openssh bugs - May 2005 - [Bug 1040] SSH only believes 127.0.0.1 is IPV4 localhost, not 127/8

http://bugzilla.mindrot.org/show_bug.cgi?id=1040

           Summary: SSH only believes 127.0.0.1 is IPV4 localhost, not 127/8
           Product: Portable OpenSSH
           Version: 3.8.1p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ssh
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: adam at io.com


Overview Description:
Doing port forwarding from localhost to another host only works if the IPv4
address is 127.0.0.1.  It
should work for anything in 127/8.  (Have not tested IPv6)

Steps to reproduce:
1) verify that 127.0.0.2 is indeed a valid localhost address on the host in
question.  For Debian "Sarge"
it is; for Mac OS X you need to ifconfig lo0 .... alias.  But once you have,
connect to 127.0.0.2:running-
service to verify that the host believes that 127.0.0.2 is a valid IPV4 address
for loopback
2) Start an ssh port forwarded tunnel.  For me, that's:

ssh -L 2426:mail.fsf.net:25 -N adam at mail.fsf.net

3) connect to the forwarded port at 127.0.0.1.  For me, 

telnet 127.0.0.1 2426
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 services.fsf.net ESMTP Exim 4.50 Thu, 12 May 2005 13:49:14 -0500

4) attempt to connect to the forwarded port at 127.0.0.2

Trying 127.0.0.2...
telnet: Unable to connect to remote host: Connection refused


5) kill the port forwarded tunnel and attempt to make it bind on 127.0.0.2:

sysmon:~# ssh -L 2426:mail.fsf.net:25 -N -b 127.0.0.2 adam at mail.fsf.net
ssh: connect to host mail.fsf.net port 22: Invalid argument

(that's the Debian Sarge error message, which OpenSSH_3.8.1p1
Debian-8.sarge.4, OpenSSL 0.9.7e 25
Oct 2004; from Mac OS X, the message is: 

imac-g5-wired:~ adam$ ssh -L 2426:mail.fsf.net:25 -N -b 127.0.0.2 adam at
mail.fsf.net
ssh: connect to host mail.fsf.net port 22: Network is unreachable

(in this case, the error is just flat wrong:
imac-g5-wired:~ adam$ ping 127.0.0.2
PING 127.0.0.2 (127.0.0.2): 56 data bytes
64 bytes from 127.0.0.2: icmp_seq=0 ttl=64 time=0.080 ms
^C
--- 127.0.0.2 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.080/0.080/0.080/0.000 ms
imac-g5-wired:~ adam$ ping mail.fsf.net
PING services.fsf.net (192.168.1.3): 56 data bytes
64 bytes from 192.168.1.3: icmp_seq=0 ttl=64 time=0.432 ms
64 bytes from 192.168.1.3: icmp_seq=1 ttl=64 time=0.271 ms
^C
)

Actual Results:
I could not connect to the local port 127.0.0.2 as a forwarded port.

Expected Results:
ssh should have forwarded 127.0.0.2:2426 just as it did 127.0.0.1:2426

Build date and platform:
OpenSSH_3.8.1p1, OpenSSL 0.9.7b 10 Apr 2003, Mac OS X 10.4, G5 PPC

Additional Builds and platforms:
OpenSSH_3.8.1p1 Debian-8.sarge.4, OpenSSL 0.9.7e 25 Oct 2004, Debian
"Sarge" ix86

Additional Information:
The reason this matters is as a workaround for a Mail.app bug: Mail.app does not
allow multiple
outbound SMTP servers on the same host at different ports.  Since I,
anal-retentively, want my
outbound mail server to reflect the From: and Reply-To: on the mail messages I
send, and since at least
two of the three SMTP servers I use do not do SMTP auth but instead simply
forward from addresses
inside their own domains, I therefore need to ssh tunnel to a machine on which I
have shell access
inside those domains and forward a port to the SMTP server's port 25 from
there.  Since Mail.app will
not allow me to configure localhost:242[567] as different outbound servers, I
need to configure them as
127.0.0.1:2425, 127.0.0.2:2426, and 127.0.0.3:2427.  This SSH bug means that I
cannot do that
either.

Adam Thornton



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=1040


djm at mindrot.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |WORKSFORME




------- Additional Comments From djm at mindrot.org  2005-05-13 07:42 -------
OpenSSH 4.0 can specify which address it binds to for port-forwardings, but
automatically binding to the entire 127/8 would be incorrect behaviour (and
probably impossible).

If you have 4.0, you can do:

ssh -L127.0.0.2:2426:mail.fsf.net:25 -N adam at mail.fsf.net

which should do what you want. 



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.