Secure Socket Funneling – Network tool and toolkit

Secure Socket Funneling (SSF) is a network tool and toolkit.

It provides simple and efficient ways to forward data from multiple sockets (TCP or UDP) through a single secure TLS tunnel to a remote computer.

SSF is cross-platform (Windows, Linux, OSX) and comes as standalone executables.

Secure Socket Funneling Features:

• Local and remote TCP port forwarding
• Local and remote UDP port forwarding
• Local and remote SOCKS server
• Local and remote shell through sockets
• File copy
• Native relay protocol
• TLS connection with the strongest cipher-suites

Download

Usage

Client

Usage: ssf[.exe] [options] server_address

Options:

• -v verbose_level: Verbosity: critical|error|warning|info|debug|trace (default: info)
• -q: Quiet mode. Do not print logs
• -p port: Remote port (default: 8011)
• -c config_file_path: Specify configuration file. If not set, ‘config.json’ is loaded from the current working directory
• -m attempts: Max unsuccessful connection attempts before stopping (default: 1)
• -t delay: Time to wait before attempting to reconnect in seconds (default: 60)
• -n: Do not try to reconnect client if a connection is interrupted
• -g: Allow gateway ports. Allow client to bind local sockets for a service to a specific address rather than “localhost”
• -S: Display microservices status (on/off)

Services options:

• -D [[bind_address]:]port: Run a SOCKS proxy on the server accessible on [[bind_address]:]port on the local side
• -F [[bind_address]:]port: Run a SOCKS proxy on the local host accessible from the server on [[bind_address]:]port
• -X [[bind_address]:]port: Forward server shell I/O to the specified port on the local side. Each connection creates a new shell process
• -Y [[bind_address]:]port: Forward local shell I/O to the specified port on the server
• -L [[bind_address]:]port:host:hostport: Forward TCP connections to [[bind_address]:]port on the local host tohost:hostport on the server
• -R [[bind_address]:]port:host:hostport: Forward TCP connections to [[bind_address]:]port on the server tohost:hostport on the local side
• -U [[bind_address]:]port:host:hostport: Forward local UDP traffic on [[bind_address]:]port to host:hostport on the server
• -V [[bind_address]:]port:host:hostport: Forward UDP traffic on [[bind_address]:]port on the server to host:hostport on the local side

Server

Usage: ssfd[.exe] [options]

Options:

• -v verbose_level: Verbosity: critical|error|warning|info|debug|trace (default: info)
• -q: Quiet mode. Do not print logs
• -c config_file_path: Specify configuration file. If not set, ‘config.json’ is loaded from the current working directory
• -p port: Local port (default: 8011)
• -R: The server will only relay connections
• -l host: Set server bind address
• -g: Allow gateway ports. Allow client to bind local sockets for a service to a specific address rather than “localhost”
• -S: Display microservices status (on/off)

Tutorial