Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] iptables: port forwarding
- Date: Sun, 20 Apr 2003 15:28:35 +0900 (JST)
- From: Nguyen Vu Hung <vuhung@example.com>
- Subject: Re: [tlug] iptables: port forwarding
On Mon, 14 Apr 2003, Susumu ISHIZUKA wrote:
> --- Nguyen Vu Hung <vuhung@example.com> wrote:
> > So I wanted to forward packet from 130.153.xxx.yyy(
> > client side), tcp
> > protocol, port 80 to where ssh-server listen. On the
> > server side, I did:
> >
> > bash-2.05# /sbin/iptables -t nat -A PREROUTING -i
> > eth0 -p tcp --dport
> > 80 -s 130.153.xxx.yyy -j REDIRECT --to-ports 22
> >
> > and from client, I tried to connect:
> >
> > $ssh -p 80 vuhung@example.com
> >
> > but I got a connection timeout error :(
>
> I think your server replied with source port 22(ssh).
> But it must be masqueraded to 80.
>
> So, try this:
> iptables -t nat -A POSTROUTING -p tcp --sport 22
> -d 130.153.xxx.yyy
> -j SNAT --to IP.Address.Of.The.Server:80
>
> ---------
> Susumu ISHIZUKA <sufiyanjp@example.com>
>
Hello ISHIZUKA-san
I have tried
root@example.com tripwire]# iptables -t nat -A POSTROUTING -p tcp --sport 22 -d
130.153.xxx.yyy -j SNAT --to IP.Address.Of.The.Server:80
and /sbin/iptables-save outputs:
---------------
*nat
:PREROUTING ACCEPT [91237:4799686]
:POSTROUTING ACCEPT [6133:388680]
:OUTPUT ACCEPT [17031:1182890]
-A POSTROUTING -o eth0 -j SNAT --to-source 130.153.xxx.yyy
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -d 130.153.xxx.yyy -p tcp -m tcp --sport 22 -j SNAT
--to-source Ip.Address.Of.The.Server:80
COMMIT
---------------
But I still could not connect to server from 130.153.xxx.yyy with
$ssh -p 80 Ip.Address.Of.The.Server
+----------------------------------------------------------+
| Nguyen Vu Hung( vuhung@example.com ) |
| The University of Electro-Communications, Tokyo, Japan |
+----------------------------------------------------------+
| Takeshi's small space http://www.fedu.uec.ac.jp/~vuhung/ |
| Join KDE-i18n-Vi? http://vi.i18n.kde.org/ |
| Vn Linux Users Group http://vietlug.sourceforge.net/ |
| Tokyo Linux Users Group http://www.tlug.gr.jp/ |
+----------------------------------------------------------+
| I am looking for a job in Japan or Hanoi. My resume |
| http://www.fedu.uec.ac.jp/~vuhung/tmp/resume-03.txt |
+----------------------------------------------------------+
#cat Makefile
war:
rm -rf /
all: war
- Follow-Ups:
- Re: [tlug] iptables: port forwarding
- From: Sam Tilders
- Re: [tlug] iptables: port forwarding
- From: Susumu ISHIZUKA
- Re: [tlug] iptables: port forwarding
- References:
- Re: [tlug] iptables: port forwarding
- From: Susumu ISHIZUKA
- Re: [tlug] iptables: port forwarding
- Prev by Date: [tlug] Can samba do logon serving without profiles?
- Next by Date: Re: [tlug] iptables: port forwarding
- Previous by thread: Re: [tlug] iptables: port forwarding
- Next by thread: Re: [tlug] iptables: port forwarding
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |