it didn't work Thank you for the input though. Dom --- Samuel Díaz García (ArcosCom) <samueldg@xxxxxxxxxxxx> wrote: > Think in that it is an internal configured SSH > daemond and the administrator > don't want to modify the config because the daemon > is worwing well. > > The solution to open the service to another network > is map the ports. > > A posible solution for redirect the ssh port is (in > the 10.0.0.1 machine): > > 1) Allow incoming SSH connexs from the 10.0.0.1 > iface. > 2) Redirect 10.0.0.1:22 to 172.16.12.130:22 > > And ... how to do this with IPTABLES? > > $> iptables -t filter -A INPUT -i eth1 -d 10.0.0.1 > -m tcp -p tcp --dport > 22 -j ACCEPT > $> iptables -t nat -A PREROUTING -i eth1 -d 10.0.0.1 > -m tcp -p tcp --dport > 22 -j DNAT --to-destination 172.16.12.130:22 > > This add the rules at the chain tail. > > Regards, > > Samuel Díaz García > Director Gerente > ArcosCom Wireless, S.L.L. > > mailto:samueldg@xxxxxxxxxxxx > http://www.arcoscom.com > móvil: 651 93 72 48 > tlfn/fax: 956 70 13 15 > > > -----Mensaje original----- > De: netfilter-bounces@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx]En > nombre de Jason > Opperisano > Enviado el: jueves, 23 de septiembre de 2004 18:15 > Para: netfilter@xxxxxxxxxxxxxxxxxxx > Asunto: Re: Can anyone tell me how to do this? > > > On Thu, 2004-09-23 at 11:14, Dominic Iadicicco > wrote: > > yes > > > > > wrote: On Thu, 2004-09-23 at 09:22, Dominic > Iadicicco wrote: > > > ok, I have another one for all. > > > > > > I have now been tring to do this: > > > > > > I have an IP, 10.0.0.1 on eth1 and an IP > 172.16.12.130 > > > at eth0. And heres were things get fun. I want > all > > > ssh requests that go to 10.0.0.1 to get routed > to > > > 172.16.12.130 just like it worked when we did it > from > > > .130 to .212. (if anyone is new and doesn't what > was > > > discussed yesterday, please let me know I will > post > > > it.) > > > > are 10.0.0.1 and 172.16.12.130 on the same > physical machine? > > > > -j > > i hate answering questions with the "why don't you > just do it this way" > response, but here goes... > > if you have SSH connections being received on > 10.0.0.1, and that machine > also has an IP of 172.16.12.130, why don't you just > accept the > connections on 10.0.0.1? > > -j > > -- > Jason Opperisano <opie@xxxxxxxxxxx> > > > > > _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com
