[PLUG] RESOLVED: Linux networking question
Matt Alexander
lowbassman at gmail.com
Thu Dec 29 23:11:48 UTC 2005
Alrighty, for those of you following along, here's a recap and the solution:
I have an application with no proxy support. The network does not allow
connections on port 80 to the Internet, except through a web proxy that
requires authentication. I do, however, have Squid running on a server on
the outside of the network and I have a box on the inside that can SSH only
to it. So I created SSH tunnels between each box and setup iptables to
redirect port 80 to the locally listening SSH tunnel.
>From inside box:
ssh -f -N -L 3128:localhost:3128 user at outside_server
>From second inside box running the app with no proxy support:
ssh -f -N -L 3128:localhost:3128 user at inside_box
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to 127.0.0.1:3128
So, all outgoing port 80 traffic on the box running the app with no proxy
support is transparently redirected to an SSH tunnel to the other inside box
which is redirected to the outside box running Squid through a second SSH
tunnel.
Crazy stuff, but fun.
~M
More information about the PLUG
mailing list