Re: "automatic" port forwarding

From: Lucio Crusca (lcml_at_pixel.it)
Date: 02/25/05 

Date: Fri, 25 Feb 2005 13:21:36 +0100

Andrew Schulman wrote:
> about this: Have your login script (not /bin/false) determine the
> dynamic port number and echo it back to the client, before it goes to
> sleep. So the client can log in twice. The first time it just logs in
> and reads the port number, then disconnects. Then it logs in a second
> time, this time with the right port forwarding installed (and discarding
> the port number that's echoed back to it again).
Sort of the first thing I tried before facing many problems that lead me to
seek for "automatic" port forwarding.

First problem (my ignorance): how do I read the echoed value on the client?
Suppose the shell script is

-- shellscript.sh --
#!/bin/sh

PORT=$(some_magic_program)
echo "$PORT"
sleep 30000

-- end shellscript.sh --

-- client --

ssh portfwuser@server
# Now we are logged into server, how do we read the echoed value?

Second problem: when the server chooses a port number, it actually allocates
it to the client.
Following the suggested application logic, each client would have 2
allocated ports at a time, but only 1 would work. There are certainly ways
to detect which one the client is listening (e.g. always the first one),
but the design is quite broken. For example, what if the second connection
fails? Will the next connection be the new second connection or a new first
connection? We can't tell.

My idea was to make the client call different scripts depending on the fact
that it was making the first or the second connection attempt, but this
requires the user to have a shell login on the server only to run those
scripts, which is not wise from a security perspective. Well, I could have
2 users, the first allocates the port, the second sleeps; still, I don't
know how to read the echoed value on the client. Any suggestion?

Relevant Pages

  • Re: thin client com ports
    ... I'm glad that you got at least one more client working! ... MCSE, CCEA, Microsoft MVP - Terminal Server ... the COM port settings? ... I am testing several thin clients. ...
    (microsoft.public.windows.terminal_services)
  • Re: network installation manager
    ... there is a firewall between master and client machines, ... NIM Communication within a Firewall Environment ... master via nimclient calls to the nimesis daemon. ... reserved port range of 1023-513. ...
    (comp.unix.aix)
  • Re: printer ports issue with term services
    ... have several clients remoting in to a windows 2000 terminal server. ... I believe the issue is when Client A logs in he gets an ID ... of say 1 and his printers are installed on port 001. ...
    (microsoft.public.windows.terminal_services)
  • help: using smtp.gmail.com as SMART_HOST
    ... with my Google gmail address. ... is pop.gmail.com, using port 995. ... Retrieving mail is not the problem since my Google searches ... client, I believe the term is) to send my mail to Google's ...
    (comp.mail.sendmail)
  • Re: Unable to print to networked printer - get access denied messa
    ... Check the permissions on the server assuming the client has a true RPC ... How is the Standard TCP/IP port configured for the device? ...
    (microsoft.public.windowsxp.print_fax)