Bug 1037

Summary: Man page for -L and -R should mention -g
Product: Portable OpenSSH Reporter: Ole Tange <bugzilla.mindrot.org>
Component: DocumentationAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: trivial CC: djm
Priority: P5    
Version: 4.0p1   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 1047    
Attachments:
Description Flags
Fix misleading log message none

Description Ole Tange 2005-05-11 22:02:15 AEST 
The manual page for -L and -R does not mention -g. Since the default behaviour 
has changed it would be nice if the sections on -L and -R ended with: See also 
-g to allow remote hosts to connect.
Comment 1 Markus Friedl 2005-05-12 19:56:31 AEST 
hm, how did the default change?
Comment 2 Ole Tange 2005-05-12 20:39:46 AEST 
Earlier it was the default that remote hosts could connect to a forwarded port. 
Now you will have to explicitly use -g. In any case it would be nice if -g was 
mentioned in relation to -L.
Comment 3 Damien Miller 2005-05-12 20:51:31 AEST 
No, GatewayPorts=no has always been the default.
Comment 4 Darren Tucker 2005-05-12 21:59:53 AEST 
It's true that the default for GatewayPorts hasn't changed, but it will now
affect the address_to_bind in remote port forwards where previously it wouldn't
(the client always sent 0.0.0.0).

"ssh -R 1234:localhost:22 -v -N localhost" gives:
Remote connections from LOCALHOST:1234 forwarded to local address localhost:22

"ssh -R 1234:localhost:22 -g -v -N localhost" gives:
Remote connections from *:1234 forwarded to local address localhost:22

(In recent OpenSSH servers, this is further modified if GatewayPorts is
"clientspecified").
Comment 5 Damien Miller 2005-06-03 12:27:43 AEST 
Created attachment 925 [details]
Fix misleading log message

I don't think so: a client's GatewayPorts isn't propogated to the server, nor
is it used to fill in the address_to_bind if none is specified. 

Note that the log message in ssh_init_forwarding() is incorrect (see
attachment) - it tells the user that the listen_address depends on
gateway_ports.

See channels.c:channel_request_remote_forwarding() - it always sends a
listen_addr of localhost if none is specified.
Comment 6 Damien Miller 2005-10-30 15:03:01 AEDT 
debug message fix attached, I don't think any more explanation is required as the manpage for -L already mentions GatewayPorts.
Comment 7 Darren Tucker 2006-10-07 11:40:09 AEST 
Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.