On Sunday 19 May 2002 02:28 pm, David Douthitt wrote:
> On Saturday 18 May 2002 11:14 am, Stephen Lee wrote:
> > I tunnel imap and smtp all the time except I use stunnel.
> > Presumably you are pointing your host1 mail client to
> > localhost:110 or localhost:143 and then ssh tunnelling those
> > corresponding ports to host2:some_other_port_for poporimap? How
> > are your ssh tunnels created? Does "telnet localhost 110" result
> > in a response by the remote pop server?
>
> ssh -L 143:host2:143 user@host2
>
> -- or --
>
> ssh -L 110:host2:110 -L 143:host2:143 user@host2
>
> (I am trying to use IMAP only - but it's hard....)
>
> No, telnet (or nc) to localhost 110 doesn't work (nor to port 143).
>
> host1 # netstat -rn -f inet
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Netif
> Expire
> default 192.168.4.1 UGSc 2 125 de0
> 127.0.0.1 127.0.0.1 UH 1 10566 lo0
> 192.168.4 link#1 UC 4 0 de0
> 192.168.4.1 0:0:c0:26:b4:8b UHLW 54 371 de0
> 1193
> 192.168.4.2 0:0:c0:6:b9:5b UHLW 1 513380 de0
> 970
> 192.168.4.5 0:e0:29:6:ce:58 UHLW 3 316 lo0
> 192.168.4.10 link#1 UHLW 2 31 de0
>
> host2 # netstat -rn -f inet
> Routing tables
>
> Internet:
> Destination Gateway Flags Refs Use Netif
> Expire
> default 198.77.254.129 UGSc 12 116 xl0
> 127.0.0.1 127.0.0.1 UH 0 5059 lo0
> 192.168.5.128/27 link#1 UC 2 0 xl0
> 192.168.5.129 0:20:6f:10:e5:31 UHLW 6 0 xl0
> 757
> 192.168.5.140 0:50:da:cc:4d:c2 UHLW 0 8375 lo0
>
> Note that ssh itself works - but the tunnel doesn't.
>
> It wouldn't have to do with the fact that the tunnel is from port
> 143 to port 143 would it?
I've also noticed the following - or should at least mention:
* host1 has a private ip (192.168.4.6) but host2 has an Internet
address
* The TCP connection traffic goes like this:
1. SYN from host1 to host2 via ssh tunnel
2. SYN (reply) from host2 to host1 via Internet (!)
<no response>
* Until recently, neither host1 nor host2 was routing. I turned on
routing, then it worked - then it stopped. I used the command:
sysctl net.inet.ip.forwarding=1 net.inet6.ip6.forwarding=1
(might as well support IP6 too :-)
* ssh tunnel seems to allocate an IP of 192.168.4.7, but I can't see
it anywhere. Not in netstat -rn nor in ifconfig -a
* There doesn't seem to be any way of specifying a route via the ssh
tunnel interface.....
_______________________________________________________________
Hundreds of nodes, one monster rendering program.
Now that's a super model! Visit http://clustering.foundries.sf.net/
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
