SSH clients, Firewalls, Tunneling...Help
Well I asked a question in an earlier thread and it was hardly touched. So maybe I asked the wrong question.
Warning: The proceeding statements are made by a Newb. I am running Redhat 9 as a server that shares its internet connection with 2 other computers. I rummaged through the internet and found some postings on how to set up the iptables. I have read the HOWTO on IPTABLES... In an earlier post, I asked questions about tunneling. Now after a day of messing around I think I can narrow my field of choices to a couple of questions. My goal is to forward port connections on my server, to another computer connected via SSH. In other words, I am at school....fire up securecrt and conenct to the ssh server on my linux box at home. The way I have it set up is so that it SHOULD forward any connections targeted at a specific port to a another named port on the client computer that is connected via ssh. The frustrating thing is that I can get the reverse to occur. I can ... target my localhost port and connect to the server. But not the other way around. Here are my obervations: 1) I notice this switch when i ssh --help -g Allow remote hosts to connect to forwarded ports. But I don't know if the clients I am using to connect to the ssh server are able to set that or if they do normally. Is there a way to make this always on? I found out about this here: lists.imeme.net/archives/imeme-users/2003-November/002950.html 2)I noticed that I only have a few ports open. I do a nmap -sT -O localhost and even after I am connected via ssh with supposed tunneling enabled, I do not see the ports I specified. So I looked up how to supposedly enable them...and came up with: iptables -I INPUT -p tcp --dport X -j ACCEPT Where X is supposed to be the port I want enabled. Now is that all I have to do? Or do I need to save the iptables and restart the network to make that take effect? Because if I do that for say port 27960 and the do a netstat -lap I see this: tcp 0 0 localhost.localdo:27960 *:* LISTEN 7777/sshd Anyway, my ultimate questions are: A) How do I allow the remote hosts to connect to a forwarded port. B) How do I unconditionally open a port of my choosing so that traffic to it can be forwarded to an ssh client. Please feel free to point me to GOOD tutorials, documents...something I can follow. And don't be afraid to let me know if I am asking the wrong questions. Thanks for reading this. |
All times are GMT -5. The time now is 12:36 AM. |