SSH反向隧道不适用于Web服务器 [英] SSH reverse tunnel not working for webserver

问题描述

我在Raspberry Pi上运行了一个webapp，它位于NAT后面，我正在尝试建立到公司服务器的隧道，以便我可以从Web访问它。现在我已经能够使用 ssh -fN -R 192.168.0.28:54321:localhost:443 username@192.168.0.28 （服务器和服务器）建立隧道RPi当时在同一局域网内），并且 curl -k https://192.168.0.28:54321 返回RPi中托管的网页的内容，但是只有我从服务器上做到这一点。我设置了 GatewayPorts yes 和 AllowTcpForwarding yes （无论如何都是默认值）。

I have a webapp running on a Raspberry Pi, which is behind a NAT, and I'm trying to make a tunnel to the company's server so that I can access it from the web. Right now I've been able to establish a tunnel using ssh -fN -R 192.168.0.28:54321:localhost:443 username@192.168.0.28 (both the server and the RPi are in the same LAN at the time), and doing curl -k https://192.168.0.28:54321 returns the contents of the webpage hosted in the RPi, but only if I do it from the server. I have set GatewayPorts yes and AllowTcpForwarding yes (which anyway is the default).

推荐答案

服务器上的防火墙阻塞了端口。 ¬¬

It was the firewall on the server blocking the port. ¬¬

要打开所说的端口，命令是 sudo iptables -I INPUT -p tcp --dport 54321 -j ACCEPT ，表示必须接受任何连接到TCP端口54321的连接。

To open said port, the command is sudo iptables -I INPUT -p tcp --dport 54321 -j ACCEPT, which says that any connection comming to the TCP port 54321 must be accepted.

这篇关于SSH反向隧道不适用于Web服务器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！