transparent proxy to lo

Question

I am trying to setup a transparent proxy between eth0 and lo,

The reason being during DNS propagation services are being tunneled over a SSH connection between the old and new servers, on the "old" server this is fine for anything running locally connecting to localhost:

However for anything hitting the external address of the "old server" the service is not forward as the ssh tunnel only listens for connections to localhost (lo).

Current setup:

Old server --> SSH Tunnel --> New server

What needs to happen

Client connection (i.e. tcp 8081) --> Old Server --> SSH Tunnel --> New server

I am trying multiple variations on ip table rules, setting -L <service port>:0.0.0.0:<service port> does not listen on all interfaces only on lo.

The solution must come from iptables alone, there is no time to deploy squid / another proxy service.

So in summary.

Assume tcp 8081, is tunneled over SSH connection
I need this to work from the eth0 bound address

Thanks In Advance

score 1 · Accepted Answer · answered Nov 25 '10 at 12:40

1

I might be getting you wrong. But why don't you just bind the Endpoint of the SSH Tunnel to eth0 and allow the connection from remote hosts with the -g switch.

To quote from the manpage:

-g      Allows remote hosts to connect to local forwarded ports.

answered Nov 25 '10 at 12:40

pacey

3,833
1
16
31

Certainly "could not see the wood for the trees", thank you! – Oneiroi Nov 25 '10 at 13:22

transparent proxy to lo

1 Answers1