Initial Commit

.gitignore

@@ -0,0 +1 @@
+log.txt

README.MD

@@ -0,0 +1,23 @@
+# TTN Tunnel
+These two scripts enable you tu run a ttn gateway behind a http proxy.
+Imagine you are in secure site where no direct socket-connections to the internet are allowed and even if you are the IT-departement an don't want to open your network or even one port you can use this project to forward traffic from port 1700 to a ttn-gateway through a http proxy.
+
+I could not find any solution for this problem so i made two php-script that pick up UDP traffic and send it to a server in the internet (even through a http proxy) which sends it via UDP to a configured server.
+
+Of course, this script can be modifeid to forward any UDP-traffic for other use-cases.
+
+This is really brand new, not in production yet and only testet at my network at home on a raspberry pi.
+Use at your own risk.
+There are scripts missing to run as deamon, etc. maybe this will come in the next few weeks.
+
+To configure: use the ini-files.
+"curlopts" can be everything, curl for php supports.
+
+To run: Use ttntunnel-out.php on the server in the internet
+Use ttntunnel-in.php (maybe in a screen session until deamonize-function is there) local.
+
+I use it on a raspberry pi based gateway so started in.php locally and edited local_conf.json of the gateway to use "localhost" as server-address.
+
+There is no authentication-stuff in out.php because this can be done via the webserver you use.
+
+You need of course php-curl installed on the in-side and permission to open sockets with php on both in and outside.

ttntunnel-in.ini

@@ -0,0 +1,18 @@
+logfile=log.txt
+peerurl=https://www.digital-infinity.de/ttntunnel/out.php
+port=1700
+curlopts[10004]=127.0.0.1
+curlopts[59]=3128
+curlopts[101]=HTTP
+curlopts[64]=0
+;curlopts
+;CURLOPT_PROXY = 10004
+;CURLOPT_PROXY => "127.0.0.1"
+;CURLOPT_PROXYPORT = 59
+;CURLOPT_PROXYPORT => 3128
+;CURLOPT_PROXYUSERPWD = 10006
+;CURLOPT_PROXYUSERPWD => "$proxyUsername:$proxyPassword"}
+;CURLOPT_PROXYTYPE = 101
+;CURLOPT_PROXYTYPE => 'HTTP'
+;CURLOPT_SSL_VERIFYPEER = 64
+;CURLOPT_SSL_VERIFYPEER => 0

ttntunnel-in.php

@@ -0,0 +1,66 @@
+#!/usr/bin/php
+<?php
+/*
+    This file is part of TTNTunnel.
+
+    TTNTunnel is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    TTNTunnel is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with TTNTunnel.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+if(file_exists("ttntunnel-in.ini") && is_readable("ttntunnel-in.ini")) {
+    $config = parse_ini_file("ttntunnel-in.ini");
+}
+if(isset($config['logfile'])) {
+    error_reporting(E_ALL | E_STRICT);
+    ini_set("error_log", $config['logfile']);
+}
+$url = $config['peerurl'];
+$port = $config['port'];
+
+$socket = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
+socket_bind($socket, 0, $port);
+
+$from = '';
+$port = 0;
+while(true) {
+    socket_recvfrom($socket, $buf, 32768, 0, $from, $port);
+    $buf = base64_encode($buf);
+
+    $postData = array('buf' => $buf);
+
+    $handle = curl_init();
+    $ch = curl_init($url);
+    $curlopts = array(
+        CURLOPT_URL => $url
+        , CURLOPT_POST       => true
+        , CURLOPT_POSTFIELDS => $postData
+        , CURLOPT_RETURNTRANSFER     => true
+    );
+    $newCurlopts = Array();
+    if(isset($config['curlopts'])) {
+        $newCurlopts = $config['curlopts'];
+        foreach($curlopts as $key => $value) {
+            $newCurlopts[$key] = $value; 
+        }
+        $curlopts = $newCurlopts;
+    }
+    curl_setopt_array($handle, $curlopts);
+
+    $data = curl_exec($handle);
+    curl_close($handle);
+
+    $data = base64_decode($data);
+
+    socket_sendto($socket, $data, strlen($data), 0, $from, $port);
+    
+}

ttntunnel-out.ini

@@ -0,0 +1,3 @@
+logfile=log.txt
+peer=router.eu.thethings.network
+port=1700

ttntunnel-out.php

@@ -0,0 +1,44 @@
+<?php
+/*
+    This file is part of TTNTunnel.
+
+    TTNTunnel is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    TTNTunnel is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with TTNTunnel.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+if(file_exists("ttntunnel-out.ini") && is_readable("ttntunnel-out.ini")) {
+    $config = parse_ini_file("ttntunnel-out.ini");
+}
+if(isset($config['logfile'])) {
+    error_reporting(E_ALL | E_STRICT);
+    ini_set("error_log", $config['logfile']);
+}
+$peer = $config['peer'];
+$port = $config['port'];
+
+if(isset($_POST['buf'])) {
+    $buf = base64_decode($_POST['buf']);
+
+    $socket = stream_socket_client("udp://$peer:$port", $errno, $errstr);
+    $socket_name = stream_socket_get_name($socket, FALSE);
+
+    if (!$socket) {
+        error_log("ERROR: $errno - $errstr");
+    } else {
+        fwrite($socket, $buf);
+        $response = fread($socket, 32768);
+        $response = base64_encode($response);
+        fclose($socket);
+        echo $response;
+    }
+}