Last active
September 28, 2022 02:17
-
-
Save hradec/09e6a9edb5cc99fe01e23b388ab1e26e to your computer and use it in GitHub Desktop.
iptables rules to redirect all ports to a different machine (192.168.0.3), but port 22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # =============================================================================================================== | |
| # rules to redirect all ports to a different machine (192.168.0.3), but port 22 | |
| # =============================================================================================================== | |
| redirect_to=192.168.0.3 | |
| iptables -A FORWARD -i eth0 -o eth0 -p tcp --syn --dport 1:21 -m conntrack --ctstate NEW -j ACCEPT | |
| iptables -A FORWARD -i eth0 -o eth0 -p udp --dport 1:21 -m conntrack --ctstate NEW -j ACCEPT | |
| iptables -A FORWARD -i eth0 -o eth0 -p tcp --syn --dport 23:65389 -m conntrack --ctstate NEW -j ACCEPT | |
| iptables -A FORWARD -i eth0 -o eth0 -p udp --dport 23:65389 -m conntrack --ctstate NEW -j ACCEPT | |
| iptables -A FORWARD -i eth0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT | |
| iptables -t nat -A PREROUTING -p tcp --syn --dport 1:21 -j DNAT --to-destination $redirect_to | |
| iptables -t nat -A PREROUTING -p tcp --syn --dport 23:65389 -j DNAT --to-destination $redirect_to | |
| iptables -t nat -A PREROUTING -p udp --dport 1:21 -j DNAT --to-destination $redirect_to | |
| iptables -t nat -A PREROUTING -p udp --dport 23:65389 -j DNAT --to-destination $redirect_to | |
| iptables -t nat -I POSTROUTING -j MASQUERADE |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment