I have this situation: a game server (Enemy Territory) is running inside an isolated network which only has a few access points to the outside world by means of SSH. Someone outside this network wants to play on this game server. If the game would be using TCP for network connections, it would be quite simple: setting up an SSH tunnel should do the trick. However, like most FPS games, ET uses UDP, on port 27960. SSH does not allow tunneling UDP traffic.
However, there are ways to convert (or 'bridge') UDP traffic to TCP traffic and vice versa. For instance, "netcat" on Linux/UNIX can do this. So I tried the following.
'client' is the computer outside the protected network.
'intermediate' is the computer inside the network, which allows SSH access from outside.
'server' is the computer inside the network, on which the ET server runs.
In short, I set up an UDP->TCP bridge on 'client', tunnel the TCP traffic through an SSH tunnel to 'intermediate', where it's converted back to UDP and sent to 'server'.
In more detail: the first thing I do is setting up an SSH tunnel from client to intermediate, on some arbitrary TCP port:
ssh -L 5901:127.0.0.1:5901 intermediateNext, I set up a TCP->UDP bridge on intermediate, which directs the UDP traffic to server:
netcat -u -L server:27960 -t -p 5901Finally, I set up an UDP->TCP bridge on client:
netcat -t -L 127.0.0.1:5901 -u -p 27960So now I would theoretically just need to start ET on the client an connect to 127.0.0.1. However, this doesn't work, it keeps waiting for a connection. Yet, if I connect to UDP port 27960 on the client with netcat, I can talk to the ET server, so the UDP tunnel seems to be working. Does anyone have any idea why it doesn't work with ET itself?