SSH Tunnel
There are
three types of port port forwarding, i.e. local,
remote, and dynamic port forwarding. More details can be found at https://dev.to/__namc/ssh-tunneling---local-remote--dynamic-34fa.
[Local
Port Forwarding]
[mininet
script]
#!/usr/bin/python from mininet.net
import Containernet from mininet.node import Docker from mininet.cli import CLI from mininet.log
import setLogLevel, info from mininet.link import TCLink,
Link def topology(): "Create a network
with some docker containers acting as hosts." net = Containernet() info('*** Adding hosts\n') h1 = net.addHost('h1',
ip='192.168.0.1/24') d1 = net.addDocker('d1',
ip='192.168.0.2/24', dimage="php-apache-dev:ssh-server") info('*** Creating
links\n') net.addLink(h1,
d1) info('*** Starting
network\n') net.start() d1.cmd("/etc/init.d/ssh
start") d1.cmd("/etc/init.d/apache2 start") #h1.cmd("ssh -Nf -L
192.168.0.1:5555:192.168.0.2:80 user@192.168.0.2") info('*** Running CLI\n') CLI(net) info('*** Stopping
network') net.stop() if __name__ ==
'__main__': setLogLevel('info') topology() |
[execution]
[mininet script]
#!/usr/bin/python from
mininet.net import Containernet from mininet.node import Docker from mininet.cli import CLI from
mininet.log import setLogLevel, info from mininet.link import TCLink,
Link def
topology(): "Create a network
with some docker containers acting as hosts." net = Containernet() info('*** Adding hosts\n') h1 = net.addHost('h1',
ip='192.168.0.1/24') d1 = net.addDocker('d1',
ip='192.168.0.2/24', dimage="php-apache-dev:ssh-server") h2 = net.addHost('h2',
ip='192.168.0.3/24') br1 = net.addHost('br1') info('*** Creating
links\n') net.addLink(h1,
br1) net.addLink(d1,
br1) net.addLink(h2,
br1) info('*** Starting
network\n') net.start() d1.cmd("/etc/init.d/ssh
start") br1.cmd("ifconfig
br1-eth0 0") br1.cmd("ifconfig br1-eth1
0") br1.cmd("ifconfig
br1-eth2 0") br1.cmd("brctl addbr br1") br1.cmd("brctl addif br1 br1-eth0") br1.cmd("brctl addif br1 br1-eth1") br1.cmd("brctl addif br1 br1-eth2") br1.cmd("ifconfig br1
up") info('*** Running CLI\n') CLI(net) info('*** Stopping
network') net.stop() if
__name__ == '__main__': setLogLevel('info') topology() |
[execution]
[Remote
Port Forwarding]
[mininet script]
#!/usr/bin/python from
mininet.net import Containernet from mininet.node import Docker from mininet.cli import CLI from
mininet.log import setLogLevel, info from mininet.link import TCLink,
Link def
topology(): "Create a network
with some docker containers acting as hosts." net = Containernet() info('*** Adding hosts\n') h1 = net.addHost('h1',
ip='192.168.0.1/24') r1 = net.addHost('r1',
ip='192.168.0.254/24') d1 = net.addDocker('d1',
ip='10.0.0.1/24', dimage="php-apache-dev:ssh-server") info('*** Creating
links\n') net.addLink(h1,
r1) net.addLink(r1,
d1) info('*** Starting
network\n') net.start() d1.cmd("/etc/init.d/ssh
start") r1.cmd("ifconfig
r1-eth1 0") r1.cmd("ip addr add 10.0.0.2/24 brd + dev r1-eth1") r1.cmd("echo 1 >
/proc/sys/net/ipv4/ip_forward") r1.cmd("iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o r1-eth1 -j
MASQUERADE") h1.cmd("ip route add default via 192.168.0.254") #h1.cmd("python -m SimpleHTTPServer 80 &") info('*** Running CLI\n') CLI(net) info('*** Stopping
network') net.stop() if
__name__ == '__main__': setLogLevel('info') topology() |
[execution]
[mininet script]
#!/usr/bin/python from
mininet.net import Containernet from mininet.node import Docker from mininet.cli import CLI from
mininet.log import setLogLevel, info from mininet.link import TCLink,
Link def
topology(): "Create a network
with some docker containers acting as hosts." net = Containernet() info('*** Adding hosts\n') h1 = net.addHost('h1',
ip='192.168.0.1/24') h2 = net.addHost('h2',
ip='192.168.0.2/24') br1 = net.addHost('br1') r1 = net.addHost('r1',
ip='192.168.0.254/24') d1 = net.addDocker('d1',
ip='10.0.0.1/24', dimage="php-apache-dev:ssh-server") info('*** Creating
links\n') net.addLink(h1,
br1) net.addLink(h2,
br1) net.addLink(r1,
br1) net.addLink(r1,
d1) info('*** Starting
network\n') net.start() d1.cmd("/etc/init.d/ssh
start") r1.cmd("ifconfig
r1-eth1 0") r1.cmd("ip addr add 10.0.0.2/24 brd + dev r1-eth1") r1.cmd("echo 1 > /proc/sys/net/ipv4/ip_forward") r1.cmd("iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o r1-eth1 -j
MASQUERADE") h1.cmd("ip route add default via 192.168.0.254") br1.cmd("ifconfig
br1-eth0 0") br1.cmd("ifconfig
br1-eth1 0") br1.cmd("ifconfig
br1-eth2 0") br1.cmd("brctl addbr br1") br1.cmd("brctl addif br1 br1-eth0") br1.cmd("brctl addif br1 br1-eth1") br1.cmd("brctl addif br1 br1-eth2") br1.cmd("ifconfig br1
up") info('*** Running CLI\n') CLI(net) info('*** Stopping
network') net.stop() if
__name__ == '__main__': setLogLevel('info') topology() |
[execution]
[Dynamic
Port Forwarding]
[mininet script]
#!/usr/bin/python from
mininet.net import Containernet from mininet.node import Docker from mininet.cli import CLI from
mininet.log import setLogLevel, info from mininet.link import TCLink,
Link def
topology(): "Create a network
with some docker containers acting as hosts." net = Containernet() info('*** Adding hosts\n') h1 = net.addHost('h1',
ip='192.168.0.1/24') r1 = net.addHost('r1',
ip='192.168.0.254/24') d1 = net.addDocker('d1',
ip='10.0.0.1/24', dimage="php-apache-dev:ssh-server") br1 = net.addHost('br1') h2 = net.addHost('h2',
ip='10.0.0.3/24') h3 = net.addHost('h3',
ip='10.0.0.4/24') info('*** Creating
links\n') net.addLink(h1,
r1) net.addLink(r1,
br1) net.addLink(d1,
br1) net.addLink(h2,
br1) net.addLink(h3,
br1) info('*** Starting
network\n') net.start() d1.cmd("/etc/init.d/ssh
start") r1.cmd("ifconfig
r1-eth1 0") r1.cmd("ip addr add 10.0.0.2/24 brd + dev r1-eth1") r1.cmd("echo 1 >
/proc/sys/net/ipv4/ip_forward") r1.cmd("iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o r1-eth1 -j
MASQUERADE") r1.cmd("iptables -A
FORWARD -s 192.168.0.1 -p tcp --dport
80 -j REJECT") h1.cmd("ip route add default via 192.168.0.254") br1.cmd("ifconfig
br1-eth0 0") br1.cmd("ifconfig
br1-eth1 0") br1.cmd("ifconfig
br1-eth2 0") br1.cmd("ifconfig
br1-eth3 0") br1.cmd("brctl addbr br1") br1.cmd("brctl addif br1 br1-eth0") br1.cmd("brctl addif br1 br1-eth1") br1.cmd("brctl addif br1 br1-eth2") br1.cmd("brctl addif br1 br1-eth3") br1.cmd("ifconfig br1
up") info('*** Running CLI\n') CLI(net) info('*** Stopping
network') net.stop() if
__name__ == '__main__': setLogLevel('info') topology() |
[execution]
In h1
terminal, type firefox to open www browser.
H1 can
access h2.
H1 can
access h3.
[references]
1.
https://serverfault.com/questions/241588/how-to-automate-ssh-login-with-password
2.
http://edu.51cto.com/course/1183.html?source=so
Dr. Chih-Heng Ke (smallko@gmail.com)
Department
of Computer Science and Information Engineering,
National
Quemoy University, Kinmen, Taiwan.