Re: ip:2222 forward to 10.1.1.1:22 not working
I have this working and it doesn't seem to be having any problems...
my line is as follows:
iptables -t nat -A PREROUTING -i eth0 -p tcp -s 0/0 -d $EXT_IP
--destination-port 2222 -j DNAT --to-destination $INT_IP:22
Of course in my script $EXT_IP and $INT_IP are the actually IP
addresses not variables...
Hope this helps,
Jeremy
On Mon, Dec 10, 2001 at 10:21:57AM -0500, Joe Ellis wrote:
> i'm having a problem ssh'ing to an internal box from the external device.
>
> this doesn't seem to work:
> iptables -t nat -I PREROUTING -d $ip -p tcp --dport 2222 -j DNAT --to
> 10.1.1.1:22
>
> i figured that alone will work becuase i run this for vnc and it works
> perfectly:
> iptables -t nat -A PREROUTING -p tcp -i eth0 -d $ip --dport
> 5900 -j DNAT --to-destination 10.254.0.10
> iptables -t nat -A PREROUTING -p tcp -i eth0 -d $ip --dport
> 5800 -j DNAT --to-destination 10.254.0.10
>
> when i run the first one for forwarding $ip:2222 to 10.1.1.1:22 it fails
> at the forward chain. so i did the following just to be safe:
> iptables -I FORWARD -j ACCEPT
>
> if you need more info, let me know.
>
> --
> Joe Ellis
> http://www.lithodyne.net
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
Reply to: