[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Pan-users] Pan over SSH tunnel?
From: |
Duncan |
Subject: |
Re: [Pan-users] Pan over SSH tunnel? |
Date: |
Wed, 3 Jan 2018 05:02:25 +0000 (UTC) |
User-agent: |
Pan/0.144 (Time is the enemy; 28ab3baf7) |
David Melik posted on Wed, 03 Jan 2018 01:37:41 +0000 as excerpted:
> I read Usenet, Gmane, want to add SDF over SSH tunnel. The tunnel works
> (like ssh -D 9999 -p 22 address@hidden,)
> so I added news.sdf.org:9999,
> but their groups don't appear from refresh. SDF.org just says it's
> possible (or with their VPN,) not how.
I'm definitely not an ssh nor routing expert, and haven't done this
myself so can't really explain the details, but the general issue and
solution as I understand it is IP (internet protocol) routing...
Basically, when you setup an internet connection, you setup a default
gateway that gets all the traffic not otherwise routed. If you have
multiple connections, one will normally have higher routing priority than
the others and become the default route, even if the other default route
entries still exist, just at lower priority.
In addition to default routes, there are specific routes. You tell the
system to connect to specific subnets (say the office subnet or your home
LAN) or possibly specific hosts (the single IP address of the news
server, if it has only one) via specific routes that may or may not
happen to route via the default gateway that gets all traffic not
otherwise routed anyway.
When you open an ssh connection, you create a new route to the host or
subnet at the other end of that connection.
But you still have to decide whether to make it the /default/ route (send
everything not otherwise routed over it) or not, and if not, you need to
setup additional routes which tell the system which specific other subnets
or hosts you want to route via that ssh tunnel.
It "sounds" to me like you've not setup the ssh connection as the default
route, and you may not actually /want/ it to be if you don't want /all/
your not otherwise routed traffic going via the ssh connection, *AND* you
haven't yet setup a specific route to that news server IP or subnet,
either, so it's still trying to route via the default route, and failing
to connect.
Of course the other possibility is that your local system is setup
correctly, but the other end of your ssh tunnel doesn't know how to route
to the news server, so it's that route you still have to setup, not your
local end.
That's the big picture. AFAIK there's at least two network configuration
tools that will let you set the route as desired, the old net-tools
collection of individual tools, now deprecated but what many (including
me, tho as I said I've not had to mess with routing much so I'm not
particularly familiar with that end of it) are most familiar with, and
the new ip tool method, which uses the single general-purpose ip command,
along with the desired subcommand (probably ip route <whatever> here),
for configuring and reporting statistics on nearly everything network
related.
So now you have to figure out which of those tools (or something else)
your system is using, and from there figure out how to setup specific
routes using it. That, as they say, is "left as an exercise for the
reader." =:^) Tho chances are if you figure out which one you're using,
someone can post the specifics for setting up the route using it.
--
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman
- [Pan-users] where does pan cache it's incompleted downloads>, (continued)
- [Pan-users] where does pan cache it's incompleted downloads>, Pedro, 2018/01/02
- Re: [Pan-users] where does pan cache it's incompleted downloads>, Duncan, 2018/01/03
- Re: [Pan-users] where does pan cache it's incompleted downloads>, Pedro, 2018/01/04
- Re: [Pan-users] where does pan cache it's incompleted downloads>, Duncan, 2018/01/04
- Re: [Pan-users] where does pan cache it's incompleted downloads>, Pedro, 2018/01/04
- Re: [Pan-users] where does pan cache it's incompleted downloads>, Joe Zeff, 2018/01/04
- Re: [Pan-users] where does pan cache it's incompleted downloads>, Dave, 2018/01/04
- Re: [Pan-users] where does pan cache it's incompleted downloads>, Jim Henderson, 2018/01/04
- Re: [Pan-users] where does pan cache it's incompleted downloads>, Dave, 2018/01/05
- Re: [Pan-users] where does pan cache it's incompleted downloads>, Duncan, 2018/01/04
Re: [Pan-users] Pan over SSH tunnel?,
Duncan <=
Re: [Pan-users] Pan over SSH tunnel?, Jim Henderson, 2018/01/03
- Re: [Pan-users] Pan over SSH tunnel?, David Melik, 2018/01/03
- Re: [Pan-users] Pan over SSH tunnel?, David Melik, 2018/01/03
- Re: [Pan-users] Pan over SSH tunnel?, Jim Henderson, 2018/01/03
- [Pan-users] Re (2: ) Pan over SSH tunnel?, David Melik, 2018/01/05
- Re: [Pan-users] Pan over SSH tunnel?, David Melik, 2018/01/05
- Re: [Pan-users] Pan over SSH tunnel?, David Melik, 2018/01/05
Re: [Pan-users] Pan over SSH tunnel?, Rhialto, 2018/01/03
Re: [Pan-users] Pan over SSH tunnel?, Jeff Berman, 2018/01/03
Re: [Pan-users] Pan over SSH tunnel?, Jim Henderson, 2018/01/04