In process of a more complex problem (I posted a few threads above) I
tried to setup a very simple port-forward on my system.
I've ssh running on port 22 and for proove-of-concept I simply want to
redirect all connections on port 23 to port 22.
What I did:
I loaded the nat-module
I set all iptable-chains-policies to ACCEPT
I wrote 1 > /proc/sys/net/ipv4/ip_forward
and then set one single rule:
iptables -A PREROUTING -t nat -p TCP --dport 23 -j DNAT --to 127.0.0.1:22
and so a simple 'ssh -p 23 localhost' should do what I want.
Unfortunately it does not - connection is refused. What could I have
possibly missed?
thnx,
peter
# cat /proc/sys/net/ipv4/ip_forward
1
#iptables -nvL
Chain INPUT (policy ACCEPT 68547 packets, 26M bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 82312 packets, 8916K bytes)
pkts bytes target prot opt in out source
destination
# iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 561 packets, 101K bytes)
pkts bytes target prot opt in out source
destination
0 0 DNAT tcp -- * * 0.0.0.0/0
0.0.0.0/0 tcp dpt:23 to:127.0.0.1:22
Chain POSTROUTING (policy ACCEPT 5305 packets, 180K bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 5305 packets, 180K bytes)
pkts bytes target prot opt in out source
destination
# netstat -an | grep LISTEN | grep 22
tcp 0 0 :::22 :::* LISTEN
# ssh -p 22 localhost
root@localhost's password:
# ssh -p 23 localhost
ssh: connect to host localhost port 23: Connection refused
--
http://www.goldfisch.at/know_list
Similar Threads
Linear Mode
