Re: ssh tunnel to port forwarded over localhost

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

[reply-to ignored, posted to the list where I read the OP]

On Wednesday 14 October 2009 06:11:05 Tito wrote:
> First, I would like to say that I have searched really long time
> through historical list archive of netfilter and other forums but
> I was not able to find the functionality I was searching for!

Was any of your searching done in man pages? Specifically
ssh_config(5):

    GatewayPorts
             Specifies whether remote hosts are allowed to connect
             to local forwarded ports.  By default, ssh(1) binds
             local port forwardings to the loopback address.  This
             prevents other remote hosts from connecting to
             forwarded ports.  GatewayPorts can be used to specify
             that ssh should bind local port forwardings to the
             wildcard address, thus allowing remote hosts to
             connect to forwarded ports.  The argument must be
             ``yes'' or ``no''.  The default is ``no''.


> I have found only this “port forwarding through localhost ”
>
> http://marc.info/?t=116984915600001&r=1&w=2 but it is not exactly that!
>
> Here is the situation:
>
> Host A (Germany - my home laptop – Windows XP)
> Router (Bulgaria - public ip ) – Linux openSuse 11.1 Xen Linux
> clients-pools 2.6.27.29-0.1-xen #1 SMP 2009-08-15 17:53:59 +0200 x86_64
> x86_64 x86_64 GNU/Linux
> Host B (192.168.1.10  which is a Xen virtual host installed on a Router
>   itself - Windows XP )Host B can ping any public ip address and can
> reslov dns names.
>
> The Router  have 2 open port:
>   55431  openSSH
>   54322 forwarded to HostB - 192.168.1.10 to port 3389 for remote desktop!
>
> Now, the port forwarding is working just great, I can reach  the remote
> desktop of Host B from Host A, but I want to close that port and let
> everything be forwarded over a ssh tunnel. I have done this for squid
snip

(I had started this reply 3 weeks ago, it was forgotten, but here it
is now, in the hope that it might be useful.)
-- 
    Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux