Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
SDN 101: An Introduction to Software Defined Networking
Discover the advantages of SDN.
SDN has quickly become one of the hottest trends in IT. But not all SDN solutions offer real software-defined functionality. As more enterprises consider SDN, they want to know, “What is SDN? And what are the real benefits?” If you're ready to explore the advantages of SDN, and want to know how it should be implemented within your enterprise, start by reading our introductory white paper.
Click Here to receive this Complete Guide absolutely free.
I'm looking for a way to specify the outbound port my SSH-client will use when connecting to a server.
Using lsof -i on my client machine shows any outbound SSH connections in the 38000-40000 range. I want to narrow it down, so I only have to open one single port in my firewall. Does anyone know how to accomplish this, or point me in the right direction?
Don't narrow down the source port range, that's just not done. SSH is identified as a tcp connection going to port 22. use that as your filter.
what is your motivation for doing this? what other outbound traffic are you concerned about? Note that the source port is never "opened" in the way a destination port is, your traffic coming back from the server will be permitted by stateful connection tracking, not a definition of a specific port number.
Last edited by acid_kewpie; 04-16-2012 at 07:46 AM.
Perhaps my firewall rules are way too strict; right now only a few necessary ports are open (http, smb, ssh, and a few others), the rest is shut tight. What port range should I open? The Dynamic (or Private) ports are in the range 49152–65535, whereas the ports observed are in the Registered Ports range 1024 - 49151 (my client runs on FreeBSD). Which range (if any) does SSH use?
you shouldn't be paying any attention to the range. unless you have an *astonishingly* bad firewall, you don't need to care about the source port ever. Just open port 22 outbound, and it should work. SSH doesn't *use* any ports itself, the network stack just assigns one with very little interest. as it's not interesting. The only time you're realistically likely to want to force a source port is on things like network security testing tools, nmap etc. normal software very rarely cares.
Last edited by acid_kewpie; 04-16-2012 at 08:08 AM.