may be you need to do a portforwarding with iptables to redirect the trafic=
from
goofy to server

becouse when you use ssh to redirect ports , the ssh tunnel open a
port on both hosts and them you cant bind two seem ports on a single
host

you need to do a port forward to connect the port from goof to the
port to server

x.x.x.1:1984---------------x.x.x.2:1984
SERVER <-----1984----- CLIENT
y.y.y.1:1984
------------------- y.y,y.2:1984
SERVER <----------------(CLIENT)----------1984------ GOOFY

On a CLIENT server you put the iptables portforwarding rule to
redirect all trafic from y.y.y.1:1984 to x.x.x.2:1984 ( like a
connector.. )



On 5/23/06, Loris Serena wrote:
> Guys,
>
> I managed to get the following working:
>
> -------------------------------------------------------------------------=

---------------------------
> A firewall between SERVER and CLIENT only allows TCP port 22 from
> SERVER to CLIENT (but not viceversa!)
>
> SERVER -------22------> CLIENT
>
> What I would like to achieve via ssh tunnelling is to send TCP port
> 1984 traffic from CLIENT to SERVER:
>
> SERVER <-----1984------ CLIENT
> -------------------------------------------------------------------------=

-----------------------------
>
> by running (on SERVER):
> $ ssh -f -N -R 1984:SERVER:1984 CLIENT
>
>
> Now I'd like to add the next (and last) bit of the configuration to the
> picture:
>
> There is another firewall between CLIENT and GOOFY, again only allowing
> TCP port 22 from CLIENT to GOOFY (and NOT viceversa!):
>
> SERVER -------22------> CLIENT -------22-------> GOOFY
>
> What I would like to achieve via ssh tunnelling is to send TCP port
> 1984 traffic from GOOFY to SERVER (through CLIENT):
>
> SERVER <-----1984----- CLIENT
> SERVER <----------------(CLIENT)----------1984------ GOOFY
>
> Please note that:
> a. the remote forwarding of 1984 from CLIENT to SERVER is already working=

;
> b. there is no native process on CLIENT listening on port 1984.
>
> I ran `ssh -f -N -R 1984:127.0.0.1:1984 GOOFY` on CLIENT,
>
> but testing that with telnet from GOOFY, it failed as follows:
>
> [GOOFY]$ telnet localhost 1984
> Trying 127.0.0.1...
> telnet: Unable to connect to remote host: Connection refused
>
>
> So, how do I do that?
> Any security issues I shold be aware of?
>
>
> Thanks in advance
>
> Ciccio
>



--=20
--------------------------------------------------
Thiago LPS
C.E.S.A.R - Administrador de Sistemas
msn: thiago.lps@gmail.com
0xx 81 8735 2591
--------------------------------------------------