Sharing External Port
This is a discussion on Sharing External Port within the Linux Networking forums, part of the Linux Forums category; I can get into my Linux box at home from work using port 23, and forwarding to port 22 internally, ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-12-2004
|
|||
|
|||
Sharing External Port
I can get into my Linux box at home from work using port 23, and forwarding
to port 22 internally, for ssh. Port 23 is about the only port open in my employer's firewall. If I setup a webserver on Linux, is there anyway to intercept incoming traffic on port 23, and forward to either 22 or 80, based on the protocol? I.e. forward ssh to 22, and HTTP to 80, internally? 
|
|
01-12-2004
|
|||
|
|||
|
Re: Sharing External Port
"Buck Turgidson" <jc_va@hotmail.com> wrote in message news:63f24c6b0c659c5b938838b26fb149c6@news.teranew s.com... > I can get into my Linux box at home from work using port 23, and forwarding > to port 22 internally, for ssh. Port 23 is about the only port open in my > employer's firewall. > > If I setup a webserver on Linux, is there anyway to intercept incoming > traffic on port 23, and forward to either 22 or 80, based on the protocol? > I.e. forward ssh to 22, and HTTP to 80, internally? > port 23 is open ? your employer is mad ! To break your employers security using this hole, use ssh port forwarding. so leave the port 23 mapped to port 22. You map a local port , eg local port 80 , at home, to port 80 on the work web server, when you log in to work via ssh. see 'man slogin' or 'man ssh' for the instructions on the command line to use. you do get a problem with using domain names, but to solve this you can put the domain name into /etc/hosts (but that breaks the domain name system wide, eg www.work.com.au 127.0.0.1 www.work.net.au 127.0.0.1 The reason is that the web browser will transfer the domain name it is requesting to the web server ...and because using ip addresses you cant access more than one domain name... Ah, a bit more work, but instead of port forwarding to the web server ,you can port forward to a proxy server , ( you could run 'squid' as a user...) and then you can use that proxy server as your proxy server. and then you dont need to put stuff in /etc/hosts ... If you run squid at home,you can tell it to use ssh tunnel to access the works proxy server, but only for works domain names. if you dont run squid at home ,then you need to adjust proxy settings in the web browser... eg use netscape for accessing work, mozilla for the rest of the world. or create a different user for mozilla to access work...
|
Linear Mode
