I have three machines:
192.168.0.1
192.168.0.3
192.168.0.9
On 9 there is service running on port 1199 that I want clients (at 3) to
use from 1.
With SSH I can get this working from 1 with clients at 1 with:
ssh -L 1199:localhost:1199 192.168.0.9
Thought telnet localhost 1199 only works, not telnet 192.168.0.1 1199
Anyway, I don't need encryption.
DNAT is what I've been told I need so:
http://netfilter.org/documentation/HOWTO//NAT-HOWTO-10.html
$ cat i.sh
sudo /sbin/iptables -t nat -F
# This alone doesn't work
sudo /sbin/iptables -t nat -A PREROUTING -p tcp --dport 1199 -i eth0 -j
DNAT --to 192.168.0.9:1199
# I suspect something is wrong here:
sudo /sbin/iptables -t nat -A POSTROUTING -p tcp --dport 1199 -j SNAT
--to 192.168.0.1:1199
sudo /sbin/iptables -t nat -vnxL --line-numbers
It just does not work when from 3:
$ telnet 192.168.0.1 1199
Trying 192.168.0.1...
Packets do show up:
SOLTEC-HDSVR$ sudo /sbin/iptables -t nat -vnxL --line-numbers
Chain PREROUTING (policy ACCEPT 6494 packets, 466878 bytes)
num pkts bytes target prot opt in out
source destination
1 4 240 DNAT tcp -- eth0 *
0.0.0.0/0 0.0.0.0/0 tcp dpt:1199 to:192.168.0.9:1199
Chain POSTROUTING (policy ACCEPT 2102 packets, 388967 bytes)
num pkts bytes target prot opt in out
source destination
Chain OUTPUT (policy ACCEPT 2102 packets, 388967 bytes)
num pkts bytes target prot opt in out
source destination
Though from 1 not at all:
$ telnet 192.168.0.1 1199
Trying 192.168.0.1...
telnet: Unable to connect to remote host: Connection refused
What am I doing wrong?
