Professional Web Applications Themes

VPC SSH tunnel collapse imperils NNTP traffic? - Mac Applications & Software

Hi I have a fairly obscure problem that I need a bit of help with. Ti PB, OS X 10.2.8 VPC 6.1 Win2K I'm trying to set up SSH tunnels for various services and so far have been successful opening a shell (duh) and tunnelling incoming and outgoing email. I also set up a tunnel for NNTP using sudo ssh -v \ -L2119:news.sonic.net:119 \ -l claudel basically the same deal as the other tunnels. The log shows the tunnel is there between the PB and the host. The kinky part is that the binary newsgrabber that I'm trying to use ...

  1. #1

    Default VPC SSH tunnel collapse imperils NNTP traffic?

    Hi

    I have a fairly obscure problem that I need a bit
    of help with. Ti PB, OS X 10.2.8 VPC 6.1 Win2K

    I'm trying to set up SSH tunnels for various
    services and so far have been successful
    opening a shell (duh) and tunnelling incoming and
    outgoing email. I also set up a tunnel for NNTP
    using

    sudo ssh -v \
    -L2119:news.sonic.net:119 \
    -l claudel

    basically the same deal as the other tunnels.
    The log shows the tunnel is there between the
    PB and the host.

    The kinky part is that the binary newsgrabber that
    I'm trying to use is Newsbin Pro running under
    Win2K/VPC 6.1 on my PB. Bought a license already
    before the Switch.

    The problem is that I can't seem to get it to
    access the tunnel. I tried pointing Newsbin Pro
    at 127.0.0.1:2119, but no go.
    I redefined news.sonic.net to 127.0.0.1 in the
    Windows hosts file. I could ping it then but BFD.

    Is there something I need to be running in the
    Windows window to pass the traffic? Proxy server?

    Is localhost in the VPC window isolated/different
    from the localhost on the host? :^)

    I think the problem is somewhere in the VPC<>host
    networking, but I'm not sure.

    Anyway TIA for any insight

    Claude


    claudel Guest

  2. #2

    Default Re: VPC SSH tunnel collapse imperils NNTP traffic?

    claudel <sonic.net> wrote:
     

    Yes, the Windows session will have its own loopback interface.

    So will OS 9 running in Classic, incidentally.

    --
    Jeremy | com
    Jeremy Guest

  3. #3

    Default Re: VPC SSH tunnel collapse imperils NNTP traffic?

    In article <gunslinger.net>,
    Jeremy <com> wrote: 
    >
    >Yes, the Windows session will have its own loopback interface.
    >
    >So will OS 9 running in Classic, incidentally.[/ref]

    Thanks.

    I suspected as much.

    Claude
     


    claudel Guest

  4. #4

    Default Re: VPC SSH tunnel collapse imperils NNTP traffic?

    ["Followup-To:" header set to comp.sys.mac.apps.] 

    The reaosn for this has been explained already. Here's a solution
    which I think will work. Add -g to the command line; tell VPC to use
    2119 on your mac's ip address; and if the osx firewall is on, open
    port 2119.

    The downside of this is security: with -g, _any_ external machine that
    can establish connections to your mac can use it in exactly the same
    way. Whether or not that's an issue for you depends on your network
    configuration. If this is a machine with a lan address sitting behind
    a router, you have nothing to worry about. Otherwise, it's not a good
    idea to do this unless configure the osx firewall in a slightly more
    sophisticated way than you can with Apple's gui.

    Another approach is to run the tunnel in Windows, which is perfectly
    doable in W2K. If you do that, localhost (in Windows) will work fine.
    Of course you can't use it in osx if you do this.



    Hugh Guest

  5. Moderated Post

    Default Re: VPC SSH tunnel collapse imperils NNTP traffic?

    Removed by Administrator
    claudel Guest
    Moderated Post

  6. Moderated Post

    Default Re: VPC SSH tunnel collapse imperils NNTP traffic?

    Removed by Administrator
    Hugh Guest
    Moderated Post

  7. Moderated Post

    Default Re: VPC SSH tunnel collapse imperils NNTP traffic?

    Removed by Administrator
    claudel Guest
    Moderated Post

  8. #8

    Default Re: VPC SSH tunnel collapse imperils NNTP traffic?

    On 2003-10-07, claudel <sonic.net> wrote: 
    >
    > Why? The OS X FW blocks connections incoming or outgoing
    > on the external interface[/ref]

    Except for one rule allowing loopback traffic, the standard rules are
    not specific to any interface. If you haven't opened any ports, the
    rules set looks like this:

    02000 allow ip from any to any via lo*
    02010 deny ip from 127.0.0.0/8 to any in
    02020 deny ip from any to 127.0.0.0/8 in
    02030 deny ip from 224.0.0.0/3 to any in
    02040 deny tcp from any to 224.0.0.0/3 in
    02050 allow tcp from any to any out
    02060 allow tcp from any to any established
    12190 deny tcp from any to any
    65535 allow ip from any to any

    All but the first rule apply to all interfaces.


     

    I don't know how VPC networking works at this level. Try running
    tcpdump in osx while connecting from Windows. That should tell you
    what osx interface the connection using. If it's lo0, the first
    firewall rule will let it through.




     

    Hmm. Can you connect to any local osx servers from VPC Windows? Eg if
    you're running an ssh server in osx, can you ssh from Windows to the
    local osx?


     

    Is your Windows box sharing the same ip address as osx or does it
    have its own? If you're sharing an address, that might explain what
    the problem is here. In that case can you give it its own address,
    or have a local dhcp server give it one? If the addresses are
    different you should have no problem running a tunnel in each os.





    Hugh Guest

  9. #9

    Default Re: VPC SSH tunnel collapse imperils NNTP traffic?

    In article <nGpgb.695526$Ho3.151102sccrnsc03>,
    Hugh Wolf <lieder.de> wrote: 
    >>
    >> Why? The OS X FW blocks connections incoming or outgoing
    >> on the external interface[/ref]
    >
    >Except for one rule allowing loopback traffic, the standard rules are
    >not specific to any interface. If you haven't opened any ports, the
    >rules set looks like this:
    >
    >02000 allow ip from any to any via lo*
    >02010 deny ip from 127.0.0.0/8 to any in
    >02020 deny ip from any to 127.0.0.0/8 in
    >02030 deny ip from 224.0.0.0/3 to any in
    >02040 deny tcp from any to 224.0.0.0/3 in
    >02050 allow tcp from any to any out
    >02060 allow tcp from any to any established
    >12190 deny tcp from any to any
    >65535 allow ip from any to any
    >
    >All but the first rule apply to all interfaces.
    >[/ref]

    I turned the FW off completely. No Go.
     
    >
    >I don't know how VPC networking works at this level. Try running
    >tcpdump in osx while connecting from Windows. That should tell you
    >what osx interface the connection using. If it's lo0, the first
    >firewall rule will let it through.
    >[/ref]

    Will do. Good suggestion.
     
    >
    >Hmm. Can you connect to any local osx servers from VPC Windows? Eg if
    >you're running an ssh server in osx, can you ssh from Windows to the
    >local osx?
    >[/ref]

    I'm only using the client regularly, but I can start the server
    to play around with it.
     
    >
    >Is your Windows box sharing the same ip address as osx or does it
    >have its own? If you're sharing an address, that might explain what
    >the problem is here. In that case can you give it its own address,
    >or have a local dhcp server give it one? If the addresses are
    >different you should have no problem running a tunnel in each os.[/ref]

    Shared IP. That could be the root of the problem.

    Thanks for the good suggestions. I'll play around with
    reconfiguring VPC and see if that will help.


    Claude
    claudel Guest

Similar Threads

  1. How can I avoid border-collapse:collapse to come ...
    By VVSRKS in forum ASP.NET Data Grid Control
    Replies: 0
    Last Post: September 16th, 10:13 AM
  2. Expand and Collapse
    By Jenny in forum ASP.NET General
    Replies: 2
    Last Post: August 5th, 03:41 PM
  3. datagrid and border-collapse:collapse style
    By Vaclav Jedlicka in forum ASP.NET General
    Replies: 1
    Last Post: June 30th, 03:31 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139