Local port forwarding on a mac
Solution 1
This article on Port Forwarding on Mac OS X seems to have the answer.
Here is the example they provide at the end:
The following example forwards any inbound 443 traffic to PRO Server running on local host (127.0.0.1) port 4282.
sudo ipfw add 1443 forward 127.0.0.1,4282 ip from any to any 443 in
Solution 2
I doubt a local SSH tunnel is the easiest solution, but to forward 1234
to 5900
:
ssh -g -L 1234:localhost:5900 localhost
The -g
is needed to allow remote hosts to connect to the local port 1234
.
To run this in the background:
ssh -Nfg -L 1234:localhost:5900 localhost
You can include the options in your SSH config file, like LocalForward 1234 localhost:5900
.
To test this when Screen Sharing is not running, run the built-in Python web server: python -m SimpleHTTPServer 5900
, and then point a browser to http://localhost:1234
Related videos on Youtube
Dave
Updated on September 17, 2022Comments
-
Dave over 1 year
I need to have the mac take traffic coming into it on one port send the traffic to a different but still local port.
I.e. Traffic comes in on port 1234 and transfers to port 5900 (vnc)
This is because the router wont allow me to set up portforward where the origin and destination ports differ and I need to connect to multiple machines.
So for example in my router I have set up: port 1234 -> 192.168.0.2:1234 port 1235 -> 192.168.0.3:1235 port 1236 -> 192.168.0.4:1236
Then I need the mac to take incoming port and send it to local port 5900
-
Arjan over 13 yearsAs an aside: some VNC implementations support repeaters/proxies. Like UltraVNC Repeater. This might help one to forward just the default port to a single computer, which can then forward requests to other computers. However: that would require you to have one Mac running at all times. Also, I don't know if the built-in Screen Sharing server supports this feature.
-
BillThor over 13 yearsVNC supports ports less than 5900. Set the display to -4666 (5900 - 1234). VNC will then listen on port 1234.
-
Arjan over 13 years@BillThor, that might be hard on a Mac: How to change the default screen sharing / VNC port number on Mac OS X?
-
Arjan over 13 yearsOr: use SSH to connect to the Macs? (The VNC protocol is not secure, though OS X adds an option to encrypt the data. I don't know what it does, but using SSH you can also use a Windows VNC client to connect securely.) So, on the client computer:
ssh -L 1234:localhost:5900 -p 22 your-remote-mac
and connect your VCN client tolocalhost:1234
. However, using your router, this needs a uniquesshd
port for each Mac. See How to change sshd port on Mac OS X? -
Arjan over 13 yearsAnyone who knows how to configure the IP Firewall? I thought
sudo ipfw add fwd 127.0.0.1,1234 tcp from any to me dst-port 5900
might do the trick, but: no cigar. Maybe in 10.6 one needs to actually enableipfw
manually? (The built-in Application Firewall in System Preferences is a different thing altogether.) -
Claudio Floreani about 12 yearsYes, ipfw port forwarding seems broken in Mac 10.7 (and maybe earlier versions)
-
-
Claudio Floreani about 12 yearsAlso, check that both "sysctl -n net.inet.ip.fw.enable" and "sysctl -n net.inet.ip.forwarding" are enabled (set to 1). This should be the way to do it, however it seems broken in Mac OS 10.7
-
Fusion over 2 yearsThe link is broken!