FPipe icon

FPipe

  n/a
Certified 100% CLEAN Freeware   

A source port forwarder / redirector. #Port forwarder  #Port redirector  #Forward port  #Port  #Forwarder  #Forward  

Description

Free Download

The FPipe application was designed to be a source port forwarder / redirector. It can create a TCP or UDP stream with a source port of your choice. This is useful for getting past firewalls that allow traffic with source ports of say 23, to connect with internal servers.

Usually a client has a random, high numbered source port, which the firewallpicks off in its filter. However, the firewall might let Telnet traffic through. FPipe can force the stream to always use a specific source port, in this case the Telnet source port. By doing this, the firewall 'sees' the stream as an allowed service and let's the stream through.

FPipe basically works by indirection. Start FPipe with a listening server port, a remote destination port (the port you are trying to reach inside the firewall) and the (optional) local source port number you want. When FPipe starts it will wait for a client to connect on its listening port. When a listening connection is made a new connection to the destination machine and port with the specified local source port will be made - creating the needed stream. When the full connection has been established, FPipe forwards all the data received on its inbound connection to the remote destination port beyond the firewall.

FPipe can run on the local host of the application that you are trying to use to get inside the firewall, or it can listen on a 3rd server somewhere else.

Say you want to telnet to an internal HTTP server that you just compromised with MDAC. A netcat shell is waiting on that HTTP server, but you can't telnet because the firewall blocks it off. Start FPipe with the destination of the netcat listener, a listening port and a source port that the firewall will let through. Telnet to FPipe and you will be forwarded to the NetCat shell. Telnet and FPipe can exist on the same server, or on different servers.

Users should be aware of the fact that if they use the -s option to specify an outbound connection source port number and the outbound connection becomes closed, they MAY not be able to re-establish a connection to the remote machine (FPipe will claim that the address is already in use) until the TCP TIME_WAIT and CLOSE_WAIT periods have elapsed. This time period can range anywhere from 30 seconds to 4 minutes or more depending on which OS and version you are using. This timeout is a feature of the TCP protocol and is not a limitation of FPipe itself.

The reason this occurs is because FPipe tries to establish a new connection to the remote machine using the same local IP/port and remote IP/port combination as in the previous session and the new connection cannot be made until the TCP stack has decided that the previous connection has completely finished up.

User Comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy

FPipe 2.1

add to watchlist add to download basket send us an update REPORT
  runs on:
Windows All
  file size:
10 KB
  filename:
fpipe2_1.zip
  1 screenshot:
FPipe - The Command Prompt window lets you see the available options for FPipe
  main category:
Network Tools
  developer:
  visit homepage