Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
could you please help me? I want to forward from a specific public ip address let's say 152.66.232.20 the port 80 to port 22 on my firewall. I'm using iptables on Debian Linux.
I'd need a rule that would make this working and it's secure too. I guess that I got to add a rule something like this:
What I want to do is to ssh into my firewall from the internet through port 80. The problem is that the sshd is running on port 22 on my firewall and I don't want to change it since my web server is running on 80 too and I don't want to change that neither. So I figured out that my only chance to do this if I ssh on port 80 from a specific IP (another box of mine on the internet) to my firewall that will forward this incoming package specificly to port 22 in order to create the connection between my another box on the internet and the firewall's sshd.An I only want to forward the port 80 from that IP number any other case I don't want to forward it (since people couldn't connect to my web server then).
So it looks like you have a problem getting out on port 22 on the remote box, yes?
On the firewall do..
iptables -t nat -A PREROUTING -i eth? -s 152.66.232.20 -p tcp --dport 443 -j REDIRECT --to-ports 22
It is recommended using the -i eth? specifier to restrict the rule to the inernet interface.
Change the ? to the eth number.. You can read man iptables to get an explanation of REDIRECT
Of course using port 80, the remote ip number will not be able to browse the web server at your address..
I have suggested using port 443, usually used for https. It should be open at the remote site..
You may encounter an http proxy at the remote end which may block this working..
Depending on restrictions at the remote end, you may have to find a free port, eg 123 ntp time..
Last edited by peter_robb; 02-22-2005 at 07:31 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.