巧用 SSH 打通外網(wǎng)限制

文案轉(zhuǎn)載于：知乎李耀

鏈接：https://zhuanlan.zhihu.com/p/444319023

漫圖來源于：捷哥

文案格式排版：釋然

[root@dmz]#??ssh?-f?-N?-g?-R??6606:10.1.1.1:80?root@115.100.100.100

[root@center]#?netstat?-tunlp?|?grep?6606
????tcp????????0??????0?127.0.0.1:6606??????????0.0.0.0:*???????????????LISTEN??????8616/sshd:?root
????我們在總部服務器嘗試端口提示拒絕，代表網(wǎng)絡已經(jīng)打通了，但是dmz服務器并沒有監(jiān)聽80端口，所以報端口拒絕。
[root@center]#?telnet?127.0.0.1?6606
????Trying?127.0.0.1...
????telnet:?connect?to?address?127.0.0.1:?Connection?refused

[root@web]#?ssh?-f?-N?-g?-R??80:10.1.1.1:80?root@10.1.1.2

[root@center]#?telnet?127.0.0.1?6606
????Trying?127.0.0.1...
????Connected?to?127.0.0.1.
????Escape?character?is?'^]'.

#dmz服務器以115.100.100.101:29493作源，訪問本地22端口，建立了tcp連接。
[root@center]#?ss?|?grep?115.
????tcp????ESTAB??????0??????0??????172.16.1.1:22????????????????115.100.100.101:29493
[root@center]#?netstat?-tpna?|?grep?115.
????tcp????????0??????0?172.16.1.127:22??????101.230.91.53:29493?????ESTABLISHED?8555/sshd:?root#本地端口也對應到了進程號8616[root@center]#netstat?-tunlp?|?grep?6606
????tcp????????0??????0?127.0.0.1:6606??????????0.0.0.0:*???????????????LISTEN??????8616/sshd:?root[root@center]#?ps?-ef?|?grep?8616
????root??????8616??8555??0?Dec03??????????00:01:04?sshd:?root.

雙向通道已經(jīng)建立
[root@center]#?ss?|?grep?6606
????tcp????ESTAB??????0??????0??????127.0.0.1:6606?????????????????127.0.0.1:51158
????tcp????ESTAB??????0??????0??????127.0.0.1:51158????????????????127.0.0.1:6606