Is there any place with good documentation about tunneling and spoofing port connections through a firewall to the internal NAT'd network? Say for instance the firewall routes http requests to an internal ip, is there a way you can tunnel say telnet or ssh though port 80 to allow you to connect to the webserver while folling the firewall? Or have I just seen 1 too many hacker movies?

Lets say the firewall is a linux box running iptable rules, and the webserver is also running linux.