How can I verify that the port forwarding is established by checking the sockets?
Clash Royale CLAN TAG#URR8PPP
After I run
$ ssh -L 9000:google.com:80 testme@localhost
how can I verify that the port forwarding is established by checking the sockets (internet and unix domain sockets)?
Thanks.
ssh socket netstat
edited Feb 5 at 13:22
Jeff Schaller
42.5k1158135
asked Feb 5 at 13:14
TimTim
27.4k78264474
add a comment |
After I run
$ ssh -L 9000:google.com:80 testme@localhost
how can I verify that the port forwarding is established by checking the sockets (internet and unix domain sockets)?
Thanks.
ssh socket netstat
edited Feb 5 at 13:22
Jeff Schaller
42.5k1158135
asked Feb 5 at 13:14
TimTim
27.4k78264474
add a comment |
After I run
$ ssh -L 9000:google.com:80 testme@localhost
how can I verify that the port forwarding is established by checking the sockets (internet and unix domain sockets)?
Thanks.
ssh socket netstat
edited Feb 5 at 13:22
Jeff Schaller
42.5k1158135
asked Feb 5 at 13:14
TimTim
27.4k78264474
After I run
$ ssh -L 9000:google.com:80 testme@localhost
how can I verify that the port forwarding is established by checking the sockets (internet and unix domain sockets)?
Thanks.
ssh socket netstat
ssh socket netstat
edited Feb 5 at 13:22
Jeff Schaller
42.5k1158135
asked Feb 5 at 13:14
TimTim
27.4k78264474
edited Feb 5 at 13:22
Jeff Schaller
42.5k1158135
asked Feb 5 at 13:14
TimTim
27.4k78264474
edited Feb 5 at 13:22
Jeff Schaller
42.5k1158135
edited Feb 5 at 13:22
Jeff Schaller
42.5k1158135
edited Feb 5 at 13:22
Jeff Schaller
42.5k1158135
42.5k1158135
asked Feb 5 at 13:14
TimTim
27.4k78264474
asked Feb 5 at 13:14
TimTim
27.4k78264474
asked Feb 5 at 13:14
TimTim
27.4k78264474
27.4k78264474
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
Once the SSH connection is established, you’ll see a listening socket on port 9000:
$ ss -o state listening 'sport = 9000'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 128 127.0.0.1:9000 *:*
tcp 0 128 ::1:9000 :::*
You won’t see a connection to google.com until a connection is established to port 9000; run
$ nc localhost 9000
then in another terminal you’ll see something like
$ ss -o state established 'dport = 80'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 0 10.10.10.2:34948 216.58.204.142:http
with a peer address belonging to Google.
answered Feb 5 at 13:36
Stephen KittStephen Kitt
173k24397472
Question about your reply unix.stackexchange.com/questions/499190/…
– Tim
Feb 7 at 1:18
unix.stackexchange.com/questions/499198/… and unix.stackexchange.com/questions/499199/what-is-inet-prefix
– Tim
Feb 7 at 2:38
add a comment |
There are many complementary ways of doing it:
On your local machine
You can run your ssh command with -v option, and there will be information about forwarding:
debug1: Local connections to LOCALHOST:9000 forwarded to remote address google.com:80
debug1: Local forwarding listening on ::1 port 9000.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 9000.
debug1: channel 1: new [port listener]
Run netstat -tulpn and you should see if there is entry with ssh running on port 9000. This shows listening ports. It does not show actively forwarded connections!
# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 15557/ssh
On remote machine
In your currently opened session that forwards ports just tap ~# quickly and you should see if anything is using your tunnel right now (you can try connecting to your localhost:9000 with telnet command and see what happens).
The following connections are open:
#2 client-session (t4 r0 i0/0 o0/0 e[write]/4 fd 6/7/8 sock -1 cc -1)
#3 direct-tcpip: listening port 9000 for google.com port 80, connect from 127.0.0.1 port 57060 to 127.0.0.1 port 9000 (t4 r1 i0/0 o0/0 e[closed]/0 fd 9/9/-1 sock 9 cc -1)
Also netstat -tulpn should tell you about open ports on this machine, but there is no guarantee that those ports opened are the one you've made with connection. Most of the time you will not have root access to remote machine so you cannot check PID of your SSH session and PID in netstat results.
answered Feb 5 at 13:36
DevilaNDevilaN
561110
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f498795%2fhow-can-i-verify-that-the-port-forwarding-is-established-by-checking-the-sockets%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Once the SSH connection is established, you’ll see a listening socket on port 9000:
$ ss -o state listening 'sport = 9000'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 128 127.0.0.1:9000 *:*
tcp 0 128 ::1:9000 :::*
You won’t see a connection to google.com until a connection is established to port 9000; run
$ nc localhost 9000
then in another terminal you’ll see something like
$ ss -o state established 'dport = 80'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 0 10.10.10.2:34948 216.58.204.142:http
with a peer address belonging to Google.
answered Feb 5 at 13:36
Stephen KittStephen Kitt
173k24397472
Question about your reply unix.stackexchange.com/questions/499190/…
– Tim
Feb 7 at 1:18
unix.stackexchange.com/questions/499198/… and unix.stackexchange.com/questions/499199/what-is-inet-prefix
– Tim
Feb 7 at 2:38
add a comment |
Once the SSH connection is established, you’ll see a listening socket on port 9000:
$ ss -o state listening 'sport = 9000'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 128 127.0.0.1:9000 *:*
tcp 0 128 ::1:9000 :::*
You won’t see a connection to google.com until a connection is established to port 9000; run
$ nc localhost 9000
then in another terminal you’ll see something like
$ ss -o state established 'dport = 80'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 0 10.10.10.2:34948 216.58.204.142:http
with a peer address belonging to Google.
answered Feb 5 at 13:36
Stephen KittStephen Kitt
173k24397472
Question about your reply unix.stackexchange.com/questions/499190/…
– Tim
Feb 7 at 1:18
unix.stackexchange.com/questions/499198/… and unix.stackexchange.com/questions/499199/what-is-inet-prefix
– Tim
Feb 7 at 2:38
add a comment |
Once the SSH connection is established, you’ll see a listening socket on port 9000:
$ ss -o state listening 'sport = 9000'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 128 127.0.0.1:9000 *:*
tcp 0 128 ::1:9000 :::*
You won’t see a connection to google.com until a connection is established to port 9000; run
$ nc localhost 9000
then in another terminal you’ll see something like
$ ss -o state established 'dport = 80'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 0 10.10.10.2:34948 216.58.204.142:http
with a peer address belonging to Google.
answered Feb 5 at 13:36
Stephen KittStephen Kitt
173k24397472
Once the SSH connection is established, you’ll see a listening socket on port 9000:
$ ss -o state listening 'sport = 9000'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 128 127.0.0.1:9000 *:*
tcp 0 128 ::1:9000 :::*
You won’t see a connection to google.com until a connection is established to port 9000; run
$ nc localhost 9000
then in another terminal you’ll see something like
$ ss -o state established 'dport = 80'
Netid Recv-Q Send-Q Local Address:Port Peer Address:Port
tcp 0 0 10.10.10.2:34948 216.58.204.142:http
with a peer address belonging to Google.
answered Feb 5 at 13:36
Stephen KittStephen Kitt
173k24397472
answered Feb 5 at 13:36
Stephen KittStephen Kitt
173k24397472
answered Feb 5 at 13:36
Stephen KittStephen Kitt
173k24397472
answered Feb 5 at 13:36
Stephen KittStephen Kitt
173k24397472
173k24397472
Question about your reply unix.stackexchange.com/questions/499190/…
– Tim
Feb 7 at 1:18
unix.stackexchange.com/questions/499198/… and unix.stackexchange.com/questions/499199/what-is-inet-prefix
– Tim
Feb 7 at 2:38
add a comment |
Question about your reply unix.stackexchange.com/questions/499190/…
– Tim
Feb 7 at 1:18
unix.stackexchange.com/questions/499198/… and unix.stackexchange.com/questions/499199/what-is-inet-prefix
– Tim
Feb 7 at 2:38
Question about your reply unix.stackexchange.com/questions/499190/…
– Tim
Feb 7 at 1:18
Question about your reply unix.stackexchange.com/questions/499190/…
– Tim
Feb 7 at 1:18
unix.stackexchange.com/questions/499198/… and unix.stackexchange.com/questions/499199/what-is-inet-prefix
– Tim
Feb 7 at 2:38
unix.stackexchange.com/questions/499198/… and unix.stackexchange.com/questions/499199/what-is-inet-prefix
– Tim
Feb 7 at 2:38
add a comment |
There are many complementary ways of doing it:
On your local machine
You can run your ssh command with -v option, and there will be information about forwarding:
debug1: Local connections to LOCALHOST:9000 forwarded to remote address google.com:80
debug1: Local forwarding listening on ::1 port 9000.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 9000.
debug1: channel 1: new [port listener]
Run netstat -tulpn and you should see if there is entry with ssh running on port 9000. This shows listening ports. It does not show actively forwarded connections!
# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 15557/ssh
On remote machine
In your currently opened session that forwards ports just tap ~# quickly and you should see if anything is using your tunnel right now (you can try connecting to your localhost:9000 with telnet command and see what happens).
The following connections are open:
#2 client-session (t4 r0 i0/0 o0/0 e[write]/4 fd 6/7/8 sock -1 cc -1)
#3 direct-tcpip: listening port 9000 for google.com port 80, connect from 127.0.0.1 port 57060 to 127.0.0.1 port 9000 (t4 r1 i0/0 o0/0 e[closed]/0 fd 9/9/-1 sock 9 cc -1)
Also netstat -tulpn should tell you about open ports on this machine, but there is no guarantee that those ports opened are the one you've made with connection. Most of the time you will not have root access to remote machine so you cannot check PID of your SSH session and PID in netstat results.
answered Feb 5 at 13:36
DevilaNDevilaN
561110
add a comment |
There are many complementary ways of doing it:
On your local machine
You can run your ssh command with -v option, and there will be information about forwarding:
debug1: Local connections to LOCALHOST:9000 forwarded to remote address google.com:80
debug1: Local forwarding listening on ::1 port 9000.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 9000.
debug1: channel 1: new [port listener]
Run netstat -tulpn and you should see if there is entry with ssh running on port 9000. This shows listening ports. It does not show actively forwarded connections!
# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 15557/ssh
On remote machine
In your currently opened session that forwards ports just tap ~# quickly and you should see if anything is using your tunnel right now (you can try connecting to your localhost:9000 with telnet command and see what happens).
The following connections are open:
#2 client-session (t4 r0 i0/0 o0/0 e[write]/4 fd 6/7/8 sock -1 cc -1)
#3 direct-tcpip: listening port 9000 for google.com port 80, connect from 127.0.0.1 port 57060 to 127.0.0.1 port 9000 (t4 r1 i0/0 o0/0 e[closed]/0 fd 9/9/-1 sock 9 cc -1)
Also netstat -tulpn should tell you about open ports on this machine, but there is no guarantee that those ports opened are the one you've made with connection. Most of the time you will not have root access to remote machine so you cannot check PID of your SSH session and PID in netstat results.
answered Feb 5 at 13:36
DevilaNDevilaN
561110
add a comment |
There are many complementary ways of doing it:
On your local machine
You can run your ssh command with -v option, and there will be information about forwarding:
debug1: Local connections to LOCALHOST:9000 forwarded to remote address google.com:80
debug1: Local forwarding listening on ::1 port 9000.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 9000.
debug1: channel 1: new [port listener]
Run netstat -tulpn and you should see if there is entry with ssh running on port 9000. This shows listening ports. It does not show actively forwarded connections!
# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 15557/ssh
On remote machine
In your currently opened session that forwards ports just tap ~# quickly and you should see if anything is using your tunnel right now (you can try connecting to your localhost:9000 with telnet command and see what happens).
The following connections are open:
#2 client-session (t4 r0 i0/0 o0/0 e[write]/4 fd 6/7/8 sock -1 cc -1)
#3 direct-tcpip: listening port 9000 for google.com port 80, connect from 127.0.0.1 port 57060 to 127.0.0.1 port 9000 (t4 r1 i0/0 o0/0 e[closed]/0 fd 9/9/-1 sock 9 cc -1)
Also netstat -tulpn should tell you about open ports on this machine, but there is no guarantee that those ports opened are the one you've made with connection. Most of the time you will not have root access to remote machine so you cannot check PID of your SSH session and PID in netstat results.
answered Feb 5 at 13:36
DevilaNDevilaN
561110
There are many complementary ways of doing it:
On your local machine
You can run your ssh command with -v option, and there will be information about forwarding:
debug1: Local connections to LOCALHOST:9000 forwarded to remote address google.com:80
debug1: Local forwarding listening on ::1 port 9000.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 9000.
debug1: channel 1: new [port listener]
Run netstat -tulpn and you should see if there is entry with ssh running on port 9000. This shows listening ports. It does not show actively forwarded connections!
# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 15557/ssh
On remote machine
In your currently opened session that forwards ports just tap ~# quickly and you should see if anything is using your tunnel right now (you can try connecting to your localhost:9000 with telnet command and see what happens).
The following connections are open:
#2 client-session (t4 r0 i0/0 o0/0 e[write]/4 fd 6/7/8 sock -1 cc -1)
#3 direct-tcpip: listening port 9000 for google.com port 80, connect from 127.0.0.1 port 57060 to 127.0.0.1 port 9000 (t4 r1 i0/0 o0/0 e[closed]/0 fd 9/9/-1 sock 9 cc -1)
Also netstat -tulpn should tell you about open ports on this machine, but there is no guarantee that those ports opened are the one you've made with connection. Most of the time you will not have root access to remote machine so you cannot check PID of your SSH session and PID in netstat results.
answered Feb 5 at 13:36
DevilaNDevilaN
561110
answered Feb 5 at 13:36
DevilaNDevilaN
561110
answered Feb 5 at 13:36
DevilaNDevilaN
561110
answered Feb 5 at 13:36
DevilaNDevilaN
561110
561110
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f498795%2fhow-can-i-verify-that-the-port-forwarding-is-established-by-checking-the-sockets%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
