Forward all request on port 22
 

Hi Everyone,

In my iptables there aren't any rules defined. Now I want to forward all requests to port 22 on 10.0.0.32 to port 22 on destination 10.0.0.16.

This is the rule I use:

iptables -A FORWARD -p tcp --sport 22 --dport 22 -d 10.0.0.16 -j ACCEPT

After inserting this rule and I try to connect to this server (10.0.0.32) with putty on port 22. I'm getting the error message 'Connection refused'.

When I connect direct to 10.0.0.16 on port 22 I can login to this computer. So my quess it a problem with the forwarding on 10.0.0.32, because the firewall of 10.0.0.16 accepts all connections on port 22.

Even with the firewall off on 10.0.0.16 it still doesn't work. What's wrong with my rule?

Thanks Arian

I'd suggest the sport is wrong here, I wouldn't specify it simply because it doesn't matter from which the connection comes as long as destination port is 22.
I just googled this description and I think you also need to do NAT: http://www.hackorama.com/network/portfwd.shtml

not not not no NO NONONONONO
 

You can not forward a request in the same net of the first recipient....

If you forward 10.0.0.A to 10.0.0.B and the request come from 10.0.0.C, the 10.0.0.B will response directly to 10.0.0.C and 10.0.0.C is waiting an answer from 10.0.0.A, so It get some strange things

I suggest you to use a alias to create a kind of fake tunnel between the A and B hosts. And/or NAT to MASQUERADE the requests.

Another thing the source port never is a lower port.