NAME
stone - a simple TCP/IP packet repeater
SYNOPSYS
stone [-d] [-n] [-u max] [-f n] [-l] [-z SSL] st [-- st] ...
OPTIONS
-d Increase the debug level.
-z SSL encryption.
-n IP addresses and service port numbers are shown instead of host
names and service names.
-u max max is integer. The program will memorize max sources
simultaneously where UDP packets are sent.
-f n n is integer. The program will spawn n child processes.
-l Sends error messages to the syslog instead of stderr.
st is one of the followings; Multiple st can be designated,
separated by --.
(1) host:port sport [xhost ...]
(2) host:port shost:sport [xhost ...]
(3) display [xhost ...]
(4) proxy sport [xhost ...]
(5) host:port/http request [hosts ...]
(6) host:port/proxy header [hosts...]
The program repeats the connection on port sport to the other machine
host port port. If the machine, on which the program runs, has two or
more interfaces, type (2) can be used to repeat the connection on the
specified interface shost.
display [xhost ...]
Abbreviating notation. The program repeats the connection on
display number display to the X server designated by the
environment variable DISPLAY.
proxy sport [xhost ...]
Http Proxy. Specify the machine, on which the program runs, and
port sport in the http proxy settings of your WWW browser.
host:port/http request [hosts ...]
Repeats packets over http request. request is the request
specified in HTTP 1.0. host:port/proxy header [hosts...]
host:port/proxy header [hosts...]
Type (6) repeats http request with header in the top of request
headers.
xhost Only machines xhost can connect to the program.
xhost/mask
Only machines on specified networks are permitted to connect to
the program. In the case of class C network 192.168.1.0, for
example, use 192.168.1.0/255.255.255.0.
sport/udp
Repeats UDP packets instead of TCP packets.
port/ssl
Repeats packets with encryption.
sport/ssl
Repeats packets with decryption.
sport/http
Repeats packets over http.
DESCRIPTION
Stone is a TCP/IP packet repeater in the application layer. It repeats
TCP and UDP packets from inside to outside of a firewall, or from
outside to inside.
Stone has following features:
1. Stone supports Win32.
Formerly, UNIX machines are used as firewalls, but recently
WindowsNT machines are used, too. You can easily run Stone on
WindowsNT and Windows95. Of course, available on Linux,
FreeBSD, BSD/OS, SunOS, Solaris, HP-UX and so on.
2. Simple.
Stone’s source code is only 2000 lines long (written in C
language), so you can minimize the risk of security holes.
3. Stone supports SSLeay.
Using SSLeay developed by Eric Young, Stone can encrypt/decrypt
packets.
4. Stone is a http proxy.
Stone can also be a tiny http proxy.
EXAMPLES
outer: a machine in the outside of the firewall
inner: a machine in the inside of the firewall
fwall: the firewall on which the stone is executed
stone 7 outer
Repeats the X protocol to the machine designated by the
environmental variable DISPLAY. Run X clients under
DISPLAY=inner:7 on outer.
stone outer:telnet 10023
Repeats the telnet protocol to outer.
Run telnet fwall 10023 on inner.
stone outer:domain/udp domain/udp
Repeats the DNS query to outer.
Run nslookup - fwall on inner.
stone outer:ntp/udp ntp/udp
Repeats the NTP to outer.
Run ntpdate fwall on inner.
stone localhost:http 443/ssl
Make WWW server that supports https.
Access https://fwall/ using a WWW browser.
stone localhost:telnet 10023/ssl
Make telnet server that supports SSL.
Run SSLtelnet -z ssl fwall 10023 on inner.
stone proxy 8080
http proxy.
Where fwall is a http proxy (port 8080):
stone fwall:8080/http 10023 ’POST http://outer:8023 HTTP/1.0’
stone localhost:telnet 8023/http
Run stones on inner and outer respectively.
Repeats packets over http.
stone fwall:8080/proxy 9080 ´Proxy-Authorization: Basic c2VuZ29rdTpoaXJvYWtp´
for browser that does not support proxy authorization.
COPYRIGHT
All rights about this program stone are reserved by the original
author, Hiroaki Sengoku. The program is free software; you can
redistribute it and/or modify it under the terms of the GNU General
Public License (GPL).
NO WARRANTY
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY.
AUTHOR
Hiroaki Sengoku
sengoku@gcd.org
http://www.gcd.org/sengoku/
Version 2.0 stone(1)