libssh
0.10.6
The SSH library
|
Port forwarding comes in SSH protocol in two different flavours: direct or reverse port forwarding. Direct port forwarding is also named local port forwarding, and reverse port forwarding is also called remote port forwarding. SSH also allows X11 tunnels.
Direct port forwarding is from client to server. The client opens a tunnel, and forwards whatever data to the server. Then, the server connects to an end point. The end point can reside on another machine or on the SSH server itself.
Example of use of direct port forwarding:
Mail client application Google Mail | ^ 5555 (arbitrary) | | 143 (IMAP2) V | SSH client =====> SSH server Legend: --P-->: port connections through port P =====>: SSH tunnel
A mail client connects to port 5555 of a client. An encrypted tunnel is established to the server. The server connects to port 143 of Google Mail (the end point). Now the local mail client can retrieve mail.
The reverse forwarding is slightly different. It goes from server to client, even though the client has the initiative of establishing the tunnel. Once the tunnel is established, the server will listen on a port. Whenever a connection to this port is made, the server forwards the data to the client.
Example of use of reverse port forwarding:
Local mail server Mail client application ^ | | 5555 (arbitrary) 143 (IMAP2) | | V SSH client <===== SSH server Legend: --P-->: port connections through port P =====>: SSH tunnel
In this example, the SSH client establishes the tunnel, but it is used to forward the connections established at the server to the client.
X11 tunnels allow a remote application to display locally.
Example of use of X11 tunnels:
Local display Graphical application (X11 server) (X11 client) ^ | | V SSH client <===== SSH server Legend: ----->: X11 connection through X11 display number =====>: SSH tunnel
The SSH tunnel is established by the client.
How to establish X11 tunnels with libssh has already been described in this tutorial.
To do direct port forwarding, call function ssh_channel_open_forward():
If you don't plan to forward the data you will receive to any local port, just put fake values like "localhost" and 5555 as your local host and port.
The example below shows how to open a direct channel that would be used to retrieve google's home page from the remote SSH server.
The data sent by Google can be retrieved for example with ssh_select() and ssh_channel_read(). Goggle's home page can then be displayed on the local SSH client, saved into a local file, made available on a local port, or whatever use you have for it.
To do reverse port forwarding, call ssh_channel_listen_forward(), then ssh_channel_accept_forward().
When you call ssh_channel_listen_forward(), you can let the remote server chose the non-privileged port it should listen to. Otherwise, you can chose your own privileged or non-privileged port. Beware that you should have administrative privileges on the remote server to open a privileged port (port number < 1024).
Below is an example of a very rough web server waiting for connections on port 8080 of remote SSH server. The incoming connections are passed to the local libssh application, which handles them: