0

My iptables block everything except several ports like 80, 22, etc.

It's running my java servlet. I need to connect to that servlet using jconsole. I don't want to allow external connections for jmx ports. I should be the only one to be able to connect.

Is it possible to somehow tunnel those blocked jmx ports via ssh so I can connect to the process from my laptop? (I don't have constant ip address on my laptop)

PS. commands like: ssh -L 2100:localhost:2100 -L 2099:localhost:2099 doesn't seem to work here. If the firewall is active it won't allow to connect to those ports.

msanford
  • 1,427
  • 15
  • 27
Lubiluk
  • 103
  • 2

1 Answers1

0

I just tested this and it worked completely fine;

  1. SSH to remote machine and start up netcat;

    nc -l -p 7878

  2. Open a new terminal window and create an SSH port forward to the remote machine:

    ssh -N -L 7878:localhost:7878 user@1.2.3.4

  3. Open a third terminal window and connect to the remote host via my loopback address:

    telnet 127.0.0.1 7878

Any typing in this third windows appears in my netcat sessions in the first window.

A simple bash script could redirect a batch of ports, or play with the SSH -D option. Also -C for compression.

jwbensley
  • 4,122
  • 11
  • 57
  • 89
  • You're right it works. Seems like I need to look for the problem in my JMX configuration. Perhaps it's something with RMI connection. – Lubiluk Mar 04 '13 at 10:08