EnglishFrenchSpanish

OnWorks favicon

ocproxy - Online in the Cloud

Run ocproxy in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command ocproxy that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


ocproxy - lwip based proxy for openconnect

SYNOPSIS


ocproxy [options]

DESCRIPTION


This manual page documents briefly the ocproxy command.

ocproxy is a program that provides a SOCKS and port-forwarding proxy when used in
conjunction with openconnect(1). When using ocproxy, OpenConnect only handles network
activity that the user specifically asks to proxy, so the VPN tunnel no longer "hijacks"
all network traffic on the host.

ocproxy accomplishes this by running a lwIP network stack in userland, so the OS kernel is
no longer directly handling packets sent to and from the VPN connection.

BASIC USAGE


ocproxy should be invoked directly from OpenConnect or another VPN program; a file
descriptor number is passed through the VPNFD environment variable to tell ocproxy how to
send and receive VPN traffic. For example:

openconnect --script-tun --script "ocproxy -D 11080 -L2222:unix-host:22"
vpn.example.com

Commonly used options include:

-D, --dynfw port
Start up a SOCKS5 server on TCP port port to dynamically forward application-level
traffic over the VPN proxy. This is intended to resemble the -D option to ssh(1).

-L, --localfw port:host:hostport
Bind to port local TCP port port, and forward incoming connections to host:hostport
on the VPN. host can be a DNS name or a dotted-quad IP address. If the VPN
supplied a default DNS domain name or --domain was specified on the command line,
unqualified hostnames may be used. This is intended to resemble the -L option to
ssh(1).

-g, --allow-remote
Local listening sockets opened by the --dynfw and --localfw options, by default,
will be bound to the loopback interface only (127.0.0.1) so they are only available
on the local machine. If --allow-remote is specified, the sockets will be bound to
INADDR_ANY (0.0.0.0) instead, and other hosts may connect to them. This is
intended to resemble the -g option to ssh(1).

-k, --keepalive interval
Send a TCP keepalive packet every interval seconds on each open connection, on the
VPN side. This can help avoid idle timeouts, both on the VPN gateway and on any
stateful firewalls in between the two ends.

ADVANCED USAGE


These options may be useful for debugging ocproxy or diagnosing problems:

-v, --verbose
Enable verbose debugging output.

-T, --tcpdump
Write a log of all TCP or UDP packets traversing the VPN to /tmp/tcpdump. The
format largely mirrors the output of the tcpdump(8) utility.

ocproxy will normally retrieve IP configuration parameters through environment variables
provided by OpenConnect. These options may be used to override the autodetected
parameters:

-I, --ip local_ip
Use local_ip for the VPN side IP address. Example: 192.168.5.20. This is normally
set through the INTERNAL_IP4_ADDRESS environment variable.

-M, --mtu mtu_bytes
Use mtu_bytes as the maximum transmit unit on the VPN interface; it generally
depends on DTLS and UDP packet overhead. Example: 1300. This is normally set
through the INTERNAL_IP4_MTU environment variable.

-d, --dns dns_ip
Send all VPN side DNS queries to server dns_ip. Example: 192.168.5.2. This is
normally set through the INTERNAL_IP4_DNS environment variable.

-o, --domain domain
Use domain as the default DNS domain, for unqualified hostnames. This is normally
set through the CISCO_DEF_DOMAIN environment variable.

Use ocproxy online using onworks.net services


Free Servers & Workstations

Download Windows & Linux apps

  • 1
    PostInstallerF
    PostInstallerF
    PostInstallerF will install all the
    software that Fedora Linux and others
    doesn't include by default, after
    running Fedora for the first time. Its
    easy for...
    Download PostInstallerF
  • 2
    strace
    strace
    The strace project has been moved to
    https://strace.io. strace is a
    diagnostic, debugging and instructional
    userspace tracer for Linux. It is used
    to monitor a...
    Download strace
  • 3
    gMKVExtractGUI
    gMKVExtractGUI
    A GUI for mkvextract utility (part of
    MKVToolNix) which incorporates most (if
    not all) functionality of mkvextract and
    mkvinfo utilities. Written in C#NET 4.0,...
    Download gMKVExtractGUI
  • 4
    JasperReports Library
    JasperReports Library
    JasperReports Library is the
    world's most popular open source
    business intelligence and reporting
    engine. It is entirely written in Java
    and it is able to ...
    Download JasperReports Library
  • 5
    Frappe Books
    Frappe Books
    Frappe Books is a free and open source
    desktop book-keeping software that's
    simple and well-designed to be used by
    small businesses and freelancers. It'...
    Download Frappe Books
  • 6
    Numerical Python
    Numerical Python
    NEWS: NumPy 1.11.2 is the last release
    that will be made on sourceforge. Wheels
    for Windows, Mac, and Linux as well as
    archived source distributions can be fou...
    Download Numerical Python
  • More »

Linux commands

Ad