-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 31/08/12 16:28, AL13N wrote: > Op vrijdag 31 augustus 2012 12:41:37 schreef Anne Wilson: I need to > set up ssh in such a way that it comes in on a high port, say 5122 > which is forwarded to 22 - or otherwise to have ssh listen on 5122. > I assume this is beyond MCC, and will entail editing iptables. This > is not something I'm familiar with. Can someone please advise me? > > Anne > > better to put it in shorewall: > > use the /etc/shorewall/rules file... on top of the file (and man > shorewall- rules) is documented...
I'd love to - but I'm not having much success. After much reading of man pages (largely gobbledegook if you don't already know it) and tutorials from http://runtime.bordeaux.inria.fr/oaumage/oa/Teaching/ARSA_06/Shorewall/ (much easier to understand) I ended up adding lines like DNAT net loc:192.168.0.40 tcp 143 5143 DNAT net loc:192.168.0.40 tcp 22 5122 An attempt to restart seems to imply that I can't forward two addresses like this, so I assume I'm on the wrong track altogether. Before adding those lines I used to get ssh: connect to host 192.168.0.40 port 5122: Connection refused Now it just hangs. Depressing :-( This worked so easily and perfectly with the old, unreliable LinkSys router. Now I have to find a way to configure it on local firewalls, and frankly I'm simply not up to it. Anne - -- Need KDE help? Try http://userbase.kde.org or http://forum.kde.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlBBDw4ACgkQj93fyh4cnBcPpACZAQ4Xgz+A/UDS4uKjPT3KkEoO HNIAn0nQZ4zE0bg2ODI5BhxbFZckrXC3 =8dCh -----END PGP SIGNATURE-----
