- I am looking for a way to "tunnel" (may be the wrong term) traffic on a specific port from a machine with an untrusted IP address through a machine with a trusted IP address, in order to connect through a firewall. Here is the situation... Machine A - Has a dynamic IP address - Has a firewall that allows all ports out Machine B - Has a static IP address - Has a firewall that allows SSH in from any IP address, all ports out - Includes an account I can use to SSH into it Machine C - Has a static IP address - Has a firewall that allows port 5000 (just an example) in only from the IP address used by Machine B So, I want to send port 5000 traffic "through" Machine B, so that Machine C treats the traffic as though it is coming from Machine B's IP address (and thus lets it in)? I'd like to accomplish this entirely by using Mac OS X Terminal, so the software communicating out on port 5000 on Machine A can function as usual (I don't want to change the software to use a different port). Thanks to anyone with any ideas! -
and what is the reason you wish to do this? If you have control of the servers then why not just add Machine A's IP address to the white list. However as you have not done this and this being the obvious choice it leads me to beleive that you are indeed not authorised to access Machine C for a good reason. Maybe you are trying to hack it? Maybe you are trying to use an unrestricted PC to break out of the network? If either of these are the case it is really not something someone reputable is going to help you with.
Sorry to disappoint coffear, but I'm not actually a hacker with neerdowell intentions. Just an ordinary, law-abiding citizen trying to avoid having to pay the phone company for another static IP address (about 50.00/month where I live). As noted in my post, computer A has a dynamic IP address, so I can't set rules on Machine C to allow it. Hence my problem. SSANZ, thanks. I'll look into Iptables and openVPN with squid. I don't know much about these, so if you have time to refer me to info, I'd appreciate it. D
OpenVPN is nice, I have been using it for 3 years now; and feel satisfied with. Meanwhile, I found it a little bit slow: tunneled NFS access are sometimes really painfull You could use PPTP as well which is faster. But be sure your router can handle the GRE protocol or else your won't be able to enable your tunnel. I spent many hours to realize my DSL box doesn't handle it Regards Thibaut
OpenVPN would do it. But first try this.... From machine A ssh -L 5000:ipofmachineC:5000 user@ipofmachineB You then connect to 127.0.0.1 port 5000 and you should be hitting port 5000 on machine C. Good luck.