* How to I bounce/redirect packets from one external ip to another?
@ 2006-02-07 3:45 Markus Wells
[not found] ` <5c6851530602071916l59f6797dj6c704f012b158462@mail.gmail.com>
0 siblings, 1 reply; 2+ messages in thread
From: Markus Wells @ 2006-02-07 3:45 UTC (permalink / raw)
To: netfilter
I'm travelling and I want to access my news server remotely. They have
it set up so that it will only accept connections originating from my
home ip, so I was hoping one of you packet mangling gurus might have a
couple lines of code so that I can redirect nntp traffic from an
arbitrary external ip to another external ip(the news server) via my
home firewall.
Thank you for any help you can offer!
Markus
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: How to I bounce/redirect packets from one external ip to another?
[not found] ` <5c6851530602071916l59f6797dj6c704f012b158462@mail.gmail.com>
@ 2006-02-08 19:34 ` Markus Wells
0 siblings, 0 replies; 2+ messages in thread
From: Markus Wells @ 2006-02-08 19:34 UTC (permalink / raw)
To: Robb Bossley, netfilter
Thank you for the advice, but here's what I ended up doing and it
worked, although I definitely have to say that your solution is more
secure. But as it is forwarding to my isp's news provider's server, I
just don't care.... :D
Here's what I did:
/usr/sbin/iptables -t nat -A PREROUTING -p tcp -d <my outside ip>
--destination-port nntp -j DNAT --to-destination 216.168.3.44:119
iptables -t nat -A POSTROUTING -p tcp --dst 216.168.3.44 --dport 119 -j
SNAT --to-source $WAN_IP
/usr/sbin/iptables -A FORWARD -p tcp -d 216.168.3.44 --dport 119 -j ACCEPT
When I get a chance I'll restrict the access to it with the -s switch,
but as my house just had an electrical fire, I'm just not terribly
worried about it!
Thanks for the feedback!
Robb Bossley wrote:
> If you open up (or use port knocking) to access your home firewall ssh
> port and us# forward 1234 (nntp)
/usr/sbin/iptables -t nat -A PREROUTING -p tcp -d 206.124.144.176
--destination-port nntp -j DNAT --to-destination 216.168.3.44:119
iptables -t nat -A POSTROUTING -p tcp --dst 216.168.3.44 --dport 119 -j
SNAT --to-source $WAN_IP
/usr/sbin/iptables -A FORWARD -p tcp -d 216.168.3.44 --dport 119 -j ACCEPT
e an ssh tunnel from wherever you are logged in to your
> home firewall, you might be able to do it. Something like "ssh -L
> <localport>:<hostip>:<hostport> <ipaddress>" . Just fill in the
> blanks.
>
> This assumes that your home firewall is running sshd, of course.
>
>
>
> On 2/6/06, Markus Wells <markus@wiztech.cc> wrote:
>
>> I'm travelling and I want to access my news server remotely. They have
>>it set up so that it will only accept connections originating from my
>>home ip, so I was hoping one of you packet mangling gurus might have a
>>couple lines of code so that I can redirect nntp traffic from an
>>arbitrary external ip to another external ip(the news server) via my
>>home firewall.
>>
>> Thank you for any help you can offer!
>>
>>Markus
>>
>>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-02-08 19:34 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-02-07 3:45 How to I bounce/redirect packets from one external ip to another? Markus Wells
[not found] ` <5c6851530602071916l59f6797dj6c704f012b158462@mail.gmail.com>
2006-02-08 19:34 ` Markus Wells
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.