[tripe] / pkstream / pkstream.1

.\" -*-nroff-*-
.\".
.de hP
.IP
\h'-\w'\fB\\$1\ \fP'u'\fB\\$1\ \fP\c
..
.de VS
.sp 1
.RS
.nf
.ft B
..
.de VE
.ft R
.fi
.RE
.sp 1
..
.ie t \{\
.  ds o \(bu
.  ds ss \s8\u
.  ds se \d\s0
.  if \n(.g \{\
.    fam P
.  \}
.\}
.el \{\
.  ds o o
.  ds ss ^
.  ds se
.\}
.TH pkstream 1 "23 April 2003" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
.SH "NAME"
pkstream \- forward UDP packets over streams
.SH "SYNOPSIS"
.B pkstream
.RB [ \-l
.IR port ]
.RB [ \-p
.IR addr ]
.RB [ \-b
.IR addr ]
.RB [ \-c
.IR addr \c
.BR : \c
.IR port ]
.br

.IB addr : port
.IB addr : port
.SH "DESCRIPTION"
The
.B pkstream
program forwards UDP packets over some kind of reliable stream.  It
understands TCP sockets natively; anything else has to be fudged up
using some kind of port forwarder like
.BR fw (1),
.BR ssh (1),
.BR stunnel (1),
etc.  It's intended, among other things, to provide a transport for
.BR tripe (8)
packets where there are annoying firewalls in the way.
.SS "Command-line arguments"
The two
.RI ` addr \c
.BR : \c
.IR port '
pairs on the command-line are respectively the UDP port that
.B pkstream
should listen on, and the port which it should receive packets from and
send them to.
.PP
By default,
.B pkstream
will parse packets from the stream attached to its standard input and
send them to its UDP peer; and it will write packets it reads from its
UDP port to the stream attached to its standard output.  The program
will quit when its input stream closes.
.PP
This behaviour can be modified by passing suitable options:
.TP
.B "\-h, \-\-help"
Writes a brief description of the command-line options available to
standard output and exits with status 0.
.TP
.B "\-v, \-\-version"
Writes
.BR tripe 's
version number to standard output and exits with status 0.
.TP
.B "\-u, \-\-usage"
Writes a brief usage summary to standard output and exits with status 0.
.TP
.BI "\-l, \-\-listen=" port
Listen for connections on the given TCP
.IR port .
Only one connection is allowed at a time.  When a connection is
accepted, forward UDP packets over the TCP stream until it closes; then
wait for another connection.
.TP
.BI "\-p, \-\-peer=" addr
Only accept TCP connections from
.IR addr .
This option only makes sense in conjunction with
.BR \-l .
.TP
.BI "\-b, \-\-bind=" addr
When making a connection (see
.B \-c
below), use
.I addr
as the source address rather than letting the kernel choose the address
automatically.  This is useful when the other end will only accept
connections from a particular address and you get the wrong one otherwise.
.TP
.BI "\-c, \-\-connect=" addr : port
Connect to the given
.I addr
and
.I port
and forward packets over the TCP connection rather than using stdin and
stdout.
.SH "Protocol"
The stream protocol is very simple.  Each packet is preceded by a
two-octet length field in network byte order.  The length is number of
octets in the following packet (i.e., it does
.I not
include the length field itself).  There is no padding between packets.
The only way a stream can be invalid is if it stops in the middle of a
packet.
.SH "BUGS"
The code hasn't been audited.  It may contain security bugs.  If you
find one, please inform the author
.IR immediately .
.SH "SEE ALSO"
.BR fw (1),
.BR ssh (1),
.BR stunnel (1),
.BR tripe (8).
.SH "AUTHOR"
Mark Wooding, <mdw@distorted.org.uk>