Monday, September 22, 2014

linux - Iptables NAT (PAT) A to B to C and back

I want to access via SSH a DB server from an outside network via a linux (CentOS) gateway with two interfaces in separate networks as it follow below:



Admin PC IP: 10.21.1.8



Linux GW IP eth1 Outside: 10.21.1.199 - SSH Port 10051



Linux GW IP eth2 Inside: 10.10.4.151




DB Server IP: 10.10.4.51 - SSH Port 22



FLOW: 10.21.1.8 --> eth1:10.21.1.199:10051 --> eth2:10.10.4.151 --> 10.10.4.51:22



and the return path



10.10.4.51 --> eth2:10.10.4.151 --> 10.21.1.199 --> 10.21.1.8



The iptables rules that i tried seems to be wrong..
Something similar with :




iptables -t mangle -A PREROUTING -d  -p tcp --dport 2223 -j MARK --set-mark 1 -i eth0

iptables -t nat -A PREROUTING -p tcp -m mark --mark 1 -j DNAT --to-destination :2222 -i eth0

iptables -t nat -A POSTROUTING -m mark  --mark 1 -j SNAT --to-source  -o eth1 

iptables -A FORWARD -m mark --mark 1 -j ACCEPT -o eth1



Need some hint..thx..

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...