iptables port forwarding

Joseph Spenner <joseph85750@xxxxxxxxx> · Tue, 4 Dec 2012 11:38:26 -0800 (PST)

I have a simple requirement/test I'm trying to perform, but having difficulty.

I have a system with 2 interfaces, BoxA:

eth0  172.26.50.102
eth1  192.101.77.62

My goal is to have a tcp port built on BoxA such that hosts on the 192.101.77.0/24 network can reach a port on a different box on the 172.26.0.0/16 network.

The target system is 172.26.10.120   tcp/22
The port I wish to build is 12321.

The iptables rules I'm using:

iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 12321 -j DNAT --to 172.26.10.120:22

It shows up when I query the rules:

boxA# iptables -L 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
# 

boxA# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DNAT       tcp  --  anywhere             anywhere            tcp dpt:12321 to:172.26.10.120:22 

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
boxA#

Forwarding is enabled:

boxA# cat /proc/sys/net/ipv4/ip_forward
1
boxA#

boxA can get to the target system:

boxA# telnet 172.26.10.120 22
Trying 172.26.10.120...
Connected to 172.26.10.120.
Escape character is '^]'.
SSH-2.0-OpenSSH_4.6

Protocol mismatch.
Connection closed by foreign host.
boxA#

When I try to connect from my other system, boxB, 192.101.77.76, it never connects to the target port:

boxB# telnet 192.101.77.62 12321
Trying 192.101.77.62...
^C

boxB# 

However, I can connect to boxA from boxB on it's tcp/22 port, so I know I have connectivity:

boxB# telnet 192.101.77.62 22
Trying 192.101.77.62...
Connected to 192.101.77.62.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.5p1

Protocol mismatch.
Connection closed by foreign host.
boxB#

Nothing shows up in the logs.

Anyone have any ideas what I may be doing wrong?

Any help would be great.

Thanks!

______________________________________________________________________
If life gives you lemons, keep them-- because hey.. free lemons.
"♥ Sticker" fixer:  http://microflush.org/stuff/stickers/heartFix.html
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos