Hi all !
I have a quite "standard" setup as follow :
192.168.7.x/24 -> iptables/router SNAT --to-source a.b.c.d -> internet
What I want to do, is that if a packet originites from the local net (192.168.7.x) on tcp port 22, that the final destination of the packet would wtill be the same host, but on port 8022...
Like this :
Normal :
192.168.7.1 ssh to f.g.h.i on port 22
the connection is :
192.168.7.1:sport -> f.g.h.i:8022
Is it possible ?
I've tried with REDIRECT, but it afects the destination of the packet, but I don't want that...
Thanks,
Nicolas
Redirect works on local hooks. Just DNAT it, dude.
iptables -t nat -A PREROUTING -p tcp -s 192.168.x.x --dport 22 -j DNAT --to-destination f.g.h.i:8022
It's crucial to define dport, not sport, cause your sport is not 22, it's a client port > 1024 and random.
-- www.supportivo.org
I can't stop myself checking for pigs in the outlets. Everybody thinks i'm a punk, cause of the hairstyle(220V).
end
