Reverse Nat Ssh Tunnel - Open More That One Port?

I will be setting up a few raspberry pi's in various locations, and they will be creating reverse nat ssh tunnels to my ssh server.

I need to set up a monitoring server at the server's location to monitor the raspberry pi's through the ssh server. The monitoring agent that will be installed on the raspberry pi's is communicating with the monitoring server on port 4700.

My question is:

Since I am using reverse nat ssh tunnels to connect on the ssh server, I am guessing that port 4700 will not be opened. If this is true, is there a way to also open port 4700 in that tunnel, so the monitoring server can access the remote agent?

Thanks


Similar Content



Check If A Tunnel Is Up - If Not, Log It.

I am using the following command to establish a reverse ssh tunnel with an ssh server

Code:
ssh root@my.hostname.here -R 5001:localhost:22

The server is rebooted every night and the tunnel is established automatically on reboot successfully every time.

What I need to do, is run a check, and if for some reason the tunnel is not established, I want to log it in a log file.

How can I reliably check if the tunnel is up or not?
Keep in mind that other ssh sessions might be active at the time, so I don't want the checking method to pick up any of those successful sessions. It has to check only the tunnel.

Thanks

Iptables Question

Hi,

So, I am learning meteor.js and signed up for a (cheap, i.e no support) VPS to host my Meteor app. Everything is running fine but I am trying to understand better how Linux works so here is my question:

I am running CentOS 7 on the VPS but it still uses iptables for its firewall.

I had to enable port 80 to access the web server. However, if I reboot the server, it stops working until I do
Code:
iptables -F

Then everything works. But I am thinking that -F might not be the best thing. I have changed the default SSH port from 22 to something else and that also works but I don't think I ever added it to the iptables rules.

If I do a port scan, the new SSH port is indicated as open as well as port 80 but others are closed as they are supposed to be.

Any idea what is doing on behind the scenes that requires iptables -F for the web access to work properly and if I shouldn't be doing iptables -F (I have it in the rc.local file), what is the right way of doing it?

(BTW, I am computer literate but not that familiar with Linux, which I am trying to learn now.)


Kamal

Convert Txt To 3 Column Html

I have a server sending me a plain text email every day, reporting the below parameters. Its reading them from a text file, and sending them to my email.

How can convert this to a three column html table and send that?

Code:
Sync Total: 1 directory, 4 files, 0 symlinks
---------------------------------
Host Name: host name here
---------------------------------
Group Name: group name here
---------------------------------
Disk Usage: 37%
---------------------------------
CPU Usage: 78%
---------------------------------
Memory Usage: 11%
---------------------------------
Temperatu  44.9'C
---------------------------------
Local IP: 192.168.0.115
---------------------------------
Public IP: public ip here
---------------------------------
Tunnel Port: 5001
---------------------------------
Tunnel Status:
Fri Mar 6 06:23:00 EET 2015 opening reverse tunnel from my_host_he 5001 to 127.0.0.1:22
---------------------------------

Thanks

What Is The Use Of Port 1328

I just find my server have the below link , it use port 1328 , I checked it called ewall , would advise what is the use of 1328 ewall port in my case ? why it need to use port to access the web , why it can not direct access without the port ? thanks

https://mydomain.com:1328/xxx/xxx/test.html

Netcat And Nc Commands Not Working In Red Hat Linux 6.4

Hello All,

I am trying to check a tcp/udp port from one server to another server using netcat and nc commands. As there is no manual entry in the system I am not able to check it.

Please let me know any commands are available for checking the port from one server to another server

Honeyd Error While Running With Honeyd.conf In Kali Linux

hi there once again
Now I am getting this problem which running the cmd "honeyd -d -f honeyd.conf"
root@kali:/etc/honeypot# honeyd -d -f honeyd.conf
Honeyd V1.5c Copyright (c) 2002-2007 Niels Provos
honeyd[4726]: started with -d -f honeyd.conf
honeyd[4726]: listening promiscuously on eth0: (arp or ip proto 47 or (udp and src port 67 and dst port 68) or (ip )) and not ether src 98:4b:e1:94:62:46
honeyd[4726]: [eth0] trying DHCP
honeyd[4726]: Demoting process privileges to uid 65534, gid 65534
honeyd[4726]: [eth0] got DHCP offer: 192.168.23.2
honeyd[4726]: Updating ARP binding: 00:00:24:26:26:1d -> 192.168.23.2
honeyd[4726]: arp reply 192.168.23.2 is-at 00:00:24:26:26:1d
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1
honeyd[4726]: TTL exceeded for dst 224.0.0.22 at gw 10.0.0.1
honeyd[4726]: No reverse routing map for 10.0.0.1

what does it mean? because it starts to spam the terminal with such errors. or it is not??

I think, I have to edit the "honeyd.conf" file, but no clue.
the following is my honeyd configuration.

route entry 10.0.0.1
route 10.0.0.1 link 10.2.0.0/24
route 10.0.0.1 add net 10.3.0.0/16 10.3.0.1 latency 8ms bandwidth 10Mbps
route 10.3.0.1 link 10.3.0.0/24
route 10.3.0.1 add net 10.3.1.0/24 10.3.1.1 latency 7ms loss 0.5
route 10.3.1.1 link 10.3.1.0/24

# Example of a simple host template and its binding
create template
set template personality "Microsoft Windows XP Professional SP1"
set template uptime 1728650
set template maxfds 35
# For a complex IIS server
add template tcp port 80 "sh /usr/share/honeyd/scripts/win32/web.sh"
add template tcp port 22 "/usr/share/honeyd/scripts/test.sh $ipsrc $dport"
add template tcp port 23 proxy $ipsrc:23
add template udp port 53 proxy 141.211.92.141:53
set template default tcp action reset
# Use this if you are not running honeyd as 'honeyd' user:
# Debian-specific (use nobody = 65534 instead of 32767)
# set template uid 65534 gid 65534

create default
set default default tcp action block
set default default udp action block
set default default icmp action block

create windows
set windows personality "Microsoft Windows XP Professional SP1"
set windows default tcp action reset
add windows tcp port 135 open
add windows tcp port 139 open
add windows tcp port 445 open

set windows ethernet "00:00:24:ab:8c:12"
dhcp windows on eth0


urgent help needed please. thanks in advance

Monitoring Tomcat6 Access Log With Logwatch

I want to monitor tomcat access.log and catalina.out using logwatch.
There are many tutorials on how to implement new log file groups but I couldn't find any example for setting up a filter in /etc/logwatch/scripts/services/ for monitoring the tomcat logs.
Any help is appreciated.
Thanks.

How To Check Which Interfacce Port Has Cable Connected

Hi

We are going to move some servers from one location to another. How to verify whether the cables are connected to the right interface port?

like one server has eth0 active and eth1 is down. now if the tech guys connect the cable on eth1 port then how to know that

Is it /sys/class/net/eth1 and look for carrier or there is a better way ?

thanks in advance

Ubuntu 12.0.4 Server

Ok I'm really new at this . Not the old DOS I'm used to. I'm trying to setup my home server using Ubuntu 12.0.4, I've had no success. I have an actual raid sever I'm using. Loaded first HD with Ubuntu 12.0.4, now trying to setup so I can access from anywhere. Remember I'm a newbie so try and keep it simple until I learn Linux. I have my router setup for port forward using 192.168.100 port 21. everything I looked at so far is pretty complicated for a new user. Any help would be great.

Linux USB Port As A 'flash Disk'

Hey All,

Is there a way to present a path or other block device to a USB port on a Linux server then have that port connected to a USB port of another device (ie USB to USB) and have it look like a flash disk?

I can plug a USB flash disk to a router just fine. But if I wanted a device to access a path off of another device int he absence of NFS or CIFS capability, that would be handy.

In other words, anyway to assign storage to a USB port in Linux? It would be akin to something like SAN with a target and source just with USB.

Cheers,
DH