Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My company has an external webserver housed somewhere.
I managed to set up some ssh tunnels to specfic ports. Mysql on port 3306 for example. Running the following command on my linuxbox:
works great. now, everybody in the company can connect to my linuxbox on port 3306 and gets fwded to the webserver in a secure way.
the only problem is that I have to open and close the tunnel by hand, so I made a small config file in /etc/xinetd.d called mysql-tunnel:
============
service mysql
{
disable = no
socket_type = stream
protocol = tcp
wait = yes
user = sshunnel
server = /home/someuser/mysql_tunnel.sh
port = 3306
}
============
and made sure "mysql 3306/tcp" was present in /etc/services.
i put the above mentioned ssh command in a small script called /home/someuser/mysql_tunnel.sh, made it executable and restarted xinetd.
Now, all tunnels are closed. I initiate a connection on port 3306 from another pc to my linuxbox and nothing happens. the connection times out.
BUT:
If I run "ps aux" it tells me that an ssh tunnel is running fine.
I check /var/log/secure and see that xinetd started the mysql-tunnel, but it hasn't got a from address:
Jul 17 10:19:43 mylinuxbox xinetd[5422]: START: mysql pid=5425 from=<no address>
now, if I change the "wait" parameter in /etc/xinet.d/mysql-tunnel from "yes" to "no" xinetd sees the from address:
well yeah, I figured that one out just after I posted.
I added a "-i /private/key/location" to the ssh command.
but that's not it. I kept on searching and came up with the follwing:
If I change the service port of mysql to 3307 and adapt the /etc/xinet.d/mysql-tunnel file accordingly, my sql client still times out upon opening the tunnel (connecting on 3307), but when I start a second sql client (connecting on 3306), it works fine. So the tunnel is there. Apparently, xinet blocks the port on which it receives it's first connection.
So, I tried an IP alias on eth0 and created eth0:1 with a second IP address. e.g. : eth0 = 01.02.03.04 and eth0:1 = 01.02.03.05
xinet is listening on 01.02.03.04:3306 and ssh is creating a tunnel on 01.02.03.05:3306, but that didn't work either, although I'm convinced i'm looking in the right direction ...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
