On 13/03/07, Valery Reznic <[EMAIL PROTECTED]> wrote:
http://tldp.org/HOWTO/IP-Masquerade-HOWTO/forwarders.html I saw this link before. Or I don't understand how can I use this HOWTO or I don't explain myself plain :( . Let me try again. There is computer A, Firewall F, and another linux box B A ----> F ----- B Firewall allow only outgoing connection from A. Apache run on the box A. I'd like to do port forwarding (or something), so http://B... will work, accessing apache on box A. It's looks for me, that this HowTo describe how do port forwarding if you got incoming connection. But I haven't.
You want that http://B will reach A, *without* configuring firewall F to allow incoming connections? Then you'll have to find a way to "punch a hole" by opening a tunnel from A to B and try to transfer the incoming HTTP connections on top of that. As you describe, ssh might be your friend - open an SSH connection from A to B with the -R option (run it on A), something like: "ssh -R 80:127.1:80 [EMAIL PROTECTED]". You need to be root on B to be able to bind to privileged ports and make sure that nothing else listens on port 80 on B. "autossh" (http://www.harding.motd.ca/autossh/, also has a Debian package) might be a good way to keep this tunnel persistent. Am I miss something ? Apparently not - you already got the answer yourself with SSH. If you tried this and failed then give more details - what have you executed and what was the outcome (e.g. output, behaviour). --Amos