[Contents] [Index]

About This Document >>     Installing SSH Tectia Server for IBM z/OS >>     Getting Started with SSH Tectia Server for IBM z/OS >>     Configuring the Server >>     Configuring the Client >>     Authentication >>     File Transfer Using SFTP >>     File Transfer Using Transparent FTP Tunneling >>     Tunneling on the Command Line >>     Troubleshooting SSH Tectia Server for IBM z/OS >>     Advanced Information >>     Man Pages >>         scp2         sftp2         ssh-add2         ssh-agent2         ssh-socks-proxy >>         ssh-socks-proxy-config >>             Document Type Declaration and the Root Element             The general Element             The default-settings Element             The profiles Element             The static-tunnels Element             The filter-engine Element             The logging Element         ssh-socks-proxy-ctl >>         ssh-certd         ssh_certd_config         ssh-certview >>         ssh-cmpclient >>         ssh-dummy-shell         ssh-ekview         ssh-externalkeys         ssh-keydist2 >>         ssh-keygen2         ssh-probe2         ssh-scepclient >>         ssh-sft-stage         ssh2         ssh2_config         sshd-check-conf         sshd2         sshd2_config         sshd2_subconfig         sshregex     Log Messages >>

The static-tunnels Element

With the static-tunnels setting, you can create listeners for local tunnels automatically when the SOCKS Proxy starts up. The actual tunnel is formed the first time a connection is made to the listener port. If the connection to the server is not open at that time, it will be opened automatically as well.

The static-tunnels element can contain any number of tunnel elements.

• tunnel

  The tunnel element specifies a static tunnel. It has six attributes: type, listen-address, listen-port, dst-host, dst-port, allow-relay, and profile.

  The type attribute defines the type of the tunnel. This can be either tcp, ftp, or socks-proxy.

  • tcp specifies a listener for generic TCP tunneling
  • ftp specifies a listener for FTP tunneling (also the FTP data channels are tunneled)
  • socks-proxy specifies a listener that acts as a SOCKS proxy towards the client applications. The traffic coming to the proxy is filtered using filter rules. When this option is used, a filter-engine element must be defined. See Section The filter-engine Element.

  The listen-address attribute defines the local interface to be listened. If allow-relay is set to yes, it overrides this setting and all interfaces are listened.

  The listen-port attribute defines the local port to be listened.

  The dst-host and dst-port attributes define the destination host address and port. The value of dst-host can be either an IP address or a domain name. The default is 127.0.0.1 (localhost = server host). These settings are not needed if socks-proxy is set as the tunnel type.

  The allow-relay attribute defines whether connections to the listened port are allowed from outside the client host. The default is no.

  The profile attribute specifies the connection profile id that is used for the tunnel.

<static-tunnels> <tunnel type="socks-proxy" listen-address="127.0.0.1" listen-port="1080" dst-host="" dst-port="" allow-relay="NO" profile="" /> </static-tunnels>