From owner-freebsd-security Wed Mar 28 21:44: 1 2001 Delivered-To: freebsd-security@freebsd.org Received: from radix.cryptio.net (radix.cryptio.net [199.181.107.213]) by hub.freebsd.org (Postfix) with ESMTP id 267E737B71C for ; Wed, 28 Mar 2001 21:43:59 -0800 (PST) (envelope-from emechler@radix.cryptio.net) Received: (from emechler@localhost) by radix.cryptio.net (8.11.3/8.11.3) id f2T5hlc52542; Wed, 28 Mar 2001 21:43:47 -0800 (PST) (envelope-from emechler) Date: Wed, 28 Mar 2001 21:43:47 -0800 From: Erick Mechler To: Michael Richards Cc: freebsd-security@FreeBSD.ORG Subject: Re: Forwarding of ports via ssh Message-ID: <20010328214347.A52486@techometer.net> References: <3AC2BFBD.000005.00548@frodo.searchcanada.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3AC2BFBD.000005.00548@frodo.searchcanada.ca>; from Michael Richards on Wed, Mar 28, 2001 at 11:53:17PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org You're forwarding 192.168.0.128:80 onto localhost:80, but ssh won't let you do that 'cause the port is in use (probably by a web server you have running on your local machine?). Try changing the local port to something like 2280. --Erick At Wed, Mar 28, 2001 at 11:53:17PM -0500, Michael Richards said this: :: Hi; :: :: I've got an odd situation where a development machine behind our NAT :: firewall has to go into test production with a desktop client. The :: client is stupid and will only connect to a certain IP on port 80. :: :: How can I forward this port through both of our firewalls using ssh? :: Here is what I tried and what I got: :: :: The internal machine is 192.168.0.128 :: the remote machine IP is the one I want port 80 forwarded it is on :: one of our servers and the IP has just been aliased. :: :: bash-2.03# ssh -l root -R 80:192.168.0.128:80 remote.ip.address :: root@xxx.xxx.xxx.xxx's password: :: Received disconnect: bind: Address already in use :: :: I thought this was odd. I tried stopping the web server. No luck. So :: I tried rebooting. No luck. :: :: Is this just something I've overlooked, or is it possible that this :: host has something nasty going on with it? For a time it was :: vulnerable to the bind problem but had no evidence of a breakin, :: nothing that trapdoor found an nothing suspicious with the firewall. :: :: -Michael :: _________________________________________________________________ :: http://fastmail.ca/ - Fast Free Web Email for Canadians To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message