socks, but most implementations require your socks server to support UDP ASSOCIATE. I'm working on adding that in #189. But I also like the idea of having a tun remote. Something like:

chisel client http://server 10.0.0.1:tun

mallet looks interesting.

[gerardo-junior]

I read in an issue here that generating tun interface would be very hard to add but this idea is much simpler, nat.

but to avoid conflict it's cool to set some loopback ip or specific ip

chisel client chiselserver 10.0.0.1:127.0.0.3/nat

ssh 127.0.0.3 # => nat 127.0.0.3 to 10.0.0.1 over chisel server

with specific ip the client can work with dns or hostfile

[jpillora]

This was first raised about 5 years ago! I looked into it quite carefully, and gave an approximation of what it'd take to make this work #3 (comment)

Indeed it would be nice to just forward all ports. So forwarding all ports (all packets) is what a router does, and from what I can see, the best solution for this is indeed a separate (most likely TUN) interface. Next forwarding traffic over a TUN interface is exactly what a VPN client is. In short, it's possible but quite a bit of work, potentially a large rearchitecture.

I'll lock this issue but keep it open, please add your comments here #3