LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Problem with SSH local port forwarding (https://www.linuxquestions.org/questions/linux-security-4/problem-with-ssh-local-port-forwarding-571545/)

suhas! 07-23-2007 04:14 AM
Problem with SSH local port forwarding
 
I want to forward the port 1812 running on server1 to server2. So I issue following command from server2

[root@server2 ~]# ssh -g -L 1812:server1:1812 server1
root@server1's password:
bind: Address already in use
Last login: Mon Jul 23 14:35:19 2007 from server2
[root@server1 ~]#

when I use above command without using -g option then it works fine. But I want the forwarded port to be used by other clients as well.

I have made sure that there is no service running on Server2 on port no. 1812. I have tried with many other ports as well.


Can anybody suggest me what to do to enable other clients to use forwarded port.

mallux 07-24-2007 04:52 AM
Hi suhas! I can reproduce this on my system; and the output from strace indicates that ssh is attempting to bind to both IPv6 and IPv4 addresses:
Code:
$ strace -f -- ssh -g -L 12345:localhost:80 server2
...
socket(PF_INET6, SOCK_STREAM, IPPROTO_TCP) = 4
setsockopt(4, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
bind(4, {sa_family=AF_INET6, sin6_port=htons(12345), inet_pton(AF_INET6, "::", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, 28) = 0
listen(4, 128)                          = 0
...
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 5
setsockopt(5, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
bind(5, {sa_family=AF_INET, sin_port=htons(12345), sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EADDRINUSE (Address already in use)
write(2, "bind: Address already in use\r\n", 30bind: Address already in use
) = 30
close(5)                                = 0
...
If you tell it to use IPv4 only then you don't get the error message, so for your example:
[root@server2 ~]# ssh -4 -g -L 1812:server2:1812 server1

suhas! 07-25-2007 03:34 AM
Oh Yess!!!!! It really worked man!!! Now every thing is working fine.....


I would like to know that which command's output have you posted above.. which helped you to figure out the problem?


Once again, Thanks a lot Mallux.... This is a great forum!!!!!!

mallux 07-25-2007 10:06 AM
Quote:
Originally Posted by suhas!
I would like to know that which command's output have you posted above.. which helped you to figure out the problem?
Yes it's actually at the top of the code section I posted: strace is the program - it might not be installed by default on your system but most distributions include it. It basically shows every system call that a process makes; you don't need to recompile anything and you can even attach to processes that are already running. Check out "man strace" for more info.

Quote:
Originally Posted by suhas!
Once again, Thanks a lot Mallux.... This is a great forum!!!!!!
Glad to be of service. Please call again. :)


All times are GMT -5. The time now is 09:04 AM.