ptunnel is an application that allows you to reliably tunnel TCP connections to a remote host using ICMP echo request and reply packets, commonly known as ping requests and replies. At first glance, this might seem like a rather useless thing to do, but it can actually come in handy in some cases. The following example illustrates the main motivation in creating ptunnel:

Setting: You’re on the go, and stumble across an open wireless network. The network gives you an IP address, but won’t let you send TCP or UDP packets out to the rest of the internet, for instance to check your mail. What to do? By chance, you discover that the network will allow you to ping any computer on the rest of the internet. With ptunnel, you can utilize this feature to check your mail, or do other things that require TCP.



ptunnel -p proxy_address -lp listen_port -da destination_address -dp dest_port [-c network_device] [-v verbosity] [-u] [-x password] [-f file] [-udp] [-syslog]

ptunnel [-c network_device] [-v verbosity] [-u] [-x password] [-f file] [-udp] [-syslog]

ptunnel -h


Client options:

-p proxy_address

Specify the host on which the proxy is running.

-lp listen_port

Specifies the port on which the client will listen for incoming TCP connections.

-da destination_addr

Specifies the address to which you want your packets tunneled, after reaching the proxy.

-dp destination_port

Specifies the port that the proxy should tunnel the TCP connection to.

Shared options:

-c network_device

Specify the network interface to capture packets from. Note that packet capturing isn’t always necessary, but you should try this if you experience problems with ptunnel.

-v verbosity

Controls the verbosity level. -1 is no output, 0 shows errors only, 1 shows info messages, 2 gives more output, 3 provides even more output, level 4 displays debug info and level 5 displays absolutely everything, including the nasty details of sends and receives.


Enables tunneling over UDP port 53 (DNS) instead of using ICMP. This will only work if your proxy can accept incoming traffic on port 53, and the client is able to send data to the proxy on port 53. Note that this option does not wrap ptunnel’s data in DNS-compliant packets. This option must be given on both the proxy and client side for things to work correctly.


Changes logging to use the built-in syslog fascility. (Not available on Windows.)


Attempts to run ptunnel without privileges. This doesn’t usually work!

-x password

Specifies a password or passphrase to use. This will allow you to protect the proxy from use by others who don’t know the password. It needs to be specified on both proxy and client.

-f file

Specifies a log file. If you specify -syslog, syslog is always used instead.


Displays brief usage information.


cyborg@cyborg:~$ sudo ptunnel -p -lp 4444 -da -dp 4444 
[inf]: Starting ptunnel v 0.72.
[inf]: (c) 2004-2011 Daniel Stoedle, <[email protected]>
[inf]: Security features by Sebastien Raveau, <[email protected]>
[inf]: Relaying packets from incoming TCP streams.
[inf]: Incoming connection.
[evt]: No running proxy thread - starting it.
[inf]: Ping proxy is listening in privileged mode.
[inf]: Incoming connection.
[inf]: Session statistics:
[inf]: I/O:   0.00/  0.00 mb ICMP I/O/R:       34/       3/       0 Loss:  0.0%

Leave a reply


We're are building as a community and a team. Be a part of it.


©2018 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?