port forwarding question
there are two boxes, A and B. is it possible to set up the firewalls and
port forwarding on them that a port on A is forwarded to B, but one can
not connect to B directly? both machines have direct inet connection.
the whole point should be to have the users think that they connect to A,
but in practice they connect to B. they shouldn't discover the trick, so
direct connections to B are forbidden. btw, is it possible to detect port
forwarding by watching the traffic?
i can do the port forwarding part w/ iptables prerouting, but currently
i'm not able to restrict the access to B. if C (the client) connects to
A, it is forwarded and B sees the source ip C. filtering out C in the fw
rules of B will forbid both the direct and the indirect (through A)
connection. is there a solution?