5 \h'-\w'\fB\\$1\ \fP'u'\fB\\$1\ \fP\c
32 .TH pkstream 1 "23 April 2003" "Straylight/Edgeware" "TrIPE: Trivial IP Encryption"
34 pkstream \- forward UDP packets over streams
54 program forwards UDP packets over some kind of reliable stream. It
55 understands TCP sockets natively; anything else has to be fudged up
56 using some kind of port forwarder like
60 etc. It's intended, among other things, to provide a transport for
62 packets where there are annoying firewalls in the way.
63 .SS "Command-line arguments"
68 pairs on the command-line are respectively the UDP port that
70 should listen on, and the port which it should receive packets from and
75 will parse packets from the stream attached to its standard input and
76 send them to its UDP peer; and it will write packets it reads from its
77 UDP port to the stream attached to its standard output. The program
78 will quit when its input stream closes.
80 This behaviour can be modified by passing suitable options:
83 Writes a brief description of the command-line options available to
84 standard output and exits with status 0.
89 version number to standard output and exits with status 0.
92 Writes a brief usage summary to standard output and exits with status 0.
94 .BI "\-l, \-\-listen=" port
95 Listen for connections on the given TCP
97 Only one connection is allowed at a time. When a connection is
98 accepted, forward UDP packets over the TCP stream until it closes; then
99 wait for another connection.
101 .BI "\-p, \-\-peer=" addr
102 Only accept TCP connections from
104 This option only makes sense in conjunction with
107 .BI "\-b, \-\-bind=" addr
108 When making a connection (see
112 as the source address rather than letting the kernel choose the address
113 automatically. This is useful when the other end will only accept
114 connections from a particular address and you get the wrong one otherwise.
116 .BI "\-c, \-\-connect=" addr : port
121 and forward packets over the TCP connection rather than using stdin and
124 The stream protocol is very simple. Each packet is preceded by a
125 two-octet length field in network byte order. The length is number of
126 octets in the following packet (i.e., it does
128 include the length field itself). There is no padding between packets.
129 The only way a stream can be invalid is if it stops in the middle of a
132 The code hasn't been audited. It may contain security bugs. If you
133 find one, please inform the author
141 Mark Wooding, <mdw@nsict.org>