In many scenes within the network to penetrate all the needs we often encounter, before also used peanut shells, but because for a fee, to determine their own hands to build a content server penetration, recently accidentally saw "Portal: lanproxy " the open source tools, laboratory just purchased a public network server, just to achieve within the network penetration, decided to toss some into the pit. For students have the background to develop the foundation was quite simple, but a good memory as bad written on, come on, dive into hands-on here.
I. Overview
1.1 What is a network penetration
Well, first on the definition of a period of Baidu Encyclopedia
Penetration within the network, i.e., NAT traversal, network connection term, when the LAN is a computer, a computer network and the external network node is connected to the communication needs, and sometimes does not occur within the network through support.
Anyway, simply put, it is through the public network to access your network services to your internal network through a public network server, penetrate out.
1.2 What is lanproxy
lanproxy is a personal computer to the LAN, the proxy server to the network public network penetration tool, currently only supports tcp traffic forwarding, it can support any tcp upper layer protocols (to access the internal Web site, local payment interface debugging, ssh access, remote desktop ... ). Currently on the market offer similar services have peanut shells, TeamView, GoToMyCloud and so on, but to use third-party public network server must pay for a third party, and these services have a variety of restrictions, in addition, due to packet It flows through a third party, so data security is a big risk. https://lanproxy.io2c.com
1.3 Principles
The network through the principle as shown below:
-
User access to our server, which is a public network IP, so users can access without pressure
-
Server and the local computer to maintain a long link, when there is a request, the server forwards the request to our local computer
-
Local computer will react to the reply to the server
-
The server will reply in response to the user
To build a network penetration, we have to complete two tasks
- Run our internal network through service on the server can access the public network;
- In the local computer network running above the penetration client.
Of course, you can achieve according to their own set of principles, but we have a ready-made three-party open-source tools that can help us achieve this set of functions. This is today's hero lanproxy .
Relevant address
- Home https://lanproxy.io2c.com
- lanproxy-go-client https://github.com/ffay/lanproxy-go-client
- Release package Download https://github.com/ffay/lanproxy/releases
use
Obtain the release package
- Pulling source, run mvn package, the packaged resource directory on the distribution, including client and server
- Or direct download release package https://github.com/ffay/lanproxy/releases
Java client without the client can use each platform provided below, eliminating the need to install java runtime environment
Source Address
https://github.com/ffay/lanproxy-go-client
Release package
https://github.com/ffay/lanproxy-go-client/releases
Ordinary port
# mac 64位 nohup ./client_darwin_amd64 -s SERVER_IP -p SERVER_PORT -k CLIENT_KEY & # linux 64位 nohup ./client_linux_amd64 -s SERVER_IP -p SERVER_PORT -k CLIENT_KEY & # windows 64 位 ./client_windows_amd64.exe -s SERVER_IP -p SERVER_PORT -k CLIENT_KEY
SSL端口连接
# mac 64位 nohup ./client_darwin_amd64 -s SERVER_IP -p SERVER_SSL_PORT -k CLIENT_KEY -ssl true & # linux 64位 nohup ./client_linux_amd64 -s SERVER_IP -p SERVER_SSL_PORT -k CLIENT_KEY -ssl true & # windows 64 位 ./client_windows_amd64.exe -s SERVER_IP -p SERVER_SSL_PORT -k CLIENT_KEY -ssl true