From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1S0DjW-0007tJ-5T for garchives@archives.gentoo.org; Wed, 22 Feb 2012 15:03:54 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A1284E10C8 for ; Wed, 22 Feb 2012 15:03:53 +0000 (UTC) Received: from mail-gx0-f181.google.com (mail-gx0-f181.google.com [209.85.161.181]) by pigeon.gentoo.org (Postfix) with ESMTP id A6D6EE11F3 for ; Wed, 22 Feb 2012 14:20:53 +0000 (UTC) Received: by ggnv5 with SMTP id v5so50753ggn.40 for ; Wed, 22 Feb 2012 06:20:53 -0800 (PST) Received-SPF: pass (google.com: domain of michaelkintzios@gmail.com designates 10.236.197.33 as permitted sender) client-ip=10.236.197.33; Authentication-Results: mr.google.com; spf=pass (google.com: domain of michaelkintzios@gmail.com designates 10.236.197.33 as permitted sender) smtp.mail=michaelkintzios@gmail.com; dkim=pass header.i=michaelkintzios@gmail.com Received: from mr.google.com ([10.236.197.33]) by 10.236.197.33 with SMTP id s21mr43927053yhn.40.1329920453241 (num_hops = 1); Wed, 22 Feb 2012 06:20:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=sNptMiKyyjPazYUiN8HP63eFO0uHHbPUPc8vFV2jG8E=; b=VcWx/zsX7aMCQGQGiQ6Tf3ea5m8b4yUQ9x8izJibe7tqBxjmX+fDZUO/tM2JimY92/ evxhuiy6fHmYA+w1gDsc5S0QnbRjvgy9GfWU1v1vHZ/ZUYnAXtprkYB6qJlbdhZxH0H7 5siCfLon3BpZ2cJodpWXzmHFWfVcbtQSFtrQ8= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.236.197.33 with SMTP id s21mr34271486yhn.40.1329920453144; Wed, 22 Feb 2012 06:20:53 -0800 (PST) Received: by 10.100.166.9 with HTTP; Wed, 22 Feb 2012 06:20:53 -0800 (PST) In-Reply-To: <1329912428.6538.1@numa-i> References: <201202191815.55296.michaelkintzios@gmail.com> <1329912428.6538.1@numa-i> Date: Wed, 22 Feb 2012 14:20:53 +0000 Message-ID: Subject: Re: [gentoo-user] [OT] Proxytunnel through nginx From: Mick To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 X-Archives-Salt: fc3a1983-e8f9-4372-9c47-2da122132c43 X-Archives-Hash: 8b047d7087d8ba38ba3bdb229242f41c On 22 February 2012 12:07, Helmut Jarausch wrote: > On 02/19/2012 07:15:46 PM, Mick wrote: >> Hi All, >> >> I am trying to set up a reverse-proxy at my home to be able to by- >> pass >> >> restrictive firewalls that only allow http/https traffic. >> > > If you only want to get through your firewall by using the open port > 80, I'd use ssh's port forwarding capablities. > > You might have a look at > > https://help.ubuntu.com/community/SSH/OpenSSH/PortForwarding > > You can use 'localhost' as "man in the middle". Thanks Helmut. This will only work if I set sshd at my home server to listen for connections on port 443 or 80 (all other ports are blocked by the gateway behind which I happen to be) and the gateway does not perform deep packet inspection. Hence, tunneling ssh via https is the only sure-fire way of getting through restrictive firewalls and corporate internet gateways. -- Regards, Mick