[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: port forwarding questions

From: Jake Stone <jake.the.stone_at_gmail.com>
Date: Mon, 19 Oct 2009 19:45:26 -0500

Ross Boylan wrote:
> On Mon, 2009-10-19 at 15:27 -0500, Jake Stone wrote:
>
>> I presume your Apache machine ports are not accessible without SSH, due
>> to firewall, router, or security?
>> (If you want Apache to be publically accessible, you need port-forwarding.)
>>
> Correct.
>
>> If you want to keep Apache accessible via SSH only, you can have it
>> listen on port 80 as expected. Then, in user's SSH sessions, re-direct
>> the remote port 80 to or localhost:PORT. Then they can access your site
>> by browsing to http://127.0.0.1:PORT
>>
>> This SSH port-tunneling is done with the SSH client, not apache;
>> configure apache as if there were no SSHing involved, then instruct
>> clients to SSH in correctly.
>>
> But can simultaneous clients ssh in to the same port?
> Ross
>
>> Ross Boylan wrote:
>>
>>> My subversion server is running under Apache, and I have clients from
>>> several machines connecting to it simultaneously via ssh.
>>>
>>> Currently I have Apache listen on multiple ports, and each client
>>> accesses the server through a different port. Is that necessary?
>>>
>>> I did this partly because forward only maps (from the client) do not
>>> seem reliable. That is, in addition to saying that client port 8000
>>> should tunnel to port 80 on the server, I seem to need to say that
>>> remote port 80 needs to be forwarded to local 8000. In my ssh config
>>> file on the client that means I give the server options
>>> LocalForward 8000 localhost:80
>>> RemoteForward 8000 localhost:80
>>>
>>> Is there a simpler way?
>>>
>>> Thanks.
>>> Ross Boylan
>>>
>>> ------------------------------------------------------
>>> http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2409127
>>>
>>> To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
>>>
>>>
>
>
Yes! Multiple clients can connect on the same port on SSH, or indeed
most any internet-enabled service. This is in the same manner such that
everyone can connect to Apache on port 80 if it were not firewalled. A
computer uses virtual ports to decide which application is listening to
which traffic. Imagine if the Google servers needed a separate port for
every single user...

If you'd like to learn more about networking, I'd highly recommend the
book "TCP/IP in 24 hours" by Joe Casad, which is a dry but extensive
look at the primary aspects of networking. It helped me greatly when
trying to understand various VPN setups and other server work.

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2409179

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-10-20 02:46:07 CEST

This is an archived mail posted to the Subversion Users mailing list.