Wednesday, January 12, 2011

Tunneling XBox network traffic

My internet access from home is only via a web proxy and a tcp-only socks 5 server. (Long story don't ask). I recently got an xbox and would like to access xbox-live. but I need to route the ip traffic. So I need to be able to route tcp and udp packets via some sort of tunnel.

I can setup a linux firewall on my end, and I have a solaris machine available to me on the internet and I can ssh between them. Can anybody suggest some resources that I might find useful in setting this up.

I am aware the ping times are likely to be atrocious. I'm interested as much from an intellectual point of view and to allow downloads of updates as I am from multiplayer gaming.

Thanks

  • What you essentially want is for your linux firewall to act as a vpn client to your solaris machine on the internet. Then your xbox becomes part of the vpn network and can reach the internet via the vpn.

    From pjz
  • That sounds tough. Never having used an XBox, here is a random shot in the dark. It would take a bit of work though.

    1. Learn what host the XBox needs to connect to. Hopefully it's just one host, like live.xbox.com or whatever—or even one host per port. That is, if the XBox makes a connection, you already know the host it should go even without looking at the destination IP.
    2. You need to make the XBox connect to your router for all outgoing connections, either by:
      1. Using the iptables REDIRECT target, or perhaps
      2. Set up a custom BIND server that maps all IP addresses to your dedicated proxy, and obviously only have the XBox use that server for DNS
    3. In any case, write a simple proxy (socat in a loop would probably work well) which does the following:
      1. Wait for a connection from the XBox
      2. When it arrives, determine the intended final host—either known from the port number, or else always hard-coded to live.xbox.com or whatever. Bonus points for using the BIND solution above and parsing the recent query logs to determine the actual hostname that the XBox looked up!
      3. Using the SOCKS5 proxy, make that outgoing connection and then just pass the data back and forth between the remote host and the XBox.

    The advantage of this solution over the OpenVPN one is that your ping times won't suffer at all, since the XBox is more or less connecting straight to the intended server (the proxying is on your LAN and is negligible).

    From jhs
  • Another idea is to install OpenVPN on your remote Solaris system.

    Next, if you have your own Linux router you can modify that, or else set up a dedicated box to become the XBox's router, routing everything out through the VPN tunnel. (I believe OpenVPN can go through a SOCKS5 proxy no sweat.) So if you pulled it off, your XBox would look like it were installed in a data center. Cool, huh?

    From jhs

0 comments:

Post a Comment