help with local forward of HTTP traffic

From: Eric D. Friedman (eric@hfriedman.rdsl.lmi.net)
Date: 05/17/02


From: eric@hfriedman.rdsl.lmi.net (Eric D. Friedman)
Date: Fri, 17 May 2002 18:30:03 GMT

I am trying to setup a local forward on my home machine. I'd like to
ssh to the firewall at my office and forward traffic on a local port
to a machine behind the firewall.

Let's call these machines "home," "firewall," and "office."

home is a linux machine, with kernel 2.4.18, running OpenSSH_3.1p1
firewall is a solaris 7 machine, running OpenSSH_2.5.2p2
office is a solaris 8 machine

My .ssh/config file on home has this entry:

Host firewall
        Hostname firewall.company.com
        ForwardX11 = no
        Compression yes
        Port 22
        User eric
        LocalForward 7722 office.company.com:22
        LocalForward 7780 office.company.com:80

Once I connect to firewall, I can then ssh "directly" to office's sshd
on localhost:7722. This works fine and I can enable X11 forwarding on
this connection.

What I can't do, however, is get a response from localhost:7780, which
is forwarded to office:80 (yes, apache is running on office:80).

In short:
% ssh firewall # fine
% ssh office # fine
% GET http://localhost:7780/ # hangs

Any ideas what could be wrong? There are no firewall restrictions
on outbound TCP/IP from home.

Here's the relevant bit from "ssh -v firewall"

debug1: ssh-userauth2 successful: method publickey
debug1: Connections to local port 9999 forwarded to remote address office:80
socket: Address family not supported by protocol
debug1: Local forwarding listening on 127.0.0.1 port 9999.
debug1: fd 4 setting O_NONBLOCK
debug1: channel 0: new [port listener]
debug1: channel 1: new [client-session]
debug1: send channel open 1
debug1: Entering interactive session.



Relevant Pages

  • RE: Problems with ipfw and ssh
    ... I am trying to configure a firewall using ipfw for a machine running FreeBSD ... I need to connect remotely to the machine using ssh and this is where i get ... debug1: PAM: cleanup ...
    (freebsd-questions)
  • RE: Problems with ipfw and ssh
    ... I get this error when updating my firewall rules via ssh. ... I am trying to configure a firewall using ipfw for a machine running FreeBSD ... When later i am trying to su to root it does nothing and the connection ... debug1: PAM: cleanup ...
    (freebsd-questions)
  • Re: [fw-wiz] Is NAT in OpenBSD PF UPnP enabled or Non UPnP?
    ... >> I start by not giving logins and SSH access to users I don't trust. ... a network topology which goes around the ... >> firewall and thus is a serious hole to network security. ... >> have access via UPnP to, well, anything that device might happen to ...
    (Firewall-Wizards)
  • X/OpenGL forwarding
    ... The firewall is OpenBSD 3.1 -stable. ... Sessions from their home PCs to Host B on the DMZ. ... I have ssh up and running on both the firewall and Host B. ... When forwarding X is it the ssh server on host B that does the ...
    (comp.security.ssh)
  • ssh tunneling to a windows box problem
    ... I'm trying to tunnel from my FC4 box through a firewall box, TCP forwarding is on) to a Windows 2000 server machine so I can connect securely with VNC. ... debug1: Authentication succeeded. ... Local forwarding listening on 127.0.0.1 port 5901. ... debug2: fd 4 setting O_NONBLOCK ...
    (SSH)