help with local forward of HTTP traffic

From: Eric D. Friedman (
Date: 05/17/02

From: (Eric D. Friedman)
Date: Fri, 17 May 2002 18:30:03 GMT

I am trying to setup a local forward on my home machine. I'd like to
ssh to the firewall at my office and forward traffic on a local port
to a machine behind the firewall.

Let's call these machines "home," "firewall," and "office."

home is a linux machine, with kernel 2.4.18, running OpenSSH_3.1p1
firewall is a solaris 7 machine, running OpenSSH_2.5.2p2
office is a solaris 8 machine

My .ssh/config file on home has this entry:

Host firewall
        ForwardX11 = no
        Compression yes
        Port 22
        User eric
        LocalForward 7722
        LocalForward 7780

Once I connect to firewall, I can then ssh "directly" to office's sshd
on localhost:7722. This works fine and I can enable X11 forwarding on
this connection.

What I can't do, however, is get a response from localhost:7780, which
is forwarded to office:80 (yes, apache is running on office:80).

In short:
% ssh firewall # fine
% ssh office # fine
% GET http://localhost:7780/ # hangs

Any ideas what could be wrong? There are no firewall restrictions
on outbound TCP/IP from home.

Here's the relevant bit from "ssh -v firewall"

debug1: ssh-userauth2 successful: method publickey
debug1: Connections to local port 9999 forwarded to remote address office:80
socket: Address family not supported by protocol
debug1: Local forwarding listening on port 9999.
debug1: fd 4 setting O_NONBLOCK
debug1: channel 0: new [port listener]
debug1: channel 1: new [client-session]
debug1: send channel open 1
debug1: Entering interactive session.

Relevant Pages

  • RE: Problems with ipfw and ssh
    ... I am trying to configure a firewall using ipfw for a machine running FreeBSD ... I need to connect remotely to the machine using ssh and this is where i get ... debug1: PAM: cleanup ...
  • RE: Problems with ipfw and ssh
    ... I get this error when updating my firewall rules via ssh. ... I am trying to configure a firewall using ipfw for a machine running FreeBSD ... When later i am trying to su to root it does nothing and the connection ... debug1: PAM: cleanup ...
  • Re: [fw-wiz] Is NAT in OpenBSD PF UPnP enabled or Non UPnP?
    ... >> I start by not giving logins and SSH access to users I don't trust. ... a network topology which goes around the ... >> firewall and thus is a serious hole to network security. ... >> have access via UPnP to, well, anything that device might happen to ...
  • X/OpenGL forwarding
    ... The firewall is OpenBSD 3.1 -stable. ... Sessions from their home PCs to Host B on the DMZ. ... I have ssh up and running on both the firewall and Host B. ... When forwarding X is it the ssh server on host B that does the ...
  • ssh tunneling to a windows box problem
    ... I'm trying to tunnel from my FC4 box through a firewall box, TCP forwarding is on) to a Windows 2000 server machine so I can connect securely with VNC. ... debug1: Authentication succeeded. ... Local forwarding listening on port 5901. ... debug2: fd 4 setting O_NONBLOCK ...