Date: Sun, 15 Aug 1999 22:58:21 -0400 (EDT) From: "James C. Durham" <durham@sludge.pgh.pa.us> To: barrett@pheonix.aye.net, freebsd-security@freebsd.org, nick@rapidnet.com Subject: Re: ssh dropping connections/sendmail IP Message-ID: <199908160258.WAA21810@sludge.pgh.pa.us>
next in thread | raw e-mail | index | archive | help
Barrett Richardson wrote: > > On Wed, 11 Aug 1999, James C. Durham wrote: > > > I am using ssh to tunnel from my "remote server" located > > at a remote location with a public IP number to my "local > > server" behind an ISP's firewall using a DSL connection. > > > > The ssh connection keeps dropping out. I have KeepAlive "YES" and > > IdleTime set to 104w (2 years). I have just started having a little > > script on the remote machine send me the date/time every 30 seconds > > and that seems to keep it up. Is this behavior normal? > > > > The frequency of the keepalives isn't sufficient traffic to keep > the firewall from snipping the connection. It doesn't consider > the connection active if traffic drops below a threshold. > > > Also, I'm having problems sending mail from sendmail on my local > > machine because the IP gets translated to something that doesn't > > resolve at the ISP's firewall. This means I can't send to > > some sites (freebsd-security being one of them!). I've been trying > > to see a way that I can relay the sendmail feed through my remote server > > using port redirection. I can't run the sendmail daemon on the remote > > server because port 25 is already bound to ssh. > > The remote server is the one outside the firewall, right? Any > reason you can't run sshd on the de facto port 22? > I'm sorry for the late reply..bad weekend! However, sshd is running on 22, but 25 and 80 are being relayed by sshd2 and are already bound. Nick Rogness wrote: > > On Wed, 11 Aug 1999, James C. Durham wrote: > > > Also, I'm having problems sending mail from sendmail on my local > > machine because the IP gets translated to something that doesn't > > resolve at the ISP's firewall. This means I can't send to > > I'm assuming that sendmail responds with a 451 error: > ...sender domain must resolve... > > Sendmail has the capability to do this. You just have to build a > sendmail cf file to relay/masquerade your mail off of another > server that has an actual reverse lookup. > > ******************************************************************* > Nick Rogness Shaw's Principle: > System Administrator Build a system that even a fool > RapidNet, INC can use, and only a fool will > nick@rapidnet.com want to use it. > ******************************************************************* Yes, what I'd like to do is relay through my remote server, but I can't run sendmail there on port 25 beczuse it's already bound by ssh. Moving one of the sendmails to another port looks like it means some source modifications, as it appears to pick up both the listen and send port numbers from /etc/services. Anyway, thaanks for the replies -Jim Durham To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199908160258.WAA21810>