search for: local_host

I've attached a patch to OpenSSH 3.0.2p1 that will allow the client side of local port forwarding to be bound to a single address. For my purposes, binding to 127.0.0.1 or (via GatewayPorts) all addresses would not work. I overloaded the "-b local_host" option so that it's address will be used when "-L port:remote_host:remote_port" is also specified. Today is the first day I played with OpenSSH 3.x or port forwarding. Therefore I am not sure if my use of -b with -L will break any existing use cases. If it does, please speak up...

...art automatically if connection fails respawn # for script debugging with strace # but not available in 0.6.3 of course #debug # use strace -p <pid> -o /tmp/upstart_debug.log -Ff -s 1024 -v # Setup script configuration variables: # localhost means we do not expose proxy to internet env LOCAL_HOST=localhost # port 143 is default IMAP service port for plain text connections env LOCAL_PORT=143 # ports less than 1024 require root privileges to establish # this must be a passwordless login using PKI certificates # requires one time setup of local root user ssh key and cert # and adding th...

...ed8434): /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-642.3.1.el6.x86_64 x86_64 CentOS release 6.9 (Final) auth_cache_size = 1 M auth_debug = yes auth_debug_passwords = yes auth_mechanisms = plain login auth_policy_hash_mech = sha512 auth_policy_hash_nonce = 18940690 auth_policy_hash_truncate = 64 local_host=%{real_lip} local_port=%{real_lport} remote_host=%{real_rip} remote_port=%{real_rport} auth_policy_server_api_header = X-API- auth_policy_server_timeout_msecs = 3000 auth_policy_server_url = http://127.0.0.1:579/dovecot-auth-policy auth_username_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLM...

...yes auth_debug_passwords = yes auth_mechanisms = plain login auth_policy_hash_mech = sha512 auth_policy_hash_nonce = 78204771 auth_policy_hash_truncate = 64 auth_policy_request_attributes = auth_database=mail database=mail service=dovecot username=%{orig_user} authtoken_hash=$0$0$%{hashed_password} local_host=%{real_lip} local_port=%{real_lport} remote_host=%{real_rip} remote_port=%{real_rport} auth_policy_server_api_header = X-API-Key:dovecot:xxxxxxxxxxxx auth_policy_server_timeout_msecs = 3000 auth_policy_server_url = http://127.0.0.1:579/dovecot-auth-policy auth_username_chars = "abcdefghijklmno...

...config_path = 0x50468 "/local/dovecot/etc/dovecot/dovecot.conf" module = 0x1c00 <error: Cannot access memory at address 0x1c00> module_names = {arr = {buffer = 0x46338, element_size = 4}, v = 0x46338, v_modifiable = 0x46338} filter = {service = 0x0, local_name = 0x0, local_host = 0x0, remote_host = 0x0, local_net = {family = 0, u = {ip6 = {_S6_un = {_S6_u8 = '\000' <repeats 15 times>, _S6_u32 = {0, 0, 0, 0}, __S6_align = 0}}, ip4 = {S_un = {S_un_b = { s_b1 = 0 '\000', s_b2 = 0 '\000', s_b3 = 0 '\000', s_b4 = 0 '...

...auth_cache_size = 819 M auth_mechanisms = plain login auth_policy_hash_mech = sha512 auth_policy_hash_nonce = 85979662 auth_policy_hash_truncate = 64 auth_policy_request_attributes = auth_database=mail database=mail service=dovecot username=%{orig_user} authtoken_hash=$0$0$%{hashed_password} local_host=%{real_lip} local_port=%{real_lport} remote_host=%{real_rip} remote_port=%{real_rport} auth_policy_server_api_header = X-API-Key:dovecot:4FR0BN8IWTpSnB42 auth_policy_server_timeout_msecs = 3000 auth_policy_server_url = http://127.0.0.1:579/dovecot-auth-policy auth_username_chars = "abcdefg...

Although the parameterized samples have allowed people to get a firewall up and running quickly, they have unfortunately set the wrong level of expectation among those who have used them. I am therefore withdrawing support for the samples and I am recommending that they not be used in new Shorewall installations. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \