LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 09-13-2006, 06:47 AM   #1
kandzha
LQ Newbie
 
Registered: Sep 2006
Posts: 2

Rep: Reputation: 0
iptables help! DROP ssh port, but allow to connect to ssh if from 2222 port


Greetings,

I am sorry if I repeat any thread in forum, but i need some help quick.

Runing slackware 10.2 kernel 2.6 as a router
external interface - eth0
internal interface - eth1
subnet - 192.168.0.x

I am still relative newbie to linux and trying to configure IPTABLES.

My goal is to make that:
1) All external connections to port 22(ssh) would be dropped, while connections from internal network it would be open. My rule for this is:
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j DROP

2) (which is actualy my current problem!!!) I want to make that if trying to connect to my router using port 2222 (not 22) it would somehow forward request to port 22 and allow a connection. (Some sort of tricky hiding )

Thanks
Kandzha
 
Old 09-13-2006, 07:10 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,550
Blog Entries: 51

Rep: Reputation: 2611Reputation: 2611Reputation: 2611Reputation: 2611Reputation: 2611Reputation: 2611Reputation: 2611Reputation: 2611Reputation: 2611Reputation: 2611Reputation: 2611
Some sort of tricky hiding
If you're concerned about remote SSH attempts better check out ways to thwart that: http://www.linuxquestions.org/questi...d.php?t=340366
 
Old 09-13-2006, 07:17 AM   #3
kandzha
LQ Newbie
 
Registered: Sep 2006
Posts: 2

Original Poster
Rep: Reputation: 0
[QUOTE=unSpawn]Some sort of tricky hiding
If you're concerned about remote SSH attempts better check out ways to thwart that
No thats not my problem, i just want to be able to connect to router from my home
 
Old 09-13-2006, 07:30 AM   #4
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Quote:
Originally Posted by kandzha
1) All external connections to port 22(ssh) would be dropped, while connections from internal network it would be open. My rule for this is:
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j DROP
Yes this is fine.
Quote:
Originally Posted by kandzha
2) (which is actualy my current problem!!!) I want to make that if trying to connect to my router using port 2222 (not 22) it would somehow forward request to port 22 and allow a connection. (Some sort of tricky hiding )
But better way of doing this would be to change the port at which sshd is running at by mentioning
Code:
Port 2222
in /etc/ssh/sshd.conf & blocking all requests @ 22 nos of port @ INPUT chain.
 
Old 09-13-2006, 09:10 AM   #5
sin
LQ Newbie
 
Registered: Jun 2005
Location: UK
Distribution: Slackware
Posts: 28

Rep: Reputation: 15
iptables -A INPUT -p tcp --dport 22 -s ! 192.168.0.0/24 -j DROP
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 2222 -j DNAT --to 192.168.0.1:22

Last edited by sin; 09-13-2006 at 09:12 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH Port Forwarding with IPTables & DNAT MercurioBlue Linux - Networking 2 08-24-2006 11:17 PM
ssh over port 80 but port 80 isnt available profoX Linux - Networking 4 06-01-2006 02:12 AM
Drop connections to port 80 at firewall machine also drop at protected network? Niceman2005 Linux - Security 2 10-27-2005 08:21 AM
drop packets for specific port with iptables ohcarol Linux - Security 1 07-03-2005 10:48 AM
iptables/SSH port forarding problem tpe Linux - Networking 6 11-01-2004 04:59 AM


All times are GMT -5. The time now is 02:37 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration