diff options
Diffstat (limited to 'nfs-ssh-fw')
-rwxr-xr-x | nfs-ssh-fw | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/nfs-ssh-fw b/nfs-ssh-fw new file mode 100755 index 0000000..5a8e7a2 --- /dev/null +++ b/nfs-ssh-fw @@ -0,0 +1,83 @@ +#!/usr/bin/perl -w + +# Found here: +# http://www.samag.com/documents/s=4072/sam0203d/sam0203d.htm + +use strict; +use File::Basename; + +## CONFIGURATION +my $nfs_server = "nfs1"; # the nfs server to connect to +my $nfs_server_user = "james"; # a valid username on the nfs server +my $use_version = "2"; # nfs-user-server uses 2, otherwise 3 + # would be better. Check output of + # 'rpcinfo -p <servername>' + +my $nfsd_client_port = "2818"; # we will port forward nfsd here +my $mountd_client_port = "3045"; # we will port forward mountd here +my $sleep_length = "86400"; # how long to sleep before restarting + # 86400 secs is one day. Note + # this is overridden if a command is + # specified in the server's + # authorized_keys2 file + +# need to keep '-f', can also specify encryption algorithm, the ssh version +# and the id key +my $ssh_opts = "-f -c blowfish -2 -i /home/james/.ssh/id_dsa_nfs"; + +my %rpcinfo_col = ( # change as per output of rpcinfo -p + 'program' => '0', + 'version' => '1', + 'protocol' => '2', + 'port' => '3', + 'daemon' => '4' +); + +## END CONFIGURATION + +# not much should need to change below here +my $prog_name = basename($0); +my $nfsd_server_port = ""; +my $mountd_server_port = ""; + + +# for signals +$SIG{INT} = sub { die "$0 interrupted and dying (does not kill ssh)\n" }; + +my $first_time = 1; +while (1) { + if ($first_time) { + print "$prog_name: Starting ssh/nfs forwarding—\n"; + $first_time = 0; + } else { + print "$prog_name: Restarting ssh/nfs forwarding—\n"; + } + + # first, get the rpcinfo + my @rpcinfo = `rpcinfo -p $nfs_server`; + + print "My rpcinfo =\n @rpcinfo"; + + # now get the nfsd and mountd port numbers + foreach (@rpcinfo) { + my @line = split; + if ($line[$rpcinfo_col{"version"}] eq $use_version && + $line[$rpcinfo_col{"daemon"}] eq "nfs" && + $line[$rpcinfo_col{"protocol"}] eq "tcp") { + $nfsd_server_port = $line[$rpcinfo_col{"port"}]; + print (" nfsd port = $nfsd_server_port"); + } elsif ($line[$rpcinfo_col{"version"}] eq $use_version && + $line[$rpcinfo_col{"daemon"}] eq "mountd" && + $line[$rpcinfo_col{"protocol"}] eq "tcp") { + $mountd_server_port = $line[$rpcinfo_col{"port"}]; + print (", mountd port = $mountd_server_port\n"); + } + } + + # now run ssh (if this fails, we get the error message and + # retry). This should run all the time. This also won't die + # unless the nfs mount is done. + `/usr/bin/ssh $ssh_opts -L \ + $nfsd_client_port:$nfs_server:$nfsd_server_port -L \ + $mountd_client_port:$nfs_server:$mountd_server_port -l \ + $nfs_server_user $nfs_server /bin/sleep $sleep_length`; |