LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-14-2013, 06:42 PM   #1
ESWBitto
LQ Newbie
 
Registered: Jan 2013
Posts: 15

Rep: Reputation: Disabled
Port Forwarding rules 22


I've looked up everywhere to create prerouting tables adding rules to iptables to no luck getting solved.



Centos 6 distro

Ok so what I want to do is forward all traffic on port 22 and forward it to port 2222 so my kippo can listen to it.

Everything I try ends up denying the connection.

I have turned on portforwarding so I know its not that....It has to be in the rules I setup or there's something I'm missing.
 
Old 01-14-2013, 08:28 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,332
Blog Entries: 55

Rep: Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533
You're not forwarding over another device, just within the same machine.
First check what rules your nat table holds, its policy and if you need a specific device name:
/sbin/iptables -t nat --line-numbers -nvxL
then inset at the appropriate place:
/sbin/iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 2222
then check again and post "-t nat --line-numbers -nvxL" output if unsure.
 
Old 01-15-2013, 11:44 AM   #3
ESWBitto
LQ Newbie
 
Registered: Jan 2013
Posts: 15

Original Poster
Rep: Reputation: Disabled
iptables looks like this

http://i296.photobucket.com/albums/m...psd0dd3f28.png

I have also edit the ssh/sshd_config

I put Permitrootlogin to no

that's it.

(edit) I forgot to mention that I turned off the ssh service, but I don't think that has an impact on it.

Last edited by ESWBitto; 01-15-2013 at 12:05 PM. Reason: adding something else
 
Old 01-15-2013, 04:23 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,332
Blog Entries: 55

Rep: Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533
Let's start over. Where does Kippo run? On the same machine you're writing rules for or on another machine? If it's on the same machine did you install it here or does it run as a virtualization guest?
 
Old 01-15-2013, 04:25 PM   #5
ESWBitto
LQ Newbie
 
Registered: Jan 2013
Posts: 15

Original Poster
Rep: Reputation: Disabled
Well....I believe I answered my own question...


Kippo runs on the same server but not as root...you create another user specific for its purpose.

I ended up getting rinetd....to do the port forwarding....
 
Old 01-15-2013, 04:48 PM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,332
Blog Entries: 55

Rep: Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533
WD for answering your own question then. And good luck with Kippo. Personally I would never run a honeypot on a machine unless it was isolated in a DMZ or as virtualization guest...
 
Old 01-15-2013, 04:52 PM   #7
ESWBitto
LQ Newbie
 
Registered: Jan 2013
Posts: 15

Original Poster
Rep: Reputation: Disabled
the honeypot actually will be an isolated server....I won't be a part of the other production servers.
 
Old 01-15-2013, 05:11 PM   #8
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,332
Blog Entries: 55

Rep: Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533Reputation: 3533
Well, double-plus good, then!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTables Port forwarding rules works only for some hosts BushNik Linux - Networking 2 11-19-2012 05:37 PM
Shorewall: port forwarding problem, port is closed even after forwarding Synt4x_3rr0r Linux - Networking 2 12-13-2009 05:36 PM
IPCHAINS port forwarding and IPTABLES port forwarding ediestajr Linux - Networking 26 01-14-2007 08:35 PM
Simple Port Forwarding Firewall - not forwarding MadTurki Linux - Security 14 04-09-2006 01:08 PM
Need basic routing rules + a little port forwarding. Pcghost Linux - Networking 1 03-09-2003 12:21 AM


All times are GMT -5. The time now is 01:22 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration