LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   SSH clients, Firewalls, Tunneling...Help (https://www.linuxquestions.org/questions/linux-networking-3/ssh-clients-firewalls-tunneling-help-125724/)

mastery0da 12-14-2003 09:28 AM
SSH clients, Firewalls, Tunneling...Help
 
Well I asked a question in an earlier thread and it was hardly touched. So maybe I asked the wrong question.

Warning: The proceeding statements are made by a Newb.

I am running Redhat 9 as a server that shares its internet connection with 2 other computers. I rummaged through the internet and found some postings on how to set up the iptables. I have read the HOWTO on IPTABLES...

In an earlier post, I asked questions about tunneling. Now after a day of messing around I think I can narrow my field of choices to a couple of questions.

My goal is to forward port connections on my server, to another computer connected via SSH. In other words, I am at school....fire up securecrt and conenct to the ssh server on my linux box at home. The way I have it set up is so that it SHOULD forward any connections targeted at a specific port to a another named port on the client computer that is connected via ssh.

The frustrating thing is that I can get the reverse to occur. I can ...
target my localhost port and connect to the server. But not the other way around.

Here are my obervations:

1) I notice this switch when i ssh --help
-g Allow remote hosts to connect to forwarded ports.
But I don't know if the clients I am using to connect to the ssh server
are able to set that or if they do normally. Is there a way to make this
always on? I found out about this here:
lists.imeme.net/archives/imeme-users/2003-November/002950.html
2)I noticed that I only have a few ports open. I do a
nmap -sT -O localhost and even after I am connected via ssh with supposed tunneling enabled, I do not see the ports I specified. So I looked up how to supposedly enable them...and came up with:
iptables -I INPUT -p tcp --dport X -j ACCEPT
Where X is supposed to be the port I want enabled. Now is that all I have to do? Or do I need to save the iptables and restart the network to make that take effect? Because if I do that for say port 27960 and the do a netstat -lap I see this:
tcp 0 0 localhost.localdo:27960 *:* LISTEN 7777/sshd

Anyway, my ultimate questions are:

A) How do I allow the remote hosts to connect to a forwarded port.
B) How do I unconditionally open a port of my choosing so that traffic to it can be forwarded to an ssh client.

Please feel free to point me to GOOD tutorials, documents...something I can follow. And don't be afraid to let me know if I am asking the wrong questions.

Thanks for reading this.


All times are GMT -5. The time now is 12:36 AM.