hi there.
let me explain once again. this time all internal network.
I have 3 machines
1. Firewall + Router with eth0 eth1 and ppp0 (we will only deal with eth0) 10.0.0.1
2. PC 10.0.0.100
3. Webserver (ssh enabled) 10.0.0.10
I added the following rule to my firewall machine.
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 9999 -j DNAT --to 10.0.0.10:22
This is just for testing dnat so i can ssh from my pc to firewall:9999 so i can connect to webserver_SSH:22
now the iptraf of firewall shows the following when i try to connect to firewall:9999
┌10.0.0.100:1270 = 2 96 S--- eth0 │
│└10.0.0.1:9999 = 0 0 ---- eth0 │
│┌10.0.0.100:1270 = 2 96 S--- eth0 │
10.0.0.10:22 = 0 0 ---- eth0 │
hence showing Syn packets going to 10.0.0.10 (webserver).
The webserver's iptraf shows :
10.0.0.100:1270 = 2 94 RESET eth0
10.0.0.10:22 = 1 48 S-A- eth0
ok so i started doubting the dnat of firewall (still not sure if that's the problem) so i tried to dnat from another port to firewall's ssh.. like this :
iptables -t nat -A PREROUTING -p tcp -d 10.0.0.1 --dport 9999 -j DNAT --to 10.0.0.1:22 -i eth0
The funny thing is that this works
now i'm totally lost. what is the problem here. can anyone help?
regards.
Bilal.