iptables port forwarding
I'd like to know whether it is possible to do this kind of thing with
iptables. I'd like to configure my firewall/router so that all the packets
to the port 80 from the Internet (from specific addresses) are forwarded
automatically to the ssh-port on another host on the Internet (not on my
This would be needed so that shell access would be possible even in an
environment where firewall blocks all the other ports than 80. I could
solve the problem by binding SSH to listen that port but I'd like to have
a solution where the packets wouldn't get past the firewall and no access
would be necessary to my Linux box.
I already have NAT working for my home LAN but I don't fully understand
how all those post/prerouting things work. And can I mangle packets and
then send them back to the same interface where they came from?