Never Ending Security

It starts all here

Kompletten Netzwerk-Traffic durch SSH tunneln

I’ve recently been visiting China and have been caught out by their Firewall. This hasn’t be too bad but Google Mail and Google Drive is really slow or intermittent. Also you can’t access YouTube or the BBC IPlayer. The final straw for me was for some reason they have blocked the Ubuntu Dropbox repository – so you can’t install Dropbox either.

I don’t have VPN account but we do have some servers. Therefore, I decided to route all the network traffic through one of our server.

I tried various options and final settled on sshuttle because I needed to route everything and not just Firefox. Sshuttle is a transparent proxy server that forwards over a SSH connection and sets up a proxy by running Python scripts on the remote server. I’m assuming your are running Ubuntu on both the client and the remote server. You will need administrative privileges on the client.

sudo apt-get install sshuttle

To route all traffic through sshuttle (except DNS):

sshuttle -r username@sshserver:port 0/0

You will then need to enter your password on your client and then the password for the remote machine. To help debug run sshuttle in verbose mode with the -v flag. The -r flag is the remote host (and username). The port 0/0 is short for that represents the subnets to route over the VPN. The usage of 0/0 routes all the traffic except DNS requests to the remote server. If you need to tunnel your DNS too then add the -H flag.

The project website is


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s