I have an application that opens a connection on a random local port to a known port on a remote server which refuses connections from my IP address. Is there any way to use a port-forwarding like tool to forward all outbound connections that are directed to ip:port over an SSH tunnel?
-
1local port being random is completely irrelevant. utterly irrelevant. and port forwarding is absolutely irrelevant. your question is about ssh with a proxy.. I haven't done it but there are ways. You would need a computer between you and the ssh server, that the ssh server allows. Also, that aside, a term you may want is 'tcp port remapper.. there are programs that do that too.– barlopCommented Jun 8, 2014 at 16:06
-
you almost always get random local ports to a known port on a server. I think DHCP seems to use a known local port (68) but almost everything else uses random local ports– barlopCommented Jun 8, 2014 at 18:02
-
slight amendment to my first comment, port forwarding is the right term..in ssh it calls it that, it's the same as tcp port remapping which is what you are talking about.– barlopCommented Jun 8, 2014 at 18:50
Add a comment
|
1 Answer
local port being random is completely irrelevant. utterly irrelevant. and port forwarding is perhaps not the right term for what you want. your question is about ssh with a proxy.. I haven't done it but there are ways. You would need a computer between you and the ssh server, that the ssh server allows. Also, that aside, a term you may want is 'tcp port remapper.. there are programs that do that too. I'll mention some but most people would use ssh to as it can.
if talking about a tool separate from ssh
this program can do the tcp port remapping you're after
port mapper pm.exe http://www.kmint21.com/free/
or nc, try from cygwin(it's not in gnuwin32) nc -l 1234 | nc 4.5.6.7 22 <-- listen on port 1234, forward to ip 4.5.6.7 port 22
or with netsh so on your proxy comp-
C:\Windows\system32>netsh interface portproxy add v4tov4 listenport=4321 connect
address=10.0.0.50 connectport=47
see it is listening, and will forward to 10.0.0.50:47
C:\Windows\system32>netstat -aon | find "4321"
TCP 0.0.0.0:4321 0.0.0.0:0 LISTENING 844
But you can use ssh for it, it's very much designed for it.
ssh itself can do tcp port remapping.. (ssh might call that port forwarding)
you run an ssh server on a computer with an IP that is OK with your non-ssh server.
then you use ssh -L on that computer. which requires among other parameters, what one could think of as 2 parameters, the IP to listen on, and the IP:PORT to forward to.
So you have compA, CompB, CompC
CompB and CompC would I suppose not be the same comp in your case.
compC runs your non-ssh server. compB runs the ssh server.
CompA's IP is not allowed in by CompC, but is allowed in by CompB.
CompC does allow in CompB's IP.
So CompA and CompC communicate through CompB.
So from CompA you connect to CompB and prior to that, you run on compB your port remapping.. which ssh can do. ssh -L... many examples of ssh -L online you can put in the specifics of your case, IP of your ssh server, port to listen on for CompA to connect to. and IP:PORT of your non-ssh server. They all go into an ssh -L command you run on CompB. ssh -L makes a port forwarding facility whereby the comp with ssh.exe listens (for your typically non-ssh client) and the comp with sshd.exe forwards (to your typically non-ssh server).
Then you connect your non-ssh client from CompA to CompB. and it gets forwarded to CompC through the ssh connection that you made.
-
Thanks for your answer. The server I wish to connect to is not an SSH server, but I can access it via an SSH connection. I am confused how I can remap the TCP port from my local machine if it's randomly chosen (by this I mean I have no way to know in advance which port it's going to choose). Commented Jun 8, 2014 at 17:12
-
if you are accessing a server via ssh, then even if that server you are accessing is not an ssh server (and it typically isn't an ssh server), you are still connecting to an ssh server to access it. there are two parts to the connection a)making the ssh connection b)making the connection that goes through the ssh connection.– barlopCommented Jun 8, 2014 at 18:00
-
@Max I may have figured out what is or was confusing you. You think or thought that you had to connect to that local port on Comp Blah where you ran ssh.exe from and that port is random, but you don't. You run ssh -L from comp blah, and it will make that random local port but it will also make another port (let's call it port xyz) that listens, and you specify that port xyz when you do ssh -L. Then you connect compA to port xyz on CompB– barlopCommented Jun 8, 2014 at 18:23