you'll need a shell account on my box already to do this
there's a suid program named "hijack-gre-over-udp" that will
allow you to point the remote end of a gre over udp tunnel
to wherever it gets a packet from next.
I'm thinking of changing it so that this command runs from
a TCP port, and requires that the next packet it receives is from
the same IP that the TCP connection is made from...
yeah. I'll do that. but not right now I guess.