OpenWrt Forum Archive

My goal is to set up my home router so that I can ssh into it and pipe my communications through a secure tunnel, emerging at my home IP. Great for using public wifi!
I pass -D 127.0.0.1:8080 and have a SOCKS tunnel. PERFECT!

The last thing I'd like to do is receive incoming connections to a port on my tunneled remote machine.
I pass -R *:50500:localhost:50500, but no dice.

# netstat -tl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0      0 localhost.:50499        0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN

man ssh(1) wrote:

By default, the listening socket on the server will be bound to the loopback interface only. This may be overridden by specifying a bind_address. An empty bind_address, or the address ‘*’, indicates that the remote socket should listen on all interfaces. Specifying a remote bind_address will only succeed if the server’s GatewayPorts option is enabled.

The problem (as explained here), is:

You'll have to start the Dropbear server with the -a argument (equivalent to the "gatewayports yes" directive).

man dropbear(8) wrote:

-a Allow remote hosts to connect to forwarded ports.

I humbly request the dropbear UCI section include an 'allowRemote' option or something like that. I guess I will add -a to DROPBEAR_ARGS= in /etc/init.d/dropbear, but that is a pretty rough way of doing things.