From owner-freebsd-questions@FreeBSD.ORG Tue Nov 10 18:19:22 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CE5E3106566B for ; Tue, 10 Nov 2009 18:19:22 +0000 (UTC) (envelope-from davidcollins001@gmail.com) Received: from mail-fx0-f227.google.com (mail-fx0-f227.google.com [209.85.220.227]) by mx1.freebsd.org (Postfix) with ESMTP id 5728D8FC20 for ; Tue, 10 Nov 2009 18:19:22 +0000 (UTC) Received: by fxm27 with SMTP id 27so322915fxm.3 for ; Tue, 10 Nov 2009 10:19:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:reply-to:to:subject :message-id:references:in-reply-to:user-agent:mime-version :content-type; bh=cQm9vwUik0m10CVLSL5QQjPHJE65Fca4L5dZPbuvV2I=; b=SIsyI7PXioKDmBH8zynpSOKbVc3k2vGxtdZqRgztfAAjrX+B8nf7aiV7T9yXW0jp/t FZ2T2rfAgCFLhJkEKaHTNIDrkoJTw/3D5jT6gFv58EbRQ4b4M+30exSqzrlq15GP+Wtc sTU12NvvK3s+hmtMZFS6rIVnBICOt851hwmaA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:reply-to:to:subject:message-id:references:in-reply-to :user-agent:mime-version:content-type; b=pSwUzHXYdnO2DvLFWtJGcyGXdWt973moccPiZ7ZuUAV8XuUVkCKJLYLCX4v4SkG5Nd AqmdEpY+gpReNkDRvJ+e8+1fgt90Y94HeWTxVqRTiVDAmvPtsAifcQ9V4Roy41QEgZ2b O6EWbzBcREjIFdheyvadrHpKeiVldxW4HYNNo= Received: by 10.204.156.195 with SMTP id y3mr443117bkw.46.1257877161261; Tue, 10 Nov 2009 10:19:21 -0800 (PST) Received: from icecobra.homeunix.com (host86-155-44-94.range86-155.btcentralplus.com [86.155.44.94]) by mx.google.com with ESMTPS id 19sm1489737fkr.23.2009.11.10.10.19.18 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 10 Nov 2009 10:19:20 -0800 (PST) Date: Tue, 10 Nov 2009 18:19:01 +0000 From: David Collins To: kdk@daleco.biz, freebsd-questions@freebsd.org Message-ID: <4af9ae95.RHunUtG9FYOTtwfD%davidcollins001@gmail.com> References: <4AF85FC9.10103@daleco.biz> In-Reply-To: <4AF85FC9.10103@daleco.biz> User-Agent: Heirloom mailx 12.4pre 6/29/08 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=_4af9ae95.IxGfVXUUHDB0EK50Rpo+FJA8sCYptram0K3B+d3MYZoRb0bR" Cc: Subject: Re: Remote ssh tunnel in background or script? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: davidcollins001@gmail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Nov 2009 18:19:23 -0000 This is a multi-part message in MIME format. --=_4af9ae95.IxGfVXUUHDB0EK50Rpo+FJA8sCYptram0K3B+d3MYZoRb0bR Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline Kevin Kinsey wrote: > Greetings! > > In order to continue to allow them to connect to an outbound > SMTP box on the LAN, I've done this on their server: > > sudo ssh -L thisbox:24:remotebox:52525 me@remotebox I wrote a script to get around my home firewall, it doesn't do exactly as you want but that only requires changing the ssh bit. I call it from cron so it stays alive, if it dies it will re-connect otherwise it just checks a lock file. It may be of use David --=_4af9ae95.IxGfVXUUHDB0EK50Rpo+FJA8sCYptram0K3B+d3MYZoRb0bR Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="revssh" #!/usr/bin/perl ## ## PURPOSE: ## run reverse ssh to work ## ## designed to be run from crontab. creates a lock file so that ## not more than one instance of the process is started ## use strict; use warnings; ## user crontab doesn't have permission in /var for lock file ## or for ports below 1024 my $username='username'; my $hostname="hostname"; my $address=$hostname.".somewhere.com"; my $port=$ARGV[0]; #2022; my $lckfile="/tmp/revssh.${hostname}.pid"; sub start_ssh { ## fork process to start ssh defined( my $pid=fork ) or die "cannot fork process: $!"; ## parent - open lock file with child pid if($pid) { print "Starting process: $pid\n"; open(LOCKFILE,">$lckfile") or die "Cannot create lock file: $!"; print LOCKFILE "${pid}"; close(LOCKFILE); } else { ## child - start ssh process exec("ssh -qnNCX -R ${port}:localhost:22 ". "${username}\@${address}") or die "cannot exec process\n"; } } ## main if(! -e $lckfile) { start_ssh(); } else { ## get running(?) pid from pid file @ARGV = ($lckfile);my $old_pid = ; my $running = kill 0, $old_pid; ## lock file exists - is process still running? if ( $running == 1 ) { die "Process running: $old_pid\n"; } else { ## check lockfile was deleted! if(! unlink $lckfile) { die "Lockfile not deleted\n"; } print "Orphan lock file - Lock file deleted\n\t"; start_ssh(); } } --=_4af9ae95.IxGfVXUUHDB0EK50Rpo+FJA8sCYptram0K3B+d3MYZoRb0bR--