1. Requirement Background 1

  1. Background 1, as shown in the figure, needs to realize the home computer can access the Git code server of the company, so as to achieve the purpose of submitting Git code from home.

1.1 Requirement Background 1 Analysis

As for the requirement of background 1, it belongs to the Intranet penetration function commonly used. There are open source schemes such as FRP implemented by go language on the Internet. For the purpose of learning, this time, simple implementation and learning are carried out through Java socket programming

  1. The server program on Ali Cloud and the client program on a server of the company are started. First, a server of the company establishes regular connection with Ali Cloud, maintains and formsControl Socket connection, maintain connection, establish connection 1

2. ##1) Home computer initiates access, the process is as follows:

2). When accessing, proactively establish a Socket connection with aliyun server. After receiving the request, Aliyun server forwards the request to company server 4 through connection 1). After receiving the request forwarded by 3, the company server initiates the connection to 4 and establishes the connection with Git server 3 5). After the completion of step 4, the company server actively establishes another connection 4 to connect to aliyun server 6). Finally, the binding relationship of socket connection is carried out on aliyun server. When the connection is successful and data is transmitted, the request and return are made by connection 2->4>3->4>2

  1. Close the connection when communication is complete

7) Disconnect all data connections after communication is completed, and finally only control connections are left, waiting for the next access request.

1.2 Requirement Background 1 Java Deployment procedure

  1. ## Pull code
git clone https://github.com/jxlhljh/remotestcpserver_single_sock5.gitOr git clone HTTPS://gitee.com/jxlhljh/remotestcpserver_single_sock5.git
Copy the code
  1. # # compilation
maven clean package
Copy the code

The lib directory and remotestcpserver_single_sock5.jar are generated under the Target of the Maven project, as shown in the figure Put the lib folder and remotestCpServer_singLE_sock5. jar in the remotestCpServer_singLE_sock5 directory

3.1 #### Scenario 1: For example, the computer at home (192.168.0.101) needs to access the Git code server of the company (port 8899 of 172.168.201.88).Note: The following is a Linux deployment, the command is used in the colon, if the Windows, change to the semicolon

## Server, in Ali Cloud server103.21212.74.Deploy on, and enable the terminal7000Listen on CD remotestcpServer_SINGle_sock5 Java -cp"./lib/*:./remotestcpserver_single.jar" cn.gzsendi.stcp.server.StcpServerStart -ssl false -serverPort 7000 -token 123456## Control side, on the company server (172.168201.148.) CD remotestcpServer_single_sock5 Java -cp"./lib/*:./remotestcpserver_single.jar" cn.gzsendi.stcp.control.ControlClientStart -ssl false -token gzsendi -trunnelHost 103.21212.74. -trunnelPort 7000 -groups stcp1 -types tcp -serverFrontPorts 18899 -remoteHosts 172.168201.88. -remotePorts 8899
Copy the code

Server SSL: whether to use SSL and password, true yes, false no serverPort: 7000, ali Cloud server service listening port Token: simple socket communication password, socket connection needs to send this password, fails to verify will be disconnected

## Controller SSL: whether to use SSL and password, true yes, false No, which must be consistent with the server configuration Token: simple socket communication password, which must be consistent with the server configuration trunnelHost: Types: Penetrating type. Currently, two types of serverFrontPorts are supported: TCP and SOck5. This is an open port provided by Aliyun for external network connection, such as 18899. In this way, connecting the Ip address and port 18899 of Aliyun server through your home phone is equivalent to accessing the Ip address and port of git server on the Intranet, so as to achieve the effect of penetration. RemotePorts: Specifies the remote real git server IP. RemotePorts: specifies the remote real Git server port. Groups: specifies the name of the group to be configured

After the program is started, you can access it from your home computer through port 18899 of 103.212.12.74, and you can penetrate to 8899 of Git code server 172.168.201.88 of the company through the Intranet.

3.2 #### Scenario 2: Sock5 transparent transmission proxy.

## Server, in Ali Cloud server103.21212.74.Deploy on, and enable the terminal7000Listen on CD remotestcpServer_SINGle_sock5 Java -cp"./lib/*:./remotestcpserver_single.jar" cn.gzsendi.stcp.server.StcpServerStart -ssl false -serverPort 7000 -token 123456## Control side, on the company server (172.168201.148.) CD remotestcpServer_single_sock5 Java -cp"./lib/*:./remotestcpserver_single.jar" cn.gzsendi.stcp.control.ControlClientStart -ssl false -token gzsendi -trunnelHost 103.21212.74. -trunnelPort 7000 -groups stcp1 -types sock5 -serverFrontPorts 1080
Copy the code

Types: sock5: indicates that the SOck5 agent is used. In this case, remoteHosts and remotePorts do not need to be configured

After the program is started, the Sock5 agent is enabled on port 1080 of 103.212.12.74. After the sock5 client is configured, all internal machines of the company can be accessed, which is equivalent to accessing 172.168.201.148.

3.3 #### Scenario 3: Enable transparent transmission of multiple port mappings simultaneously

## Server, in Ali Cloud server103.21212.74.Deploy on, and enable the terminal7000Listen on CD remotestcpServer_SINGle_sock5 Java -cp"./lib/*:./remotestcpserver_single.jar" cn.gzsendi.stcp.server.StcpServerStart -ssl false -serverPort 7000 -token 123456## Control side, on the company server (172.168201.148.) CD remotestcpServer_single_sock5 Java -cp"./lib/*:./remotestcpserver_single.jar" cn.gzsendi.stcp.control.ControlClientStart -ssl false -token gzsendi -trunnelHost 103.21212.74. -trunnelPort 7000 -groups stcp1,stcp2 -types tcp -serverFrontPorts 18899.18080 -remoteHosts 172.168201.88..172.168201.10. -remotePorts 8899.8080
Copy the code

Groups: Here stcp1 and STcp2 are configured because two ports are configured for transparent transmission

After the program starts, two ports are open for transparent transmission on 103.212.12.74

103.21212.74.:18899 ----> 172.168201.88.:8899
103.21212.74.:18080 ----> 172.168201.88.:8080
Copy the code

2. Requirement Background 2

  1. Background # # 2, as shown in figure, there is the inside of the network and Intranet 2 1, 2 an Intranet 2 machine such as 192.168.56.101, 172.168.201.20 two, can’t get to the Internet, you need to implement can communicate with each other.

2.1 Requirement Background 2 Analysis

  1. The Ali Cloud server starts the server program, and the two machines with Internet access permission on Intranet 1 and Intranet 2 start the client program, actively establish connection 1, 2 and keep it, as shown in the figure

2. ## When machine 1 on Intranet 1 initiates an access request to machine 2 on Intranet 2, the process is as follows

1). Connection 3 is established. The data is sent by machine 1 of Intranet 1 to machine 2 of Intranet 1. Machine 2 of Intranet 2 establishes connection 4 with Ali Cloud, and forwards the binding request to Ali Cloud 3 through connection 2). The Ali Cloud machine forwards the forwarding request of Step 2 to machine 2 and Intranet 2 through connection 1. The connection between machine 1 on Intranet 2 and machine 2 on Intranet 2 is set up 5. 5). After connection 5 is established successfully, machine 2 of Intranet 2 actively establishes connection 6 as the data transmission channel 6. Finally, the 3->4>6>5 connection channel binding is carried out on ali Cloud server for data transmission

3. After ## communication, close all resources, leaving 2 controlsConnect 1andConnect the 2

2.2 Requirement Background This section describes how to deploy and use Java in 2

  1. ## Pull code
git clone https://github.com/jxlhljh/remotestcpserver_sock5.gitOr git clone HTTPS://gitee.com/jxlhljh/remotestcpserver_sock5.git
Copy the code
  1. # # compilation
maven clean package
Copy the code
  1. ## Start the example

3.1 #### Scenario 1: Use port 18899 of 192.168.56.1 to penetrate port 8899 of 172.168.201.20

## Server, in Ali Cloud server103.21212.74.Deploy on, and enable the terminal7000Listen to CD remotestcpserver_sock5 Java -cp"./lib/*:./remotestcpserver_sock5.jar" cn.gzsendi.stcp.server.StcpServerStart -ssl false -serverPort 7000 -token 123456## Control end, on the Intranet2The machine1(172.168201.11.) to deploy CD remotestcpServer_sock5 java-server-xmx256m -Xms256m -Xmn128m -cp"./lib/*:./remotestcpserver_sock5.jar" cn.gzsendi.stcp.control.ControlClientStart -ssl true -token gzsendi -trunnelHost 103.21212.74. -trunnelPort 7000 -groups stcp1 -types tcp -remoteHosts 172.168201.20. -remotePorts 8899## Access end, on the Intranet1The machine2(192.168. 561.) to deploy CD remotestCpServer_sock5 java-server-xmx128m-xms64m-xmn64m-cp"./lib/*; ./remotestcpserver_sock5.jar" cn.gzsendi.stcp.visitor.VisitorCliStart -ssl true -token gzsendi -trunnelHost 103.21212.74. -trunnelPort 7000 -groups stcp1 -frontPorts 18899
Copy the code

After the program is started, accessing port 18899 of 192.168.56.1 on Intranet 1 is equivalent to accessing port 8899 of 172.168.201.20 on Intranet 2

3. Source download

Scenario 1 source: github:github.com/jxlhljh/rem… Gitee:gitee.com/jxlhljh/rem…

Scenario 2 source: github:github.com/jxlhljh/rem… Gitee:gitee.com/jxlhljh/rem…