Question about port forwarding ACL



Hello SSH gurus!

I apologize in advance if this question has been answered before, but unfortunately I could not find any good references online. This question is with respect to OpenSSH 4.2p1.

Is it possible to configure access control for forwarded ports? For example, let's say there is a mix of services running on localhost. Some of those services are secure (e.g. check for passwords, etc) and some are not intended to be accessed from outside (maybe they allow unauthorized access to privileged resources). Is it possible to configure ssh daemon so that it can enable forwarding to some ports but not others? For example, allow port forwarding to "localhost, ports 1000-5000", prohibit access to all other ports.

Thank you in advance for any help and/or pointers!

Art



Relevant Pages

  • Re: Forwarding by source IP: Linksys BEFSX41?
    ... I asked here about routers that support forwarding based on the ... but I could set up packet filters for four specific ... > ports, then forward each to the appropriate PC. ... it appears Filters also preempt "Block WAN Requests." ...
    (comp.security.firewalls)
  • Re: Request for help: troubleshooting pcAnywhere with TZO + Linksys
    ... successfully forwarding ports 8000, 8001 and 8080 to my Web server, ... and despite the fact that the router's Port Forwarding configuration ... >>Tried connecting to the pcA host via a pcA remote from another one of ...
    (comp.security.firewalls)
  • SUMMARY: All ports in use, but I dont think they are
    ... Some let me do X forwarding, ... I have restarted ssh several times, ... > timeout on Solaris 9 boxes is 4 minutes, but I see no ports in TIME_WAIT ... My thanks to many many folks on both the sunmanagers and secureshell lists ...
    (SunManagers)
  • SUMMARY: All ports in use, but I dont think they are
    ... Some let me do X forwarding, ... I have restarted ssh several times, ... > timeout on Solaris 9 boxes is 4 minutes, but I see no ports in TIME_WAIT ... My thanks to many many folks on both the sunmanagers and secureshell lists ...
    (SSH)
  • Re: Web Site
    ... Ive got ports 79 to 82 forwarded to the .101 which is the ... >> I am running windows 2000 advanced server. ... >> ftp site. ... I have forwarding enabled for the ports I am ...
    (microsoft.public.windows.server.general)