connection not closed for local application exits

rgzr / sshtun

Go package to create SSH tunnels

MIT License

86 stars 12 forks source link

connection not closed for local application exits #9

Closed ng5 closed 2 years ago

ng5 commented 3 years ago

Thanks a lot for building this library. I'm using it to build a network test at work. Idea is simple: we need to test lots of ports on target machines from a list of source machines. (20 ports from almost 50 machines). SSH tunnel(forward) seems like a good idea, because I can do it from the comfort of my local machine rather than having to write a bash script to source machine.

Here is the issue description: 1) SSH tunnel is created. (port 10022) 2) Did telnet to local port 3) Connection closed on telnet

But it still keeps an ESTABLISHED connection until tunnel is explicitly stopped. I was expecting this connection to be closed immediately as soon as application exits.

rgzr commented 3 years ago

Thank you! I was using it myself and wanted to share it!

The connection that shows ESTABLISHED is the tunnel connection, you can see it is connected to ssh port 22 on source machine 192.168.5.3. This connection should remain ESTABLISHED until you close the sshtun, this is correct. This connection allows to open multiple connections to the forwarded port.

So when you do telnet localhost 10022 another additional connection will appear as ESTABLISHED until you close the telnet. You can do this multiple times because the tunnel is started. That's the expected behaviour.

ng5 commented 3 years ago

So when you do telnet localhost 10022 another additional connection will appear as ESTABLISHED until you close the telnet.

It doesn't look correct to be honest. If I open telnet connections multiple times and close them, number of ESTABLISHED connections never drops even after closing the telnet sessions. it seems to be leaking file descriptors.

ng5 commented 3 years ago

I initially started using SSH tunnel but then I realized that there is more effort needed to pass through UDP and MULTICAST connections through ssh tunnel. Ultimately i will have to start using mkfifo on remote machines in order to route UDP and MULTICAST traffic. Therefore I ended up writing another utility which allows to define your networking rules in a csv file. this utility then replicates itself and execute the network test remotely. No doubt a lot of inspirations came from your project.

https://github.com/ng5/sysutils

rgzr commented 2 years ago

I'm glad the project inspired you for your own project. Unfortunately I haven't had much time to dedicate to this project in the last year. Sorry about that.

I'll close the issue as it's not needed anymore. Thank you for your contribution.

ng5 commented 2 years ago

no worries. thanks for looking into it.