Local binding port for SSH client?
Bill Davidsen
davidsen at tmr.com
Thu Sep 4 03:59:05 UTC 2008
Jorge Fábregas wrote:
> On Tuesday 02 September 2008 05:00:32 pm Kevin J. Cummings wrote:
>> Are you looking for a way to control which outgoing port ssh uses?
>
> Yes, this is what I want. For example, on a remote ACL you may have your
> filters based on:
>
> - destination ip
> - destination port
> - source ip
>
> I was thinking I could add "source port" to that list..but then , on the
> client side, I'd have to specify local binding port.
>
> Irrespectively of its security merits I'm just curious if it's possible at all
> (with ssh or any other net tool).
>
If you want to learn a little about iptables you can just do SNAT to
control the IP and port.
iptables -A POSTROUTING -t nat -p tcp -d 1.2.3.4 --dport ssh \
-j SNAT --to-source 4.3.2.1:24702
That is, if the destination IP is 1.2.3.4 and the destination port is
ssh (22), change the source IP to 4.3.2.1 port 24702
Requires static IP.
--
Bill Davidsen <davidsen at tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
More information about the fedora-list
mailing list