When external services have to access your code from the outside world development setups often become complicated.

Take for example writing a paypal IPN based application. Paypal’s sandbox wants a callback address which they can post the test IPNs to. Writing a facebook application? Many public urls have to be exposed to make it work.

Your options here are either to forward the required ports in your firewall or deploy your code to a publicly accessible area and perform the trial & deploy & repeat dance.

Worse, if you actually develop from a laptop, maybe from coffee shops around town, all bets are off.

However there is help, a little known aspect of SSH tunnels called reverse tunnels can be used to our advantage here. To enable it you have to edit your /etc/ssh/sshd_config:

# sshd_config
GatewayPorts yes 

Unfortunately the feature is disabled by default and requires OpenSSH 4 or newer.

Once enabled you can tell the server to forward any traffic arriving on a local port through the tunnel to one of your local ports.

ssh server -R *:5555:127.0.0.1:3000 -vv

Read: Traffic from *(any)ip arriving on port 5555 goes through the tunnel and is released on the other side to 127.0.0.1:3000, your local rails application.

Now you can simply create a new script in your rails folder called script/tunnel and you can work from everywhere!

#!/bin/sh
echo "Listening on port 5555" 
echo "Forwarding to localhost:3000" 
ssh server -R *:5555:127.0.0.1:3000 -vv