Net::SSH and port forwarding

J

Jamis Buck

Looks like the local->remote port forwarding will be pretty easy to
implement (I've already got a prototype that does the trick...messily).

At any rate, I'm looking at this and I'm realizing that because I'm
doing this all in Ruby, you could concievably have the port forwarding
do tricks based on additional information in the request. Here's a use
case to clarify my meaning:

Set up port forwarding on port X. When a connection is recieved, parse
the request. If the request matches format A, forward the request to
boxA:portA. If the request matches format B, forward the request to
boxB:portB. Etc. All of this happens transparently to the client that
connected to the local port.

Would this be useful for anyone? I'm probably going to write the Ruby
interface in such a way that you could do something like the above with
minimal effort, but I'm just curious if anyone would actually use such a
feature in practice. :)

--
Jamis Buck
(e-mail address removed)
http://www.jamisbuck.org/jamis

ruby -ropenssl
-e'k="01234567";p((c,c.padding,c.iv,c.key=OpenSSL::Cipher::BF.new,false,k,k*2)[0].decrypt.update("1A81803C452C324619D319F980D5B84DBB45FC0FE2BAA045".scan(/../).map{|n|n.to_i(16).chr}.join))'
 
D

Dick Davies

* Jamis Buck said:
Set up port forwarding on port X. When a connection is recieved, parse
the request. If the request matches format A, forward the request to
boxA:portA. If the request matches format B, forward the request to
boxB:portB. Etc. All of this happens transparently to the client that
connected to the local port.
Click to expand...
Would this be useful for anyone?
Click to expand...

It would save you having to open multiple tunnels, at least in theory,
which would be very handy in a lot of circumstances.

If you could daemonize that you'd have an stunnel killer...
ruby -ropenssl
-e'k="01234567";p((c,c.padding,c.iv,c.key=OpenSSL::Cipher::BF.new,false,k,k*2)[0].decrypt.update("1A81803C452C324619D319F980D5B84DBB45FC0FE2BAA045".scan(/../).map{|n|n.to_i(16).chr}.join))'
Click to expand...
 
J

Jamis Buck

Dick said:
It would save you having to open multiple tunnels, at least in theory,
which would be very handy in a lot of circumstances.
Click to expand...

Actually, this is something you wouldn't be able to do even with
multiple tunnels, since you're still binding to a single port on the
localhost. You're just forwarding from that one port to multiple
different remote hosts, based on the format of the request.

As I said, it sounds cool, but I wonder how useful it would be in
practice. It should be in the next version of Net::SSH, regardless. :)

--
Jamis Buck
(e-mail address removed)
http://www.jamisbuck.org/jamis

"I use octal until I get to 8, and then I switch to decimal."
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Net::SSH forward local port 0
[ANN] Net::SSH 0.0.2 18
[ANN] Net::SSH 0.0.1 2
SQLite-Ruby: result set column indexing 0
SQLite/Ruby update pending 11
[ANN] SQLite-Ruby 1.2.0 15
[ANN] SQLite/Ruby 1.2.9.1 0
[ANN] Net::SSH 0.0.3 18

Members online

Total: 25 (members: 2, guests: 23)
Robots: 404

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,020
Latest member
GenesisGai

Latest Threads

Top