Commit 03ece4f5 authored by Jan-Stefan Janetzky's avatar Jan-Stefan Janetzky

updated readme

Signed-off-by: Jan-Stefan Janetzky's avatarJan-Stefan Janetzky <git@gottz.de>
parent 6f5e29d1
......@@ -26,6 +26,8 @@ get a list of all available commands:
$ node --experimental-modules app.mjs -h
usage: app.mjs [-h] [-v] -p PORT [-H HOST] [-s SERVER] [-t TARGET]
[--header HEADER]
tunnel traffic through websocket
......@@ -41,12 +43,60 @@ Optional arguments:
-t TARGET, --target TARGET
target host:port (port relative to server. required.
otherwise starts server)
--header HEADER specify a header json file for authenticating to your
backend
```
---
## how to auth:
- throw the server behind nginx with basicauth or an oauth provider
- within the client you have to add the required headers into the websocket initialization
- throw the server behind nginx with basicauth or an oauth provider.
i will not help you with that how ever i'm currently working on my own oauth provider that i have yet to throw onto github.
- within the client you have to add the required headers into the websocket initialization.
to give you an example:
```
{
"Cookie": "foo=bar"
}
```
just save that as `header.json` and attach `--header header.json` to the arguments.
---
## how to proxy smb to a windows 10 client:
[short description with ssh n stuff for tunneling](https://www.nikhef.nl/~janjust/CifsOverSSH/Win10Loopback.html)
1. launch hdwwiz.exe
1. network adapters -> Microsoft KM-TEST Loopback Adapter -> finish
1. disable everything except ipv4 in that new network sink
1. inside the ipv4 settings set up a ip, 255.255.255.255 as subnet mask and disable netbios
- if you cannot decide on an ip simply use 192.0.2.123 since it's not a public ip and most likely will never be used in a LAN environment. (in case you care about vpn compatibility)
1. elevated windows shell
- run `sc config lanmanserver start= delayed-auto`
this is sadly required since microsoft will bind it's smb bullshit to 0.0.0.0:445 thus making it impossible to listen to that port yourself.
microsoft also does not want you to use smb on a port different than 445.
- run `netsh interface portproxy add v4tov4 listenaddress=192.0.2.123 listenport=445 connectaddress=192.0.2.123 connectport=44445`
this will ensure that 445 stays bound as soon as lanmanserver starts. thus making it possible for you to just spawn a listener onto 44445 to listen to 445 without eaddrinuse errors etc.
1. edit `%windir%\system32\drivers\etc\hosts` and add an appropriate mapping like:
`192.0.2.123 smbproxy`
1. reboot
1. run this script like this:
`node --experimental-modules app.mjs --header header.json -s "wss://yourproxy" -t yoursmbhost:445 -H 192.0.2.123 -p 44445`
- alternatively you could just use `ssh -L 192.0.2.123:44445:yoursmbhost:445`
1. open explorer and navigate to `\\smbproxy`
you can also create multiple mappings in your hosts file for that.
the benefit would be that multiple users of your laptop / pc could access your nas with different usernames / sessions without windows annoying you that someone else is already using that resource.
feel free to open the task creation tool of windows to start this on system startup.
if you are too dumb to figure this out just ask.
---
## PS: if you fuck this up or someone hacks you, you are to blame. not me.
## DO NOT IMPLY THAT I DIDN'T WARN YOU. THIS IS NOT FOR UNKNOWLEDGABLE PEOPLE WHO JUST INSTALL RANDOM SHIT FROM THE INTARWEBS
### i run this on [hole.home.gottz.de](https.hole.home.gottz.de) so come at me bro.
greetings from a bored developer
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment