|
basic port forward help
As an exercise, trying to make a trivial port forward work. Eg. forward requests to 12345 to standard ssh. Starting as small a possible...
# iptables -t nat -A PREROUTING -p tcp --dport 12345 -j DNAT --to 22 # telnet localhost 12345 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused # telnet localhost 22 Trying 127.0.0.1... Connected to localhost. ^] Forwarding on, all policies wide open, accept. Can someone throw me a bone? |
Code:
-j DNAT --to-port 22 |
Thanks, but I had typo; I tried
--to 127.0.0.1:22 --to-port 22 --to-destination 127.0.0.1:22 Same result. |
Hows about?
Code:
-j REDIRECT --to-port 22 |
So.. you would have me say:
Code:
# iptables -t nat -A PREROUTING -p tcp --dport 22 -j DNAT --to-destination 127.0.0.1:22 |
Yeah, i brain farted, I just edited that post...
Dont mind me, long day :p |
only from outside.
I cannot claim to understand it, not even entirely believe it, but the failure seems to be limited to attempts to navigate the iptables DNAT/SNAT rules on a host from within that host.
So if I have an interface with address 192.168.1.100 and make a rule to send hiport traffic to the ssh port: Code:
# iptables -t nat -A PREROUTING -p tcp -d 192.168.1.100 --dport 12345 -j DNAT --to 192.168.1.100:22Code:
$ telnet 192.168.1.100 12345 |
Quote:
|
| All times are GMT -5. The time now is 12:40 PM. |