On 4/20/2009 1:38 PM, Richard Esplin wrote:
Current Attempts:
${IPTABLES} -t nat -A PREROUTING -i ${IFACE_EXT} -p tcp --dport 2022 -j
REDIRECT --to 22
This works as long as I add port 22 to the above ACCEPT statement, but that
would defeat the purpose.
${IPTABLES} -t nat -I PREROUTING -i {IFACE_EXT} -p tcp --dport 2022 -j
DNAT --to ${IPADDRE_INT}:22
This looks to me like it should work, but the port still reports as being
closed.
I think you are only missing the ACCEPT on the FORWARD table:
/sbin/iptables -t nat -A *PREROUTING* -p tcp -i eth0 --dport 9999 -j *DNAT*
--to 10.10.10.3:22
/sbin/iptables -A *FORWARD* -p tcp -i eth0 -d 10.10.10.3 --dport 22 -j *ACCEPT*
This is what I have and it works.
kenneth
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
