September 25, 2014

ssh tunnel (port forwarding) through multiple hosts

Sometimes you may need to connect to a service/port which is behind multiple DMZ hosts from your windows/linux desktop, where you just have ssh access. SSH tunneling to the rescue, you could configure tunnels across putty session - all the way to your end host

Here with an example:
In this scenario, I have used Xserver service as an example to demonstrate. Goal is to be able to connect to my Xserver running on windows desktop from a linux host, which is behind two DMZ/firewall hosts.

See below diagram to understand the flow of traffic
Find below putty configuration on windows desktop

As shown above, after adding tunnel configuration into putty ssh->tunnels settings tab, click add and try to ssh into GW1 host.

Once on GW1 host: run "ssh -R 6002:127.0.0.1:6001 user@GW2"
Once on GW2 host: run "ssh -R 6003:127.0.0.1:6002 user@destination"

Now you are logged onto your destination host via ssh with all tunnels setup, so local port 6003 on destination host  => gets forwarded to port 6000 on your windows host.

so, simply setting DISPLAY variable to point at localhost:3.0 would make xterm go live! similarly you can do port forwarding in reverse direction with " ssh -L"

Posted by at No comments:

September 15, 2014

Linux NFS mount time

To find mount time for any NFS mount on linux, you need to parse age value (in seconds) from /proc/self/mountstats

Below is an example entry from /proc/self/mountstats
.
.
device homedir_srv1:/volumes/home/vc/ mounted on /home1/vc with fstype nfs4 statvers=1.1
        opts:   rw,vers=4,rsize=8192,wsize=8192,namlen=255,acregmin=3,acregmax=60,acdirmin=30,acdirmax=60,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=10.12
6.32.244,minorversion=0,local_lock=none
        age:    12461348
        caps:   caps=0xffff,wtmult=512,dtsize=8192,bsize=0,namlen=255
        nfsv4:  bm0=0xfdffbfff,bm1=0xf9be3e,acl=0x3
        sec:    flavor=1,pseudoflavor=1
.
.

 Handy perl one liner, to parse/display shows all NFS mounts with their mount-time 

perl -ne 'if (/fstype nfs/) {$age=1;print ((split)[4]." ")} ; if ($age && /age/) {s/age:\s+//; print scalar localtime(time-$_)."\n";}' /proc/self/mountstats

/home1/ben Thu Apr 24 11:19:39 2014
/home1/vc  Mon Sep 15 16:37:12 2014

Posted by at No comments:
Subscribe to: Posts (Atom)