CentOS with AutoSSH, Port Forwarding Clarification
I'm using autossh and set it up like shown in the following example: http://surniaulula.com/2012/12/10/autossh-startup-script-for-multiple-tunnels/
I found it works really well, but need some clarification. Particularly, the difference between 127.0.0.1 and * in the following examples:
ForwardPort=(
"L 127.0.0.1:3397:127.0.0.1:3306"
)
versus
ForwardPort=(
"L *:3397:127.0.0.1:3306"
)
The first one seems to do the redirect if coming from the host machine itself, where the 2nd seems to forward from anywhere. To me this translated as if the * was for any IP to forward the traffic through, but someone told me that it just says for any adapter on the machine. I'm curious is it any IP, or any adapter? I assume the end result is the same, but would like clarification for my own understanding.
Update
I updated my test to include a specific IP of a network I'm using and then tried to connect to the port and found that it did not work with the specific port specified, e.g.
ForwardPort=(
"L x.x.x.x:3397:127.0.0.1:3306"
"L 127.0.0.1:3397:127.0.0.1:3306"
)
Since this did not work, it makes me believe my buddy was right about the adapters. If anyone can provide me with some details of how the adapter stuff works, or a link to a good article that explains it, I'd appreciate it.
ssh centos ssh-tunneling port-forwarding
asked Feb 6 '15 at 16:08
VenomFangs
257110
add a comment |
I'm using autossh and set it up like shown in the following example: http://surniaulula.com/2012/12/10/autossh-startup-script-for-multiple-tunnels/
I found it works really well, but need some clarification. Particularly, the difference between 127.0.0.1 and * in the following examples:
ForwardPort=(
"L 127.0.0.1:3397:127.0.0.1:3306"
)
versus
ForwardPort=(
"L *:3397:127.0.0.1:3306"
)
The first one seems to do the redirect if coming from the host machine itself, where the 2nd seems to forward from anywhere. To me this translated as if the * was for any IP to forward the traffic through, but someone told me that it just says for any adapter on the machine. I'm curious is it any IP, or any adapter? I assume the end result is the same, but would like clarification for my own understanding.
Update
I updated my test to include a specific IP of a network I'm using and then tried to connect to the port and found that it did not work with the specific port specified, e.g.
ForwardPort=(
"L x.x.x.x:3397:127.0.0.1:3306"
"L 127.0.0.1:3397:127.0.0.1:3306"
)
Since this did not work, it makes me believe my buddy was right about the adapters. If anyone can provide me with some details of how the adapter stuff works, or a link to a good article that explains it, I'd appreciate it.
ssh centos ssh-tunneling port-forwarding
asked Feb 6 '15 at 16:08
VenomFangs
257110
add a comment |
I'm using autossh and set it up like shown in the following example: http://surniaulula.com/2012/12/10/autossh-startup-script-for-multiple-tunnels/
I found it works really well, but need some clarification. Particularly, the difference between 127.0.0.1 and * in the following examples:
ForwardPort=(
"L 127.0.0.1:3397:127.0.0.1:3306"
)
versus
ForwardPort=(
"L *:3397:127.0.0.1:3306"
)
The first one seems to do the redirect if coming from the host machine itself, where the 2nd seems to forward from anywhere. To me this translated as if the * was for any IP to forward the traffic through, but someone told me that it just says for any adapter on the machine. I'm curious is it any IP, or any adapter? I assume the end result is the same, but would like clarification for my own understanding.
Update
I updated my test to include a specific IP of a network I'm using and then tried to connect to the port and found that it did not work with the specific port specified, e.g.
ForwardPort=(
"L x.x.x.x:3397:127.0.0.1:3306"
"L 127.0.0.1:3397:127.0.0.1:3306"
)
Since this did not work, it makes me believe my buddy was right about the adapters. If anyone can provide me with some details of how the adapter stuff works, or a link to a good article that explains it, I'd appreciate it.
ssh centos ssh-tunneling port-forwarding
asked Feb 6 '15 at 16:08
VenomFangs
257110
I'm using autossh and set it up like shown in the following example: http://surniaulula.com/2012/12/10/autossh-startup-script-for-multiple-tunnels/
I found it works really well, but need some clarification. Particularly, the difference between 127.0.0.1 and * in the following examples:
ForwardPort=(
"L 127.0.0.1:3397:127.0.0.1:3306"
)
versus
ForwardPort=(
"L *:3397:127.0.0.1:3306"
)
The first one seems to do the redirect if coming from the host machine itself, where the 2nd seems to forward from anywhere. To me this translated as if the * was for any IP to forward the traffic through, but someone told me that it just says for any adapter on the machine. I'm curious is it any IP, or any adapter? I assume the end result is the same, but would like clarification for my own understanding.
Update
I updated my test to include a specific IP of a network I'm using and then tried to connect to the port and found that it did not work with the specific port specified, e.g.
ForwardPort=(
"L x.x.x.x:3397:127.0.0.1:3306"
"L 127.0.0.1:3397:127.0.0.1:3306"
)
Since this did not work, it makes me believe my buddy was right about the adapters. If anyone can provide me with some details of how the adapter stuff works, or a link to a good article that explains it, I'd appreciate it.
ssh centos ssh-tunneling port-forwarding
ssh centos ssh-tunneling port-forwarding
asked Feb 6 '15 at 16:08
VenomFangs
257110
asked Feb 6 '15 at 16:08
VenomFangs
257110
edited Feb 6 '15 at 16:16
asked Feb 6 '15 at 16:08
VenomFangs
257110
asked Feb 6 '15 at 16:08
VenomFangs
257110
asked Feb 6 '15 at 16:08
VenomFangs
257110
257110
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Figured out my answer, figured I would post my answer, in case anyone is interested or googles an answer like I did and not find it.
So when I did x.x.x.x this was the WAN IP of my remote server. The autossh has not clue of this as the IP is not one of its adapters. If you run ifconfig on the server then you'll get your local loopback of 127.0.0.1 and other adapters like eth0, which would have the WAN IP. By doing the *, it does the forwarding for any requests comes from the local loop back as well as from the WAN. So * routes all requests, where 127.0.0.1 only does the ones that come from the machine itself.
If you wanted to allow external forwards, but limit who could do it, you could achieve this by doing * and then limiting communication of the server via iptables.
answered Feb 6 '15 at 16:50
VenomFangs
257110
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f183345%2fcentos-with-autossh-port-forwarding-clarification%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Figured out my answer, figured I would post my answer, in case anyone is interested or googles an answer like I did and not find it.
So when I did x.x.x.x this was the WAN IP of my remote server. The autossh has not clue of this as the IP is not one of its adapters. If you run ifconfig on the server then you'll get your local loopback of 127.0.0.1 and other adapters like eth0, which would have the WAN IP. By doing the *, it does the forwarding for any requests comes from the local loop back as well as from the WAN. So * routes all requests, where 127.0.0.1 only does the ones that come from the machine itself.
If you wanted to allow external forwards, but limit who could do it, you could achieve this by doing * and then limiting communication of the server via iptables.
answered Feb 6 '15 at 16:50
VenomFangs
257110
add a comment |
Figured out my answer, figured I would post my answer, in case anyone is interested or googles an answer like I did and not find it.
So when I did x.x.x.x this was the WAN IP of my remote server. The autossh has not clue of this as the IP is not one of its adapters. If you run ifconfig on the server then you'll get your local loopback of 127.0.0.1 and other adapters like eth0, which would have the WAN IP. By doing the *, it does the forwarding for any requests comes from the local loop back as well as from the WAN. So * routes all requests, where 127.0.0.1 only does the ones that come from the machine itself.
If you wanted to allow external forwards, but limit who could do it, you could achieve this by doing * and then limiting communication of the server via iptables.
answered Feb 6 '15 at 16:50
VenomFangs
257110
add a comment |
Figured out my answer, figured I would post my answer, in case anyone is interested or googles an answer like I did and not find it.
So when I did x.x.x.x this was the WAN IP of my remote server. The autossh has not clue of this as the IP is not one of its adapters. If you run ifconfig on the server then you'll get your local loopback of 127.0.0.1 and other adapters like eth0, which would have the WAN IP. By doing the *, it does the forwarding for any requests comes from the local loop back as well as from the WAN. So * routes all requests, where 127.0.0.1 only does the ones that come from the machine itself.
If you wanted to allow external forwards, but limit who could do it, you could achieve this by doing * and then limiting communication of the server via iptables.
answered Feb 6 '15 at 16:50
VenomFangs
257110
Figured out my answer, figured I would post my answer, in case anyone is interested or googles an answer like I did and not find it.
So when I did x.x.x.x this was the WAN IP of my remote server. The autossh has not clue of this as the IP is not one of its adapters. If you run ifconfig on the server then you'll get your local loopback of 127.0.0.1 and other adapters like eth0, which would have the WAN IP. By doing the *, it does the forwarding for any requests comes from the local loop back as well as from the WAN. So * routes all requests, where 127.0.0.1 only does the ones that come from the machine itself.
If you wanted to allow external forwards, but limit who could do it, you could achieve this by doing * and then limiting communication of the server via iptables.
answered Feb 6 '15 at 16:50
VenomFangs
257110
answered Feb 6 '15 at 16:50
VenomFangs
257110
answered Feb 6 '15 at 16:50
VenomFangs
257110
answered Feb 6 '15 at 16:50
VenomFangs
257110
257110
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f183345%2fcentos-with-autossh-port-forwarding-clarification%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
