LinuxQuestions.org - iptables rule to remap incoming ssh from 2202 -> 22

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - iptables rule to remap incoming ssh from 2202 -> 22 (https://www.linuxquestions.org/questions/linux-security-4/iptables-rule-to-remap-incoming-ssh-from-2202-22-a-777191/)

Yalla-One

12-21-2009 05:00 AM

iptables rule to remap incoming ssh from 2202 -> 22

Hi,

I am trying to create a very simple firewall rule that remaps incoming ssh traffic from port 2202 to port 22 on current host.
(yes, I know I can change the port in sshd_config, but that breaks a few other things)
So instead of making a hole in my iptables for port 22, I'd like to make a hole for 2202 and point it to 22. Is that possible with a few lines of iptables?

Thanks in advance!

-y1

GrapefruiTgirl

12-21-2009 05:17 AM

Check out this nifty little tutorial: http://www.web-articles.info/e/a/tit...with-iptables/

The DNAT section shows precisely what you are looking for -- remapping a high port to the SSH port.

Sasha

Yalla-One

12-21-2009 05:29 AM

Thanks much!

win32sux

12-21-2009 08:27 AM

If these iptables would be run on the SSH box itself, then you could use REDIRECT as an alternative to DNAT. One of the benefits would be that you wouldn't need to worry about the IP address, since it's done automatically. Example:

Code:

iptables -t nat -A PREROUTING -i eth0 -p TCP --dport 2202 -j REDIRECT --to-port 22

All times are GMT -5. The time now is 07:17 AM.