Ferries and Firewalls
4 months ago firewall irishferries ssh travel
Not long ago we travelled to Ireland on the ferry. The ship's wifi was pretty reasonable quality in terms of speed (it is based on some sort of satellite system) - but it had some curious firewall effects going on. In particular, ssh would sometimes work, and sometimes be blocked (with everything else, including ping to the intended server, working just fine). Annoying - what could I do about it?
Prior to travelling back I set up a few more ssh ports on my server. Dropping the following into /etc/ssh/sshd_config.d/extra-ports.conf, followed by restarting sshd with sudo systemctl sshd, was all it took:
# Extra ports to get round on-ship firewalls
Port 53
Port 110
Port 113
Port 143
Port 8008
Port 5060
Port 5222
I chose the ports based on what a quick nmap scan on the ship had suggested might be allowed through. And indeed, on the way back, I could get to my server all the way across.
(Note that it's good to include the default 22 there, otherwise specifying other ports disables it!)
Some websites were also blocked, seemingly randomly - including my personal Mastodon server, which has no dodgy content at all, as far as I'm aware! Installing tinyproxy on my server, and using ssh port-forwarding, allowed me to get past this too, and see what the inhabitants of the Fediverse were up to.
0 comments