Re: port forwarding with binding to specific IP on remote host



I want to establish an SSH tunnel. The remote host of
the SSH connection has two IP addresses that may be used
for outgoing connections. I want the ssh-tunnel to use
the non-default connection for the "forwarded" connection:

local host has IP 10.0.0.1

remote host has IPs 10.0.0.20 (eth0) and 10.0.0.21 (eth0:1).

I want to establish a tunnel from 10.0.0.1:1234 to
10.0.0.100:1234 using the remote host's IP 10.0.0.21.

When I use

ssh -L 1234:10.0.0.100:1234 root@xxxxxxxxx

the connection from my client host to the remote host
is established *to* IP 10.0.0.21 (of course), but the
host 10.0.0.100 sees IP 10.0.0.20 as source IP for my
connection. But I want it to see 10.0.0.21 as source IP.

Is it possible to solve this with pure ssh-magic, or
do I have to create iptables rules or special routing
table entries for this?

I don't know how to do this with ssh alone. I've solved similar problems
with the help of xinetd, as follows:

ssh -L 1234:localhost:1234 root@xxxxxxxxx

and install an xinetd service as:

service portfwd-21-1234
{
socket_type = stream
interface = 10.0.0.21
port = 1234
protocol = tcp
wait = no
redirect = 127.0.0.1 1234
user = nobody
type = UNLISTED
}

xinetd will then listen on 10.0.0.21:1234, and when someone connects,
forward packets to your ssh tunnel on localhost:1234. Of course you could
also use route or iptables to achieve the same result.

--
To reply by email, change "deadspam.com" to "alumni.utexas.net"
.