Port Forwarding Techniques
#Overview
Port forwarding forwards a single port or specific service through a compromised host. This is simpler and stealthier than a full SOCKS proxy when you only need to reach one service — less traffic, fewer logs, and no SOCKS configuration needed.
For basic SSH -L/-R and netsh portproxy, see 07 - Post-Exploitation. This section extends with advanced configurations, ProxyCommand/ProxyJump, iptables NAT, and Metasploit routing.
#Quick Selection
| Need | Tool | File |
|---|---|---|
| Forward a port with SSH | ssh -L / ssh -R | SSH Port Forwarding |
| Forward without SSH | socat / netsh / iptables | Native Port Forwarding |
| Route through Meterpreter | autoroute / portfwd | Metasploit Routing |
#Technique Files
| File | Covers | Complexity |
|---|---|---|
| SSH Port Forwarding | -L/-R advanced, ProxyCommand, ProxyJump, autossh | Medium |
| Native Port Forwarding | socat, netsh, iptables DNAT/SNAT | Low-Medium |
| Metasploit Routing | autoroute, route add, socks_proxy, portfwd | Medium |
#Cross-References
- 07 - Post-Exploitation — Basic SSH -L/-R and netsh
- Tunnels & Proxies — Full SOCKS proxy (when you need more than one port)
- Multi-Hop Chains — Chaining port forwards through multiple hosts