Just a question

[thewh1teagle]

Maybe it's not related but I try.
I want to use the same nat punching method to access web server behind nat but from the browser
Something like that:

client behind nat (for instance, my android phone) request to visit some webpage behind nat (let's say ssh server on my local network) from the stun server over http request in browser
eg - http://some.helpful.stun.server/?url=http://my.target.ip.behind.nat

the target ip should be always in contact with the stun server
when the stun server get's the client request, it connects him (simply redirect) to the punched ip:port behind nat.

is that possible?

[michurin]

In my own opinion, it is not possible to punch hole the way you are suggesting. As I know stun is based on UDP. My approach is based on UDP too. Theoretically, it is possible to drill TCP hole through NATs, but you have to control low level TCP handshake to do this. Browsers unable to deal with UDP and, of cause, they disallow you to control TCP handshake.

However, I heard, that WebRTC is good in NAT traversal. Maybe it will help you?

[thewh1teagle]

Webrtc can somewhat help but bot the best solution.
As I said, the goal is to create regular tcp (http) connection to web server behind nat, from browser behind nat.

We can do that in several ways.

1. Normal tcp punch with daemon running on computer and redirect all the traffic from another port to that port so you caj access the other web server in the browser in localhost port.
2. Web rendering over webrtc - client side can connect to remote server behind nat over webrtc and render the page with that data channel, but it's hacky and not match usable.
   Again to clearify, the goal is to access the web server like we can with ngrok tool (you get a url and you paste it in the browser, and Walla!

[michurin]

Well, let's won't consider the way 2. I really didn't grasp your way 1. You want to raise http server on localhost and literally "redirect all the traffic from another port to that port", what the that port do you mean? It must be not your local port, but external NAT port with already established TCP connection.

[thewh1teagle]

I mean similar to ssh port forwarding (tunneling)

[michurin]

It would be possible, If ssh was able to use UDP as transport. However it don't. This is the reason why I use openvpn to establish TCP connection over UDP transport.

[thewh1teagle]

@michurin
similar to ssh tunnel.
Anyway I'm pretty sure that if you got success to create UDP socket connection between two computers behind NAT, there's some way to use that connection to access web server on the other computer.

[thewh1teagle]

I saw a lot of projects that did that, for instance pwnat
But I'm not sure how he actually used the punched connection to access web server
from the repo of pwnat:
"Finally, both sides are fully communicating over UDP, allowing protocols that run over TCP to tunnel through"

[michurin]

As I understand, the transport is UDP anyway. It works like that:

 _________________host A_______________                        internet               _________________host B_____________
|                                      |                        |     |              |                                    |
[TCP client]--TCP-->[pwnat wraps to UDP]--UDP transport--[NAT-A]--UDP--[NAT-B]--UDP--[pwnat unwraps TCP]--TCP-->[TCP serve]

Moreover, to "establish" UDP connection, pwnat makes tricks with ICMP. All that protocols (UDP, ICMP) are unreachable for browsers.