Today I found a solution for a problem I had: connecting via the fixed IP address of my virtual private server to a server running subversion thanks to an article written by Oliver Gorwits: Teleworking - A simple solution for secure remote access to IP-restricted services for teleworkers.
The solution he describes uses proxychains.
While it's possible to configure a proxy in a configuration
file that's read by the subversion client, I prefer
the solution Oliver describes, also because it can work
with any network application.
I used the following command to forward port 1080, which is the port the Internet Assigned Numbers Authority (IANA) has reserved for SOCKS proxy, to start a SOCKS 5 proxy:
ssh -fND 1080 john@johnbokma.com -p port
Note: since I don't run
ssh on the default port (22), I use
the -p switch to specify the port
number ssh should use to connect to
my VPS.
A short explanation of the ssh switches I used:
Note: the above command must be running in order to use proxychains. So if you get disconnected, or restart the computer you have to execute the command again.
A quick sudo apt-cache search
proxychains told me that
proxychains was available via the
Ubuntu 8.10 repositories. So the only thing I had
to do to install proxychains on my
development machine was:
sudo apt-get install proxychains
After I had installed proxychains I created a proxychains
configuration file per Oliver's description. First I
had to create the .proychains directory
which I did as follows:
mkdir ~/.proxychains
Then I copied the following into a file which
I saved as proxychains.conf into the
directory I just had created:
random_chain
chain_len = 1
tcp_read_time_out 15000
tcp_connect_time_out 10000
[ProxyList]
socks5 127.0.0.1 1080If you run the proxy on the same port as I do, there is no need to change this file.
Using proxychains is as simple as putting
proxychains in front of the command. So,
for example to check out using svn:
proxychains svn co https://example.com/project/trunkThe server at example.com will see the IP address of my VPS instead of the cable modem I use to connect to the Internet. Since the IP address of the VPS is static for practical purposes; it might change in the future but this will be rare, the IP address can be added to the firewall of the subversion server.
As I wrote at the beginning, you can use
proxychains with any other program
that connects to the Internet. For example, I
closed Firefox and then reopened Firefox using:
proxychains firefox http://hostip.info/
Which resulted in hostip.info reporting the IP address of the proxy I used:
Note that I didn't change any settings in Mozilla
Firefox itself, which is the big advantage of
using proxychains in my opinion.