我正在尝试使任何人都无法通过我的 VPS 服务器(称为服务器)访问 Davmail IMAP 服务器(由于地理封锁,但这不一定相关)。我在下图中解释了不同各方之间的联系。
我正在通过此命令建立从 Davmail(不可公开访问)到 SSH 服务器(可公开访问)的隧道
ssh -g -R \*:2143:localhost:1143 -N user@server
当我在 SSH 服务器本身上使用它作为本地主机时,它连接得很好并且可以工作。我正在使用telnet进行调试,将来应该有IMAP(或IMAPS)
# telnet localhost 2143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4REV1 AUTH=LOGIN MOVE SPECIAL-USE] IMAP4rev1 DavMail 5.5.1-trunk server ready
. LOGIN user pass
. OK Authenticated
但是,当我远程连接到端口上的 SSH 服务器时,它会连接,但(几乎)没有数据通过:
$ telnet server 2143
Trying 94.130.99.72...
Connected to server.
Escape character is '^]'.
并且连接被卡住。然而,当在此设置中使用时,netcat 可以工作,并且数据可以双向传输。 SSH客户端指示,有连接
debug3: receive packet: type 90
debug1: client_input_channel_open: ctype forwarded-tcpip rchan 4 win 2097152 max 32768
debug1: client_request_forwarded_tcpip: listen port 2143, originator 195.113.180.82 port 16119
debug2: fd 6 setting O_NONBLOCK
debug2: fd 6 setting TCP_NODELAY
debug1: connect_next: host 192.168.10.161 ([192.168.10.161]:1143) in progress, fd=6
debug3: fd 6 is O_NONBLOCK
debug3: fd 6 is O_NONBLOCK
debug1: channel 2: new [195.113.180.82]
debug1: confirm forwarded-tcpip
debug3: channel 2: waiting for connection
debug1: channel 2: connected to 192.168.10.161 port 1143
debug3: send packet: type 91
Davmail 显示初始连接,但另一端实际上没有收到任何数据(据我所知)
2024-03-03 17:06:44,338 DEBUG [davmail.imap.ImapServer] davmail - Connection from /192.168.10.161 on port 1143
2024-03-03 17:06:44,338 INFO [davmail.imap.ImapServer] davmail.connection - CONNECT - 192.168.10.161:59732
2024-03-03 17:06:44,382 DEBUG [ImapConnection-59732] davmail.exchange.ExchangeSession - Test configuration status: 302
2024-03-03 17:06:44,383 DEBUG [ImapConnection-59732] davmail - > * OK [CAPABILITY IMAP4REV1 AUTH=LOGIN MOVE SPECIAL-USE] IMAP4rev1 DavMail 5.5.1-trunk server ready
服务器已禁用防火墙
# ufw status
Status: inactive
并且 GatewayPorts 已打开
# /etc/ssh/sshd_config
GatewayPorts yes
AllowTcpForwarding yes
我怎样才能进一步调试这个?