Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

OpenID
or
Sign in Register

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

World cup college
Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

2010-03-03 - Commandlinefu @ SXSW 2010
Am going to be at SXSW this year, in case you want to submit any CLI nuggets or suggestions to me in person. Ping me on the @codeinthehole Twitter account.
2009-09-12 - Email updates now available
You can now enable email updates to let you know each time you're command is commented on.
2009-07-11 - API and javascript blog widget now available
A simple API has been released, allowing commands to be retrieved in various formats. This also allows commands to be embedded on blogs/homepages.
2009-05-17 - Added duplicate suggestions to the new command form
When adding a new command, a quick background search is performed to make sure you're not duplicating a command already in the system.
Hide

Tags

Hide

Functions

Hide

Credits

Site by David Winterbottom (user root).

start a tunnel from some machine's port 80 to your local post 2001

Terminal - start a tunnel from some machine's port 80 to your local post 2001
ssh -N -L2001:localhost:80 somemachine
2009-02-05 09:13:23
User: mischamolhoek
Functions: ssh
117
Up
Down
start a tunnel from some machine's port 80 to your local post 2001

now you can acces the website by going to http://localhost:2001/

Add to favourites | Report as malicious

Know a better way?

If you can do better, submit your command here.

What others think

What are the caveats for this working?

Comment by DannoHung 57 weeks ago

none, as far as i know. i use this to access a customers intraweb application.

this way the customer only needs to open up port 22 (ssh) in the firewall for just one ip address of some machine in your local lan (your hub machine).

this way you can hop for your laptop to that local machine to the customers machine. as secure as it get's while still being relatively easy to use. no tokenstuff needed (i hate tokens and the 'supposed better' security).

Comment by mischamolhoek 57 weeks ago

Some web applications will get upset if you supply a port when they're not expecting it, or will break if they expect to be able to do redirects or URL rewriting.

But in general, this will work. Everyone in my company uses this every single day!

Comment by semanticist 55 weeks and 1 day ago
ssh -D 9000 somemachine

Sets up local port 9000 as a SOCKS 5 proxy via somemachine

Comment by rae 55 weeks ago

a little more details, for example, in the case of an email client on a laptop, pointing to localhost:8025 for SMTP services, and localhost:8110 for POP3 services associated with a Comcast account, w/out traversing ?foreign? networks with clear text credentials, looks like:

ssh -f -N -L 8025:smtp.comcast.net:25 my_home_machine -L 8110:mail.comcast.net:110 my_home_machine

then, when changing locations:

ps aux |grep ssh |grep -v grep |awk ?{print $2}? |xargs kill -9

and even better - setup public/private keys and you could use "-i ~/.ssh/public_key" as ssh parameter, to avoid password prompt ==> then could have everything in a shell script

Comment by netfortius 53 weeks and 3 days ago

The params explaination:

* -f tells ssh to go into the background (daemonize).

* -N tells ssh that you don't want to run a remote command. That is, you only want to forward ports.

* -q tells ssh to be quiet

* -L specifies the port forwarding

If you want use one of the reserved ports (i.e., under 1023),

you will have to run as root (using sudo).

Also if you want to connect to server behind the DMZ, you can use a intermediate. This is useful where your have your local machine outside a firewall; a visible machine on the DMZ; and a third machine invisible to the outside.

ssh -f -N -q -L 80:192.168.1.69:80 username@dmz.example.com
Comment by starchox 51 weeks and 6 days ago

You can also allow access to the tunnel from incoming connections besides 127.0.0.1 which is the default when not stipulated.

eg

ssh -f -N -L 0.0.0.0:8080:google.com:80 me@remote

This allows on any net interface

or

ssh -f -N -L 10.1.1.120:8080:google.com:80 me@remote

This allows any machine that can access your 10.1.1.120 interface access to the tunnel.

This is not considering firewalls.

Comment by DaveQB 44 weeks and 1 day ago

Your point of view

You must be signed in to comment.

Related sites and podcasts