Open main menu

CDOT Wiki β

Changes

OPS345 Lab 2

100 bytes removed, 22:23, 18 December 2021
Port forwarding SSH
[[File:SuseIptablesDiagram.png|400px|border|center]]
Since we're forwarding traffic: the router is neither the source or the destination, therefore the INPUT and OUTPUT chains don't apply. We'll add one rule to the PREROUTING chain of the NAT table, and remove the default blocking rule from the FORWARD table.
* firewall:
** iptables diagram source: https://documentation.suse.com/sles/15-SP1/html/SLES-all/cha-security-firewall.html
** forward incoming tcp port 2211 packets to port 22 on www <source>iptables -t nat -A PREROUTING -p tcp --dport 2211 -j DNAT --to 10.3.45.11:22</source>
** allow forwarding to www (or just remove default reject rule)<source>iptables -D FORWARD 1</source>