Re: Port Forwarding - Firewall Traversal
- From: Pierre Neyron <pierre.neyron@xxxxxxx>
- Date: Thu, 08 Jun 2006 10:37:00 +0200
The problem I personally noticed is dumb and obvious ;)
If your HTTP content contains not relative URLs, say index.html contains
something like <a href="http://server_hostname/foo">bar</a> instead of
<a href="/foo">bar</a>, then the http://localhost:fwdport/... will be
forgotten on the way... Such a bad HTML code not being yours maybe, you
may not be able to change it (proprietary web interfaces, aso)...
I agree that adding to your workstation /etc/hosts file the server
hostname in front of 127.0.0.1 may be the hack for this, but that's
going ugly and uglier and needs root privileges...
I agree also that saying HTTP is not port forwarding friendly is to
much, I should have said instead: bad HTML is not port forwarding friendly !
However, there is no such a problem using OpenSSH socks proxy feature
(-D port), but the option may not be allowed server side in Henry's case
(a Solaris system).
By the way, SunOS 5.10 ships with a Sun_SSH_1.1 which seems to actually
be OpenSSH looking at the usage and man (see Authors)... Is it ?
Scott Baker wrote:
I don't know about THIS situation as I don't know Oracle but port
forwarding HTTP (port 80 or even 443) is TOTALLY ssh port forwarding
friendly. The ONLY problems you might have are DNS, where the server
expects the request to say "www.foo.com" instead of "localhost" but
even that can be hacked with an edit in your hosts file.
I've port forwarded port 80 lots of times with SSH with no problems.
- Prev by Date: Re: Port Forwarding - Firewall Traversal
- Next by Date: RE: AllowGroups (SSHD) not working with kerberos or winbind
- Previous by thread: Re: Port Forwarding - Firewall Traversal
- Next by thread: RE: Port Forwarding - Firewall Traversal