stone version 2.3e
Copyright(c)1995-2008 by Hiroaki Sengoku
Stone is a TCP/IP repeater in the application layer.
It repeats TCP and UDP from inside to outside of a firewall,
or from outside to inside.
Stone has following features:
- 1. Stone supports Win32.
- Formerly, UNIX machines are used as firewalls,
but recently WindowsNT machines are used, too.
You can easily run Stone on WindowsNT/2000/XP and Windows95/98/ME.
Of course, available on Linux,
FreeBSD, BSD/OS, SunOS, Solaris, HP-UX and so on.
- 2. Simple.
- Stone's source code is only 10000 lines long (written in C language),
so you can minimize the risk of security holes.
- 3. Stone supports SSL.
- Using OpenSSL,
stone can encrypt/decrypt.
Client verifications, and server verifications are also supported.
Stone can send a substring of the subject of the certificate
to the destination.
- 4. Stone is a http proxy.
- Stone can also be a tiny http proxy.
- 5. POP -> APOP conversion.
- With stone and a mailer that does not support APOP, you can
access to an APOP server.
The MD5 program
- 6. Stone supports IPv6.
- Stone can convert IP and IPv6 each other. With stone, you can use
IP-only software on IPv6 network.
I wrote articles explaining stone (written in Japanese) in my Nikkei Linux Serial.
I writes a stone development diary (written in Japanese).
I'll write useful hints for using the CVS repository.
To join, send mail to
(the message body may be null). If you want to specify your address,
send mail to email@example.com (in the case your
address is firstname.lastname@example.org). You'll receive the confirmation mail, so
reply to it.
- outer: a machine in the outside of the firewall
- inner: a machine in the inside of the firewall
- fwall: the firewall on which the stone is executed
- stone outer:telnet 10023
- Repeats the telnet protocol to ``outer''.
- Run ``telnet fwall 10023'' on ``inner''.
- stone outer:domain/udp domain/udp
- Repeats the DNS query to ``outer''.
- Run ``nslookup - fwall'' on ``inner''.
- stone outer:ntp/udp ntp/udp
- Repeats the NTP to ``outer''.
- Run ``ntpdate fwall'' on ``inner''.
- stone localhost:http 443/ssl
- Make WWW server that supports ``https''.
- Access ``https://fwall/'' using a WWW browser.
- stone localhost:telnet 10023/ssl
- Make telnet server that supports SSL.
- Run ``SSLtelnet -z ssl fwall 10023'' on ``inner''.
- stone proxy 8080
- stone outer:pop/apop pop
- connect to inner:pop using a mailer that does not support APOP.
- Where fwall is a http proxy (port 8080):
- stone fwall:8080/http 10023 'POST http://outer:8023 HTTP/1.0'
- stone localhost:telnet 8023/http
- Run stones on ``inner'' and ``outer'' respectively.
- Relays stream over http.
- stone fwall:8080/proxy 9080 'Proxy-Authorization: Basic c2VuZ29rdTpoaXJvYWtp'
- for browser that does not support proxy authorization.
||Hiroaki Sengoku <email@example.com>
| home | up
| japanese |
Last modified: 04/14/08