[CentOS] block port forwarding?

Brian Mathis brian.mathis at gmail.com
Thu Feb 25 14:00:19 UTC 2010

On Thu, Feb 25, 2010 at 6:39 AM, Eero Volotinen <eero.volotinen at iki.fi>wrote:

> 2010/2/25 Roland RoLaNd <r_o_l_a_n_d at hotmail.com>:
> >
> > Hello,
> >
> >  i have internet usage rules for all of my network.
> > only 2 servers have full access to the internet..
> > lately i've noticed that lots of traffic being produced by the servers ..
> > is there a way to know whose using port forwarding to my server so they
> access the internet ?
> > or is there a way to block people from doing such a thing ?
> Err. Disable ip_forward&nat on server and limit connections on main
> firewall ..
> --
> Eero
Don't be so literal.  You need to read the whole messages and understand the
problem.  Just because someone calls something "forwarding" doesn't mean
they are speaking in the literal Linux kernel sense of the word.

In addition to what some other posters have said, look at who is logged in
to the server at the time.  You might find some open SSH sessions that are
using port forwarding.  You can disable this by setting "AllowTcpForwarding
no" in the sshd_config, but if users have shell, it will be very difficult
to stop it.  You also might want to see if there is a proxy setup, or
something like that.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20100225/99180a4e/attachment.html>

More information about the CentOS mailing list