Tunneling port 80, sometimes yes, sometimes no - SSH

This is a discussion on Tunneling port 80, sometimes yes, sometimes no - SSH ; Hello all, I have putty set up to act as a simple VPN, tunneling ports 25, 80, 443, and 8080. Mostly it works, sometimes though, it doesn't. I can watch the tunneling being set-up with the event log, and smtp ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Tunneling port 80, sometimes yes, sometimes no

  1. Tunneling port 80, sometimes yes, sometimes no

    Hello all,

    I have putty set up to act as a simple VPN, tunneling ports 25, 80,
    443, and 8080. Mostly it works, sometimes though, it doesn't.

    I can watch the tunneling being set-up with the event log, and smtp
    (25) seems always to work, as does 8080. The event log records the
    tunnelled connections.

    But if I try 80, either through a browser or just by "telnet localhost
    80", it doesn't always work (but sometimes, yes).

    Not that it either works for the whole session, or not at all, so it's
    something that's happening when it's launched.

    Any clues as to what might be going on?

    Thanks,

    David.


  2. Re: Tunneling port 80, sometimes yes, sometimes no

    davidjxyz@gmail.com writes:
    >I have putty set up to act as a simple VPN, tunneling ports 25, 80,
    >443, and 8080. Mostly it works, sometimes though, it doesn't.

    [...]
    >But if I try 80, either through a browser or just by "telnet localhost
    >80", it doesn't always work (but sometimes, yes).
    >
    >Not that it either works for the whole session, or not at all, so it's
    >something that's happening when it's launched.


    Which version of PuTTY?

    Anything interesting in the Event Log?

    Is it possible that something else (perhaps another instance of PuTTY)
    is already listening? (PuTTY's error reporting could be better in this
    case.) What does `netstat' say?

  3. Re: Tunneling port 80, sometimes yes, sometimes no

    Hi Jacob,

    Latest putty (0.58). The event log looks like this:

    2005-11-01 00:36:27 Local port 25 forwarding to yoda:25
    2005-11-01 00:36:27 Local port 80 forwarding to yoda:80
    2005-11-01 00:36:27 Local port 443 forwarding to yoda:443
    2005-11-01 00:36:27 Local port 3306 forwarding to yoda:3306
    2005-11-01 00:36:27 Local port 8080 forwarding to yoda:8080
    2005-11-01 00:36:27 Allocated pty (ospeed 38400bps, ispeed 38400bps)
    2005-11-01 00:36:28 Started a shell/command
    2005-11-01 00:36:55 Opening forwarded connection to yoda:25
    2005-11-01 00:37:01 Forwarded port closed
    2005-11-01 00:37:25 Opening forwarded connection to yoda:443
    2005-11-01 00:37:28 Forwarded port closed
    2005-11-01 00:37:18 Opening forwarded connection to yoda:8080
    2005-11-01 00:37:21 Forwarded port closed

    I initiated all those connections with telnet localhost . There
    was a telnet to 80 in between the 25 and 443 but you can see nothing
    happened.

    This is netstat:

    freshwater Administrator$ netstat

    Active Connections

    Proto Local Address Foreign Address State
    TCP freshwater:smtp freshwater:2985 TIME_WAIT
    TCP freshwater:1027 freshwater:2986 TIME_WAIT
    TCP freshwater:2997 freshwater:smtp TIME_WAIT
    TCP freshwater:3002 freshwater:http TIME_WAIT
    TCP freshwater:3005 freshwater:smtp TIME_WAIT
    TCP freshwater:3010 freshwater:8080 TIME_WAIT
    TCP freshwater:3013 freshwater:https TIME_WAIT
    TCP freshwater:3016 freshwater:http TIME_WAIT
    TCP freshwater:4383 freshwater:4384 ESTABLISHED
    TCP freshwater:4384 freshwater:4383 ESTABLISHED
    TCP freshwater:2906 tehinvest.customer.top.net.ua:22
    TIME_WAIT
    TCP freshwater:2991 64.233.167.99:http ESTABLISHED
    TCP freshwater:2994 64.233.167.99:http ESTABLISHED
    TCP freshwater:2995 66.249.93.99:http ESTABLISHED
    TCP freshwater:2996 tehinvest.customer.top.net.ua:22
    ESTABLISHED

    freshwater being the localhost. So there's a local connection to 25,
    must have been sending a mail, and some connections to remote 80 (like
    this session) but nothing to local 80.

    It does work sometimes, so I think it is something grabbing that port,
    but I don't know what.

    Still baffled.


  4. Re: Tunneling port 80, sometimes yes, sometimes no

    davidjxyz@gmail.com writes:
    >Latest putty (0.58). The event log looks like this:

    [...]
    >2005-11-01 00:36:27 Local port 80 forwarding to yoda:80

    [...]
    >I initiated all those connections with telnet localhost . There
    >was a telnet to 80 in between the 25 and 443 but you can see nothing
    >happened.


    Right.
    I think that's consistent with the possibility that something else is
    already listening on 80.

    >This is netstat:

    [...]

    Sorry, I meant to say "netstat -a" -- that should show whether something
    is listening on 80.

  5. Re: Tunneling port 80, sometimes yes, sometimes no

    Bingo. It was apache.

    Although why it sometimes worked (since apache was always running) I
    don't know. Anyway, shutting down apache immediately worked without my
    having to restart the putty session.

    Thanks very much for the help.

    Dave.


+ Reply to Thread