Iptable rule for DNAT
 

Hi,

I am trying to redirect my ssh request to remote server using below ip rules but it is failing. Packets gets drop when i request from remote server to ssh. I have also set forwarding.
If it starts working i will bind some other port with destination machine.

iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 22 -j DNAT --to-destination 192.168.83.130:22
/sbin/iptables -A FORWARD -p tcp -d 192.168.83.130 --dport 22 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT


[root@puppet ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@puppet ~]# cat /proc/sys/net/ipv4/conf/eth0/forwarding
1


Thanks,

I ran tcpdump on the machine where i Iprules are written and got below logs.

23:55:17.415157 IP (tos 0x0, ttl 64, id 15945, offset 0, flags [DF], proto: TCP (6), length: 60) 192.168.83.131.54511 > 192.168.83.128.ssh: S, cksum 0xc32c (correct), 805348168:805348168(0) win 5840 <mss 1460,sackOK,timestamp 6331649 0,nop,wscale 6>
23:55:17.415245 IP (tos 0x0, ttl 63, id 15945, offset 0, flags [DF], proto: TCP (6), length: 60) 192.168.83.131.54511 > 192.168.83.130.ssh: S, cksum 0xc32a (correct), 805348168:805348168(0) win 5840 <mss 1460,sackOK,timestamp 6331649 0,nop,wscale 6>
23:55:20.415711 IP (tos 0x0, ttl 64, id 15946, offset 0, flags [DF], proto: TCP (6), length: 60) 192.168.83.131.54511 > 192.168.83.128.ssh: S, cksum 0xb774 (correct), 805348168:805348168(0) win 5840 <mss 1460,sackOK,timestamp 6334649 0,nop,wscale 6>
23:55:20.415771 IP (tos 0x0, ttl 63, id 15946, offset 0, flags [DF], proto: TCP (6), length: 60) 192.168.83.131.54511 > 192.168.83.130.ssh: S, cksum 0xb772 (correct), 805348168:805348168(0) win 5840 <mss 1460,sackOK,timestamp 6334649 0,nop,wscale 6>
23:55:25.047849 IP (tos 0x0, ttl 128, id 19560, offset 0, flags [DF], proto: TCP (6), length: 92) 192.168.83.1.60557 > 192.168.83.128.ssh: P 0:52(52) ack 1 win 16373

6 packets captured
6 packets received by filter
0 packets dropped by kernel

Any help on this plz ?

Thanks,

Can anybody help on this plz ?


Thanks,