Home / server / Questions / 23929
Accepted
duganets
Asked: 2009-06-12 00:21:28 +0800 CST

Forward traffic between hosts

  • 772

Please suggest the easiest way to forward all connections from host:port(external interface) to host2:port(external interface)

When i use

ssh -L local_port:remote_host:remote_port -N -l user remote_host

main problem is that local_port must support connection also on external interface to allow connections not only from localhost on that machine

Thanks in advice

port freebsd port-forwarding tunneling

4 Answers

  1. Best Answer

    I'd go with either of these routes:

    • Use a bridge, this is only possible if you do not need access to the host on any of the 2 interfaces involved
    • Use ipf to install the corresponding firewall routes
    • ssh -L 0.0.0.0:localport:remote_host:remote_port -N -l user remote_host this way ssh will bind to all interfaces not only to the local which is only a default
    • 1

  2. You did not explain what are you going to use port forwarding for. So, I'd venture to propose, additionally to using -L flag, setting up a SOCKS proxy for applications that support it (for example Firefox):

    ssh -D *:9999 user@remote_host

    Common use is to configure Firefox to use this SOCKS proxy, with network.proxy.socks_remote_dns turned on, to tunnel your HTTP session through other host.

    • 0

  3. You're missing the -g flag. Add that and remote hosts can use the tunnel too.

    • 0

  4. If you are using freebsd then best way is to use firewall:

    kldload pf
echo "rdr on INT proto tcp from any to any port PORT1 -> IP2 port PORT2" > /etc/pf.conf
pfctl -f /etc/pf.conf
pfctl -e

    INT - interface name (i.e. rl0)

    this command will forward from INT:PORT1 to IP2:PORT2

    It's fastest and most customizable method of forwarding ports but it's BSD-only

    Check PF FAQ for more

    • 0