Monday, March 30, 2009

Accessing GIT repository on internet behind firewall.

Accessing GIT repository on internet behind firewall.


1. What is tunneling?

Tunneling is the mechanism of sending any kind of bi-directional request (ssh,ping..) to internet, within available http connection.

Example: In case if we want to access a server in internet over SSH, by default it is not possible since all the any requests going to that port will be blocked by firewall.


More details: http://en.wikipedia.org/wiki/Http_tunnel

http://www.ibm.com/developerworks/linux/library/l-10sysadtips/


2. What are tunneling software’s available?

In one word “many”. All does the same thing!


3. What we have choosen?

Corkscrew is simple tunneling software. It has to be installed on ubuntu boxes.


On Ubuntu, sudo apt-get install corkscrew.


More details: http://209.85.229.132/search?q=cache:ok0rYK9kOKsJ:wiki.kartbuilding.net/index.php/Corkscrew_-_ssh_over_https+&cd=2&hl=en&ct=clnk


4. What parameters have to be passed to corkscrew?

Proxy user name,

Proxy password.

Proxy server port (8080, in our case)

Destination host’s name or IP.

Destination service’s port (GIT, SMTP,SSH…)

Example:

corkscrew 10.199.8.61 8080 android.git.kernel.org 9418 ~/bin/.myauth

Where,

10.199.8.61 -> Proxy server’s IP.

8080 -> Proxy server’s port.

android.git.kernel.org -> Destination hostname

9418 -> Destination service’s port. Here in this case GIT.

~/bin/.myauth -> contains proxy server username and password in the form username:password.

PS: In case our proxy doesn’t resolve IP’s of machine in internet, we have to use IP address of them. Not hostnames.


5. How to find the IP address of machine in internet?

http://www.kloth.net/services/nslookup.php


6. Now finally, how we use this to clone(get) GIT repo’s in internet?


Git has the environment variable “GIT_PROXY_COMMAD”. This variable can be used to set the proxy command for each repository.


Example:

a.


prompt> git clone git://git.denx.de/u-boot-arm.git

Initialized empty Git repository in /vobstore1/tmp/u-boot-arm/.git/

fatal: Unable to look up git.denx.de (port 9418) (Name or service not known)

b.


Find the IP of git.denx.de and define the command with corkscrew.

A shell script (for tcsh) is created as below,

prompt> more /home1/git/bin/.git.uboot.org

#!/bin/sh

exec corkscrew 10.199.8.61 8080 85.214.87.163 9418 ~/bin/.myauth


c. set the GIT variable.

setenv GIT_PROXY_COMMAND /home1/git/bin/.git.uboot.org


d. prompt> git clone git://git.denx.de/u-boot-arm.git

Initialized empty Git repository in /vobstore1/tmp/u-boot-arm/.git/

remote: Counting objects: 88784, done.

remote: Compressing objects: 44% (10474/23804)

.