[MacPorts] #52198: sshuttle - where transparent proxy meets VPN meets ssh
#52198: sshuttle - where transparent proxy meets VPN meets ssh -----------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: request | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.4 Keywords: | Port: -----------------------+-------------------------------- Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling. From readme file:[[BR]] As far as I know, sshuttle is the only program that solves the following common case:[[BR]] Your client machine (or router) is Linux, FreeBSD, or MacOS.[[BR]] You have access to a remote network via ssh.[[BR]] You don't necessarily have admin access on the remote network.[[BR]] The remote network has no VPN, or only stupid/complex VPN protocols (IPsec, PPTP, etc). Or maybe you are the admin and you just got frustrated with the awful state of VPN tools.[[BR]] You don't want to create an ssh port forward for every single host/port on the remote network.[[BR]] You hate openssh's port forwarding because it's randomly slow and/or stupid.[[BR]] You can't use openssh's PermitTunnel feature because it's disabled by default on openssh servers; plus it does TCP-over-TCP, which has terrible performance (see below). https://github.com/apenwarr/sshuttle -- Ticket URL: <https://trac.macports.org/ticket/52198> MacPorts <https://www.macports.org/> Ports system for macOS
#52198: sshuttle - where transparent proxy meets VPN meets ssh ------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: request | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.3.4 Resolution: | Keywords: Port: | ------------------------+-------------------------------- Comment (by ken.cunningham.webuse@…): I agree -- this is a very useful app that solved a huge problem for me! Thanks for the suggestion. I have the port building and I'm using it regularly now. Should have a port file to send up fairly shortly (week or so) once I work out an idiosyncrasy or two with the build process hanging. There are some reports on the net that this app stops working after a certain MacOSX version -- I don't know about that as I haven't tested it all the way up the chain as yet. -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:1> MacPorts <https://www.macports.org/> Ports system for macOS
#52198: sshuttle - where transparent proxy meets VPN meets ssh ------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: request | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | ------------------------+-------------------------------- Changes (by mf2k@…): * version: 2.3.4 => * port: => sshuttle -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:2> MacPorts <https://www.macports.org/> Ports system for macOS
#52198: sshuttle - where transparent proxy meets VPN meets ssh ------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: request | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | ------------------------+-------------------------------- Comment (by ken.cunningham.webuse@…): OK -- I have a portfile available for testing, if anyone is interested. It appears to work well. Lots of manual installation details as that part wasn't in the port itself. To try it out, put it in your local repo under ./net/sshuttle/Portfile. There are a couple of idiosyncracies with this one. It uses an unusual build system. For some reason that I have not yet been able to debug, there is noticeable pause between the build phase and the destroot phase -- the build system is doing something, but I can't figure out what it is. It seems to be waiting for some command to finish, and then times out. So don't be too impatient with it -- it seems to always finish. {{{ Removing stamp files... ---LONG PAUSE!------ then action continues ... make: Leaving directory '/opt/local/var/macports/build/_opt_myports_net_sshuttle/sshuttle/work /sshuttle-29d2e06bf5cd3d575015e23c638ca9e5a10ee29c' ---> Staging sshuttle into destroot }}} The machine you're connecting to needs to have at least python 3.4 running. So I had to upgrade an older Tiger PPC machine I use for this to a newer python version to make it work. I should specify that it should use python27 for building somewhere in the portfile. I asked it to install python27 versions of the dependencies it requires. The build script appears to just 'shebang' python, so perhaps the best way I could add that would be to set a build environment variable to python27. For running it, it just uses the system's default python settings it appears, so I haven't exhaustively tested which versions of python might or might not work. I have my defaults set to python27 for both python and python2. {{{ if python2 -V 2>/dev/null; then exec python2 "$DIR/main.py" python2 "$@" else exec python "$DIR/main.py" python "$@" fi }}} Hope the testing goes well for anyone interested, and we'll see what warts shake loose initially, prior to any attempt at a final release of this. Best, Ken -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:3> MacPorts <https://www.macports.org/> Ports system for macOS
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Changes (by mf2k@…): * type: request => submission -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:4> MacPorts <https://www.macports.org/> Ports system for macOS
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Comment (by iamsudo@…): Great! Since it's already been submitted, when will this be added to the main repo? https://www.macports.org/ports.php?by=name&substr=sshuttle. -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:5> MacPorts <https://www.macports.org/> Ports system for macOS
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Comment (by ken.cunningham.webuse@…): It needs a bit of testing on some other systems -- it's been working just great for me. I'm using it now. i need to specific the python version a little better as well. To use it yourself, download the portfile into a directory of your choosing. then {{{ sudo port -v install }}} and you should be good to go. Let me know if there are any problems identified. If it passes muster, it'll get included. -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:6> MacPorts <https://www.macports.org/> Ports system for the Mac operating system
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Comment (by ken.cunningham.webuse@…): updated portfile to specify python version and add python portgroup. other than the weird long pause when building, this seems to work OK for me. -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:8> MacPorts <https://www.macports.org/> Ports system for the Mac operating system
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Comment (by ryandesign@…): Replying to [comment:3 ken.cunningham.webuse@…]:
There are a couple of idiosyncracies with this one. It uses an unusual build system. For some reason that I have not yet been able to debug, there is noticeable pause between the build phase and the destroot phase -- the build system is doing something, but I can't figure out what it is. It seems to be waiting for some command to finish, and then times out. So don't be too impatient with it -- it seems to always finish.
This would be nice to fix but is not a showstopper.
I should specify that it should use python27 for building somewhere in the portfile. I asked it to install python27 versions of the dependencies it requires. The build script appears to just 'shebang' python, so perhaps the best way I could add that would be to set a build environment variable to python27.
Yes, you must somehow inform the build system that it must use MacPorts python2.7. Instead of hardcoding `27` in the python dependencies, use the `python.version` variable so that, if you later change the python version, you only have to do so on the `python.default_version` line instead of in multiple places. You should remove the `name` and `homepage` lines; the `github.setup` line sets those for you. Instead of setting `destroot.cmd` to `/usr/bin/true` and then defining a `post-destroot` block, just define a `destroot` block. Why are you specifying commit 29d2e06bf5cd3d575015e23c638ca9e5a10ee29c instead of using the 0.61 tag? You define an `appname` variable, but then don't use it in `notes`. When you want a newline in `notes`, usually you should just type an actual newline (i.e. press the return key on your keyboard), rather than using a `\` line continuation and a `\n` newline. There should not be two newlines at the beginning of `notes`. -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:9> MacPorts <https://www.macports.org/> Ports system for the Mac operating system
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Comment (by ken.cunningham.webuse@…): thanks, Ryan. I also just noticed that adding in the python portgroup also changed the build command and something funny happens now -- I missed that first go. I'll have to fix that too -- thanks for the feedback, and I'll get back to you again when it's fixed. Ken -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:10> MacPorts <https://www.macports.org/> Ports system for the Mac operating system
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Comment (by ken.cunningham.webuse@…): I had not dug into the python portgroup much before this. Reading through the python portgroup file this afternoon, I see it changes the way this port builds and functions quite extensively. I added the python portgroup to this portfile not realizing how deeply it would affect everything. I think the best approach for this one might be to remove the python portgroup (which will allow it to build and install again!) and then to add in the few needed functions manually... will post a revised portfile once I do that. -- K -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:11> MacPorts <https://www.macports.org/> Ports system for the Mac operating system
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Comment (by ken.cunningham.webuse@…): This version of the portfile (v4) works again after deleting the python portgroup -- after six weeks of monkeying around with it, I can't figure out how to use the python portgroup in this port. I'm not sure it applies to a port like this. Maybe it does, and I can't see how. Anyway, best I can do with it. It works great, for anyone who wants to use it. But you'll have to manually select python27 as your python and python2 to build it. Look forward to seeing how to do that magically, if it's possible. I see there's interest in this, so hope it helps somebody. I use this port all day, every day, at work. It's one of the more useful ports I've come across that way. Thanks to the original requester, who pointed me in that direction. -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:13> MacPorts <https://www.macports.org/> Ports system for the Mac operating system
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Comment (by ken-cunningham-webuse): I have found a newer github repository for this port, that looks to have newer tag releases and follows a more traditional python approach, with setup.py. I think moving over to this newer version would make sense for the macports port. It's at <https://github.com/sshuttle/sshuttle> and I'll start working on this soonish. -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:14> MacPorts <https://www.macports.org/> Ports system for OS X
#52198: sshuttle - where transparent proxy meets VPN meets ssh -------------------------+-------------------------------- Reporter: iamsudo@… | Owner: macports-tickets@… Type: submission | Status: new Priority: Normal | Milestone: Component: ports | Version: Resolution: | Keywords: Port: sshuttle | -------------------------+-------------------------------- Comment (by Russell-Jones-OxPhys): Replying to [comment:14 ken-cunningham-webuse]:
I have found a newer github repository for this port, that looks to have newer tag releases and follows a more traditional python approach, with setup.py. I think moving over to this newer version would make sense for the macports port. It's at <https://github.com/sshuttle/sshuttle> and I'll start working on this soonish.
Do they publish to PyPI? If so, you may find https://trac.macports.org/wiki/pypi2port useful. -- Ticket URL: <https://trac.macports.org/ticket/52198#comment:15> MacPorts <https://www.macports.org/> Ports system for OS X
participants (1)
-
MacPorts