36
15
I'd like to make all incoming connections to port 1000 of my host (IP: 200.234.XXX.XXX) to be forward to the port 80 on host 10.211.55.5
How can I do it on my host? It is running Mac OS X 10.5.8
Daniel Cukier
Posted 2009-08-27T19:51:23.690
Reputation: 3 270
30
Quite simple to do, Firstly you will need to enable the remote login service on your mac (System Preferences -> Sharing -> Remote Login). This starts your ssh server.
Then run the following command in your OS X Terminal:
ssh -L 200.234.XXX.XXX:10000:10.211.55.5:80 -N 127.0.0.1
You may need to accept the server fingerprint initially as well as type in your local password for ssh login. (You can also set up a local to local ssh public / private key to make it not prompt for a password, will leave that as an exercise for the reader.)
The format is:
ssh -L local_addr:local_port:remote_addr:remote_port -N 127.0.0.1
Marius
Posted 2009-08-27T19:51:23.690
Reputation: 891
Can we do it if port 22 is not open? – Afshin Moazami – 2015-10-14T16:14:17.457
1You need to connect somehow. But you can always run ssh on another port... perhaps http port? or the BIND (DNS) port? Those are mostly open on firewalls. – Marius – 2015-11-11T22:53:03.133
10
Very simple using the versatile tool ncat:
sudo ncat --sh-exec "ncat 10.211.55.5 80" -l 1000 --keep-open
Get the binaries of ncat/nmap for Mac OS X from the official website: http://nmap.org/download.html#macosx
EDIT: added sudo to listen on a restricted port <1024
Tony Baguette
Posted 2009-08-27T19:51:23.690
Reputation: 210
1thanks. it is very simple besides it doesn't need to reboot! – verystrongjoe – 2017-06-08T07:38:24.783
Also you don't need to start the SSH server on your macOS. – Tony Baguette – 2017-06-14T14:44:51.890
5
Assuming you have a UPnP router, its easy to configure ports by using PortMap
It has a very simple UI.
Alexis Hirst
Posted 2009-08-27T19:51:23.690
Reputation: 1 121
why is your image so tiny? – barlop – 2017-01-20T11:57:01.150
3
Well, I can tell you how I do that sort of thing on my Mac OS X 10.5.8 system.
I started on an answer about NAT, but I think you actually want a TCP forwarder program instead (you mention 'proxy' and port forwarding.)
There's a few ways of doing this, depending upon your needs even 'SSH' can be pressed into action, though my favourite short and sweet way is a Perl script tcpforward.
If you need some HTTP manipulation (you might need to tweak HTTP redirects, so that when a request comes for a URL without a trailing '/' you don't get redirected to the real, inaccessible, server), then Apache can do the job of a reverse proxy. You'll want to look at mod_proxy and specifically ProxyPass and ProxyPassReverse. Do not enable ProxyRequests, that's for forward proxying. It should be possible to use Mac OS's own Apache to do this, if you've got it running. It does come with mod_proxy and /etc/httpd/httpd.conf is the config file to update.
Even with Apache, you need to make sure that all the links in the real server's content are relative, if they reference the real server then you could try the mod_proxy_html module (I have no experience of how well that works.)
jrg
Posted 2009-08-27T19:51:23.690
Reputation: 745
+1 for tcpforward, Perl never stops being useful. – Steve Kehlet – 2019-02-22T01:39:09.467
0
Is your machine connected directly to the internet (IE - without a router)? Normally you do the port forwarding on the router, but if you do use a modem to connect directly, iptables is probably the best way.
Dentrasi
Posted 2009-08-27T19:51:23.690
Reputation: 10 115
There is no iptables on mac os x. – Unnamed_1 – 2017-10-07T12:10:51.180
4@HasaanChop This is downvoted because it isn't helpful. If it detailed exactly how to use iptables to accomplish what the question asked, that could be useful. – Jon-Eric – 2013-01-22T21:42:55.163
I have no idea why this was voted down because it's the truth. – Hasaan Chop – 2009-11-21T00:27:41.203
-1
Here is a good article: http://www.cyberhq.nl/article/384/port-forwarding-in-macos-x
But since you are forwarding to 80 I'm assuming you want it to go to a web server so I would just change the web server config to set up a reverse proxy or something like that.
6Looks like the link is broken – Jochen Bedersdorfer – 2015-08-14T15:17:12.750
ah, you're also running parallels, having the same problem as I? :) – LearnCocos2D – 2013-02-21T10:36:15.020