LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 11-19-2011, 02:13 PM   #1
kreeder
LQ Newbie
 
Registered: Feb 2009
Location: Nashua, NH
Distribution: RedHat 3, 5.3, 5.7
Posts: 16

Rep: Reputation: 0
Port number used by server when using dynamic port forwarding in SSH?


Common practice is to use the Dynamic port forwarding feature of SSH to make a secure connection while browsing the web, i.e.

ssh -D 1234 me@some_server

where "me" is my user login ID and "some_server" is a trusted server somewhere that is running SSHD. If I configure my web-browser to use a socks proxy with the socks host set to "localhost" (or 127.0.0.1) and port set to 1234, I can browse the web and the web servers will think the traffic is to/from server "some-server" rather than my local computer. Not to mention that the connection between my local computer and "some_server" will now be encrypted.

But what port number is the server "some_server" using for communication to/from the other web servers on the internet? I know the connection between my local computer and "some_server" is using port 22 (standard SSH port), but what port is "some_server" using to request/receive internet traffic?

I know typical HTTP servers listen on port 80. And I believe the web-clients use the ephemeral/dynamic ports (ports 49152 to 65535). I'm a little unclear on which ports are used to/from web-server and "some_server."

Any help people could offer to clear this up fro me would be greatly appreciated!

-Keith
 
Old 11-19-2011, 02:26 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,384

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
just about all client connections use ephemeral ports, if that's what you mean. This is something that the operating system handles, so will happen to all tcp/ip connections unless instructed otherwise (e.g. ntp which is on udp/123 on both ends)

Also note the ephemeral port range varies a lot, there is no fixed range.
 
Old 11-21-2011, 06:17 AM   #3
kreeder
LQ Newbie
 
Registered: Feb 2009
Location: Nashua, NH
Distribution: RedHat 3, 5.3, 5.7
Posts: 16

Original Poster
Rep: Reputation: 0
What seems odd to me is that a web-browser running directly on "some_server" is unable to connect to the internet, yet a web-browser running on my local PC configured to use SSH and socks proxy through "some_server" has no problem reaching the internet. I know "some_server" sits behind a firewall and that many ports are blocked, so I'm not surprised that the web-client on "some_server" wouldn't work. But I am surprised that SSH tunneling from my PC to "some_server" does work. I can browse the web from my PC and I've confirmed that the web sees the IP address of "some_server" rather than my local PC.

Is it possible that "some_server" would use port 22 to request/receive internet traffic when my local PC is configured for SSH tunneling?

-Keith
 
Old 11-21-2011, 06:32 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,384

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
from what you've described, it sounds like you must be missing something simple. using a server for socks proxying, the server IS going to the remote site, there's no difference in the network traffic. A TCP/IP connection will use a local ephemeral port and a specific remote port, 80 or 443, whichever way round you try it. A better comparison would probably be to use curl on the proxy machine to grab a site, that should work if the ssh route does.
 
Old 11-21-2011, 02:07 PM   #5
kreeder
LQ Newbie
 
Registered: Feb 2009
Location: Nashua, NH
Distribution: RedHat 3, 5.3, 5.7
Posts: 16

Original Poster
Rep: Reputation: 0
Problem fixed. Turns out that the server's network settings for DNS were configured wrong. I'm guessing the fact that SSH tunneling worked is a red-herring and that DNS lookup using SSH tunneling must be done on the client-side rather than server-side, and that's why the server was still able to properly request/receive internet traffic.

-Keith
 
  


Reply

Tags
http, port, ssh, tcp, tunnel


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
C coding: Hacking ssh: dynamic local port forwarding implementation? Web31337 Programming 2 02-03-2010 06:05 AM
SSH dynamic port forwarding Jeroen1000 Linux - Networking 2 02-02-2010 02:15 AM
ssh port forwarding as a proxy server: how to be aware of the current connections Gozer404 Linux - Security 2 07-15-2009 11:22 AM
SSH dynamic port forwarding -- Firefox does not see such a PROXY geokat Linux - Networking 0 05-01-2005 07:03 AM
Samba, ssh, port forwarding, and dynamic IP mdkelly069 Linux - Networking 0 03-19-2004 10:47 AM


All times are GMT -5. The time now is 02:55 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration