LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 03-04-2010, 02:38 AM   #1
ahmad.zuhd
LQ Newbie
 
Registered: Mar 2010
Posts: 9

Rep: Reputation: 0
Exclamation Problem with OpenSSH Remote Port Forwarding with Bind_address


As in the ssh(1) man page:

Quote:
-R [bind_address:]port:host:hostport
.......By default, the listening socket on the server will be bound to the loopback interface only. This may be overridden by specifying a bind_address. An empty bind_address, or the address `*', indicates that the remote socket should listen on all interfaces. Specifying a remote bind_address will only succeed if the server's GatewayPorts option is enabled (see sshd_config(5)).
i have 3 servers with the following ips:
testsrv1
eth0 192.168.88.134
testsrv2
eth0 192.168.88.132
eth0:0 192.168.88.139
testsrv3
eth0 192.168.88.136

basically, i've tried the

Code:
[root@testsrv1 ~]# ssh -R 4444:testsrv3:22 root@testsrv2

the Gatewayports on the server side is no, so the listening port on testserv2 is

Code:
[root@testsrv2 ~]# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:745                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN
tcp        0      127.0.0.1:4444                0.0.0.0:*                   LISTEN
tcp        0      0 192.168.88.132:22           192.168.88.1:14268          ESTABLISHED
tcp        0      0 192.168.88.132:22           192.168.88.134:52124        ESTABLISHED
tcp        0      0 :::111                      :::*                        LISTEN
When turning the Gatewayports on the server side, and binding the connection to the ip 192.168.88.139, it gave me the following:

Code:
[root@testsrv1 ~]# ssh -o "GatewayPorts no" -R 192.168.88.139:4444:testsrv3:22 root@testsrv2
Password:
Last login: Tue Feb 16 13:50:14 2010 from 192.168.88.134
[root@testsrv2 ~]# netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:745                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:4444                0.0.0.0:*                   LISTEN
tcp        0      0 192.168.88.132:22           192.168.88.134:50635        ESTABLISHED
tcp        0      0 192.168.88.132:22           192.168.88.1:14268          ESTABLISHED
tcp        0      0 :::111                      :::*                        LISTEN
[root@testsrv2 ~]#
from the netstat, we can note that the connection is bind to all addresses on all interfaces. also note that when the Gatewayports on the server is enabled, whatever the client Gatewayports value, it will listen to the 0.0.0.0:4444 address and that also contradicts with what has been stated in the man page

is this a bug or is it a normal behavior?
 
Old 03-07-2010, 02:01 AM   #2
ahmad.zuhd
LQ Newbie
 
Registered: Mar 2010
Posts: 9

Original Poster
Rep: Reputation: 0
Any answer guys? if clarification is required please let me know
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Shorewall: port forwarding problem, port is closed even after forwarding Synt4x_3rr0r Linux - Networking 2 12-13-2009 04:36 PM
Restrict openssh REMOTE port-forward adrya Linux - Security 1 08-16-2009 02:28 AM
Problem port forwarding OpenSSH on Linksys WRT54G cloggshells Linux - Server 3 03-28-2009 09:01 AM
Limting openssh port forwarding per user onaias Linux - Security 4 01-10-2004 05:56 AM
openssh and port forwarding rm103 Linux - Security 2 07-08-2003 12:18 AM


All times are GMT -5. The time now is 09:38 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration