[Shorewall-newbies] ssh tunneling

Yogesh Sharma ysharma at catprosystems.com
Mon Mar 15 14:13:19 PST 2004


Hi,

Please include me in CC as I am not subscribed to list.

Shorewall version 1.4.10b
eth0 Internet IP 4.2.2.2
eth1 Intranet IP 192.168.0.0/255.255.255.0
IP Masq, DHCP enabled

I am trying to create a tunnel using following ssh command:
ssh root at 4.2.2.2 -L 5800:192.168.0.127:5800

I created one rule like this:
ACCEPT   FW   LOC   TCP   5800
but I am still getting these in log and not been able to use ssh port 
forwarding

Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1073 DPT=5800 
WINDOW=5840 RES=0x00 SYN URGP=0
Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1074 DPT=5800 
WINDOW=5840 RES=0x00 SYN URGP=0
Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1075 DPT=5800 
WINDOW=5840 RES=0x00 SYN URGP=0
Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1076 DPT=5800 
WINDOW=5840 RES=0x00 SYN URGP=0
Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1077 DPT=5800 
WINDOW=5840 RES=0x00 SYN URGP=0

Thanks
Yogesh



More information about the Shorewall-newbies mailing list