From 5bc280c2dd8f37cd30c872db92e7703207fb9e87 Mon Sep 17 00:00:00 2001
From: T31M <t31m@cyberstuff.me>
Date: Wed, 27 May 2020 00:27:31 +0200
Subject: [PATCH] Updated randomized ssm tunnel port

---
 fish/theme-t31m/ssm_tunnel.fish | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fish/theme-t31m/ssm_tunnel.fish b/fish/theme-t31m/ssm_tunnel.fish
index db2c5bd..bc43066 100644
--- a/fish/theme-t31m/ssm_tunnel.fish
+++ b/fish/theme-t31m/ssm_tunnel.fish
@@ -21,10 +21,11 @@ function ssm_tunnel --description 'access private AWS ressources via Bastion Hos
 
     # Ports to bind for forwarding
     set LOCAL_PORT $argv[2]
+    set REM_PORT (math (random) % 65535 + 2000)
 
     # make sure jq is installed
     # Start socat on the remote server
-    set CMD "'sudo socat TCP4-LISTEN:$LOCAL_PORT,fork TCP4:$REMOTE_HOST'"
+    set CMD "'sudo socat TCP4-LISTEN:$REM_PORT,fork TCP4:$REMOTE_HOST'"
     set CMD_INVOC_ID (aws ssm send-command --instance-ids $INSTANCE_ID \
     --document-name 'AWS-RunShellScript' \
     --parameters commands=$CMD --output json | jq -r '.Command.CommandId')
@@ -33,7 +34,7 @@ function ssm_tunnel --description 'access private AWS ressources via Bastion Hos
     echo "Starting Tunnel"
     aws ssm start-session --target $INSTANCE_ID \
     --document-name "AWS-StartPortForwardingSession" \
-    --parameters "portNumber=$LOCAL_PORT,localPortNumber=$LOCAL_PORT"
+    --parameters "portNumber=$REM_PORT,localPortNumber=$LOCAL_PORT"
 
     # stop socat on the bastion
     aws ssm cancel-command --command-id $CMD_INVOC_ID