- Local port forwarding
- Remote port forwarding
- Dynamic port forwarding
Port forwarding or port mapping is a name given to the combined technique of
- translating the address and/or port number of a packet to a new destination
- possibly accepting such packet(s) in a packet filter(firewall)
- forwarding the packet according to the routing table.
Tunnelling with Local port forwarding
ssh -L 9001:yahoo.com:80 home
ssh -L <local-port-to-listen>:<remote-host>:<remote-port> <gateway>
ssh -L 5900:localhost:5900 home (Executed from 'work')
ssh -L 9001:banned:22 home
ssh -p 9001 localhost
Reverse Tunnelling with remote port forwarding
The university firewall is blocking all incoming traffic. How can we connect from ‘home’ to internal network so that we can browse the internal site? A VPN setup is a good candidate here. However for this example let’s assume we don’t have this facility. Enter SSH reverse tunnelling..
ssh -R 9001:intra-site.com:80 home (Executed from 'work')
by visiting http://localhost:9001 in ‘home’ web browser. The ‘work’ will then create a connection to intra-site and relay back the response to ‘home’ via the created SSH channel.
Dynamic Port Forwarding
ssh -D 9001 home (Executed from 'work')