Я пытаюсь выполнить переадресацию удаленного порта через туннель ssh на моем NAS (NAS4Free с FreeBSD), который находится за брандмауэром. я добавил gateway_enable="YES" в /etc/rc.conf а также net.inet.ip.forwarding=1 в /etc/sysctl.conf.
Кажется, что туннелирование работает с помощью следующей команды:
ssh -R 0.0.0.0:49153:localhost:8080 username@a.b.c.d -p 16
И это журнал, если я использую -v в моей команде ssh до момента, когда я получаю доступ:
OpenSSH_7.2p1, OpenSSL 1.0.1p-freebsd 9 Jul 2015
debug1: Connecting to a.b.c.d [a.b.c.d] port 16.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2-hpn14v5
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Remote is NON-HPN aware
debug1: Authenticating to a.b.c.d:16 as 'username'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: <secret content>
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: <secret content> SHA256:<secret content>
debug1: skipped DNS lookup for numerical hostname
debug1: Host '[a.b.c.d]:16' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
username@a.b.c.d's password:
debug1: Authentication succeeded (password).
Authenticated to a.b.c.d ([a.b.c.d]:16).
debug1: Remote connections from 0.0.0.0:49153 forwarded to local address localhost:8080
debug1: HPN to Non-HPN Connection
debug1: Final hpn_buffer_size = 2097152
debug1: HPN Disabled: 0, HPN Buffer Size: 2097152
debug1: channel 0: new [client-session]
debug1: Enabled Dynamic Window Scaling
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: remote forward success for: listen 0.0.0.0:49153, connect localhost:8080
debug1: All remote forwarding requests processed
Welcome to Ubuntu 14.04.4 LTS (GNU/Linux 3.13.0-85-generic x86_64)
* Documentation: https://help.ubuntu.com/
System information as of Wed Apr 27 19:53:40 UTC 2016
System load: 0.01 Processes: 250
Usage of /: 7.0% of 27.05GB Users logged in: 0
Memory usage: 37% IP address for eth0: a.b.c.d
Swap usage: 0% IP address for tun0: 10.8.0.1
Graph this data and manage this system at:
https://landscape.canonical.com/
Last login: Wed Apr 27 19:53:41 2016 from <secret content>
username@localhost:~$
Однако, когда я пытаюсь войти в систему, чтобы получить доступ к веб-сайту, работающему на моем NAS на https: //a.b.c.d: 49153 / я получил ERR_CONNECTION_REFUSED в моем браузере, и я также получаю следующий журнал из моего сеанса ssh:
debug1: client_input_channel_open: ctype forwarded-tcpip rchan 3 win 2097152 max 32768
debug1: client_request_forwarded_tcpip: listen 0.0.0.0 port 49153, originator <secret content> port 12010
debug1: connect_next: host localhost ([127.0.0.1]:8080): Connection refused
debug1: connect_next: host localhost ([::1]:8080): Connection refused
connect to localhost port 8080 failed: Connection refused
debug1: failure forwarded-tcpip