Tunneling over HTTP(S)

[jpjp]

Might be a nice feature to have the option to proxy the protocol over http.

[calmh]

For firewall busting purposes?

[calmh]

(It is, obviously, forwardable over SSH or something like that that forwards raw TCP connections.)

[jpjp]

Yes for firewall busting purposes.

Edit: okay so the recommendation is forward over ssh on top of https with something like sslh.

[calmh]

Well no, I wasn't recommending anything, just understanding the request :)

[jpjp]

hehe okay. I was initially thinking about firewall busting with a --modification-option, then it moved onto a thinking of a way of getting multiple cluster support by proxying over http using custom urls.

[lucapost]

At work I have local pc behind http proxy. I can setup local and remote port forwarding with some client (ssh on unix, putty, winscp, ecc) to my remote vps, but I don't understand which ports I need to forward? Sync Protocol Listen Addresses localhost:22000? Device addresses localhost:XXXXX? both? can anybody help me about? Thanks for help.

[AudriusButkevicius]

Depends on what you want to do.
If you just want to sync, you can forward remote:22000 to local:22001 , and then change the IP of the device from dynamic to localhost:22001

[lucapost]

Uhm, which ports i need to open for get Global Discovery ok?
I can forward request to network office admin.

Thanks,
LP

[AudriusButkevicius]

You don't need to forward any ports for discovery to work as its outbound only.
For syncthing itself to work, you need to forward the protocol port.

[jdbancal]

Hello, I'm trying to do what is explained here above, i.e. forward remote:22000 to local:22001, but I don't manage to make it work... How can we achieve this?

Here's what I did:

ssh user@remote -L 22001:localhost:22000

Then launch syncthing with the "Sync Protocol Listen Addresses" set to "localhost:22001". This gives me the following error message:

FATAL: listen (BEP): listen tcp 127.0.0.1:22001: bind: address already in use

and systematically crashed syncthing.

I checked that "netstat -tulpn | grep 22001" gives me nothing before running ssh, and it gives me

tcp        0      0 127.0.0.1:22001         0.0.0.0:*               LISTEN      20500/ssh       
tcp6       0      0 ::1:22001               :::*                    LISTEN      20500/ssh 

once the ssh tunnel is open....

[AudriusButkevicius]

You have to forwarding remote:22000 to local:22001, and then on local listen on 22000, and set remote machines ip as localhost:220001.

[jdbancal]

Thanks for your reply. Sorry I'm not very familiar with ssh tunneling... Can you give me an example of what I should type on each machine in order to do this forwarding in the right direction? (The local machine is the one behind a firewall)

[AudriusButkevicius]

Please use the forums for support.