Provided by: ptunnel_0.61-1_i386 bug


       ptunnel  - tunnel TCP connections over ICMP echo request/reply packets.


       ptunnel -p proxy_address -lp listen_port  -da  destination_address  -dp
       dest_port  [-c  network_device]  [-v  verbosity] [-u] [-x password] [-f

       ptunnel [-c network_device] [-v verbosity] [-u] [-x password] [-f file]

       ptunnel -h


       ptunnel  is  an  application  that  allows  you  to reliably tunnel TCP
       connections to a remote host using ICMP echo request and reply packets,
       commonly  known  as  ping  requests  and replies. At first glance, this
       might seem like a rather useless thing to do, but it can actually  come
       in  handy  in  some  cases.  The following example illustrates the main
       motivation in creating ptunnel:

       Setting: You’re on the go, and stumble across an open wireless network.
       The  network gives you an IP address, but won’t let you send TCP or UDP
       packets out to the rest of the internet, for  instance  to  check  your
       mail.  What  to do? By chance, you discover that the network will allow
       you to ping any computer on the rest of the internet. With ptunnel, you
       can  utilize  this  feature to check your mail, or do other things that
       require TCP.


       Client options:

       -p proxy_address
              Specify the host on which the proxy is running.

       -lp listen_port
              Specifies the port on which the client will listen for  incoming
              TCP connections.

       -da destination_addr
              Specifies  the  address to which you want your packets tunneled,
              after reaching the proxy.

       -dp destination_port
              Specifies  the  port  that  the  proxy  should  tunnel  the  TCP
              connection to.

       Shared options:

       -c network_device
              Specify the network interface to capture packets from. Note that
              packet capturing isn’t always necessary, but you should try this
              if you experience problems with ptunnel.

       -v verbosity
              Controls  the  verbosity  level. -1 is no output, 0 shows errors
              only, 1 shows info messages, 2 gives  more  output,  3  provides
              even  more  output,  level  4  displays  debug  info and level 5
              displays absolutely everything, including the nasty  details  of
              sends and receives.

       -u     Attempts to run ptunnel without privileges. This doesn’t usually

       -x password
              Specifies a password or passphrase to use. This will  allow  you
              to  protect  the  proxy  from  use  by others who don’t know the
              password. It needs to be specified on both proxy and client.

       -f file
              Specifies a log file.

       -h     Displays brief usage information.


       The following assumes that ptunnel is run as root, both  on  the  proxy
       and  client.  To  tunnel  ssh connections from the client machine via a
       proxy running on to the computer,
       the following command line would be used:

       ptunnel -p -lp 8000 -da -dp 22

       An  ssh  connection  to  can  now  be  established as

       ssh -p 8000 localhost

       If ssh complains  about  potential  man-in-the-middle  attacks,  simply
       remove  the  offending key from the known_hosts file. The warning/error
       is expected if you have previously ssh’d to your local computer  (i.e.,
       ssh  localhost), or you have used ptunnel to forward ssh connections to
       different hosts.

       Of course, for all of this to work, you need to start the proxy on your
       proxy-computer ( Doing this is very simple:


       If  you  find  that  the  proxy  isn’t working, you will need to enable
       packet capturing on the main network device. Currently this  device  is
       assumed  to  be an ethernet-device (i.e., ethernet or wireless). Packet
       capturing is enabled by giving the -c switch, and supplying the  device
       name  to  capture  packets on (for instance eth0 or en1). The same goes
       for the client. On Mac OS X, packet capturing must  always  be  enabled
       (both  for  proxy  and  client),  as  resent  packets won’t be received

       To protect yourself from others  using  your  proxy,  you  can  protect
       access to it with a password using the <tt>-x</tt> switch. The password
       is never sent in the clear, but keep in mind that  it  may  be  visible
       from  tools  like top or ps, which can display the command line used to
       start an application.


       ptunnel does not exit until forced to do so by an interrupt (Ctrl-C) or
       if it crashes.


       ptunnel   currently   does  not  handle  packet  capturing  on  network
       interfaces other than ethernet or wireless correctly.


       Daniel Stoedle (


       ptunnel is licensed under the BSD License.


       The ptunnel homepage is currently located here:

       The freshmeat project page is located here:

       Please take the time to rate ptunnel if you find it useful. Thanks!