[Bug 413] New: Port forwarding: [localhost:]localport:remotehost:remoteport

Courtin Bert b.courtin at t-online.net
Thu Oct 17 18:06:08 EST 2002 

Hi,

I would be glad if a feature/enhancement like this would be available. For more than one time it would have saved me lots of time and headache.

E.g. the following scenario:

One a web server with 2 external IP where both VH are listening on Port 80 (and this could not be changed) the requests for one of them should be temporarily routed to another server. With port forwarding for Port 80 this is not possible as PF on port 80 is done for both/all IP on port 80.

This is just one scenario and I think a feature as requested would not only be an enhancement regarding security issues.


Kind regards,

B. Courtin


P.S.: 

As far as I understand PF, port forwarding always is done for/on all local IP, the option "-g" only allows remote hosts to connect to these forwarded ports.

--
     -g   Allows remote  hosts  to  connect  to  local  forwarded
          ports.
--



> -----Original Message-----
> From: bugzilla-daemon at mindrot.org [mailto:bugzilla-daemon at mindrot.org]
> Sent: Friday, October 11, 2002 10:00 AM
> To: openssh-unix-dev at mindrot.org
> Subject: [Bug 413] New: Port forwarding:
> [localhost:]localport:remotehost:remoteport
> 
> 
> http://bugzilla.mindrot.org/show_bug.cgi?id=413
> 
>            Summary: Port forwarding:
>                     [localhost:]localport:remotehost:remoteport
>            Product: Portable OpenSSH
>            Version: older versions
>           Platform: All
>         OS/Version: All
>             Status: NEW
>           Severity: enhancement
>           Priority: P2
>          Component: ssh
>         AssignedTo: openssh-unix-dev at mindrot.org
>         ReportedBy: rafal.mantiuk at bellstream.pl
> 
> 
> At the moment ssh port forwarding can open socket for 
> listenning only on a 
> localhost or all interfaces (-g option). In case of multi-IP 
> servers it would 
> we useful if there was a way to specify exactly what 
> interfaces/IPs ssh 
> forwarding should bind to. The command line could be like:
> 
> ssh -L [localhost:]localport:remotehost:remoteport login at host
> 
> where [] - indicates optional parameter. localhost is the 
> interface to be used 
> for openning a socket (i.e. <localhost> should be passed as a 
> 'node' parameter 
> to getaddrinfo() in channel.c:channel_setup_fwd_listener). 
> The other parameters 
> are the same as in the current ssh implementation.
> 
> For example:
> ssh -N -L 192.168.0.2:139:somehost:139
> could be used to forward Samba packets only on the interface 
> 192.168.0.2. 
> Another interface on the same server - e.g. 192.168.0.1 - 
> could be used to host 
> local samba server.
> 
> 
> 
> ------- You are receiving this mail because: -------
> You are the assignee for the bug, or are watching the assignee.
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>

More information about the openssh-unix-dev mailing list