How can I forward traffic from my publicly available server to a computer that is not publicly available?

by

My home computer is behind an ISP-level NAT which does not allow me to host game servers as a result.

I have a VPS which I use as a web server. I want to host a game server of Minecraft, but the VPS isn’t powerful enough.

Both my computer and my VPS are running Linux. My computer can connect to my server, but the server can not open connections to my home computer.

What I would like to achieve is this:

  • Some user connects to port 27015 on my server.
  • The server then forwards all traffic from port 27015 on the server to port 27015 on my home computer via some connection that I opened with my home computer.

Can ssh do this? I know it can do the reverse. Is there some other program that does this if not?

Contents hide
Answers:
Method 1
Method 2

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Short answer: yes, ssh can do this. The answer’s in your question: “reverse” tunneling. See the -R option to the ssh client:

-R [bind_address:]port:host:hostport
Specifies that the given port on the remote (server) host is to be forwarded to the given
host and port on the local side. This works by allocating a socket to listen to port on the
remote side, and whenever a connection is made to this port, the connection is forwarded
over the secure channel, and a connection is made to host port hostport from the local
machine.

More reading at the ever-useful How To Forge (Reverse SSH Tunneling), but the basic principle is you ssh from your private host to your public one, specifying the port to map back. Remember to set your bind address in the command, otherwise it will only be bound to the local loop by default.

Method 2

You could probably also do this with netcat, as an alternative.

http://en.wikipedia.org/wiki/Netcat#Port_Forwarding_or_Port_Mapping

Netcat is worth having around. You can do all kinds of interesting things with it.


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x