Re: Port forwarding and access restriction



On Friday 29 January 2010 12:06:25 Michael Goffioul wrote:
Hi,

When creating a local port forwarding with SSH (using the -L command flag),
is it possible to limit the number of clients that will be able to connect
to the local port?

Let's say I do:

ssh -L 0.0.0.0:36725:localhost:7777 user@hostname

Can I limit the number of accepted clients on port 36725?

Not with ssh, but you can achieve the same result with iptables:

iptables -A INPUT -p tcp --syn --dport 36725 -m connlimit \
--connlimit-above 2 -j REJECT

HTH

Dominique
--
http://config-model.wiki.sourceforge.net/ -o- http://search.cpan.org/~ddumont/
http://www.ohloh.net/accounts/ddumont



Relevant Pages

  • Re: Port forwarding and access restriction
    ... I don't want to restrict access to SSH logins, I want to restrict access to a local port forwarding. ... Do these also apply to the SSH client that is doing port forwarding? ...
    (SSH)
  • Re: Forwarding of SSH and FTP (22 and 21)
    ... ssh session. ... I want to open an ssh session to the FreeBSD SSH server and then use ... When using PUTTY to do a local port forward to Server 2 port 22 to my ... local client it works fine when the local port is 22. ...
    (comp.security.ssh)
  • Re: OS X Passwords versus PKA (Public Key Authetication) - - - Questions
    ... ANY app' should work with SSH and PKA ... If TB2 will connect to and allow connections from a local port, ...
    (comp.sys.mac.system)
  • Re: Forwarding of SSH and FTP (22 and 21)
    ... ssh session. ... I have two servers in a secure network one is FreeBSD running ssh that ... I want to open an ssh session to the FreeBSD SSH server and then use ... When using PUTTY to do a local port forward to Server 2 port 22 to my ...
    (comp.security.ssh)
  • Re: Command-line VNC
    ... installation since you already have OSXvnc. ... Copy the application to your home computer using SSH: ... user or root, forward local port 5900, and launch OSXvnc on ...
    (comp.sys.mac.apps)