Re: DNAT TCP 12345 -> 22

To: debian-firewall@lists.debian.org
Subject: Re: DNAT TCP 12345 -> 22
From: Paolo <oopla@users.sf.net>
Date: Fri, 21 Mar 2008 21:46:41 +0100
Message-id: <20080321204641.GH20978@localhost>
Mail-followup-to: oopla@liszt.debian.org, debian-firewall@lists.debian.org
In-reply-to: <47E3FD20.1000708@juliana-multimedia.com>
References: <47E2B09E.1070708@juliana-multimedia.com> <47E3AFCD.9040809@plouf.fr.eu.org> <47E3FD20.1000708@juliana-multimedia.com>

On Fri, Mar 21, 2008 at 07:23:28PM +0100, Fr?d?ric Massot wrote:
...
> it works, access on port 22 is blocked. Well, that's not very proper to 
> do filtering on the table nat. I will look at the use of sshd on two ports.

yep, it's also quicker to start/stop - just start stop the listening daemon.
No risk to mess with the fw rules ;)
Also, you could run the 12345/sshd with its own sshd_config or even in 
chroot jail.
That's what I'm doing too, indeed.

-- 
paolo

Reply to:

References:
- DNAT TCP 12345 -> 22
  - From: Frédéric Massot <frederic@juliana-multimedia.com>
- Re: DNAT TCP 12345 -> 22
  - From: Pascal Hambourg <pascal.mail@plouf.fr.eu.org>
- Re: DNAT TCP 12345 -> 22
  - From: Frédéric Massot <frederic@juliana-multimedia.com>

Prev by Date: Re: DNAT TCP 12345 -> 22
Next by Date: Help me setup AntiSpam filter
Previous by thread: Re: DNAT TCP 12345 -> 22
Next by thread: Tru
Index(es):
- Date
- Thread