Sshuttle is leaking ?

[bumperz]

Hi.

- Debian wheezy 64bit gnome;
- ufw firewall

Sshuttle is allowing connections outside of the default 12300 port.
Unless I'm missing something, this is not how it's supposed to work.

As root...
$ ./sshuttle --dns -e "ssh -i /home/dabomb/.ssh/id_rsa" -vr mambo@10.20.60.77:6969 0/0

UFW firewall is;
Default: deny (incoming), deny (outgoing)
To Action From
---- -------- ------
[ 1] 10.20.60.77 6969/tcp ALLOW OUT Anywhere (out)
[ 2] 12300 ALLOW OUT Anywhere (out)

Problem;
I should be seeing 'only' the connection to the ssh server, and port 12300 (default) shouldn't I ?
(local 10.20.60.66) (remote 10.20.60.77)

When I go to hak5, http://revision3.com/forum/forumdisplay.php?f=41
I get these connections;
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:12300 0.0.0.0:* LISTEN
tcp 0 0 10.20.60.66:38916 173.192.112.10:80 ESTABLISHED
tcp 0 0 10.20.60.66:38917 173.192.112.10:80 ESTABLISHED
tcp 0 0 127.0.0.1:12300 10.20.60.66:38915 ESTABLISHED
tcp 0 0 10.20.60.66:57900 10.20.60.77:6969 ESTABLISHED
tcp 0 0 127.0.0.1:12300 10.20.60.66:38918 ESTABLISHED
tcp 0 0 10.20.60.66:38915 173.192.112.10:80 ESTABLISHED
tcp 0 0 127.0.0.1:12300 10.20.60.66:38919 ESTABLISHED
tcp 0 0 10.20.60.66:38918 173.192.112.10:80 ESTABLISHED
tcp 0 0 127.0.0.1:12300 10.20.60.66:38917 ESTABLISHED
tcp 0 0 127.0.0.1:12300 10.20.60.66:38914 ESTABLISHED
tcp 0 0 10.20.60.66:38914 173.192.112.10:80 ESTABLISHED
tcp 0 0 10.20.60.66:38919 173.192.112.10:80 ESTABLISHED
tcp 0 0 127.0.0.1:12300 10.20.60.66:38916 ESTABLISHED
udp 0 0 127.0.0.1:12300 0.0.0.0:*

I thought sshuttle will only use the default port 12300 and not use anything else ?

Can you please advise.

Thank you.
bumperz

[bumperz]

Hi again.

I'm new here... which is the correct forum section to post in when I wish to reply to a section in a particular episode ?

I want to post in the correct location for the recent episode discussing the use of sshuttle.

Thank you.