⑨ lab ≡ ByteLabs

Plan9/Tunnel

— Igor Böhm

Tunneling the Plan9 and the SSH way…

⑨ lab ≡ Plan9 Organization…

Plan9 Organization

The Plan9 Way

To tunnel out through a restrictive firewall from a 9front to another 9front machine run the following on the internal machine:

inside% rexport -s inside.9lab.home / outside.9lab.org &

To see inside files from the outside run:

outside% mount /srv/inside.9lab.home /n/inside.9lab.home

Afterwards you can rcpu to inside from outside like this:

outside% bind /n/inside.9lab.home/net /net.alt
outside% rcpu -h /net.alt/tcp!inside.9lab.home

The SSH Way

To tunnel out through a restrictive firewall from a Unix machine to another Unix machine we first create a reverse tunnel:

ken@inside% ssh -2 -R 37777:localhost:22 -p2222 outside.9lab.org -N

To connect from a 9front terminal to inside via the outside reverse tunnel run:

term% sshnet ken@tcp!outside.9lab.org!2222

This presents outside server’s TCP stack as a local network stack using sshnet(4).

Afterwards connect to the reverse tunnel using vt(1) and ssh(1) like this:

term% vt -b -c ssh ken@tcp!127.0.0.1!37777
ken@inside% uname -r -v
3.10.0-1160.31.1.el7.x86_64 #1 SMP Thu Jun 10 13:32:12 UTC 2021

Expose Intranet via Drawterm

The following setup exposes an intranet via socksd.

Connect from Inside (Intranet) to Outside

inside% drawterm -G -h outside.9lab.org
...
outside% srvfs inside.inc /mnt/term

Expose Inside (Intranet) via SOCKSD on Plan9

Make inside network available on Plan9:

term% rimport -ac -p outside.9lab.org /srv
term% mount /srv/inside.inc /n/inside.inc
term% bind /n/inside.inc/net /net.alt

Start socksd on Plan9 machine:

term% aux/listen1 -t 'tcp!*!1080' ip/socksd -o /net.alt -x /net &

Happy browsing of the intranet from Plan9 or any other machine that has access to socksd.

#Plan9 #9front