Port Redirection

I had a need to access remote UDP ports that were not open through my VPN connection. I thought no problem I will just configure my ssh connection to tunnel those ports! I quickly found that traditional SSH port forwarding does not support UDP. So I had to find a work around.

In order to tunnel UDP requests through SSH you need to find unused TCP ports on your local and remote machines and configure them to forward requests to the UDP ports that you need to access. This can be accomplished using socat or nc on *NIX machines.

Found a neat utility to ease the process of network port forwarding in Windows.

http://www.quantumg.net/portforward.php

Utility to track statistics from multiple Windows Servers

Logman creates and manages Event Trace Session and Performance logs and supports many functions of Performance Monitor from the command line.


C:\Users\dsides>logman -?


Microsoft r Logman.exe (6.1.7600.16385)


Usage:
  logman [create|query|start|stop|delete|update|import|export] [options]


Verbs:
  create                        Create a new data collector.
  query                         Query data collector properties. If no name is given all data collectors are listed.
  start                         Start an existing data collector and set the begin time to manual.
  stop                          Stop an existing data collector and set the end time to manual.
  delete                        Delete an existing data collector.
  update                        Update an existing data collector's properties.
  import                        Import a data collector set from an XML file.
  export                        Export a data collector set to an XML file.


Adverbs:
  counter                       Create a counter data collector.
  trace                         Create a trace data collector.
  alert                         Create an alert data collector.
  cfg                           Create a configuration data collector.
  providers                     Show registered providers.


Options (counter):
  -c        Performance counters to collect.
  -cf                File listing performance counters to collect, one per line.
  -f  Specifies the log format for the data collector. For SQL database format, you must
                                use the -o option in the command line with the DNS!log option. The defaults is binary.
  -sc                   Maximum number of samples to collect with a performance counter data collector.
  -si <[[hh:]mm:]ss>            Sample interval for performance counter data collectors.


Options (trace):
  -f  Specifies the log format for the data collector. For SQL database format, you must
                                use the -o option in the command line with the DNS!log option. The defaults is binary.
  -mode            Event Trace Session logger mode. For more information visit -
                                http://go.microsoft.com/fwlink/?LinkID=136464
  -ct       Specifies the clock resolution to use when logging the time stamp for each event.
                                You can use query performance counter, system time, or CPU cycle.
  -ln             Logger name for Event Trace Sessions.
  -ft <[[hh:]mm:]ss>            Event Trace Session flush timer.
  -[-]p A single Event Trace provider to enable. The terms 'Flags' and 'Keywords' are
                                synonymous in this context.
  -pf                File listing multiple Event Trace providers to enable.
  -[-]rt                        Run the Event Trace Session in real-time mode.
  -[-]ul                        Run the Event Trace Session in user mode.
  -bs                   Event Trace Session buffer size in kb.
  -nb                 Number of Event Trace Session buffers.


Options (alert):
  -[-]el                        Enable/Disable event log reporting.
  -th Specify counters and their threshold values for and alert.
  -[-]rdcs               Data collector set to start when alert fires.
  -[-]tn                 Task to run when alert fires.
  -[-]targ           Task arguments.
  -si <[[hh:]mm:]ss>            Sample interval for performance counter data collectors.


Options (cfg):
  -[-]ni                        Enable/Disable network interface query.
  -reg      Registry values to collect.
  -mgt    WMI objects to collect.
  -ftc      Full path to the files to collect.


Options:
  -?                            Displays context sensitive help.
  -s                 Perform the command on specified remote system.
  -config            Settings file containing command options.
  [-n]                   Name of the target object.
  -pid                    Process identifier.
  -xml               Name of the XML file to import or export.
  -as                           Perform the requested operation asynchronously.
  -[-]u       User to Run As. Entering a * for the password produces a prompt for the password.
                                The password is not displayed when you type it at the password prompt.
  -m <[start] [stop]>           Change to manual start or stop instead of a scheduled begin or end time.
  -rf <[[hh:]mm:]ss>            Run the data collector for the specified period of time.
  -b  Begin the data collector at specified time.
  -e  End the data collector at specified time.
  -o             Path of the output log file or the DSN and log set name in a SQL database. The
                                default path is '%systemdrive%\PerfLogs\Admin'.
  -[-]r                         Repeat the data collector daily at the specified begin and end times.
  -[-]a                         Append to an existing log file.
  -[-]ow                        Overwrite an existing log file.
  -[-]v       Attach file versioning information to the end of the log name.
  -[-]rc                 Run the command specified each time the log is closed.
  -[-]max               Maximum log file size in MB or number of records for SQL logs.
  -[-]cnf <[[hh:]mm:]ss>        Create a new file when the specified time has elapsed or when the max size is
                                exceeded.
  -y                            Answer yes to all questions without prompting.
  -fd                           Flushes all the active buffers of an existing Event Trace Session to disk.
  -ets                          Send commands to Event Trace Sessions directly without saving or scheduling.


Note:
  Where [-] is listed, an extra - negates the option.
  For example --u turns off the -u option.


More Information:
  Microsoft TechNet - http://go.microsoft.com/fwlink/?LinkID=136332


Examples:
  logman start perf_log
  logman update perf_log -si 10 -f csv -v mmddhhmm
  logman create counter perf_log -c "\Processor(_Total)\% Processor Time"
  logman create counter perf_log -c "\Processor(_Total)\% Processor Time" -max 10 -rf 01:00
  logman create trace trace_log -nb 16 256 -bs 64 -o c:\logfile
  logman create alert new_alert -th "\Processor(_Total)\% Processor Time>50"
  logman create cfg cfg_log -reg "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\\"
  logman create cfg cfg_log -mgt "root\cimv2:SELECT * FROM Win32_OperatingSystem"
  logman query providers
  logman query providers Microsoft-Windows-Diagnostics-Networking
  logman start process_trace -p Microsoft-Windows-Kernel-Process 0x10 win:Informational -ets
  logman start usermode_trace -p "Service Control Manager Trace" -ul -ets
  logman query usermode_trace -p "Service Control Manager Trace" -ul -ets
  logman stop usermode_trace -p "Service Control Manager Trace" -ul -ets
  logman start process_trace -p Microsoft-Windows-Kernel-Process -mode newfile -max 1 -o output%d.etl -ets
  logman start "NT Kernel Logger" -o log.etl -ets
  logman start "NT Kernel Logger" -p "Windows Kernel Trace" (process,thread) -ets