Your browser does not allow storing cookies. We recommend enabling them.

SSH Tectia 
PreviousNextUp[Contents] [Index]

    About This Document >>
    Installing SSH Tectia Server for IBM z/OS >>
    Getting Started with SSH Tectia Server for IBM z/OS >>
    Configuring the Server >>
    Configuring the Client >>
    Authentication >>
    File Transfer Using SFTP >>
    File Transfer Using Transparent FTP Tunneling >>
    Tunneling on the Command Line >>
    Troubleshooting SSH Tectia Server for IBM z/OS >>
    Advanced Information >>
    Man Pages >>
        ssh-socks-proxy >>
        ssh-socks-proxy-config >>
            Document Type Declaration and the Root Element
            The general Element
            The default-settings Element
            The profiles Element
            The static-tunnels Element
            The filter-engine Element
            The logging Element
        ssh-socks-proxy-ctl >>
        ssh-certview >>
        ssh-cmpclient >>
        ssh-keydist2 >>
        ssh-scepclient >>
    Log Messages >>

The static-tunnels Element

With the static-tunnels setting, you can create listeners for local tunnels automatically when the SOCKS Proxy starts up. The actual tunnel is formed the first time a connection is made to the listener port. If the connection to the server is not open at that time, it will be opened automatically as well.

The static-tunnels element can contain any number of tunnel elements.

  • tunnel

    The tunnel element specifies a static tunnel. It has six attributes: type, listen-address, listen-port, dst-host, dst-port, allow-relay, and profile.

    The type attribute defines the type of the tunnel. This can be either tcp, ftp, or socks-proxy.

    • tcp specifies a listener for generic TCP tunneling
    • ftp specifies a listener for FTP tunneling (also the FTP data channels are tunneled)
    • socks-proxy specifies a listener that acts as a SOCKS proxy towards the client applications. The traffic coming to the proxy is filtered using filter rules. When this option is used, a filter-engine element must be defined. See Section The filter-engine Element.

    The listen-address attribute defines the local interface to be listened. If allow-relay is set to yes, it overrides this setting and all interfaces are listened.

    The listen-port attribute defines the local port to be listened.

    The dst-host and dst-port attributes define the destination host address and port. The value of dst-host can be either an IP address or a domain name. The default is (localhost = server host). These settings are not needed if socks-proxy is set as the tunnel type.

    The allow-relay attribute defines whether connections to the listened port are allowed from outside the client host. The default is no.

    The profile attribute specifies the connection profile id that is used for the tunnel.

  <tunnel type="socks-proxy"
          profile="" />

PreviousNextUp[Contents] [Index]

[ Contact Information | Support | Feedback | SSH Home Page | SSH Products ]

Copyright © 2007 SSH Communications Security Corp.
This software is protected by international copyright laws. All rights reserved.
Copyright Notice




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now