Rsync over HTTP
dwolfe at gforcetech.com
Thu Dec 4 16:19:17 EST 2003
> > If you have to use Rsync over multiple networks you need to
> > get past firewalls. Very few firewalls allow anything beyond
> > HTTP port 80. Has anyone researched tunneling Rsync
> > through HTTP and is there any documentation available.
> That's not "rsync over http", that's "rsync on port 80."
Not if you're trying to rsync to an outside machine from within a
corporate intranet that only allows access to the Internet via an HTTP
proxy. This requires tunneling, since you need to fool the proxy into
thinking you're accessing a plain old web page.
I haven't tried it with rsync, but I use httptunnel
(http://www.nocrew.org/software/httptunnel.html) to create a tunneled
connection (ssh-over-http) to an external CVS server from inside my
company's firewall. It's a little involved... it requires that you run
the 'htc' program on the machine inside the firewall, and run the 'hts'
program on a cooperating machine outside the firewall to de-encapsulate
and forward the connection to the 'real' server. (This can be any *NIX
or Windows machine with a full-time internet connection.)
On the client (firewalled) machine, the command would look something
htc -F 22 --proxy=proxy.yourcompany.com:8080 -A user:passwd \
This says to take any incoming data stream to port 22 on localhost,
encapsulate it as an http request to yourhomepc.dyndns.org (you can use
an IP address here instead), using proxy.yourcompany.com as the
proxy, and authenticating with 'user' and 'passwd'.
On the external machine, you have to do:
hts -F therealserver.com:22 80
which says to take the tunneled stream on port 80, remove the 'http
envelope', and forward it to therealserver.com's SSH port.
Then, back on the firewalled machine, you can just 'pretend' to rsync
to localhost, with something like, e.g.:
rsync -auvzP Foo localhost:/home/username
Phew! It's kind of a lot of work, but it's *very* doable if you have a
real need and some patience...
More information about the rsync