QDPF - The Quick and Dirty Port Forwarder and Protocol Trace
QDPF is a small server application which takes TCP packets from one port, and
forward them to a port on another machine, optionally outputting a trace.
1. Potential Applications of QPDF/Trace
Well, I wrote it to allow incoming connections through our work firewall to
certain TCP services we wanted to make available inside. You could
probably use it for other things too. I know it's been used to connect two
dissimilar networks together over a bridge, and we are using it extensively
for protocol analysis.
2. Obtaining the Software
QDPF is distributed as a ZIP file containing source and binaries. You
should read
readme.txt. The software is distributed
under the GPL, so please copy and share. I would appreciate
a quick email if you use it - just so
I know if it's useful. ;-) Once you have obtained the current zip file,
you can use it directly with Java, there is no need to unpack it. See below.
3. Version History
| Revision | Description |
|
| 1.00 |
Initial release |
| 1.01 |
This release enhances performance (possibly marginally)
by removing the sleep() in the threading code. This would
make the thread go to sleep and not wake up until the timer
had elapsed. I do a yield() instead now, which voluntarily
relinquishes CPU to threads of the same or higher prio.
|
| 1.02 |
This release adds logging to STDOUT so you can see connections
coming through. This could be used for accounting and security audit.
|
| 1.03 |
This release fixes a nasty bug in the Asynchronous Reader which could cause
packets to be lost if they were exactly one byte big, and followed by
another similar 1-byte packet. The AsyncReader has been overhauled
somewhat. There are no known incompatibilities now.
Now allows TCP
protocol tracing! - see below.
|
| 1.04 |
ZIP or
directory listing.
N.b. you only need the
.class files to run the software.
This release allows 0x0A and 0x0D ASCII characters (CR and LF) to be output
for easier trace viewing when using the 'trace' option. Special characters
are still otherwise translated.
|
4. TCP Protocol Tracing
QDPF now allows TCP protocol tracing. The readme.txt
file shows how to start QDPF in protocol trace mode. You can select 'rawtrace' for untranslated
trace output, or 'trace' for translated output; in which case ASCII non-printables will be
translated to '<X>' symbols, where 'X' is the ASCII value of the character.
Here is a sample trace of a session between a client
and a remote webserver. Lines marked # are my comments and obviously do not come from QDPF.
The '<--]' marker shows the exact end of the packet.
The trace appears on the STDERR, all
other messages go to STDOUT, so you can separate them if need be.
5. Current Bugs
- None!! (that I know of :-)
6. Running Java Software
You will need to install the Java Runtime Environment from Sun, start
here. The JRE is available for most platforms.
Then download the ZIP of the current version here.
Then run Java, adding the ZIP to your classpath:
java -classpath /tmp/qdpf.zip pf 1234 80 www.armory.com trace
In the example, 1234 is the local port, 80 is the remote port and
www.armory.com is the remote machine. trace specifies that any
connected sessions should be output. This means, in effect, that when someone
connects to port 1234 of the local machine, their connection will be proxied
to www.armory.com, and they will appear to be connected there.
7. Feedback
You can
email me any comments, praise
(chance'd be a fine thing ;-) or enhancement requests. I don't promise
any future versions - but if there is momentum, then it's quite possible.
8. About
I'm a software engineer for
Intergral GmbH. My real homepage is
here
And now for some plugs: Original music: Go get it all from
here!. Play it loud and let
me know if you liked it.