i want to do something, so if i recive a connection request i will forward it to other host (with ip and port changed to local machine) and do that will all traffic.
the tunnel, or more like proxy.
i conenct to A, A conenct to B, B send to A, A send to me.
i want to do it with changing port and ip, and like to know how to do it transparently (ip/port stay same).
iptables are my goal, not custom ****-app. or c code.
thx
Learning Programmer
Read this: Iptables Tutorial 1.2.2
"The only means of strengthening one's intellect is to make up one's mind about nothing - to let the mind be a thoroughfare for all thoughts." -- John Keats
Programmer
Linux Packet Filtering and iptables - DNAT target
Port forwarding for iptables (DMZ)
in this case I am forwarding port 22 to an internal machine 192.168.1.50
You will have to write one more rule in your FORWARDING table as well.Code:iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 22 -j DNAT --to 192.168.1.50:22 iptables -A INPUT -p tcp -m state --state NEW --dport 22 -i eth1 -j ACCEPT
Programmer
Like this
Code:iptables -A FORWARD -i eth0 -d 192.168.0.50 -p tcp --dport 22 -j ACCEPT
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Bookmarks