about summary refs log tree commit diff
path: root/users/wpcarro/website
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2022-11-17T18·43-0800
committerclbot <clbot@tvl.fyi>2022-11-17T18·51+0000
commit179d670ef2a8c09ca1957f8cbadd0c63620218b2 (patch)
tree0297dc474a1ae06c4a168d038ee6ca48c597fb73 /users/wpcarro/website
parentdadfaf119529b38457aaf96de3eeadcab2b24b95 (diff)
feat(wpcarro/blog): TCP Tunneling (note to self) r/5286
:)

Change-Id: If1650e186172b8e05da8bd2a23743f56d955594b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7302
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
Reviewed-by: wpcarro <wpcarro@gmail.com>
Diffstat (limited to 'users/wpcarro/website')
-rw-r--r--users/wpcarro/website/blog/posts.nix7
-rw-r--r--users/wpcarro/website/blog/posts/tcp-tunneling-note.md68
2 files changed, 75 insertions, 0 deletions
diff --git a/users/wpcarro/website/blog/posts.nix b/users/wpcarro/website/blog/posts.nix
index 416a367833f8..31fb0c83d8f0 100644
--- a/users/wpcarro/website/blog/posts.nix
+++ b/users/wpcarro/website/blog/posts.nix
@@ -106,4 +106,11 @@
     content = ./posts/nginx-curl-note.md;
     draft = false;
   }
+  {
+    key = "tcp-tunneling-note";
+    title = "TCP Tunneling (note to self)";
+    date = 1668709613;
+    content = ./posts/tcp-tunneling-note.md;
+    draft = false;
+  }
 ]
diff --git a/users/wpcarro/website/blog/posts/tcp-tunneling-note.md b/users/wpcarro/website/blog/posts/tcp-tunneling-note.md
new file mode 100644
index 000000000000..4597405fae43
--- /dev/null
+++ b/users/wpcarro/website/blog/posts/tcp-tunneling-note.md
@@ -0,0 +1,68 @@
+## Background
+
+Let's say we'd like to debug a remote machine but use some of the debugging
+tools we have on our local machine like wireshark.
+
+You *can* run `tcpdump` on the remote and then `scp` the file to your local
+machine to analyze the traffic, but after doing that a few times you may want a
+workflow with a tighter feedback loop. For this we'll forward traffic from a
+remote machine to our local machine.
+
+**Note:** There's also `termshark`, which is a `wireshark` TUI that you can run
+on the remote. It's quite cool!
+
+## Local
+
+Run the following on your local machine to forward your remote's traffic:
+
+```shell
+$ ssh -R 4317:127.0.0.1:4317 -N -f user@remote
+```
+
+Here is an abridged explanation of the flags we're passing from `man ssh`:
+
+```
+-N     Do  not  execute  a remote command.  This is useful for just forwarding ports.
+-f     Requests ssh to go to background just before command execution.
+```
+
+**Note:** I couldn't find a good explanation for the `-R` option, so I tried
+removing it and re-running the command, but that results in a resolution error:
+
+```
+ssh: Could not resolve hostname 4317:127.0.0.1:4317: Name or service not known
+```
+
+The remote should now be forwarding traffic from port `4317` to our
+machine. We can verify with the following:
+
+```shell
+$ nc -l 4317 -k
+```
+
+## Testing
+
+Let's generate some traffic on the remote. **Note:** you should see the output
+in the shell in which you're running `nc -l 4317 -k`.
+
+```shell
+$ telnet localhost 4317
+Trying ::1...
+Connected to localhost.
+Escape character is '^]'.
+hello
+world
+```
+
+Locally you should see:
+
+```shell
+λ nc -l 4317 -k
+hello
+world
+```
+
+You should now be able to `tcpdump -i lo port 4317` or just use `wireshark`
+locally.
+
+Happy debugging!