[olug] Rule to open ssh

Joe Catanzaro joecatanzaro at cox.net
Wed May 14 16:12:14 UTC 2003


Daryl,

I'm not sure I understand your question. Do you want to do port forwarding 
for SSH? If so, this should work. I have very similar rules on my RH 7.3 
firewall for http and ftp. So, in theory, this should work. The only 
problem that I've been having is that my INET_IP has to be hard coded into 
the script. So, I have to change it when my IP address changes (Cox DHCP). 
I haven't gotten around to writing scripting this part of my firewall 
ruleset. Nevertheless, this code should work assuming you're running NAT, 
etc. Be sure to put these towards the end of your firewall ruleset. It's 
taking SSH requests coming in on port 22 on your firewall and forwarding 
them to 10.0.0.5 port 8181. Obviously, change the port numbers to your liking.

IPTABLES="/sbin/iptables"
INET_IFACE="eth0"
INET_IP="12.34.56.78"
SSHBOX="10.0.0.5"
LAN_IFACE="eth1"

$IPTABLES -t nat -A PREROUTING -i $INET_IFACE -p tcp -d $INET_IP \
  --dport 8181 -j DNAT --to $SSHBOX:22
$IPTABLES -A FORWARD -i $INET_IFACE -o $LAN_IFACE -p tcp -d $SSHBOX --dport 
8181 -j ACCEPT


Good luck,



At 5/14/03 10:57 AM Wednesday, drose.SCANTRON at scantron.com wrote:
>My firewall is a RH 7.3 machine using iptables.  I've never been good at
>figuring out the rules, so I use a script to setup my rules.  This works
>fine, but I want to open ssh, on an obscure port, so I can get in while at
>work.
>
>Can someone tell me how to configure the rule?
>
>Thanks.
>
>Daryl Rose
>Scantron Service Group
>Unix Support Specialist
>drose at scantron.com
>1-800-228-3628 x3061
>
>
>_______________________________________________
>OLUG mailing list
>OLUG at olug.org
>http://lists.olug.org/mailman/listinfo/olug


Joe Catanzaro
joecatanzaro at cox.net



More information about the OLUG mailing list