Results 1 to 3 of 3

Thread: Problem with SSH local port forwarding

  1. #1
    Associate
    Join Date
    Apr 2007
    Posts
    18

    Problem with SSH local port forwarding

    Hi all,

    I am facing problem in SSH Port forwarding.

    I want to forward the port 1812 running on server1 to server2. So I issue following command from server2

    [root@server2 ~]# ssh -g -L 1812:server1:1812 server1
    root@server1's password:
    bind: Address already in use
    Last login: Mon Jul 23 14:35:19 2007 from server2
    [root@server1 ~]#


    when I use above command without using -g option then it works fine. But I want the forwarded port to be used by other clients as well.

    I have made sure that there is no service running on Server2 on port no. 1812. I have tried with many other ports as well.


    Can anybody suggest me what to do to enable other clients to use forwarded port.

  2. #2
    run this on both server1 and server2

    netstat -lpn

    and look for anything listening on those ports.
    you need to make sure that port is available
    on the local machine too.l

    according to the man page you should also
    specify bind address

    -L [bind_address:]port:host:hostport

    this example worked fine for me :

    ssh -g -L 192.168.0.1:1919:192.168.0.2:31337 root@192.168.0.2


    this listened on my local machine (192.168.0.1) on port 1919 to
    remote server (192.168.0.2) running nc on port 31337
    i could then telnet to port 1919 on 192.168.0.1 using my windows box
    worked ok.
    Last edited by Xenu; 07-23-2007 at 08:13 PM.

  3. #3
    Associate
    Join Date
    Apr 2007
    Posts
    18
    Thanks for the reply.

    Heres my netstat -lpn's output for both servers :

    Server1 (IP Address 10.8.59.59)

    [root@server1 ~]# netstat -lpn
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address Foreign Address Stat e PID/Program name
    tcp 0 0 0.0.0.0:199 0.0.0.0:* LIST EN 2013/snmpd
    tcp 0 0 0.0.0.0:111 0.0.0.0:* LIST EN 1970/portmap
    tcp 0 0 10.8.59.59:8080 0.0.0.0:* LIST EN 2090/(squid)
    tcp 0 0 :::22 :::* LIST EN 2059/sshd
    udp 0 0 0.0.0.0:161 0.0.0.0:* 2013/snmpd
    udp 0 0 0.0.0.0:3130 0.0.0.0:* 2090/(squid)
    udp 0 0 0.0.0.0:3401 0.0.0.0:* 2090/(squid)
    udp 0 0 0.0.0.0:111 0.0.0.0:* 1970/portmap
    udp 0 0 0.0.0.0:33532 0.0.0.0:* 2090/(squid)
    Active UNIX domain sockets (only servers)
    Proto RefCnt Flags Type State I-Node PID/Program name Pat h
    unix 2 [ ACC ] STREAM LISTENING 5635 2137/winbindd /tm p/.winbindd/pipe
    unix 2 [ ACC ] STREAM LISTENING 5637 2137/winbindd /va r/lib/samba/winbindd_privileged/pipe
    [root@server1 ~]#

    and Server2 (IP Address 10.8.59.60)

    [root@server2 ~]# netstat -lpn
    Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address Foreign Address Stat e PID/Program name
    tcp 0 0 127.0.0.1:1444 0.0.0.0:* LIST EN 2593/iwssd
    tcp 0 0 0.0.0.0:199 0.0.0.0:* LIST EN 2254/snmpd
    tcp 0 0 0.0.0.0:111 0.0.0.0:* LIST EN 2211/portmap
    tcp 0 0 0.0.0.0:8081 0.0.0.0:* LIST EN 2593/iwssd
    tcp 0 0 0.0.0.0:21 0.0.0.0:* LIST EN 3043/isftpd
    tcp 0 0 0.0.0.0:5432 0.0.0.0:* LIST EN 2565/postmaster
    tcp 0 0 ::ffff:127.0.0.1:8005 :::* LIST EN 3090/java
    tcp 0 0 ::ffff:127.0.0.1:5963 :::* LIST EN 24472/java
    tcp 0 0 :::1812 :::* LIST EN 3090/java
    tcp 0 0 :::22 :::* LIST EN 2300/sshd
    tcp 0 0 :::5432 :::* LIST EN 2565/postmaster
    udp 0 0 0.0.0.0:39189 0.0.0.0:* 26983/snmpwalk
    udp 0 0 0.0.0.0:161 0.0.0.0:* 2254/snmpd
    udp 0 0 0.0.0.0:111 0.0.0.0:* 2211/portmap
    Active UNIX domain sockets (only servers)
    Proto RefCnt Flags Type State I-Node PID/Program name Pat h
    unix 2 [ ACC ] STREAM LISTENING 5218 2565/postmaster /tm p/.s.PGSQL.5432
    [root@server2 ~]#


    As you can see there is no port 1812 running on server1, and it is running on server2 (Which I want to forward to server1).

    Also I tried to use the same command as you said :

    [root@Server1 ~]# ssh -g -L 10.8.59.59:1919:10.8.59.60:1812 root@10.8.59.60
    Bad forwarding specification '10.8.59.59:1919:10.8.59.60:1812'
    usage: ssh [-1246AaCfghkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
    [-D port] [-e escape_char] [-F configfile] [-i identity_file]
    [-L port:host:hostport] [-l login_name] [-m mac_spec] [-o option]
    [-p port] [-R port:host:hostport] [-S ctl] [user@]hostname [command]



    I found that to specify bind address the option is -b, when I used it I got following error.

    [root@server1 ~]# ssh -g -L 1919:10.8.59.60:1812 -b 10.8.59.59 root@10.8.59.60
    root@10.8.59.60's password:
    bind: Address already in use
    Last login: Tue Jul 24 15:20:10 2007 from 10.8.97.27


    I am still confused why is it not working?

    I am now looking for port forwarding using IPTABLES. Do you have any idea about IPTABLES port forwarding?


    Thanks in advance!!!

Similar Threads

  1. Port forwarding without ssh
    By countach44 in forum Linux - Hardware, Networking & Security
    Replies: 3
    Last Post: 01-10-2005, 10:13 PM
  2. Port forwarding woes
    By friskydrifter in forum Linux - Hardware, Networking & Security
    Replies: 7
    Last Post: 01-28-2004, 03:59 AM
  3. SSH port forwarding
    By crazy ivan in forum Linux - Hardware, Networking & Security
    Replies: 4
    Last Post: 10-07-2003, 11:10 PM
  4. ssh port forwarding
    By Blaqb0x in forum Linux - Hardware, Networking & Security
    Replies: 5
    Last Post: 02-10-2003, 05:15 AM
  5. Port forwarding
    By Schotty in forum Linux - Hardware, Networking & Security
    Replies: 5
    Last Post: 11-29-2001, 05:08 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •