Hello

Unfortunately my linux server crashed a few days ago after an electricity shortage. The crash caused some bad blocks on a partition and after recovering most of my sh files I realized that the firewall script was gone without a trace. I found a backup but it wasn't updated enough so I lost all the rules regarding redirection.

It has been years since I last modified the file (I couldn't guess that the bad block would hit exactly the area where the firewall script was - I deserve it, I know!).

Ok. I need right now to get the box up by issuing the rules again.

Here is the configuration: two nics cards. One (eth0) with a public ip address that connects to the world. The second one (eth1) is 192.168.1.1 All other machines take ips from a dhcp server starting with 192.168.1.X

I need to connect 192.168.0.7 port 22 to eth0:43022.

The old copy of firewall allows all internal boxes to connect the internet.

Sorry for such a simple question (probably it has been answered several times but I couldn't find exactly what I want in the web - Perhaps the reason is my frustation and dispair!).

Many many thanks

Ed

something like...

I remember that there was a second line. Could it something like the following?

iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 43022 -j DNAT --to
192.168.0.7 --dport 22
iptables -A FORWARD -p tcp --dport 43022 -j ACCEPT

Is the --dport 22 on the first line ok?

many thanks

Ed

No, you'd need to specify the new port by just putting it next to the IP, like:As for the second line, replace it with something like:Notice how the traffic direction was specified by use of the interface matches.

The first line doesn't work with iptables 1.2.9

unknown arg '--to'

Many thanks

Ed

try --to-destination
if that does not work, check out the man page or docs for your specific version ;-)

I tried to find some docs for that version but to no avail.

man is no longer available on the machine.

Many thanks

Ed