RE: [SLUG] Port redirecting

grant Thu, 11 Jan 2001 19:14:39 -0800

we sell a product that is developed in FRANCE so we do not have access to
source.

Essentialy it has a "display layer" (true 3 tier) process that runs on the
PC.
It listens to PORT 6400 for display type commands. These commands are clear
text.
So eg "Display "Bloggs Fred" to name field" type commands(not actual syntax)
are snoopable.

Customers would like to run the app over the internet but would like
encryption. We are using ssh's  facilities to do this so that only a client
ssh is needed on the PC.

the big picture is

 ----------                               ----------
 |        |           ssh                 |        |
 |  PC    |6400 -----------localhost:16400|  FIRE  |
 |        |                               |        |
 ----------                               ----------
                                               |IP:6400
                                               |
                                               |
                                          ----------
                                          |        |
                                          |  APP   |
                                          |        |
                                          ----------

The application running on APP needs to communicate
to the PC on port 6400 eventually.

Grant Street


> -----Original Message-----
> From: David Zverina [mailto:[EMAIL PROTECTED]]
> Sent: Friday, 12 January 2001 13:59
> To: Grant Street; [EMAIL PROTECTED]
> Subject: RE: [SLUG] Port redirecting
>
>
> % insmod /lib/modules/2.2.5-15/ipv4/ip_masq_portfw.o
> % /usr/sbin/ipmasqadm portfw -a -P tcp -L FIRE_IP_ADDRESS 16400 -R
> FIRE_IP_ADDRESS 6400
>
> -L means local address
> -R means remote address
>
> remote address does not have to be on the firewall PC and
> could be another
> PC behind the firewall if required. However I am bit puzzled
> by the need for
> that kind of configuration. May be if you post more info about your
> motivation, a better solution might appear.
>
> Cheers,
>
> Dave.
>
> --
> David Zverina
> Alt Key Pty. Ltd.
> http://www.altkey.com
> PO Box 3121, Parramatta, 2124, Australia
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
> [EMAIL PROTECTED]
> Sent: Friday, 12 January 2001 13:15
> To: [EMAIL PROTECTED]
> Subject: [SLUG] Port redirecting
>
>
> Hello all
>
> I have the following configuration
>
>  ----------                               ----------
>  |        |           ssh                 |        |
>  |  PC    |6400 -----------localhost:16400|  FIRE  |IP:6400
>  |        |                               |        |
>  ----------                               ----------
>
> I am initiating a ssh connection from the PC and the
> firewall. The firewall has 2 network cards so the
> sshd is listening on localhost:16400. I want it to
> listen on IP:16400 or IP:6400.
>
> What is the best/easiest/general way of doing this
> I'm trying to work out IP chains but I am getting lost...
>
> Your speedy response is appreciated :-)
>
> Searching is bringing up seemingly irrelevant stuff
>
>
> Grant Street
>
>
>
> --
> SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
> More Info: http://slug.org.au/lists/listinfo/slug
>



-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
RE: [SLUG] Port redirecting

Reply via email to
