Jump to content

SSH Port Forwarding:Overview

From jb-vpn.uk Wiki
Revision as of 13:15, 1 January 2026 by Josh (talk | contribs) (Added troubleshooting guide: SSH Port Forwarding Overview)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

SSH Port Forwarding Overview

This document describes the SSH port forwarding system architecture and how it works.

Architecture

Components

Configuration File: /etc/ssh-port-forwards.conf

   Defines all SSH port forwards in a simple format
   One device per line

Management Script: /usr/local/bin/ssh-port-forward-manager.sh

   Adds, removes, and lists SSH port forwards
   Applies iptables rules automatically
   Validates configurations

Integration: /etc/openvpn/iptables-restore.sh

   Automatically applies all port forwards when VPN starts
   Ensures rules persist after reboots

How It Works

External Client → VPS:EXTERNAL_PORT (e.g., 22222)
  → iptables DNAT rule
  → VPN Tunnel (tun0)
  → VPN_DEVICE:SSH_PORT (e.g., 10.8.0.2:22)

Current Configuration

To see the current configuration: 

cat /etc/ssh-port-forwards.conf

To see active iptables rules: 

= View DNAT rules =
iptables -t nat -L PREROUTING -n -v | grep DNAT

= View FORWARD rules =
iptables -t filter -L FORWARD -n -v | grep -E "10\.8\.0\."

[[Documentation:Configuration](Configuration|- Configuration file format [Management]])(management.md) - Managing port forwards Troubleshooting - Troubleshooting guide

Retrieved from "https://wiki.jb-vpn.uk/index.php?title=SSH_Port_Forwarding:Overview&oldid=163"