specifying ip when forwarding?

Mark D. Baushke mdb at juniper.net
Sun Oct 8 06:48:11 EST 2000


Hi xercist,

On Sat, 7 Oct 2000 12:48:12 -0600, xercist <xercist at lammah.com> wrote:
>With openssh, i can use -L x:y:z to forward a local port x to the remote host
>y's port z. If the sshd server has more than one IP, is there a way to specify
>which it binds to when forwarding the connection?
>
>If not, this may be a feature you should consider adding?

Sure, if you want to have a particular IP address used, specify the IP
address for y. It does not have to be the same as the name on the ssh
connection, just bear in mind that host y will be contacted by the sshd on
the remote end of your conneciton.

Example:

If www.somedomain.com has IP addresses 172.1.1.2 and 172.1.2.2 as its
IP addresses and the host gate.somehost.com on 10.1.1.1 can reach
the 172.1.1.2 host, then you should be able to use

  ssh -L 8080:172.1.1.2:80 gate.somehost.com command

to get to port 80 on the 172.1.1.2 interface of the www.somedomain.com
host.

The above command will bind 127.0.0.1:8080 on your local machine
and the sshd running on gate.somehost.com will try to open 172.1.1.2:80
for you as if it were coming from gate.somehost.com.

If you used

  ssh -L 8080:www.somedomain.com:80 gate.somehost.com command

then the sshd on gate.somehost.com will try all of the IP addresses
for www.somedomain.com in turn until it finds one that lets it
accept a connection to port 80. 127.0.0.1:8080 on your local box
is still the port that will be available on your local machine.

If this is not what you want, then you probably need to be more
specific as to what feature you believe needs to be added.

	Enjoy!
	-- Mark





More information about the openssh-unix-dev mailing list