On Friday 09 May 2008, John Mort wrote: > I want to be able to remote desktop into my XP Pro SP2 machine at > work. We only have one Fedora machine on the LAN that can be accessed > outside the LAN, I have the IP for this machine, and know the internal > IP for my work computer, I also have a sudo account on the Fedora > machine. > > What I'd like to do is ssh into the Fedora machine, and modify the > iptables to forward incoming traffic on port 9999 to my work computer > on port 3389 (Windows Remote Desktop port).
iptables -t nat -I PREROUTING -p tcp -d <PUBLIC_IP> --dport 3389 \ -j DNAT --to <INTERNAL_IP>:9999 > The idea being that I > could then use terminal server client against the Fedora machines > internet IP on port 9999 and have it bring up my desktop at work. > Then when I'm done just remove the modification to iptables to close > the hole. To close the hole, i.e. delete the iptables rule, it's the identical rule above except change the -I (just before "PREROUTING") for insert into -D for delete. > The only part of this plan I don't know how to accomplish is step 2. > I've made several attempts but can't seem to figure out the correct > iptables command. Is what I'm trying to do possible? Is iptables the > right tool for the job here? Yep; it just so happens that I recently had to figure out how to do this, so I have a bunch of these same rules right in front of me on that little Alix2c3 box that I brought in on Wednesday. -- Chris -- Chris Knadle [EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Jun 4 - Sqeak! and eToys Jul 2 - KVM (Tenative) Aug 6 - Zenos Sep 3 - TBD
