Fedora Users — Re: Local binding port for SSH client?

Re: Local binding port for SSH client?

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: "Community assistance, encouragement, and advice for using Fedora." <fedora-list@xxxxxxxxxx>

Subject: Re: Local binding port for SSH client?

From: Bill Davidsen <davidsen@xxxxxxx>

Date: Wed, 03 Sep 2008 23:59:05 -0400

In-reply-to: <200809021710.54390.jorge.fabregas@xxxxxxxxx>

References: <200809021656.55071.jorge.fabregas@xxxxxxxxx> <48BDA970.4050806@xxxxxxxxxxxxxxxxxx> <200809021710.54390.jorge.fabregas@xxxxxxxxx>

Reply-to: "Community assistance, encouragement, and advice for using Fedora." <fedora-list@xxxxxxxxxx>

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.8) Gecko/20061105 SeaMonkey/1.0.6

Jorge Fábregas wrote:

On Tuesday 02 September 2008 05:00:32 pm Kevin J. Cummings wrote:
Are you looking for a way to control which outgoing port ssh uses?
Yes, this is what I want. For example, on a remote ACL you may have yourfilters based on:
- destination ip
- destination port
- source ip
I was thinking I could add "source port" to that list..but then , on theclient side, I'd have to specify local binding port.
Irrespectively of its security merits I'm just curious if it's possible at all(with ssh or any other net tool).

If you want to learn a little about iptables you can just do SNAT tocontrol the IP and port.

  iptables -A POSTROUTING -t nat -p tcp -d 1.2.3.4 --dport ssh \
  -j SNAT --to-source 4.3.2.1:24702

That is, if the destination IP is 1.2.3.4 and the destination port isssh (22), change the source IP to 4.3.2.1 port 24702


Requires static IP.

--
Bill Davidsen <davidsen@xxxxxxx>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot


--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines