X-Git-Url: https://git.distorted.org.uk/u/mdw/putty/blobdiff_plain/2f8d6d437a189a7f0c059f0a30306c829a5e7cf6..41d3adbbfed77605e4a397ce199c5751c35bf94b:/doc/using.but

diff --git a/doc/using.but b/doc/using.but
index 674d0a50..f4c42dd7 100644
--- a/doc/using.but
+++ b/doc/using.but
@@ -1,4 +1,4 @@
-\versionid $Id: using.but,v 1.3 2001/12/06 20:05:39 simon Exp $
+\versionid $Id: using.but,v 1.5 2001/12/15 12:15:24 simon Exp $
 
 \C{using} Using PuTTY
 
@@ -266,9 +266,12 @@ box. Enter the destination host name and port number into the
 \b Now click the \q{Add} button. The details of your port forwarding
 should appear in the list box.
 
-Now start your session. To check that PuTTY has set up the port
-forwarding correctly, you can look at the PuTTY Event Log (see
-\k{using-eventlog}). It should say something like this:
+Now start your session and log in. (Port forwarding will not be
+enabled until after you have logged in; otherwise it would be easy
+to perform completely anonymous network attacks, and gain access to
+anyone's virtual private network). To check that PuTTY has set up
+the port forwarding correctly, you can look at the PuTTY Event Log
+(see \k{using-eventlog}). It should say something like this:
 
 \c 2001-12-05 17:22:10 Local port 3110 forwarding to
 \c          popserver.example.com:110
@@ -288,6 +291,22 @@ To do this, just select the \q{Remote} radio button instead of the
 number on the \e{server} (note that most servers will not allow you
 to use port numbers under 1024 for this purpose).
 
+The source port for a forwarded connection usually does not accept
+connections from any machine except the SSH client or server machine
+itself (for local and remote forwardings respectively). There are
+controls in the Tunnels panel to change this:
+
+\b The \q{Local ports accept connections from other hosts} option
+allows you to set up local-to-remote port forwardings in such a way
+that machines other than your client PC can connect to the forwarded
+port.
+
+\b The \q{Remote ports do the same} option does the same thing for
+remote-to-local port forwardings (so that machines other than the
+SSH server machine can connect to the forwarded port.) Note that
+this feature is only available in the SSH 2 protocol, and not all
+SSH 2 servers support it (OpenSSH 3.0 does not, for example).
+
 \H{using-rawprot} Making raw TCP connections
 
 A lot of Internet protocols are composed of commands and responses