[olug] Rule to open ssh
Joe Catanzaro
joecatanzaro at cox.net
Wed May 14 16:12:14 UTC 2003
Daryl,
I'm not sure I understand your question. Do you want to do port forwarding
for SSH? If so, this should work. I have very similar rules on my RH 7.3
firewall for http and ftp. So, in theory, this should work. The only
problem that I've been having is that my INET_IP has to be hard coded into
the script. So, I have to change it when my IP address changes (Cox DHCP).
I haven't gotten around to writing scripting this part of my firewall
ruleset. Nevertheless, this code should work assuming you're running NAT,
etc. Be sure to put these towards the end of your firewall ruleset. It's
taking SSH requests coming in on port 22 on your firewall and forwarding
them to 10.0.0.5 port 8181. Obviously, change the port numbers to your liking.
IPTABLES="/sbin/iptables"
INET_IFACE="eth0"
INET_IP="12.34.56.78"
SSHBOX="10.0.0.5"
LAN_IFACE="eth1"
$IPTABLES -t nat -A PREROUTING -i $INET_IFACE -p tcp -d $INET_IP \
--dport 8181 -j DNAT --to $SSHBOX:22
$IPTABLES -A FORWARD -i $INET_IFACE -o $LAN_IFACE -p tcp -d $SSHBOX --dport
8181 -j ACCEPT
Good luck,
At 5/14/03 10:57 AM Wednesday, drose.SCANTRON at scantron.com wrote:
>My firewall is a RH 7.3 machine using iptables. I've never been good at
>figuring out the rules, so I use a script to setup my rules. This works
>fine, but I want to open ssh, on an obscure port, so I can get in while at
>work.
>
>Can someone tell me how to configure the rule?
>
>Thanks.
>
>Daryl Rose
>Scantron Service Group
>Unix Support Specialist
>drose at scantron.com
>1-800-228-3628 x3061
>
>
>_______________________________________________
>OLUG mailing list
>OLUG at olug.org
>http://lists.olug.org/mailman/listinfo/olug
Joe Catanzaro
joecatanzaro at cox.net
More information about the OLUG
mailing list