Re: Port Forwarding - Firewall Traversal

Hi Scott,

The problem I personally noticed is dumb and obvious ;)
If your HTTP content contains not relative URLs, say index.html contains
something like <a href="http://server_hostname/foo";>bar</a> instead of
<a href="/foo">bar</a>, then the http://localhost:fwdport/... will be
forgotten on the way... Such a bad HTML code not being yours maybe, you
may not be able to change it (proprietary web interfaces, aso)...

I agree that adding to your workstation /etc/hosts file the server
hostname in front of 127.0.0.1 may be the hack for this, but that's
going ugly and uglier and needs root privileges...

I agree also that saying HTTP is not port forwarding friendly is to
much, I should have said instead: bad HTML is not port forwarding friendly !

However, there is no such a problem using OpenSSH socks proxy feature
(-D port), but the option may not be allowed server side in Henry's case
(a Solaris system).

By the way, SunOS 5.10 ships with a Sun_SSH_1.1 which seems to actually
be OpenSSH looking at the usage and man (see Authors)... Is it ?

Regards,
Pierre


Scott Baker wrote:
> I don't know about THIS situation as I don't know Oracle but port
> forwarding HTTP (port 80 or even 443) is TOTALLY ssh port forwarding
> friendly. The ONLY problems you might have are DNS, where the server
> expects the request to say "www.foo.com" instead of "localhost" but
> even that can be hacked with an edit in your hosts file.
>
> I've port forwarded port 80 lots of times with SSH with no problems.
>
> Scott
>