Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
05-26-2005, 08:54 PM
|
#1
|
LQ Newbie
Registered: May 2005
Posts: 2
Rep:
|
SSH reverse tunnel (lo only? why not eth0)(how to forward tcp port from eth0 to lo)
Well,
I have setup a reverse tunnel in ssh to allow connections to remotedesktop on Machine A. Machine A will ssh into the server (Server B) the tunnel is setup properly, Server B forwards traffic on TCP port 3389 to Machine A on TCP port 3389, However ssh only listens on the loopback interface netstat -l shows it listening on localhost:3389; I want to be able to connect to Server B from annother machine Machine C. Machine C can talk to Server B via Server B's eth0. but since the ssh tunnel is only on lo i can't reach it without setting up a forward ssh tunnel from Machine C(tcp 3389) to Server B(localhost tcp 3389). I need help setting up either a ssh tunnel from Machine A to Server B(on Server B's eth0). OR i would like to setup Server B to forward traffic from its lo (tcp port 3389) to Server B's lo (tcp port 3389). I tried to setup the eth0 to lo forward using iptables but it doesn't seem to work. Any help that you can offer would be appreciated (i have search the internet for several hours for a solution but none arised).
Thanks
Dinomight, feel free to im me with aim (my nick is Darkmadda).
Last edited by Dinomight; 05-27-2005 at 11:40 PM.
|
|
|
05-29-2005, 06:32 PM
|
#2
|
Member
Registered: Jun 2002
Location: NY
Distribution: Gentoo,RH
Posts: 333
Rep:
|
Yes, it's advanced but not *that* complicated.
First off, what you see is what a tunnel does -- a port (3389 in your case) on your local machine is the entrance to the tunnel that ends at another port on your machine A. You appear to confuse the local interface "lo" (as opposed to, say, eth0) with the localhost: designation. Has nothing to do with the local interface etc. It's just a port on your local machine.
Whatever you manage to funnel into B's 3389 port will show up at A's end of that tunnel. Now it doesn't quite become clear what service you have connected there. I'll use VNC in the example below.
I tunnel my "A" machine's port 5900 (VNC) to B on 3389 (to stick to your port numbers). Now there's a tunnel waiting and listening there. On "A", a windows machine where a VNC server is running, I did
Machine A> ssh -R 3389:localhost:5900 192.168.1.101 (.101 is what we call "B")
Now, on a third "C" machine I log in to the same "B" machine by
Machine C> ssh -L 5901:localhost:3389 192.168.1.101
This now connects the two tunnels, and A's vnc server shows up as C's local :1 display (port 5901) --
Machine C> vncserver localhost:1
will connect through all the tunnels to A's VNC server.
So I guess the short answer is, on machine C do
ssh -L <somelocalport>:localhost:3389 ip_of_B
and you arrive on machine A.
All clear? I hope it helps,
mlp
|
|
|
05-29-2005, 07:09 PM
|
#3
|
LQ Newbie
Registered: May 2005
Posts: 2
Original Poster
Rep:
|
Cool but.....
Thanks for you suggestion,
I actually have been doing just that however I want to be able to connect from machine C to server B without the user needing to ssh into Server B(setting up a forward tunnel.) The users who will be connecting to machine A are a little stupid and I don't want them to have to ssh into server B. I just want them to remote desktop to Server B. basically i want a reverse tunnel from A to B and have the tunnel open on eth0 rather than l0. If i can't do that with ssh i would want to tunnel from A to B with the tunnel on lo and then setup a static route/port forward from eth0 -> l0 (port 3389 only). This would allow C to remotedesktop to B which would tunnel it to C. I hope it helps clairfy that.
-Dinomight
|
|
|
08-17-2006, 09:44 PM
|
#4
|
LQ Newbie
Registered: Aug 2006
Posts: 1
Rep:
|
Resolution?
Hey, I'm trying to do a very similiar thing. I have a machine behind a NAT using ssh ReverseForward to an external machine. I now want connections hitting the external machine to be able to follow the tunnel to the machine behind the NAT.
Machine A calls Machine B and opens a tunnel, B:2222 -> A:22
I want:
Machine C to connect to Machine B (I don't care the port) where the traffic is sent to A:22
So maybe Machine C connects to B:2222 which tunnels all the traffic to A:22
Or maybe Machine C connects to B:2223 which redirects to B:2222 which is tunneled to A:22
Ideas, thoughts? Any help is appreciated.
Thanks,
~Jason
|
|
|
All times are GMT -5. The time now is 11:52 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|