SSH Tunnel

There are three types of port port forwarding, i.e. local, remote, and dynamic port forwarding. More details can be found at https://dev.to/__namc/ssh-tunneling---local-remote--dynamic-34fa.

 

[Local Port Forwarding]

 

[mininet script]

#!/usr/bin/python

from mininet.net import Containernet

from mininet.node import Docker

from mininet.cli import CLI

from mininet.log import setLogLevel, info

from mininet.link import TCLink, Link

 

def topology():

 

    "Create a network with some docker containers acting as hosts."

    net = Containernet()

 

    info('*** Adding hosts\n')

    h1 = net.addHost('h1', ip='192.168.0.1/24')

    d1 = net.addDocker('d1', ip='192.168.0.2/24', dimage="php-apache-dev:ssh-server")

 

    info('*** Creating links\n')

    net.addLink(h1, d1)

   

    info('*** Starting network\n')

    net.start()

    d1.cmd("/etc/init.d/ssh start")

    d1.cmd("/etc/init.d/apache2 start")

    #h1.cmd("ssh -Nf -L 192.168.0.1:5555:192.168.0.2:80 user@192.168.0.2")   

 

    info('*** Running CLI\n')

    CLI(net)

 

    info('*** Stopping network')

    net.stop()

 

if __name__ == '__main__':

    setLogLevel('info')

    topology()

[execution]

 

 

[mininet script]

#!/usr/bin/python

from mininet.net import Containernet

from mininet.node import Docker

from mininet.cli import CLI

from mininet.log import setLogLevel, info

from mininet.link import TCLink, Link

 

def topology():

 

    "Create a network with some docker containers acting as hosts."

    net = Containernet()

 

    info('*** Adding hosts\n')

    h1 = net.addHost('h1', ip='192.168.0.1/24')

    d1 = net.addDocker('d1', ip='192.168.0.2/24', dimage="php-apache-dev:ssh-server")

    h2 = net.addHost('h2', ip='192.168.0.3/24')

    br1 = net.addHost('br1')

 

    info('*** Creating links\n')

    net.addLink(h1, br1)

    net.addLink(d1, br1)

    net.addLink(h2, br1)

   

    info('*** Starting network\n')

    net.start()

    d1.cmd("/etc/init.d/ssh start")

    br1.cmd("ifconfig br1-eth0 0")

    br1.cmd("ifconfig br1-eth1 0")

    br1.cmd("ifconfig br1-eth2 0")

    br1.cmd("brctl addbr br1")

    br1.cmd("brctl addif br1 br1-eth0")

    br1.cmd("brctl addif br1 br1-eth1")

    br1.cmd("brctl addif br1 br1-eth2")

    br1.cmd("ifconfig br1 up") 

 

    info('*** Running CLI\n')

    CLI(net)

 

    info('*** Stopping network')

    net.stop()

 

if __name__ == '__main__':

    setLogLevel('info')

    topology()

[execution]

 

[Remote Port Forwarding]

[mininet script]

#!/usr/bin/python

from mininet.net import Containernet

from mininet.node import Docker

from mininet.cli import CLI

from mininet.log import setLogLevel, info

from mininet.link import TCLink, Link

 

def topology():

 

    "Create a network with some docker containers acting as hosts."

    net = Containernet()

 

    info('*** Adding hosts\n')

    h1 = net.addHost('h1', ip='192.168.0.1/24')

    r1 = net.addHost('r1', ip='192.168.0.254/24')

    d1 = net.addDocker('d1', ip='10.0.0.1/24', dimage="php-apache-dev:ssh-server")

 

    info('*** Creating links\n')

    net.addLink(h1, r1)

    net.addLink(r1, d1)

   

    info('*** Starting network\n')

    net.start()

    d1.cmd("/etc/init.d/ssh start")

    r1.cmd("ifconfig r1-eth1 0")

    r1.cmd("ip addr add 10.0.0.2/24 brd + dev r1-eth1")

    r1.cmd("echo 1 > /proc/sys/net/ipv4/ip_forward")

    r1.cmd("iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o r1-eth1 -j MASQUERADE")

    h1.cmd("ip route add default via 192.168.0.254")

    #h1.cmd("python -m SimpleHTTPServer 80 &") 

 

    info('*** Running CLI\n')

    CLI(net)

 

    info('*** Stopping network')

    net.stop()

 

if __name__ == '__main__':

    setLogLevel('info')

    topology()

[execution]

 

 

[mininet script]

#!/usr/bin/python

from mininet.net import Containernet

from mininet.node import Docker

from mininet.cli import CLI

from mininet.log import setLogLevel, info

from mininet.link import TCLink, Link

 

def topology():

 

    "Create a network with some docker containers acting as hosts."

    net = Containernet()

 

    info('*** Adding hosts\n')

    h1 = net.addHost('h1', ip='192.168.0.1/24')

    h2 = net.addHost('h2', ip='192.168.0.2/24')

    br1 = net.addHost('br1')

    r1 = net.addHost('r1', ip='192.168.0.254/24')

    d1 = net.addDocker('d1', ip='10.0.0.1/24', dimage="php-apache-dev:ssh-server")

 

    info('*** Creating links\n')

    net.addLink(h1, br1)

    net.addLink(h2, br1)

    net.addLink(r1, br1)

    net.addLink(r1, d1)

   

    info('*** Starting network\n')

    net.start()

    d1.cmd("/etc/init.d/ssh start")

    r1.cmd("ifconfig r1-eth1 0")

    r1.cmd("ip addr add 10.0.0.2/24 brd + dev r1-eth1")

    r1.cmd("echo 1 > /proc/sys/net/ipv4/ip_forward")

    r1.cmd("iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o r1-eth1 -j MASQUERADE")

    h1.cmd("ip route add default via 192.168.0.254")

    br1.cmd("ifconfig br1-eth0 0")

    br1.cmd("ifconfig br1-eth1 0")

    br1.cmd("ifconfig br1-eth2 0")

    br1.cmd("brctl addbr br1")

    br1.cmd("brctl addif br1 br1-eth0")

    br1.cmd("brctl addif br1 br1-eth1")

    br1.cmd("brctl addif br1 br1-eth2")

    br1.cmd("ifconfig br1 up") 

 

    info('*** Running CLI\n')

    CLI(net)

 

    info('*** Stopping network')

    net.stop()

 

if __name__ == '__main__':

    setLogLevel('info')

    topology()

[execution]

 

[Dynamic Port Forwarding]

 

[mininet script]

#!/usr/bin/python

from mininet.net import Containernet

from mininet.node import Docker

from mininet.cli import CLI

from mininet.log import setLogLevel, info

from mininet.link import TCLink, Link

 

def topology():

 

    "Create a network with some docker containers acting as hosts."

    net = Containernet()

 

    info('*** Adding hosts\n')

    h1 = net.addHost('h1', ip='192.168.0.1/24')

    r1 = net.addHost('r1', ip='192.168.0.254/24')

    d1 = net.addDocker('d1', ip='10.0.0.1/24', dimage="php-apache-dev:ssh-server")

    br1 = net.addHost('br1')

    h2 = net.addHost('h2', ip='10.0.0.3/24')

    h3 = net.addHost('h3', ip='10.0.0.4/24')

 

    info('*** Creating links\n')

    net.addLink(h1, r1)

    net.addLink(r1, br1)

    net.addLink(d1, br1)

    net.addLink(h2, br1)

    net.addLink(h3, br1)

   

    info('*** Starting network\n')

    net.start()

    d1.cmd("/etc/init.d/ssh start")

    r1.cmd("ifconfig r1-eth1 0")

    r1.cmd("ip addr add 10.0.0.2/24 brd + dev r1-eth1")

    r1.cmd("echo 1 > /proc/sys/net/ipv4/ip_forward")

    r1.cmd("iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o r1-eth1 -j MASQUERADE")

    r1.cmd("iptables -A FORWARD -s 192.168.0.1 -p tcp --dport 80 -j REJECT")

    h1.cmd("ip route add default via 192.168.0.254")

    br1.cmd("ifconfig br1-eth0 0")

    br1.cmd("ifconfig br1-eth1 0")

    br1.cmd("ifconfig br1-eth2 0")

    br1.cmd("ifconfig br1-eth3 0")

    br1.cmd("brctl addbr br1")

    br1.cmd("brctl addif br1 br1-eth0")

    br1.cmd("brctl addif br1 br1-eth1")

    br1.cmd("brctl addif br1 br1-eth2")

    br1.cmd("brctl addif br1 br1-eth3")

    br1.cmd("ifconfig br1 up") 

   

    info('*** Running CLI\n')

    CLI(net)

 

    info('*** Stopping network')

    net.stop()

 

if __name__ == '__main__':

    setLogLevel('info')

    topology()

 

[execution]

In h1 terminal, type firefox to open www browser.

 

 

H1 can access h2.

 

H1 can access h3.

 

[references]

1.     https://serverfault.com/questions/241588/how-to-automate-ssh-login-with-password

2.     http://edu.51cto.com/course/1183.html?source=so

 

Dr. Chih-Heng Ke (smallko@gmail.com)

Department of Computer Science and Information Engineering,

National Quemoy University, Kinmen, Taiwan.