SSH Port Forwarding:Overview: Difference between revisions
Content removed - troubleshooting guide: SSH Port Forwarding Overview (5 sections) |
Content added - troubleshooting guide: SSH Port Forwarding Overview (10 sections) |
||
| Line 1: | Line 1: | ||
This document describes the SSH port forwarding system architecture and how it works. | This document describes the SSH port forwarding system architecture and how it works. | ||
| Line 7: | Line 5: | ||
=== Components === | === Components === | ||
= '''Configuration File''': <code>/etc/ssh-port-forwards.conf</code> = | ==== '''Configuration File''': <code>/etc/ssh-port-forwards.conf</code> ==== | ||
* Defines all SSH port forwards in a simple format | * Defines all SSH port forwards in a simple format | ||
* One device per line | * One device per line | ||
= '''Management Script''': <code>/usr/local/bin/ssh-port-forward-manager.sh</code> = | == '''Management Script''': <code>/usr/local/bin/ssh-port-forward-manager.sh</code> == | ||
* Adds, removes, and lists SSH port forwards | * Adds, removes, and lists SSH port forwards | ||
| Line 19: | Line 17: | ||
* Validates configurations | * Validates configurations | ||
= '''Integration''': <code>/etc/openvpn/iptables-restore.sh</code> = | == '''Integration''': <code>/etc/openvpn/iptables-restore.sh</code> == | ||
* Automatically applies all port forwards when VPN starts | * Automatically applies all port forwards when VPN starts | ||
| Line 44: | Line 42: | ||
<pre class="lang-bash"> | <pre class="lang-bash"> | ||
= View DNAT rules = | == View DNAT rules == | ||
iptables -t nat -L PREROUTING -n -v | grep DNAT | iptables -t nat -L PREROUTING -n -v | grep DNAT | ||
= View FORWARD rules = | == View FORWARD rules == | ||
iptables -t filter -L FORWARD -n -v | grep -E "10\.8\.0\." | iptables -t filter -L FORWARD -n -v | grep -E "10\.8\.0\." | ||
</pre> | </pre> | ||
Latest revision as of 13:44, 1 January 2026
This document describes the SSH port forwarding system architecture and how it works.
Architecture
[edit]Components
[edit]Configuration File: /etc/ssh-port-forwards.conf
[edit]* Defines all SSH port forwards in a simple format
* One device per line
Management Script: /usr/local/bin/ssh-port-forward-manager.sh
[edit]* Adds, removes, and lists SSH port forwards
* Applies iptables rules automatically
* Validates configurations
Integration: /etc/openvpn/iptables-restore.sh
[edit]* Automatically applies all port forwards when VPN starts
* Ensures rules persist after reboots
How It Works
[edit]External Client → VPS:EXTERNAL_PORT (e.g., 22222) → iptables DNAT rule → VPN Tunnel (tun0) → VPN_DEVICE:SSH_PORT (e.g., 10.8.0.2:22)
Current Configuration
[edit]To see the current configuration:
cat /etc/ssh-port-forwards.conf
To see active iptables rules:
== View DNAT rules == iptables -t nat -L PREROUTING -n -v | grep DNAT == View FORWARD rules == iptables -t filter -L FORWARD -n -v | grep -E "10\.8\.0\."
Related Documentation
[edit]- [[Documentation:Configuration](Configuration|- Configuration file format
- [Management]])(management.md) - Managing port forwards
- Troubleshooting - Troubleshooting guide