Can anyone tell me how to do this?

Samuel Díaz García (ArcosCom) samueldg at
Thu Sep 23 18:44:39 CEST 2004

Think in that it is an internal configured SSH daemond and the administrator
don't want to modify the config because the daemon is worwing well.

The solution to open the service to another network is map the ports.

A posible solution for redirect the ssh port is (in the machine):

1) Allow incoming SSH connexs from the iface.
2) Redirect to

And ... how to do this with IPTABLES?

$> iptables -t filter -A INPUT -i eth1 -d -m tcp -p tcp --dport
22 -j ACCEPT
$> iptables -t nat -A PREROUTING -i eth1 -d -m tcp -p tcp --dport
22 -j DNAT --to-destination

This add the rules at the chain tail.


Samuel Díaz García
Director Gerente
ArcosCom Wireless, S.L.L.

mailto:samueldg at
móvil: 651 93 72 48
tlfn/fax: 956 70 13 15

-----Mensaje original-----
De: netfilter-bounces at
[mailto:netfilter-bounces at]En nombre de Jason
Enviado el: jueves, 23 de septiembre de 2004 18:15
Para: netfilter at
Asunto: Re: Can anyone tell me how to do this?

On Thu, 2004-09-23 at 11:14, Dominic Iadicicco wrote:
> yes
> > wrote: On Thu, 2004-09-23 at 09:22, Dominic Iadicicco wrote:
> > ok, I have another one for all.
> >
> > I have now been tring to do this:
> >
> > I have an IP, on eth1 and an IP
> > at eth0. And heres were things get fun. I want all
> > ssh requests that go to to get routed to
> > just like it worked when we did it from
> > .130 to .212. (if anyone is new and doesn't what was
> > discussed yesterday, please let me know I will post
> > it.)
> are and on the same physical machine?
> -j

i hate answering questions with the "why don't you just do it this way"
response, but here goes...

if you have SSH connections being received on, and that machine
also has an IP of, why don't you just accept the
connections on


Jason Opperisano <opie at>

More information about the netfilter mailing list