forwarding ssh requests

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\David A. Sinck at <-
MMLiberty Young at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Liberty Young
Date:  
Subject: forwarding ssh requests
This: 
/sbin/iptables -t nat  -A PREROUTING -p tcp -m tcp --dport 3022 \
                        -j DNAT --to-destination 192.168.0.10:22
doesn't work for me. 


Here's what i have right now: 
[root@athena init.d]# iptables -L 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:ssh 
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:auth
ACCEPT     tcp  --  anywhere             anywhere           tcp dpt:3022


Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere           state
RELATED,ESTABLISHED 
DROP       all  --  anywhere             anywhere           state
INVALID,NEW 
ACCEPT     all  --  anywhere             anywhere           
LOG        all  --  anywhere             anywhere           LOG level
warning 


Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       icmp --  anywhere             anywhere           state
INVALID 


[root@athena init.d]# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DNAT       tcp  --  anywhere             anywhere           tcp dpt:3022
to:192.168.10.192:22


Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         


Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[root@athena init.d]#



from happycake, a machine on the LAN, i get connection time outs
from my job, trying to get to it accross the network, i get connection
time outs.








On Tue, 2003-05-20 at 12:15, David A. Sinck wrote:
>
>
> \_ SMTP quoth Thomas Cameron on 5/20/2003 14:06 as having spake thusly:
> \_
> \_ That's what I was going to answer, but I am not getting it to work...
> \_
> \_ [root@mailtest1 root]# iptables -t nat -A PREROUTING -p tcp -d
> \_ 127.0.0.1 --dport 3022 -j DNAT --to-destination 127.0.0.1:22
> \_ [root@mailtest1 root]# ssh 127.0.0.1 -p 3022
> \_ ssh: connect to host 127.0.0.1 port 3022: Connection refused
> \_
> \_ I have tried to DNAT to a local address as well as another address with the
> \_ same results.
> \_
> \_ What gives?
>
> I'm going to kneejerk that it's some evil local interface problem. I
> know that rule works because it's firing successfully after a few IP
> substitutions. The rule above also faults for me.
> 
> \_ > /sbin/iptables -t nat  -A PREROUTING -p tcp -m tcp --dport 3022 \
> \_ >                        -j DNAT --to-destination 192.168.0.10:22

>
> David
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss



This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-forwarding ssh requestsforwarding ssh requests->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)