Cliser - Client Server connector


Cliser is a utility that allows one to make regular TCP/IP connections through a firewall which doesn't allow arbitrary TCP/IP connections. Instead, it will use a normal HTML proxy and send its requests through this proxy to a special server on the Internet, which will translate these requests and forward the connections to the desired location. In theory any connection can be established this way, but "cliser" is currently still an alpha product and might not operate as desired. Cliser will also do a rudimentary form of encryption on your data stream, to protect it from being decoded by the proxy.


The current version of the gateway requires an ID to be sent. This is possible by entering "id=(id)" in the cliser.ini file, if you're using version 1.10b or higher.

Available versions

Cliser is currently at version 1.14, though some executables might have an older version. You can tell the version by running the executable, it will appear on the command line. No guarantees are made for these executables, and the copyright is with Mosha (v.o.f.).

Currently there are three binary versions available for download:

It can always be downloaded from the Mosha site. For more information see

If you find that the binaries don't work under a particular operating system, please let me know.


To use cliser, you need to start it from a command prompt window. Without parameters, it will show a usage text:

Usage: cliser <proxy name> <proxy port> <remote site>
              [<remote port> [<local port>]]

Obviously, you will need to know the proxy name and port of the proxy server that you use. These can be obtained from your browser settings. In Internet Explorer, these are usually located under view->options->connection->proxy. In Netscape, these are usually located under edit->advanced->proxy. Use the HTTP settings. In case you're conecting through a NAT firewall, and feel that you might not need proxy settings, you could try using "" and "8080" as the proxy server and the proxy port.

The remote site is the site that you would want to connect your TCP/IP connection to. It could be a talker, MUD, SMTP, POP3, IMAP, HTTP or any TCP speaking process. The remote port is the port of this process, and is optional: without the port, 23 (telnet) will be assumed.

The local port is the port on the local machine that you wish cliser to bind to. By default this is port 5317. This is the port you need to connect to once cliser is running. Note that many operating systems will prevent you from using ports below 1024, or even 2048, as these are usually system ports. But if your system allows it, you can change the port number to 110, and connect to a POP3 server, to read your mail through a firewall.

After cliser is running, you can connect to it using any TCP client you might have available locally. You can connect both from localhost, but even from other machines on your side of the firewall, by using your own IP address.


  1. cliser requires the telnet2HTTP server to be running on, and that this server is reacheable through your firewall. You can check whether this works for your connection by using the regular telnet interface.
  2. certain TCP/IP connections (especially ones that send data character-by-character) might cause a large amount of requests being sent to the proxy server. Apart from the load this might cause, it might also result in a significant amount of log messages generated by this proxy.
  3. In case of a process that keeps sending messages: there is no guarantee that the proxy will send these in the same order. cliser will currently not keep track of this order either, therefore such processes might have problems with their connection.
  4. In case of a process that sends large messages (like SMTP): some proxies have a limited URL size. If this is the case, you might want to reduce the blocksize to a lower value. See an explanation of the cliser.ini file on how to do this.
  5. SMTP (port 25) will receive their connections from the telnet2HTTP server. Usually these SMTP servers will check the origin to avoid spam. So it might be impossible to send mail from your regular SMTP server. To ensure delivery, it is recommended you connect to the SMTP sever of your mail's destination.
  6. ftp (port 21) also uses UDP on port 22 for the actual file transfer. It is therefore possible to browse using cliser, but it is NOT possible to actually transfer files. Usually, however, a proxy has their ftp port open, so you could just use the proxy for this purpose.
  7. If your proxy uses authorization, from version 1.08b on you can enter your password and username in the cliser.ini file. Please give me feedback on this functionality if you use it.


It is possible to create a cliser.ini file, with some configuration options. The format of this file is a line based definition of variables, separated by equal signs (=). Currently the following variables are supported: An example cliser.ini file is available at the download page.


(The sites mentioned in this example are hypothetical, and should be replaced by the names that you wish to use).

If you are behind a firewall with proxy "" at port 8080, but would like to connect to "" at port 4040, you would run cliser as follows:

cliser 8080 4040

This will open port 5317 on the localhost, and will allow you to, for example, do:

telnet localhost 5317

Which will seem as if you were doing a telnet to 4040.

In case cliser is running on machine and you are currently working on, you could still use cliser, by doing:

telnet 5317

As long as both machines are on the same side of the firewall, and the allow value (version 1.09b and higher) in the cliser.ini file isn't set to restrict this.

If you would like to read mail from "", which would usually be at port 110, you could run cliser as follows:

cliser 8080 110 110

This will open port 110 on the localhost, and will allow you to configure your mail to access the POP3 protocol at localhost rather than, which might normally be unreacheable due to the firewall. As said before, opening local port 110 might fail because of operating system restrictions. If this is the case, you'll need to choose a different port, and try to reconfigure your mail reader to use this other port.