From: Markus Wells <markus@wiztech.cc>
To: Robb Bossley <robb.bossley@gmail.com>, netfilter@lists.netfilter.org
Subject: Re: How to I bounce/redirect packets from one external ip to another?
Date: Wed, 08 Feb 2006 11:34:08 -0800 [thread overview]
Message-ID: <43EA47B0.6040100@wiztech.cc> (raw)
In-Reply-To: <5c6851530602071916l59f6797dj6c704f012b158462@mail.gmail.com>
Thank you for the advice, but here's what I ended up doing and it
worked, although I definitely have to say that your solution is more
secure. But as it is forwarding to my isp's news provider's server, I
just don't care.... :D
Here's what I did:
/usr/sbin/iptables -t nat -A PREROUTING -p tcp -d <my outside ip>
--destination-port nntp -j DNAT --to-destination 216.168.3.44:119
iptables -t nat -A POSTROUTING -p tcp --dst 216.168.3.44 --dport 119 -j
SNAT --to-source $WAN_IP
/usr/sbin/iptables -A FORWARD -p tcp -d 216.168.3.44 --dport 119 -j ACCEPT
When I get a chance I'll restrict the access to it with the -s switch,
but as my house just had an electrical fire, I'm just not terribly
worried about it!
Thanks for the feedback!
Robb Bossley wrote:
> If you open up (or use port knocking) to access your home firewall ssh
> port and us# forward 1234 (nntp)
/usr/sbin/iptables -t nat -A PREROUTING -p tcp -d 206.124.144.176
--destination-port nntp -j DNAT --to-destination 216.168.3.44:119
iptables -t nat -A POSTROUTING -p tcp --dst 216.168.3.44 --dport 119 -j
SNAT --to-source $WAN_IP
/usr/sbin/iptables -A FORWARD -p tcp -d 216.168.3.44 --dport 119 -j ACCEPT
e an ssh tunnel from wherever you are logged in to your
> home firewall, you might be able to do it. Something like "ssh -L
> <localport>:<hostip>:<hostport> <ipaddress>" . Just fill in the
> blanks.
>
> This assumes that your home firewall is running sshd, of course.
>
>
>
> On 2/6/06, Markus Wells <markus@wiztech.cc> wrote:
>
>> I'm travelling and I want to access my news server remotely. They have
>>it set up so that it will only accept connections originating from my
>>home ip, so I was hoping one of you packet mangling gurus might have a
>>couple lines of code so that I can redirect nntp traffic from an
>>arbitrary external ip to another external ip(the news server) via my
>>home firewall.
>>
>> Thank you for any help you can offer!
>>
>>Markus
>>
>>
prev parent reply other threads:[~2006-02-08 19:34 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-02-07 3:45 How to I bounce/redirect packets from one external ip to another? Markus Wells
[not found] ` <5c6851530602071916l59f6797dj6c704f012b158462@mail.gmail.com>
2006-02-08 19:34 ` Markus Wells [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43EA47B0.6040100@wiztech.cc \
--to=markus@wiztech.cc \
--cc=netfilter@lists.netfilter.org \
--cc=robb.bossley@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.