[Shorewall-newbies] ssh tunneling

Yogesh Sharma ysharma at catprosystems.com
Mon Mar 15 15:24:48 PST 2004


Thanks, for pointing. That was the problem

Sakthivel Subramanian wrote:

>Your destination in the error message is DST=192.168.101.127, 
>where as in the SSH command it is 192.168.0.127. 
>
>Which one is the correct one ?
>
>If you are trying to create a tunnel from FW to LOC, your OUT=eth1 not eth0.
>
>-Sakthi
>
>-----Original Message-----
>From: shorewall-newbies-bounces at lists.shorewall.net
>[mailto:shorewall-newbies-bounces at lists.shorewall.net] On Behalf Of Yogesh
>Sharma
>Sent: Monday, March 15, 2004 5:13 PM
>To: shorewall-newbies at lists.shorewall.net
>Subject: [Shorewall-newbies] ssh tunneling
>
>
>Hi,
>
>Please include me in CC as I am not subscribed to list.
>
>Shorewall version 1.4.10b
>eth0 Internet IP 4.2.2.2
>eth1 Intranet IP 192.168.0.0/255.255.255.0
>IP Masq, DHCP enabled
>
>I am trying to create a tunnel using following ssh command:
>ssh root at 4.2.2.2 -L 5800:192.168.0.127:5800
>
>I created one rule like this:
>ACCEPT   FW   LOC   TCP   5800
>but I am still getting these in log and not been able to use ssh port 
>forwarding
>
>Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
>LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1073 DPT=5800 
>WINDOW=5840 RES=0x00 SYN URGP=0
>Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
>LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1074 DPT=5800 
>WINDOW=5840 RES=0x00 SYN URGP=0
>Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
>LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1075 DPT=5800 
>WINDOW=5840 RES=0x00 SYN URGP=0
>Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
>LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1076 DPT=5800 
>WINDOW=5840 RES=0x00 SYN URGP=0
>Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=4.2.2.2 DST=192.168.101.127 
>LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=36865 DF PROTO=TCP SPT=1077 DPT=5800 
>WINDOW=5840 RES=0x00 SYN URGP=0
>
>Thanks
>Yogesh
>
>_______________________________________________
>Shorewall-newbies mailing list
>Post: Shorewall-newbies at lists.shorewall.net
>Subscribe/Unsubscribe:
>https://lists.shorewall.net/mailman/listinfo/shorewall-newbies
>Support: http://www.shorewall.net/support.htm
>FAQ: http://www.shorewall.net/FAQ.htm
>
>  
>




More information about the Shorewall-newbies mailing list