Lik`s forum

[lik]

Taken from : http://shearer.org/Ssh_tunnelling

-L [bind_address:]localhostport:remotehost:remoteport

Specifies that the given localhostport on the local (client) host is
to be forwarded to the given remotehost and remoteport on the remote side.
This works by allocating a socket to listen to localhostport on the local
side, optionally bound to the specified bind_address. Whenever a con-
nection is made to the local port, the connection is forwarded over
the secure channel, and a connection is made to remotehost on remoteport
from the remote machine. Note: remotehost may be any host that the
ssh endpoint machine (ie the machine specified with ''user@hostname'') can
access, not just the endpoint machine itself.

Examples forwarding a remote SMTP port to local port, where the remote
service is running on the same machine as the ssh login:

$ ssh -Nf -L 12345:faraway.example.com:25 \
unprivuser@faraway.example.com
$ telnet localhost 12345
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 faraway.example.com ESMTP - Mail server ready.

Example forwarding a remote web server inside a network to a local port,
where the ssh login is on a machine that can see the remote server but
not on it. This will work for any TCP service visible to the ssh login:

$ ssh -Nf -L 9876:intranet-server.example.com:80 \
unprivuser@firewall.example.com
$ firefox localhost:9876
(web page for protected intranet displayed.)