diff options
Diffstat (limited to 'nat-traverse.1')
-rw-r--r-- | nat-traverse.1 | 90 |
1 files changed, 47 insertions, 43 deletions
diff --git a/nat-traverse.1 b/nat-traverse.1 index 76700c8..2ccdb7c 100644 --- a/nat-traverse.1 +++ b/nat-traverse.1 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.14) +.\" Automatically generated by Pod::Man 4.07 (Pod::Simple 3.32) .\" .\" Standard preamble: .\" ======================================================================== @@ -38,26 +38,31 @@ . ds PI \(*p . ds L" `` . ds R" '' +. ds C` +. ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" -.\" If the F register is turned on, we'll generate index entries on stderr for +.\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. -.ie \nF \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.\" +.\" Avoid warning from groff about undefined register 'F'. +.de IX .. -. nr % 0 -. rr F -.\} -.el \{\ +.if !\nF .nr F 0 +.if \nF>0 \{\ . de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. +. if !\nF==2 \{\ +. nr % 0 +. nr F 2 +. \} .\} .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). @@ -123,14 +128,14 @@ .rm #[ #] #H #V #F C .\" ======================================================================== .\" -.IX Title "NAT-TRAVERSE-0.6 1" -.TH NAT-TRAVERSE-0.6 1 "2012-12-24" "perl v5.10.1" "User Contributed Perl Documentation" +.IX Title "NAT-TRAVERSE 1" +.TH NAT-TRAVERSE 1 "2017-10-28" "perl v5.24.2" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" -nat\-traverse \- Use of UDP to traverse NAT gateways +nat\-traverse \- NAT gateway traversal utility .SH "SYNOPSIS" .IX Header "SYNOPSIS" To create a simple text-only tunnel, use the commands @@ -141,27 +146,27 @@ To create a simple text-only tunnel, use the commands .Ve .PP where \f(CW40000\fR is an unused \s-1UDP\s0 port on \f(CW\*(C`left\*(C'\fR and \f(CW40001\fR is an unused port on -\&\f(CW\*(C`right\*(C'\fR. See \*(L"\s-1EXAMPLES\s0\*(R" for more. +\&\f(CW\*(C`right\*(C'\fR. See \*(L"\s-1EXAMPLES\*(R"\s0 for more. .SH "VERSION" .IX Header "VERSION" -This document describes nat-traverse v0.5. +This document describes nat-traverse v0.7. .SH "DESCRIPTION" .IX Header "DESCRIPTION" nat-traverse establishes connections between nodes which are behind \s-1NAT\s0 gateways, i.e. hosts which do \fInot\fR have public \s-1IP\s0 addresses. Additionally, you can setup a small \s-1VPN\s0 by using pppd on top of nat-traverse (see -\&\*(L"\s-1EXAMPLES\s0\*(R"). nat-traverse does \fInot\fR need an external server on the +\&\*(L"\s-1EXAMPLES\*(R"\s0). nat-traverse does \fInot\fR need an external server on the Internet, and it isn't necessary to reconfigure the involved \s-1NAT\s0 gateways, either. \fInat-traverse works out-of-the-box.\fR .PP -See \*(L"\s-1TECHNIQUE\s0\*(R" for how this is achieved. +See \*(L"\s-1TECHNIQUE\*(R"\s0 for how this is achieved. .PP Limitation: nat-traverse does not work with gateways which change the port numbers. This is a fundamental problem of nat-traverse's design, as the changed port numbers are (in general) not predictable. .SH "OPTIONS" .IX Header "OPTIONS" -.ie n .IP """\f(CIlocal_port\f(CW:\f(CIpeer\f(CW:\f(CIremote_port\f(CW"" (required)" 4 +.ie n .IP """\fIlocal_port\fP:\fIpeer\fP:\fIremote_port\fP"" (required)" 4 .el .IP "\f(CW\f(CIlocal_port\f(CW:\f(CIpeer\f(CW:\f(CIremote_port\f(CW\fR (required)" 4 .IX Item "local_port:peer:remote_port (required)" Sets the local port to use and the remote address to connect to. @@ -169,7 +174,7 @@ Sets the local port to use and the remote address to connect to. Note that you have to give the \s-1IP\s0 address or hostname of the \fI\s-1NAT\s0 gateway\fR of the host you want to connect to, as the target host doesn't have a public \s-1IP\s0 address. -.ie n .IP """\-\-cmd=""\f(CIpppd...\f(CW""""" 4 +.ie n .IP """\-\-cmd=""\fIpppd...\fP""""" 4 .el .IP "\f(CW\-\-cmd=``\f(CIpppd...\f(CW''\fR" 4 .IX Item "--cmd=""pppd...""" Runs the specified command after establishing the connection. @@ -179,12 +184,12 @@ everything the command writes to \s-1STDOUT\s0 will be forwarded to the peer. .Sp If no command is specified, nat-traverse will relay input from \s-1STDIN\s0 to the peer and vice versa, i.e. nat-traverse degrades to netcat. -.ie n .IP """\-\-window=\f(CI10\f(CW""" 4 +.ie n .IP """\-\-window=\fI10\fP""" 4 .el .IP "\f(CW\-\-window=\f(CI10\f(CW\fR" 4 .IX Item "--window=10" Sets the number of initial garbage packets to send. The default, 10, should work with most firewalls. -.ie n .IP """\-\-timeout=\f(CI10\f(CW""" 4 +.ie n .IP """\-\-timeout=\fI10\fP""" 4 .el .IP "\f(CW\-\-timeout=\f(CI10\f(CW\fR" 4 .IX Item "--timeout=10" Sets the maximum number of seconds to wait for an acknowledgement by the peer. @@ -225,7 +230,7 @@ either relay \s-1STDIN/STDOUT\s0 to the socket or execute a program. .IX Header "EXAMPLES" .SS "Setup of a small \s-1VPN\s0 with \s-1PPP\s0" .IX Subsection "Setup of a small VPN with PPP" -It's easy to setup a \s-1VPN\s0 (Virtual Private Network) by using the Point-to-Point +It's easy to setup a \s-1VPN \s0(Virtual Private Network) by using the Point-to-Point Protocol Daemon, \f(CW\*(C`pppd\*(C'\fR: .PP .Vb 7 @@ -245,7 +250,7 @@ establish reliable \s-1TCP\s0 connections over the tunnel, even though the tunne \&\s-1UDP\s0! Furthermore, you could even add IPv6 addresses to \f(CW\*(C`ppp0\*(C'\fR by running \f(CW\*(C`ip \&\-6 addr add...\*(C'\fR! .PP -Note though that although this \s-1VPN\s0 \fIis\fR arguably a private network, it is \fInot\fR +Note though that although this \s-1VPN \s0\fIis\fR arguably a private network, it is \fInot\fR secured in any way. You may want to use \s-1SSH\s0 to encrypt the connection. .SS "Port Forwarding with netcat" .IX Subsection "Port Forwarding with netcat" @@ -274,8 +279,8 @@ data is transported via \s-1UDP\s0; so this is only a toy example. If you want reliable streams, use \s-1PPP\s0 on top of nat-traverse, as described above. .SS "Setup of a \s-1VPN\s0 with OpenVPN" .IX Subsection "Setup of a VPN with OpenVPN" -You can use <OpenVPN> over nat-traverse if you want to -have a \fIsecure\fR \s-1VPN\s0. +You can use OpenVPN <https://openvpn.net/> over nat-traverse if you want to +have a \fIsecure\fR \s-1VPN.\s0 .PP Using OpenVPN over nat-traverse requires only one change to OpenVPN's configuration file, presuming that you don't want to use OpenVPN's multi-client @@ -330,46 +335,45 @@ is a fundamental problem of nat-traverse's design, as the changed port numbers are (in general) not predictable. .SH "SEE ALSO" .IX Header "SEE ALSO" -.IP "<\s-1RFC\s0 1631 at http://www.ietf.org/rfc/rfc1631.txt>" 4 -.IX Item "<RFC 1631 at http://www.ietf.org/rfc/rfc1631.txt>" +.IP "\s-1RFC 1631\s0 at https://www.ietf.org/rfc/rfc1631.txt <https://www.ietf.org/rfc/rfc1631.txt>" 4 +.IX Item "RFC 1631 at https://www.ietf.org/rfc/rfc1631.txt <https://www.ietf.org/rfc/rfc1631.txt>" The \s-1IP\s0 Network Address Translator (\s-1NAT\s0). K. Egevang, P. Francis. May 1994. (Obsoleted by \s-1RFC3022\s0) (Status: \s-1INFORMATIONAL\s0) -.IP "<\s-1RFC\s0 3022 at http://www.ietf.org/rfc/rfc3022.txt>" 4 -.IX Item "<RFC 3022 at http://www.ietf.org/rfc/rfc3022.txt>" +.IP "\s-1RFC 3022\s0 at https://www.ietf.org/rfc/rfc3022.txt <https://www.ietf.org/rfc/rfc3022.txt>" 4 +.IX Item "RFC 3022 at https://www.ietf.org/rfc/rfc3022.txt <https://www.ietf.org/rfc/rfc3022.txt>" Traditional \s-1IP\s0 Network Address Translator (Traditional \s-1NAT\s0). P. Srisuresh, K. Egevang. January 2001. (Obsoletes \s-1RFC1631\s0) (Status: \s-1INFORMATIONAL\s0) -.IP "<\s-1RFC\s0 1661 at http://www.ietf.org/rfc/rfc1661.txt>" 4 -.IX Item "<RFC 1661 at http://www.ietf.org/rfc/rfc1661.txt>" +.IP "\s-1RFC 1661\s0 at https://www.ietf.org/rfc/rfc1661.txt <https://www.ietf.org/rfc/rfc1661.txt>" 4 +.IX Item "RFC 1661 at https://www.ietf.org/rfc/rfc1661.txt <https://www.ietf.org/rfc/rfc1661.txt>" The Point-to-Point Protocol (\s-1PPP\s0). W. Simpson, Ed.. July 1994. (Obsoletes \&\s-1RFC1548\s0) (Updated by \s-1RFC2153\s0) (Also \s-1STD0051\s0) (Status: \s-1STANDARD\s0) -.IP "<http://ppp.samba.org/>" 4 -.IX Item "<http://ppp.samba.org/>" +.IP "<https://ppp.samba.org/>" 4 +.IX Item "<https://ppp.samba.org/>" Website of Paul's \s-1PPP\s0 Package (open source implementation of the Point-to-Point Protocol (\s-1PPP\s0) on Linux and Solaris) -.IP "<German talk about nat-traverse at http://linide.sourceforge.net/nat\-traverse/nat\-traverse\-talk.pdf>" 4 -.IX Item "<German talk about nat-traverse at http://linide.sourceforge.net/nat-traverse/nat-traverse-talk.pdf>" +.IP "German talk about nat-traverse at https://www.speicherleck.de/iblech/nat\-traverse/nat\-traverse\-talk.pdf <https://www.speicherleck.de/iblech/nat-traverse/nat-traverse-talk.pdf>" 4 +.IX Item "German talk about nat-traverse at https://www.speicherleck.de/iblech/nat-traverse/nat-traverse-talk.pdf <https://www.speicherleck.de/iblech/nat-traverse/nat-traverse-talk.pdf>" Dieser Vortrag zeigt, wie man einen Tunnel zwischen zwei Computern, die beide hinter NAT-Gateways sitzen, hinbekommt. Dazu wird ein neues Programm -vorgestellt, welches sowohl einfache TastendrA\*~Xcke an die Gegenseite +vorgestellt, welches sowohl einfache Tastendru\*:cke an die Gegenseite weiterleiten, als auch beliebige Programme mit Verbindungen zur Gegenseite starten kann. Damit ist ein einfaches \s-1VPN\s0 schnell aufgebaut. .SH "AUTHOR" .IX Header "AUTHOR" -Copyright (C) 2005, 2012 Ingo Blechschmidt, <iblech@web.de>. +Copyright (C) 2005, 2012, 2017 Ingo Blechschmidt, <iblech@speicherleck.de>. .PP -You may want to visit nat-traverse's Freecode project page, -<http://freecode.com/projects/nat\-traverse/>. +The source code repository is hosted at <https://gitlab.com/iblech/nat\-traverse>. .SH "LICENSE" .IX Header "LICENSE" This program is free software; you can redistribute it and/or modify it under the terms of the \s-1GNU\s0 General Public License as published by the Free Software -Foundation; either version 2 of the License, or (at your option) any later +Foundation; either version 3 of the License, or (at your option) any later version. .PP -This program is distributed in the hope that it will be useful, but \s-1WITHOUT\s0 \s-1ANY\s0 -\&\s-1WARRANTY\s0; without even the implied warranty of \s-1MERCHANTABILITY\s0 or \s-1FITNESS\s0 \s-1FOR\s0 A -\&\s-1PARTICULAR\s0 \s-1PURPOSE\s0. See the \s-1GNU\s0 General Public License for more details. +This program is distributed in the hope that it will be useful, but \s-1WITHOUT ANY +WARRANTY\s0; without even the implied warranty of \s-1MERCHANTABILITY\s0 or \s-1FITNESS FOR A +PARTICULAR PURPOSE.\s0 See the \s-1GNU\s0 General Public License for more details. .PP You should have received a copy of the \s-1GNU\s0 General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin -Street, Fifth Floor, Boston, \s-1MA\s0 02110\-1301, \s-1USA\s0. +Street, Fifth Floor, Boston, \s-1MA 02110\-1301, USA.\s0 |