Working from firewalled network is usual headache for a real hacker 😉
I am not hacker, but I need sometimes to reach some specific port out of my working network.
I found the following solution of my problem.
To make this dish, you need the following ingredients:
– out-of-your-network computer
– static IP on it. Or if firewall allows to reach Dynamic DNS, then DHPC address with Dynamic DNS setup is pretty enough.
– Linux on board and SSH installed.
Cooking process looks as following:
sudo ssh -L 80.80.80.80:23:70.70.70.70:9540 user@localhost
in this example:
80.80.80.80 – IP address, you want to bind to. If you don’t want binding to any specific local addresses, just remove this IP and following semicolon. And the string will look as 23:70.70.70.70:9540
23 – port, where you are going to receive requests. This port should be allowed by your firewall.
70.70.70.70 – remote host, where you want to reach to
9540 – remote host port, which is forbidden by your firewall rules.
user@localhost – local user, which will log-in to ssh session locally.
After connection, you will get a possibility to connect to your host port 23, as if it was remote host with port 9540
Note: root is needed if you map ports lower than 1024.
Very useful feature, but unfortunately limited to TCP/IP (i.e. can’t be applied to UDP for example).
See http://docstore.mik.ua/orelly/networking_2ndEd/ssh/ch09_02.htm for good overview of it.
good remark about limits.
I needed it only for TCP/IP. So, didn’t investigated more.